Can a DC run without DNS

  • Thread starter Thread starter johnsen
  • Start date Start date
J

johnsen

Hi
If i have a win2k server promoted to DC and a few win2k
pro PCs, do i need to install DNS server in the DC?
All the users need to access shared files,printer located
from other PCs.
If the answer is No, i really dunno when it is time that i
need to install DNS.
Pls advice, Thanks
 
If i have a win2k server promoted to DC and a few win2k
pro PCs, do i need to install DNS server in the DC?
All the users need to access shared files,printer located
from other PCs.
If the answer is No, i really dunno when it is time that i
need to install DNS
Click to expand...

You need a DNS server -- install it on the DC. Create a zone matching
your AD Domain name. Make sure the zone is DYNAMIC.

Set the DC (NIC) "DNS Server" to that DNS server ONLY -- set all
the clients the same.

Set the Forwarding tab in the DNS server to reference your ISP DNS
server(s) for external resolution.

Do NOT set the internal machines to anything other than the internal DNS
(i.e., do not set it the internal machines to the ISP.)
 
You should install DNS now. Some things might work for the moment if you
don't, but that is only because many features can fail over to NT4
compatibility mode. For the recommended configuration, install DNS now.

Examples:
A W2k or XP client will fail over to netbios for DC location and may work.
Kerberos security seems to require DNS, but I don't know if that is a hard
restriction or not.
Any DC to DC communication (like replication or promotion) requires DNS for
DC location.
 
Thanks for ur advice but you only mentioned on how to
implement DNS.
What i am confused is not how to install but why install
in the first place ?
My company is only within one subnet and no connection to
any other branches.
My confusion is whether i need to install DNS in my w2k
server(already DC)?
thanks
 
In NT4, Domain Controllers were located using WINS which is a broadcast type
system, where the first computer to claim a name gets that name and
deployments are limited in scale.

In W2k and beyond, Microsoft moved to using DNS to locate domain
controllers. DNS information is maintained in a hierarchy and the network
administration has more control over which machine can claim a name, and it
scales better.

In short, you need DNS for W2k because Microsoft designed Active Directory
in W2k to have a dependency on DNS.
 
Active Directory (DCs and clients) require DNS to function
correctly.

If you had NO DCs and only one segment you could get by
using the ISP for Internet DNS (but that would still be a DNS
server.)

If you had NO DCs, one segment, and no Internet connection
you could get by without DNS at all.

DNS is the locator service for AD domain controllers and clients.

It is almost trivial to install since you already have a Windows
Server.
 
Johnssen
I think the answers you got are pretty good. However,I
sense that you are in a small workgroup that is
standalone. If that is the case why bother with using a
domain controller in the first place? A simple workgroup
server works great for sharing files and printers. You
only need a domain controller if you have a computing
infrastruture that demands it.
Michael


Once you move to a
 
Once you get to about 5 users and 5 machines (Microsoft frequently
says 10) you start to prefer the "single account logon" of a Domain,
especially if you have already purchased a Server (free DC.)

Otherwise everyone needs an account on each machine they will
use -- if all 5 need to use all 5 machines (not always true) then
that is 25 accounts. (5 x 5 = 25)

And by the time you add an 11th machine and user to a 10-node network,
you must add 21 new accounts (if everyone will access every machine.)
 
Back
Top