DNS integration

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

DNS integration

Active Directory is integrated with DNS in the following ways:

  • Active Directory and Domain Name System (DNS) have the same hierarchical structure.

    Although separate and implemented differently for different purposes, an organization's namespace for DNS and Active Directory have an identical structure. For example, microsoft.com is a DNS domain and an Active Directory domain. For more information, see Namespace planning for DNS.

  • DNS zones can be stored in Active Directory.

    If you are using the Windows Server 2003 DNS Server service, primary zone files can be stored in Active Directory for replication to other Active Directory domain controllers. For more information, see Active Directory integration.

  • Active Directory uses DNS as a locator service, resolving Active Directory domain, site, and service names to an IP address.

    To log on to an Active Directory domain, an Active Directory client queries their configured DNS server for the IP address of the LDAP service running on a domain controller for a specified domain. For more information about how Active Directory clients rely on DNS, see Locating a domain controller.

Note

  • You can use Dcdiag.exe and Netdiag.exe to troubleshoot client computers that cannot locate a domain controller. These tools can help determine both server and client DNS misconfigurations. For more information, see article Q265706, "DCDiag/NetDiag Facilitate Join and DC Creation" in the Microsoft Knowledge Base. For a brief description of support tools, see Active Directory support tools.

While Active Directory is integrated with DNS and shares the same namespace structure, it is important to distinguish the difference between them:

  • DNS is a name resolution service.

    DNS clients send DNS name queries to their configured DNS server. The DNS server receives the name query and either resolves the name query through locally stored files or consults another DNS server for resolution. DNS does not require Active Directory to function.

  • Active Directory is a directory service

    Active Directory provides an information repository and services to make information available to users and applications. Active Directory clients send queries to domain controllers using the Lightweight Directory Access Protocol (LDAP). In order to locate a domain controller, an Active Directory client queries DNS. Active Directory requires DNS to function.

For a checklist on deploying DNS for Active Directory, see Checklist: Deploying DNS for Active Directory.

For information about configuring DNS servers for Active Directory, see Configure a DNS server for use with Active Directory.