Professional Documents
Culture Documents
By David Pracht
Purpose
This overview discusses the changes
made to Domain Name System (DNS)
in Windows Server 2003.
Overview of the changes
Corrected issues
DNS auto configuration in DCpromo
Application directory partitions
Stub zones
Conditional forwarders
Client DNS group policy
DNS security extensions
DNS extension mechanism
DNS logging enhancements
Round robin update
Active Directory® domain rename
Corrected Issues
Disjointed Namespace
– The Active Directory name is now forced as the
domain suffix
Root Zone Issue
– A root zone must be created manually
Island Server Issue
– DNS servers register their
DsaGuid._msdcs.<forestname> record with
each DNS server that is a member of the
domain
DNS Auto Configuration in
DCpromo
Client DNS settings automatically update
if one of the following scenarios are
met:
There is a single network connection
The preferred and alternate DNS settings
match on all interfaces
DNS settings exist only on one
connection
DNS Auto Configuration
Process
1. Query current DNS servers specified in
network settings.
2. Update root hints using the largest set
found.
3. Configure forwarders with the current
preferred and alternate DNS servers.
4. Configure DNS settings with 127.0.0.1
and then configure all previous preferred
and alternate DNS servers.
5. If successful, log in Event Viewer.
If No Root Hints Found
If no root hints are found, log the following event:
The DNS server could not configure network connections of this computer
with the DNS server running on the computer as the preferred DNS server
because this computer is connected to the networks with different DNS
namespaces. You must manually configure the local DNS server to perform
name resolution on one or more of the namespaces before you can modify
the preferred DNS servers (part of the TCP/IP configuration) of the network
connections.
If the network connections of this computer are not configured with the
DNS server running on the computer as the preferred DNS server, this
computer may not be able to dynamically register the domain controller
locator DNS records in DNS. Absence of these records in DNS may prevent
other Active Directory domain members and domain controllers from
locating this domain controller.
Take the following steps:
Ensure that DC locator DNS records enumerated in the
%WinRoot%./System32/config/netlogon.dns file are registered on the local
DNS server.
If these records are not registered in DNS, add a delegation to this server
to a parent DNS zone for the zone matching the name of the Active
Directory domain or configure the local DNS server with appropriate root
hints and forwarders, if necessary, and configure the network connections
of the computer with the DNS server running on the computer as the
preferred DNS server. Note that other computers using other DNS servers
as the preferred or alternate DNS server may not be able to locate this
domain controller unless the DNS infrastructure is properly configured.
Application Directory Partitions
Other publications
Windows .NET DNS Help and preliminary Windows .NET Server Resource Kit DNS
chapters, Michael Cretzman.
Windows.NET Server DNS Whitepaper v.61, Steve Hahn, BTS