Last Updated: 11-05-04 07:11 PM +0100
This page contains links to resources containing content related to DNS. It's aimed at both helping MCTs and DNS users alike. Comments are most welcome!
Windows 2000 DNS White Paper
This white paper provides and overview of the DNS and the DNS service in Windows 2000. The paper includes an overview of DNS the features of Windows 2000 DNS and guidance on designing a DNS Namespace
Introduction to DNS - this is a chapter from the Windows 2000 Server Resource Kit and describes the basics of RFC compliant DNS. This goes in to a bit more detail than the white paper.
Windows 2000 DNS - this is a chapter from the Windows 2000 Server Resource Kit and describes the specifics of DNS in Windows 2000.
Troubleshooting DNS - this is part of a chapter from the Windows 2000 Resource Kit that describes how to troubleshoot DNS in WIn2k.
Integrating UNIX DNS with Windows 2000 - this is a paper from the Windows and .NET Magazine online edition.
DNS Interoperability - some notes of interoperability with non-Microsoft DNS Services.
Windows 2000 DNS and Active Directory Information and Technical Resources
http://support.microsoft.com/default.aspx?scid=kb;en-us;298448
Configure a DNS server for use with Active Directory - simple instructions on how to do this.
DNS Requirements for Deploying Active Directory - this TechNet article provides checklists to help you verify that you have DNS setup to support Active Directory.
To Configure a DNS Server for use with Active Directory. This advice is in the Windows 2000 help file, but also here on the web:
http://www.microsoft.com/windows2000/en/server/help/sag_DNS_pro_ConfigServerForDS.htm
Setting up DNS for Active Directory - a partial reprint from the Windows 2000 Server Resource Kit describing how to configure DNS for AD. http://support.microsoft.com/default.aspx?scid=kb;en-us;298448
Checklist: Deploying DNS for Active Directory - a check list of things to do and some more links.
Information About Configuring Windows 2000 for Domains with Single-Label DNS Names - you can do this, but it's probably not a good idea.
Microsoft DNS Best Practices - These are some Microsoft best practice recommendations on how to use DNS. These come from the Windows 2000 Server Help file.
http://www.microsoft.com/windows2000/en/server/help/default.asp?url=/windows2000/en/server/help/sag_DNS_imp_BestPractices.htm?id=1847
You can not run the Microsoft DNS server on the workstation/professional platform, you must use the Server (for win2k), or Standard Server (for .NET Server 2003) or above. There is a version of BIND ported to work under Windows 2000 or XP. It's called BIND-PE, available from http://ntcanuck.com.
NO! While it's a default server - and probably the best choice if you are supporting Active Directory, it's not your only choice. See the DNS Alternative versions page for some alternatives.
Dean Wells has written an awesome script: dnsdump.cmd. Note: the ulr is to a cm_ file. Save this locally then rename it with the proper extension (i.e. .CMD). This script rocks!
This isn't really a DNS issue, but yes you can. Whether you should is a different matter and the general opinion is that it's not a good idea. See KB article 200684 for a better explanation.
This is a very frequently asked question. I've written this up as a separate page.
DNS troubleshooting is usually straightforward. Most errors that are seen tend to be simple configuration or setup errors. In order to troubleshoot DNS, you must have details of the configuration of any DNS resolvers and/or DNS servers and be able to use common DNS troubleshooting tools. See below for details on links to tools you can use to troubleshoot DNS, and how to overcome common DNS errors.
If tips and tools linked here do not help, and you are using any version of Microsoft Windows (or DOS for that matter), consider posting a query to the microsoft.public.win2000.dns newsgroup. This newsgroup can be obtained from news://news.microsoft.com. If you do post, you will need to provide some details of your particular issue including most of all of the following:
www.dnsreport.com - this is a site that will check the DNS settings for an Internet zone and provide prescriptive guidance on optimising the settings.
http://www.dnsstuff.com - this site has a number of DNS tools that you can use to diagnose DNS issues.
www.samspade.org - has some good tools for DNS troubleshooting. The site promotes it tools (and expertise) as anti-spam as opposed to just DNS troubleshooting. At this site is http://www.samspade.org/t/ which provides tools similar to the dnsstuff site. The Sam Spade For Windows tool is one I have on my desktop and use a great deal.
http://www.analogx.com/contents/dnsdig.htm - this page provides an on-line version of DIG - a very useful tool from the Unix world that is used to troubleshoot DNS issues. WHY can't Microsoft provide a port of DIG in Windows or the resource kit?
http://www.squish.net/dnscheck - Given a record name, and a record type, this page will return a report detailing all possible answers.
DNS Dump - a truly awesome script by Dean Wells. Read carefully before using - and make sure you change the extension before you run!
This is a list of common problems seen in the newsgroups plus a pointer to a solution
If you run nslookup you might see an error something like this:
C:\>nslookup
*** Can't find server name for address 192.168.1.1: Non-existent domain
*** Default servers are not available
Default Server: UnKnown
Address: 192.168.1.1This is due to Nslookup being unable to perform a reverse lookup on the IP address of the DNS server. When NSLookup starts, it attempts do a reverse lookup of the IP address of the DNS server. If this fails, NSlookup gives the message noted above, which is somewhat misleading. The solution is to either install a reverse lookup zone for your workstations or to ignore the message.
