Joined: 01 Sep 2004
|Posted: Sun Jul 31, 2005 8:42 pm Post subject: Book Review - DNS on Windows Server 2003 (3rd Edition)
DNS on Windows Server 2003 (3rd Edition)
Author(s): Matt Larson, Cricket Liu and Robbie Allen
Publisher: O'Reilly http://www.orielly.com
Date Published: 2003
Book Specifications: Softcover, 400 pages
Category: Protocol Implementation
Publisher's Suggested User Level: Not Rated
Reviewer's Recommended User Level: Beginner Upwards
Suggested Publisher Price: $39.95 US / $57.95 CDN
Amazon.com: DNS on Windows Server 2003 US
Amazon.co.uk: DNS on Windows Server 2003 UK
Blurb from back cover:
DNS on Windows Server 2003 is written for both administrators and users. It discusses one of the Internet's functional building blocks: The distributed database that's responsible for translating names into addresses, routing mail to it's proper destination, and many other services.
Although this book covers the breadth and depth of DNS, drawing on foundational material from O'Reilly's classic DNS and BIND, it focuses on what administrators need to know to run DNS using Microsoft DNS Server. This book covers integration between DNS and Active Directory, including Active Directory's reliance on DNS, the proper use of application partitions and how to manage client configurations.
Saying that Active Directory has a reliance on DNS could be considered an understatement. Active Directory is an extremely versatile technology and it's reliance on DNS is all too obvious if you have ever worked with it. If a network administrator ever has a problem with her Active Directory system such as problems with replication or authentication issues, one of the first areas she will look at will be DNS. You can't join a computer to domain without DNS, you can't use group policy without DNS and believe me the Internet is no fun without DNS either ! This book explains the whole concept of DNS to you, discusses at length how it works within the Windows 2003 system and shows you where it may go wrong, whilst giving you knowledge on the tools required to fix the problems and to build networks resilient to such problems.
Chapter Synopsis & Review Comments
Chapter 1: Background
In this chapter we get our customary history of the Internet with all the ARPA and DARPA goodness we'd expect at the beginning of a such a book, nothing of any ground breaking news here but the essential beginnings to any book which focuses on a protocol involved in network communication.
Chapter 2: How Does DNS Work?
The basic voodoo spells required to make DNS work. This chapter is the prerequisite protocol introduction so that in addition to why DNS exists from previous chapters you know the basic underlying technology before you are told what Microsoft do with DNS.
Chapter 3: Where do I start?
Explanation of where your DNS implementation fits into the global network. How to differentiate between the the registrar and the owner of the domain name and how to pick and acquire your own name. Again we are still in the realms of basic DNS which is an important precursor.
Chapter 4: Setting up the Microsoft DNS Server
Here we begin getting to know how Microsoft handle DNS, we are briefly introduced to Active Directory and we find out how to set up DNS on Windows Server 2003. We also have the important primary/secondary zone distinction explained to us, quite concisely too.
Chapter 5: DNS and Electronic Mailing
How does email get from recipient to sender, how does your message know where your recipients email client is? It uses MX (Mail Exchange) records an important function of DNS which is explained here to us in an easy to follow manner.
Chapter 6: Configuring Hosts
We see here how the client machines get involved with DNS, how caching works at the client end and how to configure DNS here. We also see the DNS suffix which again has strong Active Directory tie-ins.
Chapter 7: Maintaining the Microsoft DNS Server
A common mistake is to believe that DNS takes care of itself as long as you set it up correctly, whilst this is true – more or less. We do often have to upkeep the DNS server and this chapter walks us through it. I really can't see anything missing from this chapter and at this point I'm really impressed with how the book flows well from chapter to chapter.
Chapter 8: Integrating with Active Directory
As I pointed out previously AD has a real love for it's DNS base and this is where we see the technical details behind this. We are walked through the AD domain and DNS domain relationship and we are given advice on the great root domain debate. We are also introduced to one of AD's bets friends the SRV record. The record type that's quite critical to AD functionality.
