DNS Stub Zones

DNS Stub Zone

DNS stub zones are used to enable your DNS servers to resolve records in another domain. The information in the stub zone allows your DNS to contact the authoritative DNS server directly.

This does sound a bit like conditional forwarding, and actually, it is! For a better understanding, let’s look at the difference between stub zones and conditional forwarding.

Conditional Forwarding vs. Stub Zones

In conditional forwarding, you hardcode your DNS server with the IP addresses used to contact the authoritative DNS servers. If one of the DNS servers changes, your conditional forwarding will start to fail. If a new DNS server is introduced, your DNS server will never find out and therefore won’t start using it.

In a stub zone, the forwarding IP(s) are used to retrieve the NS records of the authoritative domain as well as the A records needed to resolve the hostnames in the NS records. By the way, these A records are referred to as glue records.

Your DNS server will continue to look at the NS records on the authoritative DNS server, and if they change, this is reflected in your stub zone. This means that if a DNS server changes, your stub zone forwarding will become aware of this. If a new DNS server is introduced, your DNS server will automatically start using that new server.

Contents of Stub Zone and Caching

The stub zone will always keep just the information needed to contact the authoritative DNS servers. This means the NS records and the A records needed to resolve the NS records.

Any host records in the domain zone of the authoritative DNS servers are cached on your DNS server like any other records that are resolved on external DNS: They are stored in your local DNS cache for the duration of the TTL set on the DNS record.

How to Configure a Stub Zone

To configure a stub zone, follow this step-by-step guide:

1. Create a new zone:

DNS Stub Zone

Click next on the wizard welcome screen:

DNS Stub zone

Choose to create a stub zone:

DNS Stub zone

Select the replication scope of the stub zone:

DNS Stub Zone

Select the domain name for this stub zone:

DNS Stub Zone

Insert one or more name servers from where to load the zone info. Notice that zone transfer must be allowed:

DNS Stub zone

Review settings and complete the wizard:

DNS Stub Zone

And voila! The stub zone has been created:

DNS Stub zone

How to Manage Office 365 from Active Directory

Easy365Manager is a snap-in to AD Users & Computers that allows you to manage Office 365 mailboxes and licenses as part of your standard AD management.

Easy365Manager extends user properties with two new tabs, so you no longer have to switch between multiple web consoles to perform daily management:

Easy365Manager Office 365 user properties
User properties, "Office 365" tab
Easy365Manager user properties, Office 365 mailbox management inside Active Directory
User properties, "Mailbox tab"

With Easy365Manager, you can perform all daily tasks from AD Users & Computers:

  • Assign Office 365 licenses
  • Manage shared mailbox delegation
  • Configure calendar permissions
  • Configure proxyAddresses (with format and uniqueness check)
  • Replicate Azure AD Connect

And a lot more. See the complete feature list here

Additionally, Easy365Manager lets you remove your on-premises Exchange Server. This will give you 100% protection from future zero-day exploits targeting Exchange Server.

Try the fully functional 30-day trial now. It only takes a few minutes to install, has zero learning curve, and we guarantee you’ll be saving hours of work before the end of the week!