Hi I'm a .net programmer, our network manager recently left and because of tight budgets I've been put in charge of the network. My knowledge of Windows Server isn't great but enough to get me by. Looking at the set up it's four servers, two application, file, print servers and two DC's running 2008 RD running Linux Bind DNS - and there's where my knowledge fails. The network runs fine, should I leave Bind in place, or remove it and install integrated DNS instead? Could someone please explain to me the benefits of DNS integrated Active Directory? This is what I've learnt so far, the DNS zones are forward read/write lookup zones that automatically contain the SRV records that point to the DC's, zone transfers are automatically handled by AD replication, DNS records contain the security tab which allow permissions to be set on records (though I don't know why this is necessary). I take it DNS integrated zones are neither primary or secondary but only one master copy and replicates. Am I right with this info and is that pretty much it? Any other benefits? I'm no MCSE so if I'm way off please correct and advise me. Thank you. Andrew

Copied from: http://technet.microsoft.com/en-us/library/cc737383(v=ws.10).aspx (the same applies to Windows 2008 and Windows 2012 domains) Benefits of Active Directory integration For networks deploying DNS to support Active Directory, directory-integrated primary zones are strongly recommended and provide the following benefits: Multimaster update and enhanced security based on the capabilities of Active Directory. In a standard zone storage model, DNS updates are conducted based upon a single-master update model. In this model, a single authoritative DNS server for a zone is designated as the primary source for the zone. This server maintains the master copy of the zone in a local file. With this model, the primary server for the zone represents a single fixed point of failure. If this server is not available, update requests from DNS clients are not processed for the zone. With directory-integrated storage, dynamic updates to DNS are conducted based upon a multimaster update model. In this model, any authoritative DNS server, such as a domain controller running a DNS server, is designated as a primary source for the zone. Because the master copy of the zone is maintained in the Active Directory database, which is fully replicated to all domain controllers, the zone can be updated by the DNS servers operating at any domain controller for the domain. With the multimaster update model of Active Directory, any of the primary servers for the directory-integrated zone can process requests from DNS clients to update the zone as long as a domain controller is available and reachable on the network. Also, when using directory-integrated zones, you can use access control list (ACL) editing to secure a dnsZone object container in the directory tree. This feature provides granulated access to either the zone or a specified RR in the zone. For example, an ACL for a zone RR can be restricted so that dynamic updates are only allowed for a specified client computer or a secure group such as a domain administrators group. This security feature is not available with standard primary zones. Note that when you change the zone type to be directory-integrated, the default for updating the zone changes to allow only secure updates. Also, while you may use ACLs on DNS-related Active Directory objects, ACLs may only be applied to the DNS client service.Zones are replicated and synchronized to new domain controllers automatically whenever a new one is added to an Active Directory domain. Although DNS service can be selectively removed from a domain controller, directory-integrated zones are already stored at each domain controller, so zone storage and management is not an additional resource. Also, the methods used to synchronize directory-stored information offer performance improvement over standard zone update methods, which can potentially require transfer of the entire zone.By integrating storage of your DNS zone databases in Active Directory, you can streamline database replication planning for your network. When your DNS namespace and Active Directory domains are stored and replicated separately, you need to plan and potentially administer each separately. For example, when using standard DNS zone storage and Active Directory together, you would need to design, implement, test, and maintain two different database replication topologies. For instance, one replication topology is needed for replicating directory data between domain controllers, and another topology would be needed for replicating zone databases between DNS servers. This can create additional administrative complexity for planning and designing your network and allowing for its eventual growth. By integrating DNS storage, you unify storage management and replication issues for both DNS and Active Directory, merging and viewing them together as a single administrative entity.Directory replication is faster and more efficient than standard DNS replication. Because Active Directory replication processing is performed on a per-property basis, only relevant changes are propagated. This allows less data to be used and submitted in updates for directory-stored zones. Please use Mark as Answer if my post solved your problem and use Vote As Helpful if a post was useful. http://www.havardkristiansen.com

Thank you.