Results 1 to 6 of 6

Thread: What are trust anchors in dns server

  1. #1
    Join Date
    Nov 2009

    What are trust anchors in dns server

    I am a newbie in windows server setup. I need some information on working of a small dns server for a local network. What is a trust anchor and how to configure that in a server machine. Second thing I want to know that what is forwarding and recursion in the same matter and the last thing also post some information about zone transfers.

  2. #2
    Join Date
    Apr 2008

    Re: What are trust anchors in dns server

    A trust anchor is a pre-configured public key connected with a unambiguous zone. Windows Server 2008 R2 sustain or maintain the arrangement or pattern of trust anchors by using DNSKEY resource records. A conforming DNS server must be configured with one or more trust anchors in order to execute validation. At least one trust anchor is necessary if any DNSSEC data is to be validated by the DNS server.

  3. #3
    Join Date
    Apr 2008

    Re: What are trust anchors in dns server

    Extra or supplementary trust anchors can be organized to sustain and maintain islands of trust. DNS server management tools (DNS Manager and Dnscmd.exe) can be used to nearby or tenuously view and change the trust anchors. Trust anchors pertain only to the zone at which they are defined. If the DNS server is running on a domain organizer, trust anchors can be stored in the forest directory divider in AD DS and will be simulated to all domain controllers in the forest. On separation of DNS servers, trust anchors are stored in a file named TrustAnchors.dns in %windir%\System32\DNS.

  4. #4
    Join Date
    May 2008

    Re: What are trust anchors in dns server

    The DNS server will execute corroboration for a name as long as the trust anchor for the zone or for a parent zone is in attendance, no stuff if the client issuing the question designate the knowledge of DNSSEC. The server will execute corroboration even in cases in which the client requesting the question is competent of performing corroboration on its own. This behavior of the DNS server guarantees that DNSSEC-unaware clients are secluded.

  5. #5
    Join Date
    Apr 2008

    Re: What are trust anchors in dns server

    Non-dependable DNS servers are characteristically configured to either forward questions to other DNS servers or to recurse questions to the Internet root servers. A Windows Server 2008 R2 DNS server organized as a forwarder or a recurser will repossess the supplementary reserve records necessary to perform DNSSEC corroboration based on configured trust anchors and will authenticate responses received.

  6. #6
    Join Date
    Oct 2005

    Re: What are trust anchors in dns server

    Zone relocates of a DNSSEC-signed zone purpose in the same way they do for an unidentified zone. All of the resource evidences, including DNSSEC resource records, are relocated from the primary server to the secondary servers with no supplementary setup prerequisites. A Windows Server 2008 R2 DNS server can also be constituted as a secondary server for a DNSSEC-signed zone with the primary hosted on a DNS server running an operating system other than Windows.
    I'm the Proud Owner of the most dangerous weapon
    known to man kind: Human Brain

Similar Threads

  1. Do you trust Ebay, if so, then how often do you use it ?
    By Kingston-Guy in forum Polls & Voting
    Replies: 8
    Last Post: 14-08-2012, 12:51 PM
  2. Replies: 13
    Last Post: 09-05-2012, 05:51 PM
  3. Replies: 3
    Last Post: 14-07-2009, 11:01 AM
  4. Help creating a trust between 2 domains?
    By Nadeem in forum Active Directory
    Replies: 4
    Last Post: 07-08-2008, 06:36 PM
  5. Server is not operational - Domain Trust
    By Himagiri in forum Active Directory
    Replies: 3
    Last Post: 01-12-2004, 12:19 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts