Managing general properties

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Managing general properties

When you add a zone using the DNS console, you can manage these general properties for it:

  • Pause or start the zone to interrupt or restore service for it.

  • Change or convert the type for the zone.

  • Disable or enable dynamic updates for the zone.

For Active Directory-integrated zones, you can enable the use of secure dynamic updates. This enables you to restrict updates to only a specific set of authorized users or systems. When a secure update policy is enabled for the zone, only users, systems, or groups authorized through Active Directory and included in the access control list (ACL) for each directory-integrated zone, are permitted to update the zone or specific resource records used in it.

In addition to these general zone properties, you can configure or manage the following zone properties using the DNS console:

  • Start of authority (SOA) properties  These include properties supported by the SOA resource record, which is used to initialize the zone and indicate zone authority for a DNS domain name (and any of its subdomains not delegated away to other servers) to others in the DNS namespace. This record affects how often the zone must be renewed and transferred by other servers that load the zone and how long clients can cache resource records (RRs) when returned in answered queries for names in the zone. For more information on this record and configuring it, see Managing authority records.

  • Name server (NS) properties  These include all fields supported by the NS resource record (RR) for the zone. The NS RR is used for designating the names of DNS servers authoritative for the zone to others. For more information on this record and configuring it, see Managing authority records.

  • Zone Transfer properties  With this feature, you can configure how the zone permits transfers to be performed.

    You can choose to deny all requests to the server for transfer of this zone, to allow them only for other DNS servers configured on the Name Servers tab, or to transfer the zone only to DNS servers that you specify by IP address in a configured list.

    Using Notify located here, you can also enable and configure DNS notification for secondary servers of the zone. When notification is used, other servers (either those configured on the Name Servers tab or on a list that you specify) are notified of zone changes. These servers can then pull changes by initiating a zone transfer to update the zone.

    For more information, see Configuring notify lists.

    Note

    • By default, the DNS server will only allow a zone transfer to authoritative DNS servers listed in the name server (NS) resource records for the zone.
  • WINS lookup properties  The Windows Internet Name Service (WINS) lookup feature can be used to provide an expanded DNS name resolution path for zones when a queried name is not found in the zone. If WINS lookup is enabled for the zone, a WINS server (or list of WINS servers) can be contacted to assist in resolving a host name in the WINS-managed NetBIOS namespace. This feature is supported only by Microsoft DNS servers. For more information, see Using WINS lookup.