Windows 2003 changing pointers to zones

[Kevin Darcy]

benlonguk at hotmail.com wrote:

>Hi,
>
>We have a couple of Windows 2003 Domain Controllers that are changing
>pointers containing a dot in to zones. So for example the DCs have a
>domain ourcompany.com, we have a pointer in the DNS something like
>web.test but when the DCs boot up they try to tidy things up a bit and
>create a zone test.ourcompany.com with pointer web. Unfortunately they
>fail to complete the job.
>
>Trouble is these servers are application servers for websites and their
>code uses web.test so everytime a DC is rebooted we have to fix the
>DNS.
>
>Does anyone know of a way around this, for example a setting change on
>the DCs to stop them 'fixing' things or a config change we can do on
>BIND to prevent new zones being created.
>
Your message is very confusing. What do you mean by "pointer"s? What do 
you mean by "fail to complete the job"? And what do you mean by creating 
zones? A Domain Controller isn't normally going to be able to create a 
zone in a BIND nameserver, because that would require editing the BIND 
nameserver's named.conf file, which a Domain Controller isn't going to 
be able to do, unless you've gone to a lot of trouble to make that possible.

If you've *delegated* (is that what you meant by "pointer"?) part of 
your namespace from BIND to Domain Controllers, then there is really 
nothing you can do on the BIND side to prevent those Domain Controllers 
from creating a zone within their own namespace. That's what delegation 
means -- giving control of something to someone or something else.

As for settings on the Domain Controllers to prevent "zone creation", 
this is a BIND group. Can't really help you with Domain Controllers...

                                                                         
                                    - Kevin