Setting Up the Domain Name System for Active Directory
ID: Q237675
|
The information in this article applies to:
-
Microsoft Windows 2000 Advanced Server
-
Microsoft Windows 2000 Datacenter Server
-
Microsoft Windows 2000 Server
SUMMARY
The Domain Name System (DNS) is the Active Directory locator in Windows 2000. Active Directory clients and client tools use DNS to locate domain controllers for administration and logon. You must have a DNS server installed and configured for Active Directory and the associated client software to function correctly. This article guides you through the required DNS configuration.
NOTE: A Windows 2000 Server CD-ROM is required to complete Setup. Installing the operating system from a network share does not work in some scenarios.
Experienced DNS administrators are encouraged to read the steps involved in configuration, and modify them to suit different scenarios. The steps in this article outline a single, simple configuration and do not represent the only possible configuration.
MORE INFORMATIONDNS Server Requirements
Microsoft recommends that you use Microsoft DNS Server as supplied with Windows 2000 Server as your DNS server. However, Microsoft DNS is not required. The DNS server that you use:
- Must support the SRV RR (RFC 2052).
- Should support the dynamic update protocol (RFC 2136).
Version 8.1.2 and later of BIND, a popular DNS server implementation, supports both the SRV RR and dynamic update. (Version 8.1.1 does support dynamic updates but it has flaws that were fixed in 8.1.2.) If you are using a version of BIND that does not support dynamic update, you need to manually add records to the DNS server.
NOTE: Microsoft DNS as included with Microsoft Windows NT Server 4.0 does not support the SRV record. Use the DNS server provided with Windows 2000 Server.
Starting with a Windows 2000 Stand-Alone Server
This server will become a DNS server for your network. You can also promote it to the domain controller role at a later time.
In the first step, you assign this server a static IP configuration. DNS servers should not use dynamically assigned IP addresses, because a dynamic change of address could cause clients to lose contact with the DNS server.
Configure TCP/IP
- Click Start, point to Settings and then click Control Panel.
- Double-click Network and Dial-up Connections.
- Right-click Local Area Connection, and then click Properties.
- Click Internet Protocol (TCP/IP), and then click Properties.
- Assign this server a static IP address, subnet mask, and gateway address.
- Click Advanced.
- Click the DNS.
- In the DNS Domain Name box, type the DNS name of the Active Directory domain you chose before you started DNS configuration. For example, "support.microsoft.com."
- Click OK to close the Advanced TCP/IP Settings properties.
- Click OK to accept the changes to your TCP/IP configuration.
- Click OK to close the Local Area Connections properties.
NOTE: If you receive a warning from the DNS Caching Resolver service, click OK to dismiss the warning. The caching resolver is trying to contact the DNS server, but you have not finished configuring the server.
- Continue to the next step to install Microsoft DNS Server.
Install Microsoft DNS Server
- Click Start, point to Settings and then click Control Panel.
- Double-click Add/Remove Programs.
- Click Add and Remove Windows Components.
- The Windows Components Wizard starts. Click Next.
- Click Networking Services, and then click Details.
- Click to select the Domain Name System (DNS) check box, and then click OK.
- Click OK to start server Setup. The DNS server and tool files are copied to your computer.
- Continue to the next step to configure the DNS server.
Configure the DNS Server Using DNS Manager
These steps guide you through configuring DNS using the DNS Manager snap-in in Microsoft Management Console (MMC).
- Click Start, point to Programs, point to Administrative Tools, and then click DNS Manager.
- You see two zones created under your computer name: Forward Lookup Zone and Reverse Lookup Zone.
- The DNS Server Configuration Wizard starts. Click Next.
- Right-click Forward Lookup Zone, and then click Properties.
- Choose your DNS server to be a root server. Click Next.
- Choose to add a forward lookup zone. Click Next.
- The new forward lookup zone must be a primary zone so that it can accept dynamic updates. Click Primary, and then click Next.
- The new zone contains the locator records for this Active Directory domain. The name of the zone must be the same as the name of the Active Directory domain, or be a logical DNS container for that name.
For example, if the Active Directory domain is named "support.microsoft.com," legal zone names are "support.microsoft.com," "microsoft.com," or "com." Type the name of the zone, and then click Next.
- Accept the default name for the new zone file. Click Next.
- Choose not to add a reverse lookup zone now. Click Next.
NOTE: Experienced DNS administrators may want to create a reverse lookup zone, and are encouraged to explore this branch of the wizard.
- Click Finish to complete the Server Configuration Wizard.
- After the Server Configuration Wizard is finished, DNS Manager starts. Proceed to the next step to enable dynamic update on the zone you just added.
Enable Dynamic Update on the Forward Lookup Zone
- In DNS Manager, expand the DNS Server object.
Expand the Forward Lookup Zones folder.
- Right-click the zone you created, and then click Properties.
- On the General tab, click to select the Allow Dynamic Update check box, and then click OK to accept the change.
- DNS server configuration is finished. Proceed to the next step if you want to promote this DNS server to be the first domain controller in the enterprise. This is the recommended path.
- If you decide to use a different computer as your first domain controller, the configuration instructions in the "DNS Setup for Replica and Child Domain Controllers" section apply to that domain controller after you have installed Windows 2000.
Promote This Server to Domain Controller (Optional - Recommended)
Promote this server to the domain controller role using the Dcpromo.exe utility.
After the server has been promoted to the domain controller role, the DNS server can use the Active Directory Storage Integration feature (this is the recommended path). Proceed to the next step if you want to use Active Directory Storage Integration for DNS.
Enable Active Directory Integrated DNS (Optional - Recommended)
Active Directory Integrated DNS uses the directory for the storage and replication of DNS zone databases. If you decide to use Active Directory Integrated DNS, DNS runs on one or more domain controllers and you do not need to set up a separate DNS replication topology.
- In DNS Manager, expand the DNS Server object.
- Expand the Forward Lookup Zones folder.
- Right-click the zone you created, and then click Properties.
- On the General tab, the Zone Type value is set to Primary. Click Change to change the zone type.
- In the Change Zone Type dialog box, click DS Integrated Primary, and then click OK.
- The DNS server writes the zone database into Active Directory.
- Right-click the zone named ".", and then click Properties.
- On the General tab, the Zone Type value is set to Primary. Click Change to change the zone type.
- In the Change Zone Type dialog box, DS Integrated Primary, and then click OK.
Additional query words:
kbfaqw2kds
Keywords : kbenv
Version : WINDOWS:2000
Platform : WINDOWS
Issue type : kbhowto
|