Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows
Server 2003 with SP2
DNS Tools
Related Information
DNS Tools
The following tools are associated with the Domain Name System (DNS).
Dnscmd.exe: Dnscmd
Category
This tool is included in the Microsoft Windows Server 2003 Support Tools.
Version compatibility
This tool runs on the Microsoft Windows 2000 Server and Windows Server 2003 operating systems.
Dnscmd is used to view the properties of DNS servers, zones, and resource records. In addition, Dnscmd is
used to modify all aspects of the DNS Server service, including creating and deleting zones and resource
records. Dnscmd can also be useful for developing scripts for configuring a DNS server.
Dnslint.exe: DNSLint
Category
Version compatibility
This tool runs on Microsoft Windows XP, and the Windows 2000 Server and Windows Server 2003 operating
systems.
DNSLint is a Microsoft Windows utility that can be used to help diagnose common DNS name resolution
issues. It can be targeted to look for specific DNS record sets and ensure that they are consistent across multiple
DNS servers. It can also be used to verify that DNS records used specifically for Active Directory directory
service replication are correct.
This tool is included in the Windows 2000 Server and Windows Server 2003 operating systems, and is installed
when the DNS Server service is installed. This tool is also installed with either the Windows 2000 Server or
Windows Server 2003 Administration Tools Pack (Adminpak.msi).
Version compatibility
This tool runs on the Windows 2000 Server and Windows Server 2003 operating systems. When installed from
one of the administration tools packs, this tool can also run on Microsoft Windows 2000 Professional and
Windows XP.
The DNS console is used to administer the DNS Server service. It can be used to modify all aspects of the DNS
Server service, including creating and deleting zones and resource records, and forcing replication events
between DNS server physical memory and DNS databases. The DNS console can also be used to perform
diagnostics on the DNS infrastructure of a network.
Category
This tool is included in all Windows server and client operating systems.
Version compatibility
This tool runs on Windows XP, and the Windows 2000 Server and Windows Server 2003 operating systems.
You can use Event Viewer to monitor events recorded in event logs. Typically, a computer stores the
Application, Security, and System logs. It could also contain other logs, depending on the computer’s role and
the applications that are installed on it. For example, DNS servers write DNS-related events, such as any errors
that occur while attempting to start the DNS Server service, to log files which can be read using Event Viewer.
Ipconfig.exe: Ipconfig
Category
This tool is included in all Windows server and client operating systems.
Version compatibility
This tool runs on all Windows server and client operating systems.
Ipconfig displays all current TCP/IP network configuration values and refreshes Dynamic Host Configuration
Protocol (DHCP) and DNS settings. Used without parameters, Ipconfig displays IPv6 addresses or the IPv4
address, subnet mask, and default gateway for all adapters.
Category
This tool is installed along with Windows Server 2003 and the Windows Server 2003 Administration Tools
Pack.
Version compatibility
Network Monitor comes in two versions: the Network Monitor that is provided as part of the Windows Server
2003 operating system, and the Network Monitor that is part of Microsoft Systems Management Server (SMS).
The version of Network Monitor that is included with the Windows Server 2003 operating system only captures
data about network packets being sent to or from the server on which you run Network Monitor; it also captures
data about network broadcasts that are received. The Network Monitor that is included with SMS enables you
to monitor all network packets on a network segment.
Nslookup.exe: Nslookup
Category
This tool is included in all Microsoft Windows server and client operating systems.
Version compatibility
This tool runs on all Windows server and client operating systems.
Nslookup is used to query DNS servers and to obtain detailed responses. The information obtained using
Nslookup can be used to diagnose and solve name resolution problems, verify that resource records are added
or updated correctly in a zone, and debug other server-related problems.
The information here is provided as a reference for use in troubleshooting or verifying that the required settings
are applied. It is recommended that you do not directly edit the registry unless there is no other alternative.
Modifications to the registry are not validated by the registry editor or by Windows before they are applied, and
as a result, incorrect values can be stored. This can result in unrecoverable errors in the system. When possible,
modify settings though the use of policy settings or through dedicated management tools, such as the DNS
snap-in for the Microsoft Management Console (MMC), to accomplish tasks, rather than editing the registry
directly. If you must edit the registry, use extreme caution.
Note
In Windows Server 2003, the location in the registry of the settings relating to DNS zones is different
from the location used in Windows 2000 Server.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\Zones
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\DNS Server\Zones
DNS\Parameters
Registry path
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\Parameters
Version
By default, the DNS server includes option (OPT) resource records indicating its User Datagram Protocol
(UDP) maximum in responses to queries containing OPT resource records. The value of the registry key
EDNSCacheTimeout determines how long the DNS server will keep information about the Extension
Mechanisms for DNS (EDNS) versions supported by other DNS servers that have responded to a query with a
OPT resource record. The value for the registry key is specified in seconds between 3,600 (1 hour) and
15,724,800 (182 days).
EnableDirectoryPartitions
Registry path
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\Parameters
Version
If you do not want the default DNS application directory partitions to be created automatically, you must
disable the EnableDirectoryPartitions registry key. The values for this key are 0x0 (disable) and 0x1 (enable).
For more information about this registry entry, see the “Registry Reference” in the “Tools and Settings
Collection.”
EnableEDNSProbes
Registry path
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\Parameters
Version
The registry entry EnableEDNSProbes enables or disables the EDNS0 response for the DNS Server service.
