To manage a Microsoft DNS Server and maintain your DNS data, you’ll use a tool called the DNS console, a snap-in for the Microsoft Management Console (MMC). (MMC is a general-purpose program that hosts administrative tools. It’s new for Windows 2000 and replaces the “one-off” administrative tools found in Windows NT 4.0, such as DNS Manager, WINS Manager, DHCP Manager, and the like.) The DNS console has a graphical user interface (surprise) and is capable of managing multiple name servers. The DNS console is located on the Administrative Tools menu, provided you’ve already installed the DNS service. The DNS console communicates with the Microsoft DNS Server using a proprietary management protocol built on Microsoft’s RPC (remote procedure call). That means the DNS console manages only the Microsoft DNS Server and not other name servers, such as BIND.
The main DNS console window looks like Figure 4-2 (or will look like it, after we’ve set everything up in the course of this chapter).
The left pane is called the console tree. It shows name servers, zones, and domains, while the right pane shows either informational messages or resource records.
This particular DNS console knows about only one name server, terminator. That name server is authoritative for three zones: movie.edu, 249.249.192.in-addr.arpa, and 253.253.192.in-addr.arpa. The DNS console segregates forward lookup zones (which hold primarily address records) and reverse lookup zones (which hold primarily pointer records). If any of these zones had subdomains, they would show up as subfolders under the appropriate zone. For example, comedies.movie.edu would be represented as a folder called comedies under movie.edu.
There are two rows of menus. The top row, which lists the Console, Window, and Help menus, are menus for the MMC application itself and, to be honest, they’re not that interesting. The Console menu has only one choice: Exit. The Window menu has the expected options to manage MMC subwindows, but you’ll find that all the DNS administrative action happens in a single window for the DNS console snap-in. Choosing New Window produces another DNS console window; we haven’t found a need to have more than one DNS console window open, but you might find multiple windows useful. Finally, the Help menu also has the usual suspects: Help Topics brings up the MMC help system, which offers quick jumps to help with the MMC application and the DNS console snap-in.
The second row holds the Action and View menus, which all other MMC plug-ins also have. The really important commands are in the Action menu: adding new name servers, creating zones and domains, and creating resource records. You can also delete objects and view objects’ properties. We’ll explain the various commands throughout this chapter.
But let’s take a moment to go over the choices on the View menu. Since this is a standard MMC menu, not all the options are useful with the DNS console. An example is the first choice, Choose Columns..., which allows you to customize the columns in the right pane. That’s nice, except that they don’t need customization: you’ll always want to see all three columns showing a resource record’s name, type, and data. The next set of choices is Large Icons, Small Icons, List,and Detail, and the selection determines the display format in the right pane. We recommend choosing Detail when you first start the DNS console and leaving the view that way forever: otherwise you don’t see the aforementioned three columns and their useful information about each resource record.
Next is Advanced, which toggles between a more basic, or beginner’s, view and an advanced view more suitable for you DNS experts out there. There are a couple differences. The first is the display value in the type column of the right pane: in basic mode you’ll see a description of the type of resource record; advanced mode shows the actual type you’d see in a DNS zone data file. For example, in the basic view you see Start of Authority records versus the advanced view’s SOA records. The second difference is whether or not the DNS console displays some additional information in the console tree on the left. Advanced mode shows the three zones for which every Microsoft DNS Server is authoritative—0.in-addr.arpa, 127.in-addr.arpa, and 255.in-addr.arpa—as well as an icon allowing access to the name server’s cache of records from previous lookups. We’ll talk more about these zones and the cache later in this chapter.
The Filter... selection brings up a dialog box like the one shown in Figure 4-3. Filtering is handy when you’ve got a really large zone with hundreds or even thousands of resource records. Rather than displaying them all in the righthand pane, you can limit the display with this option.
Customize is another choice standard to the View menu on all MMC snap-ins. It controls which MMC menus and toolbars appear. We recommend leaving these options at their default settings, as shown in Figure 4-4, since those settings are optimal.