Was this page helpful?
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

Configuring DNS Client Settings for DNS Operations

Updated: March 2, 2005

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Domain Name System (DNS) configuration involves the following tasks when TCP/IP properties are configured for each computer:

  • Setting a DNS computer name or host name for each computer. For example, in the fully qualified domain name (FQDN) wkstn1.sales.wingtiptoys.com., the DNS computer name is wkstn1.

  • Setting a primary DNS suffix for the computer, which is placed after the computer name or host name to form the FQDN. Using the previous example, the primary DNS suffix is sales.wingtiptoys.com.

  • Setting a list of DNS servers for clients to use when resolving DNS names, such as a preferred DNS server, and any alternate DNS servers to use if the preferred server is not available.

  • Setting the DNS suffix search list or search method to be used by the client when it performs DNS query searches for short, unqualified domain names.

These tasks are discussed in more detail in each of the following sections.

Setting Computer Names

When you set a computer name for DNS, it is useful to think of the name as the leftmost portion of a fully qualified domain name (FQDN). For example, in wkstn1.sales.wingtiptoys.com., wkstn1 is the computer name.

You can configure all Windows DNS clients with a computer name that is based on any of the standard supported characters that are defined in Request for Comments (RFC) 1123, "Requirements for Internet Hosts -- Application and Support." These characters include the following:

  • Uppercase letters: A through Z

  • Lowercase letters: a through z

  • Numbers: 0 through 9

  • Hyphens (-)

If you are supporting both network basic input/output system (NetBIOS) and DNS namespaces on your network, you can use a different computer name in each namespace. However, it is recommended that, wherever possible, you try to use computer names that are 15 characters or less and that you follow the RFC 1123 naming requirements described in the previous paragraph.

By default, the leftmost label in the FQDN for clients equals the NetBIOS computer name, unless this label is 16 or more characters, which is the maximum for NetBIOS names. When the computer name exceeds the maximum length for NetBIOS, the NetBIOS computer name is truncated based on the full label that is specified.

Before you configure computers with varying DNS and NetBIOS names, consider the following issues and their implications for your deployment:

If Windows Internet Name Service (WINS) lookup is enabled for zones that are hosted by your DNS servers, you must use the same name for both NetBIOS and DNS computer naming. Otherwise, the results of clients attempting to query and resolve the names of these computers will be inconsistent.

If you have an investment in using NetBIOS names to support legacy Microsoft networking technology, it is recommended that you revise NetBIOS computer names that are used on your network to prepare for migration to a standard DNS-only environment. This prepares your network well for long-term growth and interoperability with future naming requirements. For example, if you use the same computer name for both NetBIOS and DNS resolution, consider converting any special characters such as the underscore (_) in your current NetBIOS names that do not comply with DNS naming standards. While these characters are permitted in NetBIOS names, they are more often incompatible with traditional DNS host naming requirements and most existing DNS resolver client software.

Although the use of the underscore (_) in DNS host names or in host address (A) resource records has traditionally been prohibited by DNS standards, the use of underscores in service-related names — such as those used for service locator (SRV) resource records — has been proposed to avoid naming collisions in the Internet DNS namespace.

In addition to DNS standard naming conventions, Windows Server 2003 DNS supports the use of extended American Standard Code for Information Interchange (ASCII) and Unicode characters. However, because most resolver software that is written for other platforms (such as UNIX) is based on Internet DNS standards, this enhanced character support can be used only in private networks with computers running Windows 2000 or Windows Server 2003 DNS.

The initial setup of DNS and TCP/IP displays a warning to suggest a standard DNS name if a nonstandard DNS name is entered.

By default, computers and servers use DNS to resolve any name that is greater than 15 characters in length. If the name is less than or equal to 15 characters, both NetBIOS and DNS name resolution can be attempted and used to resolve the name.

Setting Domain Names

The domain name is used with the client computer name to form the FQDN, which is also known as the full computer name. In general, the DNS domain name is the remainder of the FQDN that is not used as the unique host name for the computer.

For example, the DNS domain name for a client computer can be defined as the following: If the FQDN is wkstn1.sales.wingtiptoys.com, the domain name is the sales.wingtiptoys.com portion of this name.

DNS domain names have two variations: a DNS name and a NetBIOS name. The full computer name (a fully qualified DNS name) is used during querying and location of named resources on your network. For earlier-version clients, the NetBIOS name is used to locate various types of NetBIOS services that are shared on your network.

The Net Logon service is an example of a service that shows the need for both NetBIOS and DNS names. In Windows Server 2003 DNS, the Net Logon service on a domain controller registers its SRV resource records on a DNS server. For Windows NT Server 4.0 and earlier operating systems, domain controllers register a DomainName entry in WINS to perform the same registration and to advertise their availability for providing authentication service to the network.

When a client computer is started on the network, it uses the DNS resolver to query a DNS server for SRV records for its configured domain name. This query is used to locate domain controllers and provide logon authentication for accessing network resources. A client or a domain controller on the network optionally uses the NetBIOS resolver service to query WINS servers, attempting to locate DomainName [1C] entries to complete the logon process.