This error is typically caused by the use of a DNS server that does not allow dynamic update, or is set to refuse operations from your computer. Sometimes this is due to a workstation that points to the ISP's DNS server, instead of an internal DNS server. In general, all internal servers and workstations should point to one or more internal DNS servers which in turn point to a DNS server that forwards to the internet.
This error is usually caused by the computer being configured with no DNS domain name. If the computer is a DNS server which has only a single label name (e.g. kona2 vs. kona2.reskit.net), any zone created will have the default SOA and NS records created using just a single label. This in turn will lead to invalid or failed referrals when used to provide lookups for this zone.
This error indicates that the DNS server has received a packet with an invalid domain name - and the packet has been rejected. The most common cause of this is DNS cache pollution, as described in KB article 241352
Dynamic update is a DNS feature that enables hosts to update their DNS details at the DNS server. Although easy to setup, there are some ways in which DNS dynamic update can fail. See the KB article 287156 for more details on how dynamic
In some cases, it appears that Windows 2003 server is just not functioning and not resolving some names. The cause is that EDNS0 requests from the 2003 DNS server not recognized by all other DNS servers.
To resolve this, you should disable EDNS0 requests, using the DNScmd program from the Windows 2003 Support tools:
dnscmd /config /enableednsprobes
DNS and BIND - by Cricket Liu and Paul Ablitz. Possibly the best introduction to DNS in existance. It'sjUnix based, but still a good book.
Windows 2000 DNS - by Herman Knief, Roger Abell, Jeffery Graham, and Andrew Daniels. An OK Windows 2000 DNS book.
The following 3 KB articles list the DNS registry settings. These settings, as noted in the KB articles, are for Windows NT 4.0, however most of them are still used in Windows 2000 and Windows .NET Server. Updates have been requested, but knowing Microsoft, will probably not come very quickly.
part 1 - http://support.microsoft.com/default.aspx?scid=KB;en-us;198408
part 2 - http://support.microsoft.com/default.aspx?scid=KB;en-us;198409
part 3 - http://support.microsoft.com/default.aspx?scid=KB;en-us;198410
HOW TO: Integrate Windows 2000 DNS with an Existing DNS Infrastructure in Windows 2000
http://support.microsoft.com/default.aspx?scid=KB;en-us;301191
HOW TO: Configure DNS Dynamic Update in Windows 2000
http://support.microsoft.com/default.aspx?scid=kb;en-us;317590
HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/default.aspx?scid=kb;en-us;300202
HOW TO: Migrate an Existing Domain Name System Infrastructure from a BIND-Based Server to a Windows 2000-Based Domain Name System Server in Windows 2000
http://support.microsoft.com/default.aspx?scid=kb;en-us;301192
HOW TO: Integrate DNS with Existing DNS Infrastructure If Active Directory Is Enabled in Windows 2000
http://support.microsoft.com/default.aspx?scid=kb;en-us;301191
HOW TO: Configure DNS for Internet Access in Windows 2000:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;300202
HOW TO: Reinstall a Dynamic DNS Active Directory- Integrated Zone
http://support.microsoft.com/default.aspx?scid=kb;en-us;294328
DNS Namespace Planning
http://support.microsoft.com/default.aspx?scid=KB;EN-US;254680
Setting Up the Domain Name System for Active Directory:
http://support.microsoft.com/default.aspx?scid=kb;en-us;237675
Integrating Windows 2000 DNS into an Existing BIND or Windows NT 4.0-Based DNS Namespace
http://support.microsoft.com/default.aspx?scid=kb;en-us;255913
How to Prevent Windows 2000 from Assigning WINS and DNS Addresses to RAS Clients
http://support.microsoft.com/default.aspx?scid=kb;en-us;232651
Windows 2000 May Send Unexpected DNS Request
http://support.microsoft.com/default.aspx?scid=kb;en-us;263091
Cannot Start Windows 2000 with a Large Number of DNS Zones
http://support.microsoft.com/default.aspx?scid=kb;en-us;259930
The Structure of a Domain Name System Boot File
http://support.microsoft.com/default.aspx?scid=kb;en-us;194513
DNS Records Registered by Windows 2000 Domain Controllers
http://support.microsoft.com/default.aspx?scid=kb;en-us;178169
How to Enable/Disable Windows 2000 Dynamic DNS Registrations
http://support.microsoft.com/default.aspx?scid=KB;EN-US;246804
Setting Up the Domain Name System for Active Directory
http://support.microsoft.com/default.aspx?scid=kb;EN-US;237675
Net Logon Dynamic DNS Registration Functionality Changes After Installing Windows 2000 SP1
http://support.microsoft.com/default.aspx?scid=KB;EN-US;280439
DNS Server Becomes an Island When a Domain Controller Points to Itself for the _Msdcs.ForestDnsName Domain
http://support.microsoft.com/default.aspx?scid=KB;en-us;275278
Troubleshooting Windows 2000 DNS Dynamic Update Problems
http://support.microsoft.com/default.aspx?scid=kb;en-us;287156
Is this section missing any relevant KB Articles? If so, mail me!
Mr DNS Technical Q&A - Great background material and very worth reading!
This page was developed by Thomas Lee - it's his fault if there are mistakes here! But thanks too to a great bunch of folks, including two awesome MVPs: Ace Fekay, and William Stacey.
Last Updated: 11-05-04 07:11 PM +0100