Active Directory/Documentation/DNS Notes

From WolfTech
Jump to navigation Jump to search

There are a couple of important DNS considerations on the WOLFTECH domain.

  1. All computers within an OU should have the same DNS suffix.
  2. It is preferable (but not required) that departmental OUs use 1 DNS suffix for all computers in their OU.
  3. We have delegated to computers the ability to update their DNS name in Active Directory. This requires that we maintain a list of authorized DNS suffixes. This list is specified in the msDS-AllowedDNSSuffixes attribute.
    • To Edit this attribute:
      • Open the ADSI Editor.
      • Right click the DC=wolftech,DC=ad,DC=ncsu,DC=edu object and choose Properties.
      • Click the msDS-AllowedDNSSuffixes attribute and click Edit.
      • Type the name of the suffix and click Add.
      • Click OK twice.
  4. For a computer to register its DNS name in Active Directory, its DNS suffix must be provided to it by a group policy. Preferably, the DNS suffix for the departmental OU should be specified in the <DEPT>-OU Policy.
    • This setting is located in:
      • Computer Configuration\Administrative Templates\Network\DNS Client\Primary DNS Suffix
  5. To make it easier to locate a machine using only the hostname, a list of DNS suffixes commonly used on your network should be specified in group policy.
    • This setting is located in:
      • Computer Configuration\Administrative Templates\Network\DNS Client\DNS Suffix Search List
Retrieved from "https://tools.wolftech.ncsu.edu/support/index.php?title=Active_Directory/Documentation/DNS_Notes&oldid=7369"