Edit

MicrosoftDNS_Server class

  • Article

The MicrosoftDNS_Server class describes a DNS Server. Every instance of this class may be associated with one instance of MicrosoftDNS_Cache, one instance of MicrosoftDNS_RootHints, and multiple instances of MicrosoftDNS_Zone.

The following syntax is simplified from MOF code.

Syntax

class MicrosoftDNS_Server : CIM_Service
{
  string  Name;
  uint32  Version;
  uint32  LogLevel;
  string  LogFilePath;
  uint32  LogFileMaxSize;
  string  LogIPFilterList[];
  uint32  EventLogLevel;
  sint32  RpcProtocol;
  uint32  NameCheckFlag;
  uint32  AddressAnswerLimit;
  uint32  RecursionRetry;
  uint32  RecursionTimeout;
  uint32  DsPollingInterval;
  uint32  DsTombstoneInterval;
  uint32  MaxCacheTTL;
  uint32  MaxNegativeCacheTTL;
  uint32  SendPort;
  uint32  XfrConnectTimeout;
  uint32  BootMethod;
  uint32  AllowUpdate;
  uint32  UpdateOptions;
  boolean DsAvailable;
  boolean DisableAutoReverseZones;
  boolean AutoCacheUpdate;
  boolean NoRecursion;
  boolean RoundRobin;
  boolean LocalNetPriority;
  boolean StrictFileParsing;
  boolean LooseWildcarding;
  boolean BindSecondaries;
  boolean WriteAuthorityNS;
  uint32  ForwardDelegations;
  boolean SecureResponses;
  boolean DisjointNets;
  uint32  AutoConfigFileZones;
  uint32  ScavengingInterval;
  uint32  DefaultRefreshInterval;
  uint32  DefaultNoRefreshInterval;
  boolean DefaultAgingState;
  uint32  EDnsCacheTimeout;
  boolean EnableEDnsProbes;
  uint32  EnableDnsSec;
  string  ServerAddresses[];
  string  ListenAddresses[];
  string  Forwarders[];
  uint32  ForwardingTimeout;
  boolean IsSlave;
  boolean EnableDirectoryPartitions;
};

Members

The MicrosoftDNS_Server class has these types of members:

Methods

The MicrosoftDNS_Server class has these methods.

Method Description
GetDistinguishedName Retrieves DNS distinguished name for the zone.
StartScavenging Starts scavenging stale records in the zones subjected to scavenging.
StartService Starts the DNS Server.
StopService Stops the DNS Server.

Properties

The MicrosoftDNS_Server class has these properties.

AddressAnswerLimit

Data type: uint32

Access type: Read/write

Maximum number of host records returned in response to an address request. Values between 5 and 28 are valid.

AllowUpdate

Data type: uint32

Access type: Read/write

Specifies whether the DNS Server accepts dynamic update requests. Valid values are as shown in the following table.

Value Meaning
0
 No Restrictions.
1
 Does not allow dynamic updates of SOA records.
2
 Does not allow dynamic updates of NS records at the zone root.
4
 Does not allow dynamic updates of NS records not at the zone root (delegation NS records).

Sum these values to determine the setting value.

AutoCacheUpdate

Data type: boolean

Access type: Read/write

Indicates whether the DNS Server attempts to update its cache entries using data from root servers. When a DNS Server boots, it needs a list of root server 'hints' NS and A records for the servers historically called the cache file. Microsoft DNS Servers have a feature that enables them to attempt to write back a new cache file based on the responses from root servers.

AutoConfigFileZones

Data type: uint32

Access type: Read/write

Indicates which standard primary zones that are authoritative for the name of the DNS Server must be updated when the name server changes. Valid values are as follows:

Value Meaning
0
 None.
1
 Only servers that allow dynamic updates.
2
 Only servers that do not allow dynamic updates.
4
 All servers.

The default value is 1.

**Windows Server 2003: **

The number 3 represents All servers.

