Feedback Wanted - Remotely Administering Windows Server 2008 DNS from Windows XP and Windows Server 2003

[Guest Darrell Gorter[MSFT]]

Feedback Wanted - Remotely Administering Windows Server 2008 DNS from Windows XP and Windows Server 2003

 

Problem Statement: An interoperability bug in the current release of

Windows Server 2008 prevents Windows XP and Windows Server 2003 computers

from remotely administering Windows Server 2008 MS DNS Servers via DNSCMD,

DNSMGMT.MSC or by using WMI. Specifically, attempts to remotely administer

Windows Server 2008 MS DNS Servers from a pre-Vista client will fail with

the error "access denied" when the 2008 MS DNS Server is referenced by its

single-label hostname or short name. The administration of Windows Server

2003 MS DNS Servers from Windows Vista and Windows Server 2008 computers is

not impacted.

 

Two workarounds exist for this condition

 

1. Administer Windows Server 2008 DNS Servers from

a. a Windows Server 2008 computer that has MS DNS installed

b. a Windows Server 2008 computer that has the Windows Server 2008

Remote Server Administration Tools (RSAT) installed

c. a Windows Vista computer that has Windows Server 2008 Remote

Server Admin tools installed. The RSAT client for Windows Vista is an out

of band release that may not be available when Windows Server 2008

launches.

 

2. Specify the fully qualified DNS name of the Windows Server 2008 MS

DNS Server in DNSCMD, DNSMGMT.MSC or WMI

 

Impact of this interoperability issue will be minimal if:

 

" You have a small # of domains in your Active Directory forest, so

that entering the target MS DNS Servers fully qualified computer name is

more practical)

" DNS Administrators will predominately administer Windows Server

2008 DNS Servers from Windows Vista computers.

" DNS Administrators will remotely administer Windows Server 2008

MS DNS Servers from the console of Windows Server 2008 computers.

 

Impact of this interoperability issue will be larger if Windows Server 2008

DNS Servers will be remotely administered from Windows XP or Windows Server

2003 computers AND:

 

" You have many domains your Active Directory Forest, making the

use of fully qualified computer names impractical.

" You have many MS DNS Servers in your Active Directory forest that

will run the Windows Server 2008 OS

" You have WMI scripts that refer to 2008 DNS Servers by their

single-label DNS host names

 

Please rate the impact this behavior will have on your organization on a

scale of "1" (no impact) to "5" (show stopper / deployment blocker).

Related comments are welcome.

 

 

Thanks,

Darrell Gorter[MSFT]

 

This posting is provided "AS IS" with no warranties, and confers no rights