Tips for MCSE

Pass your MCSE exms.

Name Resolution
*********************

NetBIOS - 15 characters, LMHosts file, WINS
Hostname - 255 characters, HOSTS file, DNS

If Hostname is over 15 characters, for backward compatibility, first 15 characters are used to derive the NetBIOS equivalent name.

When you upgrade from an NT 4.0 domain, try to keep the same domain name.

When planning a namespace, try to balance understandability with conciseness.
Reasons for Secondary DNS Zones
1) Fault tolerance
2) Load balancing
3) Remote locations

Reasons for Caching-Only Server
1) No zone transfer traffic (less overhead)
2) Used for WAN-limited links
3) If majority of clients need DNS information for internet hosts, use caching-only

Benefits of Active Directory Integration
1) No more zone transfers (replicated through AD replication)
2) More secure replication
3) Less administrative overhead
4) More fault tolerant (multimaster configuration)
5) Secure DDNS (optional feature)

Replication Scopes
1) 2000 Default - all DCs in domain receive DNS information (even DCs without DNS receives information)
2) 2003 DomainDNSZones - All DCs in domain with DNS receive information
3) 2003 ForestDNSZones - All DCs in forest with DNS installed (root domain info usually placed in this zone)
--> _MSDCS automatically placed in ForestDNSZones
4) Application Partition - Able to customize which DCs receive the DNS data

- Conditional forwarding is static. You set up an IP address which handles a specific type of query.
- A stub zone is dynamic. It will update itself with changes.
Dynamic DNS: Allows clients to upgrade A and PTR records to DNS server automatically
- Client must be 2000 or greater
- If client is NT 4, 2000/2003 DHCP server can act as proxy and register through DNS on the client's behalf

Secure Dynamic DNS
1) Must be integrated with Active Directory
2) Client must be member of the domain
3) Only the original client can alter/remove the records
DNS Namespace Design
Split-Brain DNS
1) Identical internal/external namespace
- Easy for users to understand
- More configuration involved (firewall, DNS forwarding, etc)
2) Different internal/external namespace
- Easier for admins
- More difficult more users to understand
- More secure configuration
3) Internal DNS subdomain of external DNS domain
- BIND integration

Goals for Split-Brain DNS
1) Security (effectively configuring firewalls and zone transfer traffic)
2) External clients can access external resources
3) External clients can't access internal resources (unless VPN is used)
4) Internal clients can access internal and external resources
Designing WINS
- Most common configuration is to use a hub and spoke topology

- WINS servers can handle ~10,000 clients/server
- Recommended to have a WINS server in every physical location, unless the location is small

Why DNS?
- AD requires DNS
- 2000+ has the option of using DNS only
- Pre-2000 uses DHCP integration with DNS

Why WINS?
- Pre-2000
- NetBIOS Applications