MicrosoftDNS_Server class
The MicrosoftDNS_Server class describes a DNS Server. Every instance of this class may be associated with one instance of MicrosoftDNS_Cache, one instance of MicrosoftDNS_RootHints, and multiple instances of MicrosoftDNS_Zone.
The following syntax is simplified from MOF code.
Syntax
class MicrosoftDNS_Server : CIM_Service
{
string Name;
uint32 Version;
uint32 LogLevel;
string LogFilePath;
uint32 LogFileMaxSize;
string LogIPFilterList[];
uint32 EventLogLevel;
sint32 RpcProtocol;
uint32 NameCheckFlag;
uint32 AddressAnswerLimit;
uint32 RecursionRetry;
uint32 RecursionTimeout;
uint32 DsPollingInterval;
uint32 DsTombstoneInterval;
uint32 MaxCacheTTL;
uint32 MaxNegativeCacheTTL;
uint32 SendPort;
uint32 XfrConnectTimeout;
uint32 BootMethod;
uint32 AllowUpdate;
uint32 UpdateOptions;
boolean DsAvailable;
boolean DisableAutoReverseZones;
boolean AutoCacheUpdate;
boolean NoRecursion;
boolean RoundRobin;
boolean LocalNetPriority;
boolean StrictFileParsing;
boolean LooseWildcarding;
boolean BindSecondaries;
boolean WriteAuthorityNS;
uint32 ForwardDelegations;
boolean SecureResponses;
boolean DisjointNets;
uint32 AutoConfigFileZones;
uint32 ScavengingInterval;
uint32 DefaultRefreshInterval;
uint32 DefaultNoRefreshInterval;
boolean DefaultAgingState;
uint32 EDnsCacheTimeout;
boolean EnableEDnsProbes;
uint32 EnableDnsSec;
string ServerAddresses[];
string ListenAddresses[];
string Forwarders[];
uint32 ForwardingTimeout;
boolean IsSlave;
boolean EnableDirectoryPartitions;
};
Members
The MicrosoftDNS_Server class has these types of members:
Methods
The MicrosoftDNS_Server class has these methods.
Method | Description |
---|---|
GetDistinguishedName | Retrieves DNS distinguished name for the zone. |
StartScavenging | Starts scavenging stale records in the zones subjected to scavenging. |
StartService | Starts the DNS Server. |
StopService | Stops the DNS Server. |
Properties
The MicrosoftDNS_Server class has these properties.
-
AddressAnswerLimit
-
-
Data type: uint32
-
Access type: Read/write
Maximum number of host records returned in response to an address request. Values between 5 and 28 are valid.
-
-
AllowUpdate
-
-
Data type: uint32
-
Access type: Read/write
Specifies whether the DNS Server accepts dynamic update requests. Valid values are as shown in the following table.
Value Meaning - 0
No Restrictions. - 1
Does not allow dynamic updates of SOA records. - 2
Does not allow dynamic updates of NS records at the zone root. - 4
Does not allow dynamic updates of NS records not at the zone root (delegation NS records). Sum these values to determine the setting value.
-
-
AutoCacheUpdate
-
-
Data type: boolean
-
Access type: Read/write
Indicates whether the DNS Server attempts to update its cache entries using data from root servers. When a DNS Server boots, it needs a list of root server 'hints' NS and A records for the servers historically called the cache file. Microsoft DNS Servers have a feature that enables them to attempt to write back a new cache file based on the responses from root servers.
-
-
AutoConfigFileZones
-
-
Data type: uint32
-
Access type: Read/write
Indicates which standard primary zones that are authoritative for the name of the DNS Server must be updated when the name server changes. Valid values are as follows:
Value Meaning - 0
None. - 1
Only servers that allow dynamic updates. - 2
Only servers that do not allow dynamic updates. - 4
All servers. The default value is 1.
**Windows Server 2003: **
The number 3 represents All servers.
-
-
BindSecondaries
-
-
Data type: boolean
-
Access type: Read/write
Determines the AXFR message format when sending to non-Microsoft DNS Server secondaries. When set to TRUE, the DNS Server sends transfers to non-Microsoft DNS Server secondaries in the uncompressed format. When FALSE, all transfers are sent in the fast format.
-
-
BootMethod
-
-
Data type: uint32
-
Access type: Read/write
Initialization method for the DNS Server. Valid values are shown in the following table.
Value Meaning - 0
Uninitialized. - 1
Boot from file. - 2
Boot from registry. - 3
Boot from directory and registry. -
-
DefaultAgingState
-
-
Data type: boolean
-
Access type: Read/write
Default ScavengingInterval value set for all Active Directory-integrated zones created on this DNS Server. The default value is zero, indicating scavenging is disabled.