Your DNS domain names should follow the same standards and recommended practices that apply to DNS computer naming described in the previous section. In general, acceptable naming conventions for domain names include the use of letters A through Z, numerals 0 through 9, and the hyphen (-). The period (.) in a domain name is always used to separate the discrete parts of a domain name, commonly known as labels. Each label corresponds to an additional level that is defined in the DNS namespace tree.

For most computers, the primary DNS suffix that is configured for the computer can be the same as its Active Directory domain name, although the two values can also be different.

By default, the primary DNS suffix portion of a computer's FQDN must be the same as the name of the Active Directory domain where the computer is located. To allow different primary DNS suffixes, a domain administrator may establish a restricted list of allowed suffixes by creating the msDS-AllowedDNSSuffixes attribute in the domain object container. This attribute is created and managed by the domain administrator using Active Directory Service Interfaces (ADSI) or the Lightweight Directory Access Protocol (LDAP).

Configuring a DNS Servers List

For DNS clients to operate effectively, a prioritized list of DNS name servers must be configured for each computer to use when processing queries and resolving DNS names. In most cases, the client computer contacts and uses its preferred DNS server, which is the first DNS server on its locally configured list. The client computer contacts and uses listed alternate DNS servers when the preferred server is not available. For this reason, it is important that the preferred DNS server be appropriate for continuous client use under normal conditions.

For computers running Windows XP, the DNS server list is used by clients only to resolve DNS names. When clients send dynamic updates — for example, when they change their DNS domain name or a configured Internet Protocol (IP) address — they might contact these servers or other DNS servers as needed to update their DNS resource records.

By default, the DNS client on Windows XP does not attempt dynamic update over a Remote Access Service (RAS) or virtual private network (VPN) connection. To modify this configuration, you can modify the advanced TCP/IP settings of the particular network connection or you can modify the registry.

By default, the DNS client does not attempt dynamic update of top-level domain (TLD) zones. Any zone that is named with a single-label name is considered a TLD zone, for example, com, edu, blank, or my-company. To configure the DNS client to allow the dynamic update of TLD zones, you can use the Update Top Level Domain Zones policy setting or you can modify the registry.

When DNS clients are configured dynamically by a Dynamic Host Configuration Protocol (DHCP) server, it is possible to have a larger list of provided DNS servers. To provide an IP address list of DNS servers to your DHCP clients, enable option code 6 on the configured options types that are provided by your DHCP server. For Windows Server 2003 DHCP servers, you can configure a list of up to 25 DNS servers for each client with this option.

To effectively share the load when multiple DNS servers are provided in a DHCP options-specified list, you can configure a separate DHCP scope that rotates the listed order of DNS and WINS servers that are provided to clients.

Configuring a DNS Suffix Search List

For DNS clients, you can configure a DNS domain suffix search list that extends or revises their DNS search capabilities. By adding additional suffixes to the list, you can search for short, unqualified computer names in more than one specified DNS domain. Then, if a DNS query fails, the DNS Client service can use this list to append other name suffix endings to your original name and to repeat DNS queries to the DNS server for these alternate FQDNs.

For computers and servers, the following default DNS search behavior is predetermined and used for completing and resolving short, unqualified names.

When the suffix search list is empty or unspecified, the primary DNS suffix of the computer is appended to short, unqualified names, and a DNS query is used to resolve the resultant FQDN. If this query fails, the computer can try additional queries for alternate FQDNs by appending any connection-specific DNS suffix that is configured for network connections.

If no connection-specific suffixes are configured or if queries for these resultant connection-specific FQDNs fail, the client can then begin to retry queries based on systematic reduction of the primary suffix (also known as devolution).

For example, if the primary suffix is sales.wingtiptoys.com, the devolution process is able to retry queries for the short name by searching for it in the wingtiptoys.com and com domains.

When the suffix search list is not empty and it has at least one DNS suffix specified, attempts to qualify and resolve short DNS names are limited to searching only those FQDNs that are made possible by the specified suffix list. If queries for any FQDNs form as a result of appending and trying each suffix in the list, the query process fails, producing a "Name not found" result.

If the domain suffix list is used, clients continue to send additional alternate queries based on different DNS domain names when a query is not answered or resolved. After a name is resolved using an entry in the suffix list, unused list entries are not tried. For this reason, it is most efficient to order the list with the most used domain suffixes first.

Configuring Multiple Names

Computers running Windows XP and servers running Windows Server 2003 are given DNS names by default. Each computer can have its DNS names configured using one of two possible methods:

  • A primary DNS domain name, which applies as the default, fully qualified, DNS name for the computer and all its configured network connections.

  • A connection-specific, DNS domain name, which can be configured as an alternate DNS domain name that applies only for a single network adapter that is installed and configured on the computer.

Although most computers do not need to support or use more than one name in DNS, support for configuring multiple, connection-specific DNS names is sometimes useful. For example, by using multiple names, a user can specify which network connection to use when connecting to a multihomed computer.

To complete these tasks, perform the following procedure:

Configure DNS settings in Network Connections

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

© 2015 Microsoft