Question

DNS is a service that is predominant in networking for resolution. It is now a requirement of the Microsoft OS, but before in the NT 4.0 world, it was an add-on and not required. With the overhead that DNS generates, why did Microsoft make this service a requirement? Can you run a system without it now?

Answer 1

Microsoft made this service a requirement because the Domain Name System (DNS) is the primary network service. It is critical for Active Directory Federation Services (AD FS) and Active Directory Domain Services (AD DS) to operate. Users would be able to use friendly computer names when DNS is deployed and used. These friendly computer names would be easy for the users for connecting to computers and other resources on Internet Protocol (IP) networks.

DNS is used by Windows Server 2008 to resolve names rather than using the Windows Internet Name Service (WINS) NetBIOS to resolve names, that were used in Windows NT 4.0–Operating System (OS) based networks.

* DNS infrastructure is required to support AD FS in an organization, so web browser client software in the organization's corporate network can access the Internet, as AD FS requires to carry out Internet access and name resolution functions.

* In case, your organization wants to add a federated server to its corporate network to authenticate users in the network, it requires internal servers in the network forest to be configured for returning the Canonical Name (CNAME) of the internal server running the federation service.

* In case, your organization wants to add a federated server proxy to its perimeter network to authenticate user accounts located in the organization's corporate network of the company's identity partner organization or company, the internal DNS servers in the corporate network forest has to be configured for returning the internal federation server proxy's CNAME.

* In case, your organization for its test lab environment is setting up DNS trying to use AD FS in the mentioned environment where there is no single root DNS server that is authoritative, then you may have to set up DNS forwarders for the queries to names between multiple forests are forwarded appropriately.

However, yes, you can still run a system without DNS now, by using just WINS for applications that would require it.