-
-
DefaultNoRefreshInterval
-
-
Data type: uint32
-
Access type: Read/write
No-refresh interval, in hours, set for all Active Directory-integrated zones created on this DNS Server. The default value is 168 hours (seven days).
-
-
DefaultRefreshInterval
-
-
Data type: uint32
-
Access type: Read/write
Refresh interval, in hours, set for all Active Directory-integrated zones created on this DNS Server. The default value is 168 hours (seven days).
-
-
DisableAutoReverseZones
-
-
Data type: boolean
-
Access type: Read/write
Indicates whether the DNS Server automatically creates standard reverse look up zones.
-
-
DisjointNets
-
-
Data type: boolean
-
Access type: Read/write
Indicates whether the default port binding for a socket used to send queries to remote DNS Servers can be overridden.
-
-
DsAvailable
-
-
Data type: boolean
-
Access type: Read/write
Indicates whether there is an available DS on the DNS Server.
-
-
DsPollingInterval
-
-
Data type: uint32
-
Access type: Read/write
Interval, in seconds, to poll the DS-integrated zones.
-
-
DsTombstoneInterval
-
-
Data type: uint32
-
Access type: Read/write
Lifetime of tombstoned records in Directory Service integrated zones, expressed in seconds.
-
-
EDnsCacheTimeout
-
-
Data type: uint32
-
Access type: Read/write
Lifetime, in seconds, of the cached information describing the EDNS version supported by other DNS Servers.
-
-
EnableDirectoryPartitions
-
-
Data type: boolean
-
Access type: Read/write
Specifies whether support for application directory partitions is enabled on the DNS Server.
**Windows Server 2003: **
This method is named EnableDirectoryPartitionSupport.
-
-
EnableDnsSec
-
-
Data type: uint32
-
Access type: Read/write
Specifies whether the DNS Server includes DNSSEC-specific RRs, KEY, SIG, and NXT in a response, per the following table:
Value Meaning - 0
No DNSSEC records are included in the response unless the query requested a resource record set of the DNSSEC record type. - 1
DNSSEC records are included in the response according to RFC 2535. - 2
DNSSEC records are included in a response only if the original client query contained the OPT resource record according to RFC 2671 If a query requests a resource record set of the DNSSEC type, the DNS Server always responds with such records, if available.
-
-
EnableEDnsProbes
-
-
Data type: boolean
-
Access type: Read/write
Specifies the behavior of the DNS Server. When TRUE, the DNS Server always responds with OPT resource records according to RFC 2671, unless the remote server has indicated it does not support EDNS in a prior exchange. If FALSE, the DNS Server responds to queries with OPTs only if OPTs are sent in the original query.
-
-
EventLogLevel
-
-
Data type: uint32
-
Access type: Read/write
Indicates which events the DNS Server records in the Event Viewer system log. The following values are used.
Value Meaning - 0
None. - 1
Log only errors. - 2
Log only warnings and errors. - 4
Log all events. -
-
ForwardDelegations
-
-
Data type: uint32
-
Access type: Read/write
Specifies whether queries to delegated sub-zones are forwarded.
-
-
Forwarders
-
-
Data type: string array
-
Access type: Read/write
Enumerates the list of IP addresses of Forwarders to which the DNS Server forwards queries.
-
-
ForwardingTimeout
-
-
Data type: uint32
-
Access type: Read/write
Time, in seconds, a DNS Server forwarding a query will wait for resolution from the forwarder before attempting to resolve the query itself.
This value is meaningless if the forwarding server is not set to use recursion. To determine this, check the IsSlave Boolean property.
-
-
IsSlave
-
-
Data type: boolean
-
Access type: Read/write
TRUE if the DNS server does not use recursion when name-resolution through forwarders fails.
-
-
ListenAddresses
-
-
Data type: string array
-
Access type: Read/write
Enumerates the list of IP addresses on which the DNS Server can receive queries.
-
-
LocalNetPriority
-
-
Data type: boolean
-
Access type: Read/write
Indicates whether the DNS Server gives priority to the local net address when returning A records.
-
-
LogFileMaxSize
-
-
Data type: uint32
-
Access type: Read/write
Size of the DNS Server debug log, in bytes.
-
-
LogFilePath
-
-
Data type: string
-
Access type: Read/write
File name and path for the DNS Server debug log. Default is %system32%\dns\dns.log. Relative paths are relative to %Systemroot%\System32. Absolute paths may be used, but UNC paths are not supported.
