Are both DNS and WINS neccessary when using Active Directory?

Posted on 2006-11-20
Last Modified: 2010-03-18
Recently, we switched from an NT based network to a Windows 2003 Server running Active Directory. We also run 2 domains, one in Iowa and one in Nebraska on a VPN.
We were told that under Active Directory, we didn't need to run WINS, but if we take the WINS settings out of our network settings, we can't browse the other domain by name, just ip address.
For instance, we have a server in Iowa cleverly named "Server". If I take the WINS out of my workstation and type in \\server, in my address bar,  it won't connect, but if I type in \\ it connects fine.
If I have WINS enables, it works fine.
Is there a reason not to leave WINS enables if things are working?
Question by:Bruce_Leypoldt
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 18

Expert Comment

by:Don S.
ID: 17982305
As per Microsoft - Browsing in Windows Explorer uses Netbios Name resolution.  Netbios Name resolution can be either by broadcast or with the aid of a Wins server.  If your network is small, you should be able to browse without a WINS server as long as Netbios broadcasting is enabled and working.  Otherwise, if you have a larger network with routers in it, you will need a WINS server to be able to browse to shares on the other side of the router by name.

The idea that you don't need WINS under AD comes from the fact that AD and domain membership uses DNS now instead of Netbios Name Resolution.  Being able to Browse the network in Explorer is a different thing not actually related to AD.
LVL 48

Expert Comment

ID: 17982971
hmm sounds like your DNS isnt setup properly between domains, a WINS server will only really affect your network browsing within my netowrk places (relies on netbios) the rest of it is controlled by DNS
LVL 43

Expert Comment

by:Steve Knight
ID: 17983944
When you say two domains are these two forests or one forest, two domains?

if you do \\server  without WINS it will do


so if server doesn't have an entry in your DNS zone because it is on another zone then it fails...

Options here include:

Adding a CNAME to your DNS for server pointing at server.otherdomain.local. or an A record to the IP address
Adding a DNS suffix search list to each host -- test it one and if that helps you can roll out with a GPO:;en-us;294785
PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

LVL 43

Expert Comment

by:Steve Knight
ID: 17983956
(Presumably you also can't just do  PING server   without WINS in place too?)

Author Comment

ID: 17989668
Actually, I think we stumbled on the solution to this issue.  We have a local domain (GURLEY) that needs to be accessed by another domain (CLINTON) at a remote facility 700 miles away.  Conversely, Users on our local GURLEY domain need to access Files/Folders on our CLINTON domain.  The two facilities are connected via an Internet VPN tunnel.  The IP address of our GURLEY domain server is, and the IP address of the remote CLINTON domain server is

I solved our problem by including a WINS address of on all of our local (GURLEY) PC's.  Conversely, I included a WINS address of on all of our remote (CLINTON) PC's.  

Thanks to all for your input,

Bruce Leypoldt
LVL 43

Expert Comment

by:Steve Knight
ID: 17990197
Well that is really really BAD idea.  If you'd like to know the correct way feel free to open the question again!

Author Comment

ID: 17997120
Very Interesting.  Does posting this comment "re-open" the question, or do I need to re-submit it.

Thanks - Bruce Leypoldt
LVL 43

Expert Comment

by:Steve Knight
ID: 17999467
What you are doing there if I understood correctly is meaning that each pc will be chatting to the wins server the other end of your vpn link, potentilly making it slow to use and using the connection more than needed.

If you want to re open the question to discuss further you can post a link in the community support area asking for it be reopened or start a new q I suppose.

Your correct solution would involve setting up the two WINS servers as replication partners then the WINS database on both sites would contain the same information and pcs would talk to their local wins.  Only the server would replicate changes to the other server.

Will give you more details if you wish, was a quick comment before because I didn't have long...

LVL 43

Expert Comment

by:Steve Knight
ID: 18003576
Thanks Jay_Jay

Bruce, are you there still?  Are these two different forests rather than two domains in one forest?  We might just need to get a stub zone or secondary of the other companies DNS zones on each other's servers or look at setting up replication of the WINS servers if you decide to go the WINS way.  I presume there is a trust there between the domains if in seperate forests as you say users can access things.



Author Comment

ID: 18057130
Sorry about the delay in getting back to this site.  I'm relatively knew to the Server 2003 arena and am unfamiliar with the term, "Forest".  Let me explain this situation again and see if I can make it more clear.

We have a 2003 Server here at our headquarters.  It is our WINS server for our GURLEY domain, has an IP address of, and the Server name is "NT-Server".  In addition, we have a 2003 Server at a remote facility in another state.  It is a WINS server for a domain called "CLINTON".  It has an IP address of with a server name of "Server".  Both domains (GURLEY and CLINTON) are setup to Trust each other.  In addition, both servers communicate via an Internet VPN tunnel.

We have Users on the GURLEY domain that need to access files/folders on the CLINTON domain, and vice versa.  The only way I have been able to have our GURLEY domain users "See" files/folders on the CLINTON domain is to include a WINS setting of on their TCP/IP properties on their local XP Professional machines.  Conversely, the Users on the CLINTON domain have a WINS setting of on their TCP/IP properties on the local XP Professional machines.

Thanks - Bruce
LVL 43

Accepted Solution

Steve Knight earned 125 total points
ID: 18057455
OK.  If we are using WINS to do this then you have a WINS server on NT-Server and one on Server.  You point the XP clients and the servers to their local server (presumably using setting pushed down through DHCP addresses) and configure the two servers to replicate.  Both servers then have all the records of WINS and your VPN WAN link doesn't have constant chatter of WINS queries and registrations, this traffic would be kept in each LAN and only replication traffic would go over the VPN link.

If each of the domains is in effect completely seperate and probably pre-existing from before Windows 200x days then they are almost certainly seperate forests.  When you create a new domain you can either create it as a new forest or as part of an existing forest.  Domains held within a forest trust each other by default.

To save complicating things until you are more familiar and as you are already working by using a WINS infastructure I won't go into deeply into possible DNS solutions to this (it may be as simple as adding a secondary or stub zone for the other domain to your servers) but

Here's a MS document on configuring WINS though it doesn't specifically deal with your issue it may be useful as background:

For the WINS server to server replication, from memory you want to do something like this:  On NT_Server open up WINS manager, go to Replication partners, right click, new replication prtner, enter the IP address of 'server'. Leave settings on defaults of push/pull.  Then do the same on server with the IP of nt_server.


Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A brief overview to explain gateways, default gateways and static routes OR NO - you CANNOT have two default gateways on the same server, PC or other Windows-based network device. In simple terms a gateway is formed when a computer such as a serv…
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor ( Top Charts is a view in which you can set seve…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question