D
Darrell Gorter[MSFT]
Guest
Feedback Wanted - Remotely Administering Windows Server 2008 DNS from Windows XP and Windows Server 2003
Problem Statement: An interoperability bug in the current release of
Windows Server 2008 prevents Windows XP and Windows Server 2003 computers
from remotely administering Windows Server 2008 MS DNS Servers via DNSCMD,
DNSMGMT.MSC or by using WMI. Specifically, attempts to remotely administer
Windows Server 2008 MS DNS Servers from a pre-Vista client will fail with
the error "access denied" when the 2008 MS DNS Server is referenced by its
single-label hostname or short name. The administration of Windows Server
2003 MS DNS Servers from Windows Vista and Windows Server 2008 computers is
not impacted.
Two workarounds exist for this condition
1. Administer Windows Server 2008 DNS Servers from
a. a Windows Server 2008 computer that has MS DNS installed
b. a Windows Server 2008 computer that has the Windows Server 2008
Remote Server Administration Tools (RSAT) installed
c. a Windows Vista computer that has Windows Server 2008 Remote
Server Admin tools installed. The RSAT client for Windows Vista is an out
of band release that may not be available when Windows Server 2008
launches.
2. Specify the fully qualified DNS name of the Windows Server 2008 MS
DNS Server in DNSCMD, DNSMGMT.MSC or WMI
Impact of this interoperability issue will be minimal if:
" You have a small # of domains in your Active Directory forest, so
that entering the target MS DNS Servers fully qualified computer name is
more practical)
" DNS Administrators will predominately administer Windows Server
2008 DNS Servers from Windows Vista computers.
" DNS Administrators will remotely administer Windows Server 2008
MS DNS Servers from the console of Windows Server 2008 computers.
Impact of this interoperability issue will be larger if Windows Server 2008
DNS Servers will be remotely administered from Windows XP or Windows Server
2003 computers AND:
" You have many domains your Active Directory Forest, making the
use of fully qualified computer names impractical.
" You have many MS DNS Servers in your Active Directory forest that
will run the Windows Server 2008 OS
" You have WMI scripts that refer to 2008 DNS Servers by their
single-label DNS host names
Please rate the impact this behavior will have on your organization on a
scale of "1" (no impact) to "5" (show stopper / deployment blocker).
Related comments are welcome.
Thanks,
Darrell Gorter[MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights
Problem Statement: An interoperability bug in the current release of
Windows Server 2008 prevents Windows XP and Windows Server 2003 computers
from remotely administering Windows Server 2008 MS DNS Servers via DNSCMD,
DNSMGMT.MSC or by using WMI. Specifically, attempts to remotely administer
Windows Server 2008 MS DNS Servers from a pre-Vista client will fail with
the error "access denied" when the 2008 MS DNS Server is referenced by its
single-label hostname or short name. The administration of Windows Server
2003 MS DNS Servers from Windows Vista and Windows Server 2008 computers is
not impacted.
Two workarounds exist for this condition
1. Administer Windows Server 2008 DNS Servers from
a. a Windows Server 2008 computer that has MS DNS installed
b. a Windows Server 2008 computer that has the Windows Server 2008
Remote Server Administration Tools (RSAT) installed
c. a Windows Vista computer that has Windows Server 2008 Remote
Server Admin tools installed. The RSAT client for Windows Vista is an out
of band release that may not be available when Windows Server 2008
launches.
2. Specify the fully qualified DNS name of the Windows Server 2008 MS
DNS Server in DNSCMD, DNSMGMT.MSC or WMI
Impact of this interoperability issue will be minimal if:
" You have a small # of domains in your Active Directory forest, so
that entering the target MS DNS Servers fully qualified computer name is
more practical)
" DNS Administrators will predominately administer Windows Server
2008 DNS Servers from Windows Vista computers.
" DNS Administrators will remotely administer Windows Server 2008
MS DNS Servers from the console of Windows Server 2008 computers.
Impact of this interoperability issue will be larger if Windows Server 2008
DNS Servers will be remotely administered from Windows XP or Windows Server
2003 computers AND:
" You have many domains your Active Directory Forest, making the
use of fully qualified computer names impractical.
" You have many MS DNS Servers in your Active Directory forest that
will run the Windows Server 2008 OS
" You have WMI scripts that refer to 2008 DNS Servers by their
single-label DNS host names
Please rate the impact this behavior will have on your organization on a
scale of "1" (no impact) to "5" (show stopper / deployment blocker).
Related comments are welcome.
Thanks,
Darrell Gorter[MSFT]
This posting is provided "AS IS" with no warranties, and confers no rights