BindSecondaries

Data type: boolean

Access type: Read/write

Determines the AXFR message format when sending to non-Microsoft DNS Server secondaries. When set to TRUE, the DNS Server sends transfers to non-Microsoft DNS Server secondaries in the uncompressed format. When FALSE, all transfers are sent in the fast format.

BootMethod

Data type: uint32

Access type: Read/write

Initialization method for the DNS Server. Valid values are shown in the following table.

Value Meaning
0
 Uninitialized.
1
 Boot from file.
2
 Boot from registry.
3
 Boot from directory and registry.

DefaultAgingState

Data type: boolean

Access type: Read/write

Default ScavengingInterval value set for all Active Directory-integrated zones created on this DNS Server. The default value is zero, indicating scavenging is disabled.

DefaultNoRefreshInterval

Data type: uint32

Access type: Read/write

No-refresh interval, in hours, set for all Active Directory-integrated zones created on this DNS Server. The default value is 168 hours (seven days).

DefaultRefreshInterval

Data type: uint32

Access type: Read/write

Refresh interval, in hours, set for all Active Directory-integrated zones created on this DNS Server. The default value is 168 hours (seven days).

DisableAutoReverseZones

Data type: boolean

Access type: Read/write

Indicates whether the DNS Server automatically creates standard reverse look up zones.

DisjointNets

Data type: boolean

Access type: Read/write

Indicates whether the default port binding for a socket used to send queries to remote DNS Servers can be overridden.

DsAvailable

Data type: boolean

Access type: Read/write

Indicates whether there is an available DS on the DNS Server.

DsPollingInterval

Data type: uint32

Access type: Read/write

Interval, in seconds, to poll the DS-integrated zones.

DsTombstoneInterval

Data type: uint32

Access type: Read/write

Lifetime of tombstoned records in Directory Service integrated zones, expressed in seconds.

EDnsCacheTimeout

Data type: uint32

Access type: Read/write

Lifetime, in seconds, of the cached information describing the EDNS version supported by other DNS Servers.

EnableDirectoryPartitions

Data type: boolean

Access type: Read/write

Specifies whether support for application directory partitions is enabled on the DNS Server.

**Windows Server 2003: **

This method is named EnableDirectoryPartitionSupport.

EnableDnsSec

Data type: uint32

Access type: Read/write

Specifies whether the DNS Server includes DNSSEC-specific RRs, KEY, SIG, and NXT in a response, per the following table:

Value Meaning
0
 No DNSSEC records are included in the response unless the query requested a resource record set of the DNSSEC record type.
1
 DNSSEC records are included in the response according to RFC 2535.
2
 DNSSEC records are included in a response only if the original client query contained the OPT resource record according to RFC 2671

If a query requests a resource record set of the DNSSEC type, the DNS Server always responds with such records, if available.

EnableEDnsProbes

Data type: boolean

Access type: Read/write

Specifies the behavior of the DNS Server. When TRUE, the DNS Server always responds with OPT resource records according to RFC 2671, unless the remote server has indicated it does not support EDNS in a prior exchange. If FALSE, the DNS Server responds to queries with OPTs only if OPTs are sent in the original query.

EventLogLevel

Data type: uint32

Access type: Read/write

Indicates which events the DNS Server records in the Event Viewer system log. The following values are used.

Value Meaning
0
 None.
1
 Log only errors.
2
 Log only warnings and errors.
4
 Log all events.

ForwardDelegations

Data type: uint32

Access type: Read/write

Specifies whether queries to delegated sub-zones are forwarded.

Forwarders

Data type: string array

Access type: Read/write

Enumerates the list of IP addresses of Forwarders to which the DNS Server forwards queries.

ForwardingTimeout

Data type: uint32

Access type: Read/write

Time, in seconds, a DNS Server forwarding a query will wait for resolution from the forwarder before attempting to resolve the query itself.

This value is meaningless if the forwarding server is not set to use recursion. To determine this, check the IsSlave Boolean property.