Chapter 9: Growing Your Domain
We are shown how to implement multiple DNS servers, DNS servers just like Domain Controllers require us to have some redundancy in the set-up to ensure network availability. This chapter offers advice on numbers and placement as well as the capacity of the DNS servers. We also have excellent discussion of DNS and the disaster recovery procedures. In case we didn't heed the previous warnings and end up with broken services.
Chapter 10: Parenting
Treat your DNS servers like children and look after them carefully! Or rather learn about the hierarchy of DNS servers and how to stay in control of your set-up and ensure your network can be navigated and looked after easily. Delegation of control featuring heavily here. This is a topic often forgotten in DNS and it's good to see an entire chapter focused on the powerful features Server 2003 has here.
Chapter 11: Advanced Features and Security
Since security is my addiction I hate seeing it all the way up at chapter 11 it should be covered all the way throughout the text. It should be inherent not an add-on! However luckily this book considers security all the way through and this chapter merely brings all the points together and reinforces the concepts that have serious consequences. I salute the authors for this sort of security consideration.
Chapter 12: nslookup and dig
nslookup arguably being the Windows administrators choice in DNS tools and dig being the replacement that the UNIX world has embraced. The authors also advocate dig for it's power and flexibility and give you an overview of each tool and a good description of the differences between them.
Chapter 13: Managing DNS from the Command Line
Command line? Didn't anyone tell them this is “Windows” ? When working with AD and also with DNS the most powerful tools are on the command line (netdiag anyone?). Here we are taken through everything of relevance to DNS from the good old “net” command to using “dnscmd” and “dnsdiag !”. My favourite tool also featurs here Tim Rains “dnslint” an invaluable tool for DNS troubleshooting when you have AD problems. dnslint is covered in detail in a later chapter.
Chapter 14: Managing DNS Programmatically
Something for the hacker within. How to use DNS from WMI, VBScript and even Perl! This chapter is pretty short and at times seems like just a dump of the MS documentation yet it's enough to get you going if you want to manage your DNS from a script. There are a few code exmaples too which is always handy to have.
Chapter 15: Troubeshooting DNS
This is an excellent troubleshooting guide to Micorosft DNS and easily the best documentation on using my little friend dnslint. If you troubleshoot DNS without dnslint, you're likely wasting valuable time – this tool could save you a lot of work and this book can show you how to use it properly - better than any online documentation I have found.
Chapter 16: Miscellaneous
Way to go with the crazy chapter name! This chapter shouldn't be here. The information fits easily into other chapters. We have some important information here though, such as cname information, which should have been back just after we looked at A records. We have a look at DNS and firewalls which could have been in the advanced chapter, or even troubleshooting. This chapter seems like the authors forgot some stuff and just threw it in at the end. Do read it though as you will most likely need the information contained here at some point.
Style and Detail
The style of this book was excellent one of the best flowing books I have ever read. Aside from the random 16th chapter I couldn't have any issues with the flow. You also have no real need for prior knowledge other than basic networking knowledge. If the first chapter doesn't introduce any new concepts to you then you are well on your way to understanding the book. The detail the book goes into is excellent, I've passed two of Microsoft's MCP exams with DNS as a focal point and I didn't need to know half the stuff in this book. On these points I doubt it could have been much better
If you work with Microsoft DNS, buy this book. Read it and then stick on your desk as a reference, you'll be glad you did. If you haven't been introduced to the advanced issues you face with DNS yet then use this to get prepared for them. Also for all 4 of the core exams in the MCSE (70-290, 70-291, 70-293 and 70-294) this book will help you. For the latter 3 exams it's indispensable. I didn't have this book when I did those exams and I believe if I did it would have gained me a few more points and made life a whole lot easier. While I really liked this book I do have some criticism in that there could have been a little more on the programming side of things since many Windows administrators are scripting around their networks. On the whole though this is an excellent book and has earned the right to sit on a bookshelf with any of the good O'Reilly titles.
This book receives an honoured SFDC Rating of 8/10.
Keywords: DNS dnslint Windows Server 2003 Active Directory
This review is copyright 2005 by Barrie Dempster and Security-Forums Dot Com, and may not be reproduced in any form in any media without the express permission of Barrie Dempster, or Security-Forums Dot Com.