It is not necessary to put a DNS server in such a small location. 5 users and slow network connectivity does not justify the expense of installing Servers in that location. Unless there is a large amount of File sharing, or other data that needs to be accessed daily by other locations on the network. If that is the case then yes put in the server but configure it as a secondary or ADI zone type.
I suggest putting the servers in the other location where you have 30 Users and good connectivity. You can also store all the files from both locations in the larger office, the smaller location can remote in via “VPN”. By doing this all the information from the smaller sight is stored off site. The smaller sight can be run with a smaller cheaper router.
The server in the larger more utilized office should be set up as the Primary Zone since it is utilizing a better connection and has more users this is essentially HOMEBASE! If you run DNS on domain controllers, you have the opportunity to use something called Active Directory Integrated zones, or ADI zones. In classical DNS, the zone information is stored in text files that sit on the hard drive. Yes, they’re protected by NTFS, but you don’t have the ability to impose per-record security. You may also want to create an ADI zone; the zone information (and all the associated resource records) are imported into the AD database, NTDS.DIT. The zones and zone records become objects in AD.
The Term Paper on Windows Server Domain Dns Master
Instructions Answer the following questions: 1. Can a non Microsoft Windows DNS service be used for the successful implementation of Active Directory Services? If so distinguish between the minimum and recommended requirements of the DNS service for an Active Directory implementation. There are some key differences between Windows DNS Services servers and non-Windows DNS server appliances in the ...
This has a variety of benefits (and potentially some downsides as well).
From the security standpoint, you now have the ability to protect individual DNS records, should you want to do so. You can also get those DNS files out of their well-known hard drive locations and into AD, which is somewhat more complicated to peek inside.
