Creating Authoritative Zones

Creating Authoritative Zones

 You can create a new domain using the Add Domain button or import domains in bulk using the Import button in the top right corner.

 Add Domain 

 

On clicking the Add Domain button, the Create Domain page appears as shown below:

In the Create Domain page enter the value for the fields based on the descriptions below:

  1. NAME: Name the new domain name you wish to create or manage.

  1. TYPE: Select the type of DNS zone. ME DDI offers three types of Zones: Authoritative, Forward and Response Policy Zones (RPZ). Now select Authoritative.

Authoritative: This type indicates that the DNS server has the authority to answer queries for the specified domain with authoritative data. This means it holds the actual DNS records, such as A records, MX records, and so on, for the domain. It is the definitive source for information about that domain, and its answers are considered official.

Note: Type of the domain once chosen cannot be updated. To update the type of the domain delete the domain and re-configure it.

  1. TTL (Time to Live): Specifies the resolving servers how long to cache information about the domain before querying for it again. Specified in seconds, and the default value is set to 86400.

  1. NAMESERVERS: Enter the nameserver that has the authority to resolve queries and providing responses to queries for this domain.

  1. EMAIL: Enter the email address of the domain administrator or the personnel responsible for managing the DNS zone.

  1. REFRESH: Specified in seconds, tells secondary nameservers how often to check with the primary nameserver for updates.

  1. RETRY: Incase the secondary nameserver fails to reach the primary, this value specifies how long it should wait before retrying.

  1. EXPIRY: Determines the duration, in seconds, for which a secondary nameserver will attempt to contact the primary nameserver. After this period, if no response is received, the secondary nameserver will consider the data stale and cease responding to queries with it.

  1. MINIMUM: Specifies the minimum TTL that tells the resolving servers how long to remember that a particular record does not exist.

  1. TSIG: Transaction Signature is a security protocol used to secure zone transfer operations. "No TSIG" indicates that no transaction signature will be used.

  1. MASTER(S): Specifies the master DNS server for the zone. In a primary-secondary setup, the master server is where the zone records are originally created and managed.

  1. SLAVE(S): Specifies secondary or slave DNS servers. These servers get their zone data from the master server through zone transfers.

  1. DDNS: Dynamic DNS allows for the automatic updating of a name server in the Domain Name System via DHCP servers.

  1. Failing to enable DDNS here, you can alternative enable DDNS by navigating to DHCP-> Domains, Add the domain there and specify the TSIG key for secure dynamic updates.

Click Save button at the bottom to create or update the domain with the specified parameters, while Cancel would discard any changes made.

 

 Import Domains 

ME DDI enables you to bulk import records into DDI console using the Import button on the top right corner.

On clicking the Import button, the Import Domains window appears on screen.

On the Import Domains window, enter the values for the following fields:

  1. ZIP FILE: Upload the ZIP file containing domain information in a specific format required by the system.

  1. TYPE: Specify the type of DNS zone being imported. The default option shown is Authoritative, indicating that the data being imported is for an authoritative DNS zone. Authoritative DNS zones are responsible for containing the DNS records for a particular domain.

  1. MASTER(S): Select one or more master DNS servers. The master server would be the primary source of data for the zones being imported and would handle DNS queries and updates.

  1. SLAVE(S): Similar to the MASTER(S) field, select one or more slave (or secondary) DNS servers. Slave servers receive zone data from the master server and serve as backups to handle queries if the master is unavailable.

  1. VIEW: Select a DNS view by its name to provide different information to different sets of clients based on some pre-defined criteria. For example, you might have an "internal" view for clients on your local network and an "external" view for clients on the internet.

  1. Import Button: Once all fields are filled out and you are ready to import the domain data, click the Import button to initiate the import process.

The two methods discussed above can help you create authoritative zones.


                  New to ADSelfService Plus?

                    • Related Articles

                    • Creating Forward zones

                      DNS Zone Forwarding or Forward Zones in DDI refers to the process of redirecting queries for a specific DNS zone to another DNS server. This is typically used when a DNS server is not authoritative for a particular zone but is configured to pass ...
                    • DNS Firewall(FRW) Response Policy Zones (RPZ)

                      RPZ (Response Policy Zone) allows a nameserver to modify DNS responses based on policies. It's often used for implementing security measures, such as blocking known malicious domains, redirecting domains, or applying other customized policies. When a ...
                    • Managing Dynamic Domains

                      Dynamic DNS (DDNS) In DNS, a zone is a portion of the domain namespace, and the ability to create new zones dynamically is very essential, especially in environments where zones need to be added or removed without manual intervention. Dynamic DNS ...
                    • ManageEngine DDI- Quick installation guide

                      Note: ManageEngine DDI is available only for Linux platforms. ManageEngine DDI can be deployed as an overlay for your existing Linux DNS and DHCP environment that supports Internet Systems Consortium : ISC DHCP and ISC BIND9 DNS. Installing DDI ...
                    • Managing DNS resource records

                      What are domain Resource Records (RR)? Resource Records (RRs) are the fundamental information elements of the Domain Name System (DNS). Each RR defines a specific piece of information about the domain. Here are the general components of an RR: Name: ...