Welcome to
the 17th installment of “Learn Active Directory Design and
Administration in 15 Minutes a Week,” a weekly series aimed
at current IT professionals preparing to write the new
Windows Active Directory Design and Administration exams
(70-219 and 70-217 respectively), as well as newcomers to
the field who are trying to get a solid grasp on this new
and emerging directory service from Microsoft.
Jason Zandri’s latest article in the ‘Learn Active Directory Design and Administration in 15 Minutes a Week’ series takes a 10,000-foot look at Microsoft DNS. Future installments will focus on how DNS provides functionality in an Active Directory network.
This installment will take a 10,000-foot look at Microsoft
DNS, and in later installments it will center on how it
provides functionality in an Active Directory network.
To begin
with, DNS provides name resolution by translating computer
names to Internet Protocol (IP) addresses so that computers
can locate each other. DNS is also the primary naming
convention for Windows 2000 domains. In a Windows 2000
network, the names of DNS domains and Active Directory
domains often share a common naming structure, and in many
cases they are identical. Server1.zandri.net is a valid
Windows domain name. If that same server were available
to the Internet for access it could also use that naming
convention if it was available.
[NOTES
FROM THE FIELD] –
Microsoft DNS is not a requirement for Active Directory.
Microsoft DNS on Windows 2000 is RFC-compliant and allows
for the deployment of Active Directory under other DNS
implementations. It has been tested to work with Windows NT
4.0, BIND 8.2, BIND 8.1.2, and BIND 4.9.7.
Microsoft DNS under Windows 2000 supports some features not supported under other implementations of DNS.
Feature
|
Windows
2000 |
Windows
NT 4.0 |
BIND
8.2 |
BIND
8.1.2 |
BIND
4.9.7 |
Support for the IETF Internet-Draft “A DNS RR for specifying the location of services (DNS SRV).” (SRV records) | Yes | Yes (w/SP4) |
Yes | Yes | Yes |
Support for dynamic update | Yes | No | Yes | Yes | No |
Support for secure dynamic update based on the GSS-TSIG algorithm | Yes | No | No | No | No |
Support for WINS and WINS (R records | Yes | Yes | No | No | No |
Support for fast zone transfer | Yes | Yes | Yes | Yes | Yes |
Support for incremental zone transfer | Yes | No | Yes | No | No |
Support for UTF ‑ (8 character encoding) | Yes | No | No | No | No |
BIND version 4.9.7 is the earliest version of BIND that is supported for a Windows 2000 Active Directory environment for DNS support.
DNS identifies domain controllers by the specific services that they provide for the Windows 2000 Active Directory domain so that clients can query DNS to locate a domain controller that provides the needed service.