Microsoft windows 2000 DNS manual Active Directory Storage and Replication Integration

Page 17

Incremental Zone Transfer (IXFR)

Dynamic Update and Secure Dynamic Update

Unicode Character Support

Enhanced Domain Locator

Enhanced Caching Resolver Service

Enhanced DNS Manager

Active Directory Storage and Replication Integration

In addition to supporting a conventional way of maintaining and replicating DNS zone files, the implementation of DNS in Windows 2000 has the option of using the Active Directory services as the data storage and replication engine. This approach provides the following benefits:

DNS replication will be performed by Active Directory service, so there is no need to support a separate replication topology for DNS servers.

Active Directory service replication provides per-property replication granularity.

Active Directory service replication is secure.

A primary DNS server is eliminated as a single point of failure. Original DNS replication is single-master; it relies on a primary DNS server to update all the secondary servers. Unlike original DNS replication, Active Directory service replication is multi-master; an update can be made to any domain controller in it, and the change will be propagated to other domain controllers. In this way if DNS is integrated into Active Directory service the replication engine will always synchronize the DNS zone information.

Thus Active Directory service integration significantly simplifies the administration of a DNS namespace. At the same time standard zone transfer to other servers (non Windows 2000 DNS servers and previous versions of the Microsoft DNS servers) is still supported.

The Active Directory Service Storage Model

The Active Directory service is an object-oriented X.500-compliant database, which organizes resources available on your network in a hierarchical tree-like structure. This database is managed by the set of Domain Controllers (DC). The portion of the Active Directory service database for which a specific DC is authoritative is physically located on the same computer where the DC is. Every resource in Active Directory service is represented by an object. There are two distinct types of objects supported by Active Directory service:

Containers–objects that can contain other container and leaf objects

Leafs–objects representing a specific resource within the Active Directory service tree

Windows 2000 White Paper

11

Page 16 Page 18
Image 17
Page 16 Page 18
Contents Windows 2000 DNS Microsoft Corporation. All rights reserved Contents Designing a DNS Namespace for the Active Directory Summary Page DNS Fundamentals Standards and Additional Reading Name Services in WindowsDraft-skwan-gss-tsig-04.txt GSS Algorithm for Tsig GSS-TSIG History of DNSHierarchy of DNS Domain Names Structure of DNSCom Edu Gov Mil Army Microsoft Int/net/orgMit Mydomain DNS and InternetDistributing the Database Zone Files and Delegation TTLMicrosoft My domain ftp Ntserver Replicating the DNS databaseQuerying the Database NEW Features of the Windows 2000 DNSName Server Resolver Root-server Gov Whitehouse.gov Time to Live for Resource Records Updating the DNS DatabaseActive Directory Storage and Replication Integration Active Directory Service Storage ModelWindows 2000 White Paper Zone Type Conversions Controlling Access to ZonesReplication Model Protocol Description Incremental Zone TransferZone Log File Dynamic UpdateMaster DNS Server Slave DNS Server Ixfr and DS IntegrationDynamic Update of DNS Records Update AlgorithmDhcp Client Mixed EnvironmentSecure Dynamic Update Statically Configured ClientRAS Client Client ReregistrationEstablishing a security context by passing security tokens Secure Dynamic Update Policy Controlling Update Access to Zones and Names DnsUpdateProxy GroupAging and Scavenging DNS Admins GroupAging and Scavenging Parameters DefaultEnableScavenging Scavenging Period DescriptionRecord Life Span Scavenging Algorithm Configuring Scavenging ParametersInteroperability Considerations Unicode Character SupportDomain Locator Finish IP/DNS Compatible Locator DNS Record Registration and Resolver RequirementsLdap.tcp.dc.msdcs.DnsDomainName Kerberos.tcp.dc.msdcs.DnsDomainName IP/DNS DC Locator Algorithm Finish Discovering Site specific DCsCaching Resolver Fully-Qualified Query Name ResolutionUnqualified Single-Label Query Using Global Suffix Search OrderUnqualified Multi-Label Query Using Primary and Per-adapter Domain NamesUnqualified Single-Label Query Scenarios Name Resolution ScenariosMicrosoft Implementation of Negative Caching Fully-Qualified Query ScenariosDNS Server List Management Negative CachingDNS Manager Administrative ToolsWMI Support for DNS Server Administration Using UTF-8 Characters Format Interoperability IssuesUsing Wins and Winsr Records Utilization DNS Server PerformanceReceiving Non-RFC Compliant Data Hardware components Sizing Server Capacity PlanningChoosing Names Internet Access ConsiderationsWindows 2000 White Paper Windows 2000 White Paper Windows 2000 White Paper VPN Com Yyy.com Zzz.com Windows 2000 White Paper Primary Zone YYY corporation ZZZ corporation VPN Firewall Computer Names Characters in NamesPer-Adapter Naming Full computer nameIntegrating ADS with Existing DNS Structure Domain name and sites. Active Directory domain name DNS Migration to Windows 2000 DNSPartitioning, and Replication Choosing your Zones Deploying DNS to Support Active DirectoryWins Referral Using Automatic ConfigurationIxfr Ixfr For More InformationWindows 2000 White Paper
Top Page Image Contents