Active Directory multi-tree, single forest DNS configuration

Question

So, I have a multi-tree single forest that contains 2 tree domains called

• simpson.local (forest root)
• flanders.local

Now both domains have full trust and both domains use Active Directory-Integrated DNS replicating too all domain controllers in their domain only. I have 2 DC's in each domain. The domains are connected and resources are sometimes shared between the two domains.

So the question is how should i configure the DNS servers on each DC as from my research its seems that there are a few different ways to go.

So lets say I:

Add bart.simpson.local and lisa.simpson.local as name servers for simpson.local domain in zone file. (Which is done by default by windows when u make them DC's)

Add tod.flanders.local and rod.flanders.local as name servers for flanders.local domain in zone file.

Now in terms of getting each domain to be able to resolve objects in one anothers domains whats best practise? Should I:

Create conditional forwarders where any queries made to bart.simpson.local about flanders.local get sent to tod.flanders.local

OR

Create a secondary zone of flanders.local in simpson.local that gets its copy from tod and rod. Then add bart,lisa,tod,rod to the list of name servers for the domain. ie on the name servers tab.

OR

Change replication to all domain controllers in the forest.

OR

Something else? like create stub zones etc..

Thanks!

Answer 1

It's a single forest. Set replication of dns to all DC's in the forest. This however probably breaks the only reason to have disjointed namespaces. If so, the next best option is conditional forwarders.