IsSlave

Data type: boolean

Access type: Read/write

TRUE if the DNS server does not use recursion when name-resolution through forwarders fails.

ListenAddresses

Data type: string array

Access type: Read/write

Enumerates the list of IP addresses on which the DNS Server can receive queries.

LocalNetPriority

Data type: boolean

Access type: Read/write

Indicates whether the DNS Server gives priority to the local net address when returning A records.

LogFileMaxSize

Data type: uint32

Access type: Read/write

Size of the DNS Server debug log, in bytes.

LogFilePath

Data type: string

Access type: Read/write

File name and path for the DNS Server debug log. Default is %system32%\dns\dns.log. Relative paths are relative to %Systemroot%\System32. Absolute paths may be used, but UNC paths are not supported.

LogIPFilterList

Data type: string array

Access type: Read/write

List of IP addresses used to filter DNS events written to the debug log.

LogLevel

Data type: uint32

Access type: Read/write

Indicates which policies are activated in the Event Viewer system log.

Should be set to specific values based on the following algorithm: Every policy (to be activated in the Event Viewer system log) is assigned a specific value.

Value Meaning
1
 Query.
16
 Notify.
32
 Update.
254
 Nonquery transactions.
256
 Questions.
512
 Answers.
4096
 Send.
8192
 Receive.
16384
 UDP.
32768
 TCP.
65535
 All packets.
65536
 NT Directory Service write transaction.
131072
 NT Directory Service update transaction.
16777216
 Full packets.
2147483648
 Write through.

The sum of the values corresponding to all the policies to be activated is indicated in this property.

LooseWildcarding

Data type: boolean

Access type: Read/write

Indicates whether the DNS Server performs loose wildcarding. If undefined or zero, the server follows the wildcarding behavior specified in the DNS RFC. In this case, an administrator is advised to include MX records for all hosts incapable of receiving mail. If nonzero, the server seeks the closest wildcard node; in this case, an administrator should put MX records at the zone root and in a wildcard node ('*') directly below the zone root. Also, administrators should put self-referencing MX records on hosts that receive their own mail.

MaxCacheTTL

Data type: uint32

Access type: Read/write

Maximum time, in seconds, the record of a recursive name query may remain in the DNS Server cache. The DNS Server deletes records from the cache when the value of this entry expires, even if the value of the TTL field in the record is greater.

The default value of this property is 86,400 seconds (1 day).

MaxNegativeCacheTTL

Data type: uint32

Access type: Read/write

Maximum time, in seconds, a name error result from a recursive query may remain in the DNS Server cache. DNS deletes records from the cache when this timer expires, even if the TTL field is greater. Default value is 86,400 (one day).

Name

Data type: string

Access type: Read-only

Fully qualified domain name (FQDN) or IP address of the DNS Server.

NameCheckFlag

Data type: uint32

Access type: Read/write

Indicates the set of eligible characters to be used in DNS names. The following values are used.

Value Meaning
0
 Strict RFC (ANSI)
1
 Non RFC (ANSI)
3
 Multibyte (UTF8)

**Windows Server 2003: **

A value of "2" indicates "Any."

NoRecursion

Data type: boolean

Access type: Read/write

Indicates whether the DNS Server performs recursive look ups. TRUE indicates recursive look ups are not performed.

RecursionRetry

Data type: uint32

Access type: Read/write

Elapsed seconds before retrying a recursive look up. If the property is undefined or zero, retries are made after three seconds. Users are discouraged from altering this property. There are certain situations when the property should be changed; one example is when the DNS Server contacts remote servers over a slow link, and the DNS Server is retrying before receiving response from the remote DNS. In this case, raising the time out to be slightly longer than the observed response time from the remote DNS would be reasonable.

RecursionTimeout

Data type: uint32

Access type: Read/write

Elapsed seconds before the DNS Server gives up recursive query. If the property is undefined or zero, the DNS Server gives up after 15 seconds. In general, the 15-second time out is sufficient to allow any outstanding response to get back to the DNS Server.

