DNS AD-I

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

initially, I thought, I had understood it, but on reading and following the ongoing discussion, Iam now more confused. Initially, I thought, once you configure (or change to) an ADI, zone tranfers are stopped and any zone information communication (like changes in resource records) are transfered using the active directory replication system which uses Kerberos for its security. Have I now understood you to mean that actually zone transfers still occur in the traditional sense and therefore there is need for a CA given that traditional zone transfers are not secure? afer AD-I has made the changes (AXFR or IXFR) does it make the changes in the SOA or the SOA makes its own changes by reading the cahnges as replicated? then why does the notify button still remain active? You have raised more questions in my mind, life and practice. I had omitted this
Gochieng