IgNiTeD SoUL

Creating a Forward Lookup Zone

Problem

You want to create a forward lookup zone. A forward lookup zone maps FQDNs to IP addresses or other names.

Solution

Using a graphical user interface

1. Open the DNS Management snap-in.
2. If an entry for the DNS server you want to connect to do not exist, right-click on DNS in the left pane and select “Connect to DNS Server.” Select “This computer” or “The following computer,” enter the server you want to connect to (if applicable), and click OK.
3. Expand the server in the left pane and click on Forward Lookup Zones.
4. Right-click on Forward Lookup Zones and select New Zone.
5. Click Next.
6. Select the zone type and click Next.
7. If you selected to store the zone data in Active Directory, next you will be asked which servers you want to replicate the DNS data to. Click Next after you make your selection.

Step 7 applies only to DNS servers that are installed on Windows Server 2003 domain controllers. If you still have Windows 2000 DNS servers in your environment, choose the option to replicate the zone to all domain controllers in your domain.

2. Enter the zone name and click Next.
3. Fill out the information for the remaining screens. They will vary depending on whether you are creating a primary, secondary, or stub zone.

Using a command-line interface

The following command creates an AD-integrated zone:

> dnscmd <DNSServerName> /zoneadd <ZoneName> /DsPrimary

Using VBScript

‘ This code creates an AD-integrated forward zone.

‘ —— SCRIPT CONFIGURATION ——

strServer = “<DNSServerName>” ‘ e.g. dc1.rallencorp.com

strNewZone = “<ZoneName>”     ‘ e.g. othercorp.com

‘ —— END CONFIGURATION ——–

set objDNS = GetObject(“winMgmts:\\” & strServer & “\root\MicrosoftDNS”)

set objDNSZone = objDNS.Get(“MicrosoftDNS_Zone”)

strNull = objDNSZone.CreateZone(strNewZone, 0 , True)

WScript.Echo “Created zone ” & strNewZone

Discussion

Using a command-line interface

When you create an AD-integrated zone with the /DsPrimary switch, you can additionally include a /dp switch and specify an application partition to add the zone to. Here is an example:

> dnscmd /zoneadd <ZoneName> /DsPrimary /dp domaindnszones.rallencorp.com

Using VBScript

The DNS WMI Provider is Microsoft’s first comprehensive DNS API. You can create and modify zones, query and manage resource records, and manipulate DNS server configuration. In the VBScript solution, the CreateZone method of the MicrosoftDNS_Zone class was used to create the forward zone. The DNS WMI Provider is available only for Windows Server 2003 DNS; it cannot be used on Windows 2000 DNS servers.