WINS and MSDNS 2000 Overview Brennan Crowe

1
WINS and MS-DNS 2000 Overview Brennan Crowe
Bill BaxterSupport ProfessionalsMPS-PRO Server
Protocols TeamMicrosoft Corporation
2

• Microsoft Windows 2000 WINS

3
Legacy clients

• Windows NT all flavors
• Windows 95
• Windows 98
• Windows for Workgroups and MS-DOS

WINS is still required for mixed Windows
environments for NetBIOS browsing across
subnets. Migration to pure DNS will take years.
4
How about that GUI?

• MMC based!
• New tasks
• May be interpreted as less intuitive

5
WINS MMC
6
Server Statistics
7
Viewing the WINS Mappings

• You can View Records or use Quick Find (Filter).

8
Select owner or all records

• Right-click Active Registrations and select View
  Records.
• Highlight the appropriate owner.

9
Filter by Suffix and Quick Find

• You can now add custom NetBIOS suffix types and
  find all records that begin with a particular set
  of characters.

10
Note the new column names

• Static and Active column is now specific.
• The Type is now specific.
• Easier to understand.

11
New Capability Verify Name Records

• Good Find a missing record
• Bad It is CaSe-SeNsiTiVe

12
Verify using Text Files

• It is case sensitive, but you cant use the name
  twice.

13
Export List (WINSDUMP) Creates a TAB-delimited
text file
14
Import into Excel and Sort
15
Tombstoning capability as in SP4 Tombstone the
Owner

• The record gets marked as a tombstone, which is
  then replicated to all WINS partners. WINS
  servers do not respond to Name Requests for a
  tombstoned entry. The entry will be deleted from
  the database during the next scavenging.

16
Persistent Connections to Replication Partners
Eliminates overhead of opening and tearing down
connections with replication partners.
17
Replication Partners Properties

• Add entries for PersonaNonGrata servers in the
  GUI.
• Set Defaults for Persistent Connections.
• Enable Automatic (Multicast) Partner
  Configuration!

18
Burst Mode Registration

• Splits registration into two processes.
• Queue the names and send positive response back
  with variable TTL, 5 to 50 mins.
• Register the items from the queue in order of
  receipt.

Enabled by default Low 300 Medium 500 High
1000 Custom 50 - 5000
19
Static Mappings Made Easier!

• Scope looks awfully tempting

20
New WINS/RAS Registry Parameters

• Registry entries are located under
  HKEY_LOCAL_MACHINE\System\CCS\Services\Remoteacces
  s\Parameters\IP
• Q232691 How to Globally Configure WINS and DNS
  parameters to be assigned to RAS clients.
• Q232651 Preventing Windows 2000 from assigning
  WINS and DNS addresses to RAS clients.

21
Do you NEED a WINS server?

• If you have legacy clients that need to browse
• If you are not using Windows 2000 DDNS to add
  client records to DNS Zones

22

• Microsoft Windows 2000
• DNS

23
MS-DNS Overview

• Name server of choice for Windows 2000
• Building on DNS for Windows NT 4.0
• RFC compliant and fully compatible with other
  RFC-compliant DNS servers
• Support for service location resource records
  (SRV RR)

24
New Features of Windows 2000 DNS

• Integration with Active Directory, WINS, and
  DHCP
• Dynamic update
• Incremental zone transfer
• Unicode character support
• The domain locator
• Caching resolver
• DNS manager

25
Active Directory Integration

• Overview
• ADS Storage Model
• Replication Model
• Zone-Type Conversions
• Controlling Access to Zones

26
MS-DNS / Active Directory Integration Overview

• DNS is required when locating Windows 2000 Domain
  Controllers.
• Windows 2000 MS-DNS can use Active Directory to
  store and replicate zones.