Users are discouraged from altering this property. One scenario where the property should be changed is when the DNS Server contacts remote servers over a slow link, and the DNS Server is observed rejecting queries (with SERVER_FAILURE) before responses are received.

Client resolvers also retry queries, so careful investigation is required to determine whether remote responses are actually associated with the query that timed out. In this case, raising the time out value to be slightly longer than the observed response time from the remote DNS would be reasonable.

RoundRobin

Data type: boolean

Access type: Read/write

Indicates whether the DNS Server round robins multiple A records.

RpcProtocol

Data type: sint32

Access type: Read/write

RPC protocol or protocols over which administrative RPC runs. The following algorithm is used to assign a specific value:

Value Meaning
0
 None
1
 TCP
2
 Named Pipes
4
 LPC

The sum of the values indicates the protocols used.

ScavengingInterval

Data type: uint32

Access type: Read/write

Interval, in hours, between two consecutive scavenging operations performed by the DNS Server. Zero indicates scavenging is disabled. The default value is 168 hours (seven days).

SecureResponses

Data type: boolean

Access type: Read/write

Indicates whether the DNS Server exclusively saves records of names in the same subtree as the server that provided them.

SendPort

Data type: uint32

Access type: Read/write

Port on which the DNS Server sends UDP queries to other servers. By default, the DNS Server sends queries on a socket bound to the DNS port.

Under certain situations, this is not the best configuration. One obvious case is when an administrator blocks the DNS port with a firewall to prevent outside access to the DNS Server, but still wants the server to be able to contact Internet DNS Servers to provide name resolution for internal clients. Another case is when the DNS Server is supporting disjoint nets (the property DisjointNets set to TRUE identifies this scenario). In these cases, setting the SendOnNonDnsPort property to a nonzero value directs the DNS Server to bind to an arbitrary port for sending to remote DNS Servers.

If the SendOnNonDnsPort value is greater than 1024, the DNS Server binds explicitly to the port value given. This configuration option is useful when an administrator needs to fix the DNS query port for firewall purposes.

**Windows Server 2003: **

Setting the SendPort property to a non-zero value causes the DNS server to bind to an arbitrary port for sending to remote DNS servers.

ServerAddresses

Data type: string array

Access type: Read-only

Enumerates the list of IP addresses for the DNS Server.

StrictFileParsing

Data type: boolean

Access type: Read/write

Indicates whether the DNS Server parses zone files strictly. If undefined or zero, the server will log and ignore bad data in the zone file and continue to load. If nonzero, the server will log and fail on zone file errors.

UpdateOptions

Data type: uint32

Access type: Read-only

Restricts the type of records that can be dynamically updated on the server, used in addition to the AllowUpdate settings on Server and Zone objects.

**Windows Server 2003: **

0: No restrictions.

1: Do not allow dynamic updates of SOA records.

2: Do not allow dynamic updates of NS records at the zone root.

4: Do not allow dynamic updates of NS records not at the zone root (delegation NS records).

Sum these values to determine the setting value.

Version

Data type: uint32

Access type: Read-only

Version of the DNS Server.

WriteAuthorityNS

Data type: boolean

Access type: Read/write

Specifies whether the DNS Server writes NS and SOA records to the authority section on successful response.

XfrConnectTimeout

Data type: uint32

Access type: Read/write

Time, in seconds, the DNS Server waits for a successful TCP connection to a remote server when attempting a zone transfer.

Requirements

Requirement Value
Minimum supported client
 None supported
Minimum supported server
 Windows 2000 Server [desktop apps only]
Namespace
 Root\MicrosoftDNS
MOF
Dnsprov.mof

See also

StartService Method of the MicrosoftDNS_Server Class

StopService Method of the MicrosoftDNS_Server Class

StartScavenging Method of the MicrosoftDNS_Server Class

GetDistinguishedName Method of the MicrosoftDNS_Server Class