Active Directory Logical Structure

Previous Topic Next Topic

DNS Naming Conventions

DNS naming standards are used within Active Directory to provide support for industry-standardized mapping of DNS domain names to the IP addresses of computers. When a DNS server is given a computer name, it resolves the name to an IP address so that Transmission Control Protocol/Internet Protocol (TCP/IP)–based applications can communicate with the computer by its IP address.

In addition to being identified by computer name in DNS, Active Directory domain controllers are identified by specific services that they provide, such as Lightweight Directory Access Protocol (LDAP) servers, domain controllers, and Global Catalog servers. Therefore, when given the name of a domain and a service specification, a DNS server can locate a domain controller of that type within that domain. (For more information about how domain controllers are located, see "Name Resolution in Active Directory" in this book.)

A DNS hierarchy is enforced by the following requirements:

Because Active Directory domains use DNS names, these two standards apply to Active Directory domains.

In the DNS naming structure, every portion of a DNS name that is separated by a period (.) represents a node in the DNS hierarchical tree structure and an Active Directory domain name in the Windows 2000 domain hierarchical tree structure.


note-icon

Note

In DNS, a node in the hierarchy can be a domain or a computer.

When you view a DNS name, a domain is any single portion of the DNS name that is separated from other parts of the DNS name by a period. For example, in the DNS domain name calif.noam.reskit.com, "calif," "noam," "reskit," and "com" each corresponds to a DNS domain. As illustrated in Figure 1.2, in Active Directory, the domain name calif.noam.reskit.com represents a hierarchy in which reskit.com is the root (topmost) domain, noam is a child domain of reskit.com (noam.reskit.com), and calif is a child domain of noam.reskit.com.

Figure 1.2    Example of an Active Directory Hierarchy with DNS Names
Enlarge figure

Figure 1.2 Example of an Active Directory Hierarchy with DNS Names


note-icon

Note

In reality, the .com domain is outside Active Directory, although it appears as part of the domain name. Domains such as .com, .org, and .edu, to name a few, are called top-level domains and are used on the Internet to classify organizations by type. (For more information about top-level DNS domains, see Windows 2000 Server Help.)

The hierarchy of domains is created as a result of contiguous naming, where each subordinate level includes, and adds to, the preceding level.

In DNS, the name that precedes a period is called a label. Reading the domain name from right to left, applications can correctly interpret the order of hierarchy for each label. And because two children of the same parent cannot have the same name, a domain name is always unique in the hierarchy. Each domain in the hierarchy defines its own portion of the overall namespace.

Whereas the Active Directory tree contains domains, the DNS tree contains both domains and computers. Therefore, the leftmost portion of a DNS name can also be a computer name.


note-icon

Note

For more information about Internet Standard host names, see the Request for Comments (RFC) link on the Web Resources page at http://windows.microsoft.com/windows2000/reskit/webresources. Search for RFC 1123. This host naming standard is recommended, but not required, for Active Directory domain names. (In DNS, computers are historically referred to as "hosts.")

For more information about DNS naming and functionality, see Windows 2000 Server Help, and see "Introduction to DNS" in the TCP/IP Core Networking Guide.

© 1985-2000 Microsoft Corporation. All rights reserved.