• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 230
  • Last Modified:

Are both DNS and WINS neccessary when using Active Directory?

Recently, we switched from an NT based network to a Windows 2003 Server running Active Directory. We also run 2 domains, one in Iowa and one in Nebraska on a VPN.
We were told that under Active Directory, we didn't need to run WINS, but if we take the WINS settings out of our network settings, we can't browse the other domain by name, just ip address.
For instance, we have a server in Iowa cleverly named "Server". If I take the WINS out of my workstation and type in \\server, in my address bar,  it won't connect, but if I type in \\ it connects fine.
If I have WINS enables, it works fine.
Is there a reason not to leave WINS enables if things are working?
1 Solution
Don S.Commented:
As per Microsoft - Browsing in Windows Explorer uses Netbios Name resolution.  Netbios Name resolution can be either by broadcast or with the aid of a Wins server.  If your network is small, you should be able to browse without a WINS server as long as Netbios broadcasting is enabled and working.  Otherwise, if you have a larger network with routers in it, you will need a WINS server to be able to browse to shares on the other side of the router by name.

The idea that you don't need WINS under AD comes from the fact that AD and domain membership uses DNS now instead of Netbios Name Resolution.  Being able to Browse the network in Explorer is a different thing not actually related to AD.
hmm sounds like your DNS isnt setup properly between domains, a WINS server will only really affect your network browsing within my netowrk places (relies on netbios) the rest of it is controlled by DNS
Steve KnightIT ConsultancyCommented:
When you say two domains are these two forests or one forest, two domains?

if you do \\server  without WINS it will do


so if server doesn't have an entry in your DNS zone because it is on another zone then it fails...

Options here include:

Adding a CNAME to your DNS for server pointing at server.otherdomain.local. or an A record to the IP address
Adding a DNS suffix search list to each host -- test it one and if that helps you can roll out with a GPO:

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Steve KnightIT ConsultancyCommented:
(Presumably you also can't just do  PING server   without WINS in place too?)
Bruce_LeypoldtAuthor Commented:
Actually, I think we stumbled on the solution to this issue.  We have a local domain (GURLEY) that needs to be accessed by another domain (CLINTON) at a remote facility 700 miles away.  Conversely, Users on our local GURLEY domain need to access Files/Folders on our CLINTON domain.  The two facilities are connected via an Internet VPN tunnel.  The IP address of our GURLEY domain server is, and the IP address of the remote CLINTON domain server is

I solved our problem by including a WINS address of on all of our local (GURLEY) PC's.  Conversely, I included a WINS address of on all of our remote (CLINTON) PC's.  

Thanks to all for your input,

Bruce Leypoldt
Steve KnightIT ConsultancyCommented:
Well that is really really BAD idea.  If you'd like to know the correct way feel free to open the question again!
Bruce_LeypoldtAuthor Commented:
Very Interesting.  Does posting this comment "re-open" the question, or do I need to re-submit it.

Thanks - Bruce Leypoldt
Steve KnightIT ConsultancyCommented:
What you are doing there if I understood correctly is meaning that each pc will be chatting to the wins server the other end of your vpn link, potentilly making it slow to use and using the connection more than needed.

If you want to re open the question to discuss further you can post a link in the community support area asking for it be reopened or start a new q I suppose.

Your correct solution would involve setting up the two WINS servers as replication partners then the WINS database on both sites would contain the same information and pcs would talk to their local wins.  Only the server would replicate changes to the other server.

Will give you more details if you wish, was a quick comment before because I didn't have long...

Steve KnightIT ConsultancyCommented:
Thanks Jay_Jay

Bruce, are you there still?  Are these two different forests rather than two domains in one forest?  We might just need to get a stub zone or secondary of the other companies DNS zones on each other's servers or look at setting up replication of the WINS servers if you decide to go the WINS way.  I presume there is a trust there between the domains if in seperate forests as you say users can access things.


Bruce_LeypoldtAuthor Commented:
Sorry about the delay in getting back to this site.  I'm relatively knew to the Server 2003 arena and am unfamiliar with the term, "Forest".  Let me explain this situation again and see if I can make it more clear.

We have a 2003 Server here at our headquarters.  It is our WINS server for our GURLEY domain, has an IP address of, and the Server name is "NT-Server".  In addition, we have a 2003 Server at a remote facility in another state.  It is a WINS server for a domain called "CLINTON".  It has an IP address of with a server name of "Server".  Both domains (GURLEY and CLINTON) are setup to Trust each other.  In addition, both servers communicate via an Internet VPN tunnel.

We have Users on the GURLEY domain that need to access files/folders on the CLINTON domain, and vice versa.  The only way I have been able to have our GURLEY domain users "See" files/folders on the CLINTON domain is to include a WINS setting of on their TCP/IP properties on their local XP Professional machines.  Conversely, the Users on the CLINTON domain have a WINS setting of on their TCP/IP properties on the local XP Professional machines.

Thanks - Bruce
Steve KnightIT ConsultancyCommented:
OK.  If we are using WINS to do this then you have a WINS server on NT-Server and one on Server.  You point the XP clients and the servers to their local server (presumably using setting pushed down through DHCP addresses) and configure the two servers to replicate.  Both servers then have all the records of WINS and your VPN WAN link doesn't have constant chatter of WINS queries and registrations, this traffic would be kept in each LAN and only replication traffic would go over the VPN link.

If each of the domains is in effect completely seperate and probably pre-existing from before Windows 200x days then they are almost certainly seperate forests.  When you create a new domain you can either create it as a new forest or as part of an existing forest.  Domains held within a forest trust each other by default.

To save complicating things until you are more familiar and as you are already working by using a WINS infastructure I won't go into deeply into possible DNS solutions to this (it may be as simple as adding a secondary or stub zone for the other domain to your servers) but

Here's a MS document on configuring WINS though it doesn't specifically deal with your issue it may be useful as background:

For the WINS server to server replication, from memory you want to do something like this:  On NT_Server open up WINS manager, go to Replication partners, right click, new replication prtner, enter the IP address of 'server'. Leave settings on defaults of push/pull.  Then do the same on server with the IP of nt_server.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now