To configure the DNS server to include an OPT resource record only in response to EDNS0 requests containing
OPT resource records, set the registry entry to a value of 0x1 (DWORD). In Microsoft Windows Server 2003
this setting is enabled by default. Setting the value to 0x0 (DWORD) will disable the feature.
MaximumUdpPacketSize
Registry path
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\Parameters
Version
RoundRobin
Registry path
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\Parameters
Version
By default, DNS will perform round-robin rotation for all resource record types. The default setting for round-
robin rotation is contained in the registry entry RoundRobin (REG_DWORD). By default, this entry’s value is
1, rotating all RR types except those listed in the DoNotRoundRobinTypes registry entry. If the value of
RoundRobin is set to 0, then no resource record types will be round-robin rotated.
DoNotRoundRobinTypes
Registry path
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\Parameters
Version
By default, DNS will perform round-robin rotation for all resource record types. You can specify that certain
resource record types are not to be round-robin rotated in the registry. The registry entry
DoNotRoundRobinTypes (REG_SZ) allows a string value to be entered containing a list of resource record
types. By modifying this entry, you turn off round-robin rotation for specific resource record types. For
example, to prevent round-robin rotation for A, PTR, SRV, and NS record types, you would enter the following
value for the registry entry: a ptr srv ns.
DNSCache\Parameters
AlternateComputerNames
Registry path
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters
Version
The AlternateComputerNames registry entry specifies a list of alternate Fully Qualified Domain Names
(FQDNs) for the computer. When the DNS Client service registers the host address (A) and pointer (PTR)
resource records for the computer, it will also register the FQDNs specified in this key. This key is used by the
Netdom.exe utility and is not typically modified by administrators.
RegistrationRefreshInterval
Registry path
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters
Version
The RegistrationRefreshInterval registry entry specifies how often the DNS Client service will register the A
DNS resource records for its host computer. The value for this registry key is specified in seconds.
UpdateTopLevelDomainZones
Registry path
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters
Version
Windows XP and Windows 2000 with Service Pack 4 (SP4) and Windows Server 2003-based computers never
try to dynamically update the root,“ ”., zone.
The domain members and domain controllers in a domain with a single-label DNS name usually need to
dynamically register DNS records in a single-label DNS zone that matches the DNS name of the domain. If an
Active Directory forest root has a single-label DNS name, all domain controllers in the forest usually need to
dynamically register DNS records in a single-label DNS zone that matches the DNS name of the forest root.
By default, Windows XP and Windows 2000 Service Pack 4 (SP4) and Windows Server 2003-based DNS
clients do not attempt dynamic updates of any single-label DNS zone (.com, .net, .org, corp, for example). To
enable such clients to attempt dynamic updates of a single-label DNS zones, set the
UpdateTopLevelDomainZones (REG_DWORD) registry value to 0x1.
These configuration changes should be applied to all domain controllers and members of an Active Directory
domain with single-label DNS names. If a domain with a single-level domain name is a forest root, these
configuration changes should be applied to all of the domain controllers in the forest, unless the separate zones
_msdcs.forest name, _sites.forest name, _tcp.forest name and _udp.forest name are delegated from the forest
name zone. You must restart the computer for the UpdateTopLevelDomainZones registry edit to take effect.
Tcpip\Parameters
Registry path
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
Version
Windows Server 2003
The RegistrationEnabled registry entry specifies that the DNS Client service should register all of the network
connections of a computer in DNS. This is a global setting that is applied to all interfaces on a computer. If the
need exists to apply this setting to an individual interface, see the registry entry for
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
\interfaces\[interfaceGUID}.
SearchList
Registry path
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
Version
The SearchList registry entry specifies the DNS suffix search list for the network connection used by the
computer. For DNS clients, the DNS suffix search list extends or revises their DNS search capabilities. By
adding additional suffixes to the list, the DNS client searches for short, unqualified computer names in more
than one specified DNS domain. Then, if a DNS query fails, the DNS Client service can use this list to append
other name suffix endings to the original name query and then repeat DNS queries to the DNS server for these
alternate FQDNs. When the suffix search list is empty or unspecified, the primary DNS suffix of the computer
is appended to short unqualified names, and a DNS query is used to resolve the resultant FQDN. If this query
fails, the computer can try additional queries for alternate FQDNs by appending any connection-specific DNS
suffix configured for network connections.
Interfaces\{interfaceGUID}
NameServer
Registry path
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{interfaceGU
ID}
Version
The NameServer registry entry specifies the IP address of the DNS server that is used by the network
connection of the computer.
Registry path
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{interfaceGU
ID}
Version
Windows Server 2003
The RegistrationEnabled registry entry specifies that the DNS Client service should register the computer’s
network connection in DNS. This entry is interface specific and can be set on any interfaces on a computer. The
{interfaceGUID} portion of the registry path determines which interface the setting is applied to.
There is a global version of this setting that gets applied to all interfaces. Information about this setting can be
found under the registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\RegistrationEnabled.
For more information about this registry entry, see the “Registry Reference” in the Tools and Settings
Collection.
For more information about Group Policy settings, see the “Group Policy Settings Reference” in the “Tools and
Settings Collection.”
Related Information
The following resources contain additional information that is relevant to this section.
Microsoft Platform SDK on MSDN for more information about WMI classes that are associated with
the DNS Server service.
“Group Policy Settings Reference” in the “Tools and Settings Collection” for information about Group
Policy settings that are associated with the DNS Client service.
“Registry Reference” in the “Tools and Settings Collection” for information about registry entries that
are associated with DNS.