Advanced DNS Configuration

In most cases, deploying Active Directory Domain Services (AD DS)–integrated Domain Name System (DNS) on a small, Windows-based network requires little configuration beyond the initial setup. Occasionally, however, you may have to perform additional configuration tasks, such as adding resource records to handle unusual situations or configuring automatic removal of outdated resource records.

Adding resource records

Resource records store information about specific network computers, such as the names, IP addresses, and services that the computers provide. In most cases, Windows-based computers use dynamic update to update their resource records on DNS servers. This dynamic update process eliminates the need for an administrator to manage the resource records. However, if your network contains computers that are not Windows-based or if it contains computers that you want to designate to handle e-mail, you may have to add host (A) resource records to the zone on your DNS server.

Important

When the Active Directory Domain Services Installation Wizard installs and configures DNS on the new domain controller, it creates resource records that are necessary for the correct operation of the DNS server on the domain controller. Do not remove or change these resource records. Change or remove only those resource records that you add yourself.

Host (A) resource records associate the DNS domain name of a computer (or host) to its IP address. You do not need to have a host (A) resource record for all computers, but you must have one for any computer that shares resources on a network and that must be identified by its DNS domain name.

·      Windows 2000, Windows XP, and Windows Server 2003 clients and servers use the Dynamic Host Configuration Protocol (DHCP) Client service to dynamically register and update their host (A) resource records in DNS when an IP configuration change occurs.

·      Windows Vista and Windows Server 2008 clients use the DNS Client service to dynamically register and update their host (A) resource records in DNS when an IP configuration change occurs.

·      You can manually create a host (A) resource record for a static TCP/IP client computer (or for a computer running non-Windows operating systems) by using the DNS Manager administrative tool.

To add a host (A) resource record to a DNS zone

1.   On the DNS server, click Start, point to Administrative Tools, and then click DNS. 2.   In the console tree, right-click the applicable DNS zone, and then click New Host (A). 3.   In Name (uses parent domain if blank), type the name of the computer (host) for which you are creating a host (A) resource record. 4.   In IP address, type the address of the computer for which you want to create a host (A) resource record. Important Make sure that you type the address correctly and that you assign it as a static address (not one that is assigned by DHCP). If the address is incorrect or changes, client computers cannot use DNS to locate the host.

Automatically removing outdated resource records

The ability of DHCP to register host (A) and pointer (PTR) resource records automatically whenever you add a new device to the network simplifies network administration. However, it has one drawback: unless you remove those resource records, they remain in the DNS zone database indefinitely. Although this is not a problem with static networks, it negatively affects networks that change frequently (for example, a network to which you add or remove portable computers) because the accumulation of resource records can prevent host names from being reused.

Fortunately, DHCP services and the Windows Server 2008 DNS server cooperate to help prevent this problem from happening. You can configure the DNS server to track the age of each dynamically-assigned record and to periodically remove records that are older than the number of days that you specify. This process is known as scavenging.

The age of a resource record is based on when it was created or last updated. By default, computers running Windows send a request to the DNS server to update their records every 24 hours.

Note

To prevent unnecessary replication, you can configure the Windows Server 2008 DNS server to ignore update requests for a period of time that you specify.

In this manner, Windows-based computers notify the DNS server that they are still on the network and that their records are not subject to scavenging.

Because scavenging can cause problems on a network if it is not configured correctly, Windows Server 2008 disables scavenging by default. We recommend that you enable scavenging with default settings if you frequently add computers to or remove computers from your network.

To enable scavenging on a DNS server

1.   On the DNS server on which you want to enable scavenging, click Start, point to Administrative Tools, and then click DNS. 2.   In the console tree, click the applicable DNS server. 3.   On the Action menu, click Properties. 4.   Click the Advanced tab, select Enable automatic scavenging of stale records, and then click OK. 5.   On the Action menu, click Set Aging/Scavenging for All Zones. 6.   Click the Scavenge stale resource records check box, and then click OK. 7.   In the Server Aging/Scavenging Confirmation dialog box, select Apply these settings to the existing Active Directory-integrated zones, and then click OK.