27
ADS Integrated or Primary?
28
The Active Directory Service Storage Model

• ADS Storage Model
• Object-oriented X.500-compliant database
• Each DNS Zone becomes an ADS Container Object
• DNSZone Object will contain DNSNode Leaf Object
• Only DNS Servers running on DC can load DS
  Integrated Zones

29
DNSZone Object DNSNode Leaf Object
Container Objects
Leaf Objects
30
The Replication Model

• ADS uses multi-master replication model
• Intersite replication
• Intrasite replication
• DNS updates can be written to any DS-Integrated
  DNS Server.
• Object updates will favor last update made.
• Zone updates to Active Directory happen
  immediately.

31
Zone-Type Conversions

• Possible to convert from integrated to
  non-integrated
• Or back from nonintegrated to integrated
• If converted from ADS Integrated to Standard
  Primary (nonintegrated)
• Deleted from ADS (all DC databases)

32
Dynamic Updates

• Update client information in DNS
• Update downlevel client information
• Secure Dynamic DNS Updates
• Groups or Users allowed to update Resource
  Records (RR)
• Directory Service (DS) maintains Access Control
  Lists (ACL)

33
Choosing Dynamic Updates
Each zone can be configured to allow dynamic
updates. Secure updates can be used to control
access to the database.
34
Integration with DHCP

• DHCP performs Dynamic Updates
• Updates vary depending on client type
• Statically Assigned Address
• DHCP
• RAS
• Client re-registration

35
DHCP Server Support for Downlevel Clients

• Downlevel client support
• Windows for Workgroups, Windows 95, Windows 98,
  and Windows NT
• DHCP Server will register for the client
• A record
• PTR record

36
DHCP Server Downlevel Client Support
DHCP Server will update both A and PTR Resource
Records (RR) on behalf of the downlevel client.
37
Integration with WINS

• WINS resource record
• Enabled to integrate WINS lookup into forward
  lookup zones
• WINS-R resource record
• Enabled to integrate WINS reverse lookup for
  reverse lookup zones

38
WINS Resource Record
39
Incremental Zone Transfer

• AXFR (All Zone Transfer)
• Not efficient means to propagate zone changes
• IXFR (Incremental Zone Transfer)
• Must support IXFR
• Transfers only the changed portion of the zone
• RFC 1995

40
Zone Transfers
Windows 2000 MS-DNS supports Incremental Zone
Transfers. Differences between the source and
replicated versions of the zone are first
determined.
41
Unicode Character Support

• Transitioning from Windows NT 4.0 to Windows 2000
  
• DNS original character set (RFC 1123 952)
• NetBIOS character set (much larger)
• Microsoft Windows 2000 supports UTF-8 character
  encoding
• Characters from most of the worlds written
  languages

42
Configuration of UTF-8 in MS-DNS
Strict RFC Follow only RFC 1123 Non-RFC
(ANSI)Do not follow RFC 1123 Multibyte (UTF8)
Permits other than ASCII, including Unicode
43
The Domain Locator

• Service implemented in the NetLogon Service
• IP/DNS Locator
• Looks for DNS host name
• If IP/DNS not supported, goto NT4 Locator
• Ping list of DCs retrieved in weighted random
  order
• First DC that responds and satisfies clients
  requirements is used
• Windows NT 4.0 Compatible Locators

44
Caching Resolver (Client Side)

• Improves Name lookup performance
• Caches entries from host file
• Caches entries recently resolved
• Supports negative caching
• Runs in the context of the Services.exe process
• IPConfig /displaydns
• IPConfig /flushdns

45
DNS Console

• Microsoft manager console snap-in
• Server configuration wizard
• Filtering capability
• Security capability/updated zone information
• Security capability/modification of ACLs

46
Stand-alone Primary DNS
47
ADS/DNS Integrated
48
Recommended Reading

• White Papers
• Windows 2000 Namespace Design
• Active Directory Technical Summary
• Windows 2000 DNS
• Windows 2000 WINS Overview
• http//www.microsoft.com/windows/server/technical
  /default.asp
• DNS and Bind (Cricket Liu) published by OReilly
  and Associates
• Related RFCs
• 1034,1035,1995,1996,2052,1123,2136,2181,2308

49
(No Transcript)