Partager via


Create a Zone Delegation

Applies To: Windows Server 2008

You can divide your Domain Name System (DNS) namespace into one or more zones. You can delegate management of part of your namespace to another location or department in your organization by delegating the management of the corresponding zone. For more information, see Delegating a Zone.

When you delegate a zone, remember that for each new zone that you create, you will need delegation records in the parent zone that point to the authoritative DNS servers for the new zone. This is necessary both to transfer authority and to provide correct referral to other DNS servers and clients of the new servers that are being made authoritative for the new zone.

You can use this procedure to create a zone delegation using either the DNS Manager snap-in or the dnscmd command-line tool.

Membership in Administrators, or equivalent, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (https://go.microsoft.com/fwlink/?LinkId=83477).

Creating a zone delegation

  • Using the Windows interface

  • Using a command line

To create a zone delegation using the Windows interface

  1. Open DNS Manager. To open DNS Manager, click Start, point to Administrative Tools, and then click DNS.

  2. In the console tree, right-click the applicable subdomain, and then click New Delegation.

  3. Follow the instructions in the New Delegation Wizard to finish creating the new delegated domain.

To create a zone delegation using a command line

  1. Open a command prompt. To open an elevated Command Prompt window, click Start, point to All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.

  2. At the command prompt, type the following command, and then press ENTER:

    dnscmd <ServerName> /RecordAdd <ZoneName> <NodeName> [/Aging] [/OpenAcl] [<Ttl>] NS {<HostName>|<FQDN>}
    
Parameter Description

dnscmd

The command-line tool for managing DNS servers.

<ServerName>

Required. Specifies the DNS host name of the DNS server. You can also type the IP address of the DNS server. To specify the DNS server on the local computer, you can also type a period (.)

/RecordAdd

Required. Adds a resource record.

<ZoneName>

Required. Specifies the fully qualified domain name (FQDN) of the zone.

<NodeName>

Required. Specifies the FQDN of the node in the DNS namespace for which the start of authority (SOA) resource record is added. You can also type the node name relative to the ZoneName or @, which specifies the zone's root node.

/Aging

If this command is used, this resource record is able to be aged and scavenged. If this command is not used, the resource record remains in the DNS database unless it is manually updated or removed.

/OpenAcl

Specifies that new records are open to modification by any user. Without this parameter, only administrators may modify the new record.

<Ttl>

Specifies the Time To Live (TTL) setting for the resource record. The default TTL is defined in the start of authority (SOA) resource record.

NS

Required. Specifies that you are adding a name server (NS) resource record to the zone that is specified in ZoneName.

<HostName>|<FQDN>

Required. Specifies the host name or FQDN of the new authoritative server.

To view the complete syntax for this command, at a command prompt, type the following command, and then press ENTER:

dnscmd /RecordAdd /help