Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 749
  • Last Modified:

DNS on Windows Server 2012

This may be a simple question, however, I am wondering if I need to setup DNS forwarding on a DNS Server.  Do I have to have my Domain Controller setup as a DNS Server.  The company uses AD.  If I do use DNS, do I have to set DNS on all workstations to the Server IP Address.  If so, I have issues getting to the internet on the workstations (I assume thats why I need forwarder)  Also if I have a couple laptops that are not on the domain, do I have to mess with their DNS.  Thanks
0
Daniel Fishkin
Asked:
Daniel Fishkin
4 Solutions
 
footechCommented:
Your server can be configured to use forwarders or root hints.  In my opinion either is acceptable.

You should have all your DCs setup as a DNS server so that you can use AD-integrated zones.

All domain members (workstations and servers) should only use internal DNS servers, otherwise you can encounter weird issues with name resolution.  If you only have a single DC, yes everything should point to that IP.

I suggest that you use a DHCP server that is set to assign your DC/DNS server(s) IP as the DNS servers.  All workstations, whether members of the domain or not, can get their IP info from DHCP.  Your servers should be statically configured.  Your non-domain members don't have to use internal DNS, but then they won't be able to resolve the names of internal machines.  Something like that may be just what you want, but if so, I'd suggest you take it one step further and separate the non-domain machines from your internal network and have a separate DHCP server which can hand out the appropriate information automatically.  Why configured machines manually when you can avoid it?
0
 
mbkitmgrCommented:
You've answered your questions to some degree yourself.

to find services and resource in the domain and among domain controllers, so DNS is a requirement, and one DNS server has to exist somewhere on your domain.
0
 
Rob WilliamsCommented:
Could you advise if this is server 2012 standard or server 2012 Essentials?  The latter has some special considerations.
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
Daniel FishkinOwner and Principal ConsultantAuthor Commented:
It is a 2012 Standard edition.  We have a sonicwall that is handing out the DHCP to the workstations.  
So if the Server is 192.168.168.11, would I set the DNS on the workstations to 192.168.168.11

Also I am a bit confused on why people would say set the workstations to 127.0.0.1

Thanks again for all the input
0
 
Daniel FishkinOwner and Principal ConsultantAuthor Commented:
one other piece of info, we have VOIP phones which act as a hub between the ethernet port and the PCs
0
 
Rob WilliamsCommented:
>>"Also I am a bit confused on why people would say set the workstations to 127.0.0.1"
They don't they might set the server to that, the local host address.

Workstations should be assigned the server as their ONLY DNS server.
Usually you are best to have the server manage DNS for central management and to assure all necessary DHCP scope options are assigned to clients.
Because of the VoIP system, though the server can handle them as well, you may have reasons to leave DHCP on the Sonicwall.  If so make sure it hands out the server as the DNS server, as well as the local domain suffix, and if present the WINS server address.
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
> one other piece of info, we have VOIP phones which act as a hub between the ethernet
> port and the PCs
This is irrelevant.  

Windows DNS server is a FULL DNS server and can provide name resolution for anything requiring DNS resolution.  Phones, computers, etc.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now