1 of 1 people found this helpful
no it can't. we need to do two-way sync with DNS servers in order to read & write the data. Why do you ask?
Good Morning. Thank you for replying. There are security concerns related to DNS zone transfers which are not tolerable in the environment in which we are using IPAM.
Defense Finance Accounting Service
I & T Network and Storage Engineering
IT Specialist (Network)
Leader In Motion Program
(317) 212-5647 | email@example.com
The most serious mistakes are not being made as a result of wrong answers. The truly dangerous thing is asking the wrong question.
Peter Drucker, management guru
2 of 2 people found this helpful
Hate to bump a 3 year old post, but Im interested in this as well. I'm trying to avoid, for obvious DNS security reasons, doing zone transfers to servers that aren't my DCs. We will only be using IPAM to read DNS and DHCP, never to write/modify. Is it possible to avoid doing the zone transfers all together and simply use authenticated WMI to pull DNS over into IPAM?
We have similar issues with full write access to DCs. We would happily sacrifice some functionality if we can avoid at least some kinds of write access, if not all.