Support User Manuals

Microsoft windows 2000 DNS Server User Manual

Open as PDF

of 70

• Incremental Zone Transfer (IXFR)

• Dynamic Update and Secure Dynamic Update

• Unicode Character Support

• Enhanced Domain Locator

• Enhanced Caching Resolver Service

• Enhanced DNS Manager

Active Directory Storage and Replication Integration

In addition to supporting a conventional way of maintaining and replicating DNS

zone files, the implementation of DNS in Windows 2000 has the option of using the

Active Directory services as the data storage and replication engine. This approach

provides the following benefits:

• DNS replication will be performed by Active Directory service, so there is no

need to support a separate replication topology for DNS servers.

• Active Directory service replication provides per-property replication granularity.

• Active Directory service replication is secure.

• A primary DNS server is eliminated as a single point of failure. Original DNS

replication is single-master; it relies on a primary DNS server to update all the

secondary servers. Unlike original DNS replication, Active Directory service

replication is multi-master; an update can be made to any domain controller in

it, and the change will be propagated to other domain controllers. In this way if

DNS is integrated into Active Directory service the replication engine will

always synchronize the DNS zone information.

Thus Active Directory service integration significantly simplifies the administration of

a DNS namespace. At the same time standard zone transfer to other servers (non

Windows 2000 DNS servers and previous versions of the Microsoft DNS servers) is

still supported.

The Active Directory Service Storage Model

The Active Directory service is an object-oriented X.500-compliant database, which

organizes resources available on your network in a hierarchical tree-like structure.

This database is managed by the set of Domain Controllers (DC). The portion of the

Active Directory service database for which a specific DC is authoritative is

physically located on the same computer where the DC is. Every resource in Active

Directory service is represented by an object. There are two distinct types of objects

supported by Active Directory service:

• Containers–objects that can contain other container and leaf objects

• Leafs–objects representing a specific resource within the Active Directory

service tree

Windows 2000 White Paper

11

previous next