-
-
LogIPFilterList
-
-
Data type: string array
-
Access type: Read/write
List of IP addresses used to filter DNS events written to the debug log.
-
-
LogLevel
-
-
Data type: uint32
-
Access type: Read/write
Indicates which policies are activated in the Event Viewer system log.
Should be set to specific values based on the following algorithm: Every policy (to be activated in the Event Viewer system log) is assigned a specific value.
Value Meaning - 1
Query. - 16
Notify. - 32
Update. - 254
Nonquery transactions. - 256
Questions. - 512
Answers. - 4096
Send. - 8192
Receive. - 16384
UDP. - 32768
TCP. - 65535
All packets. - 65536
NT Directory Service write transaction. - 131072
NT Directory Service update transaction. - 16777216
Full packets. - 2147483648
Write through. The sum of the values corresponding to all the policies to be activated is indicated in this property.
-
-
LooseWildcarding
-
-
Data type: boolean
-
Access type: Read/write
Indicates whether the DNS Server performs loose wildcarding. If undefined or zero, the server follows the wildcarding behavior specified in the DNS RFC. In this case, an administrator is advised to include MX records for all hosts incapable of receiving mail. If nonzero, the server seeks the closest wildcard node; in this case, an administrator should put MX records at the zone root and in a wildcard node ('*') directly below the zone root. Also, administrators should put self-referencing MX records on hosts that receive their own mail.
-
-
MaxCacheTTL
-
-
Data type: uint32
-
Access type: Read/write
Maximum time, in seconds, the record of a recursive name query may remain in the DNS Server cache. The DNS Server deletes records from the cache when the value of this entry expires, even if the value of the TTL field in the record is greater.
The default value of this property is 86,400 seconds (1 day).
-
-
MaxNegativeCacheTTL
-
-
Data type: uint32
-
Access type: Read/write
Maximum time, in seconds, a name error result from a recursive query may remain in the DNS Server cache. DNS deletes records from the cache when this timer expires, even if the TTL field is greater. Default value is 86,400 (one day).
-
-
Name
-
-
Data type: string
-
Access type: Read-only
Fully qualified domain name (FQDN) or IP address of the DNS Server.
-
-
NameCheckFlag
-
-
Data type: uint32
-
Access type: Read/write
Indicates the set of eligible characters to be used in DNS names. The following values are used.
Value Meaning - 0
Strict RFC (ANSI) - 1
Non RFC (ANSI) - 3
Multibyte (UTF8) **Windows Server 2003: **
A value of "2" indicates "Any."
-
-
NoRecursion
-
-
Data type: boolean
-
Access type: Read/write
Indicates whether the DNS Server performs recursive look ups. TRUE indicates recursive look ups are not performed.
-
-
RecursionRetry
-
-
Data type: uint32
-
Access type: Read/write
Elapsed seconds before retrying a recursive look up. If the property is undefined or zero, retries are made after three seconds. Users are discouraged from altering this property. There are certain situations when the property should be changed; one example is when the DNS Server contacts remote servers over a slow link, and the DNS Server is retrying before receiving response from the remote DNS. In this case, raising the time out to be slightly longer than the observed response time from the remote DNS would be reasonable.
-
-
RecursionTimeout
-
-
Data type: uint32
-
Access type: Read/write
Elapsed seconds before the DNS Server gives up recursive query. If the property is undefined or zero, the DNS Server gives up after 15 seconds. In general, the 15-second time out is sufficient to allow any outstanding response to get back to the DNS Server.
Users are discouraged from altering this property. One scenario where the property should be changed is when the DNS Server contacts remote servers over a slow link, and the DNS Server is observed rejecting queries (with SERVER_FAILURE) before responses are received.
Client resolvers also retry queries, so careful investigation is required to determine whether remote responses are actually associated with the query that timed out. In this case, raising the time out value to be slightly longer than the observed response time from the remote DNS would be reasonable.
-
-
RoundRobin
-
-
Data type: boolean
-
Access type: Read/write
Indicates whether the DNS Server round robins multiple A records.
-
-
RpcProtocol
-
-
Data type: sint32
-
Access type: Read/write
RPC protocol or protocols over which administrative RPC runs. The following algorithm is used to assign a specific value:
Value Meaning - 0
None - 1
TCP - 2
Named Pipes - 4
LPC The sum of the values indicates the protocols used.
-
-
ScavengingInterval
-
-
Data type: uint32
-
Access type: Read/write
Interval, in hours, between two consecutive scavenging operations performed by the DNS Server. Zero indicates scavenging is disabled. The default value is 168 hours (seven days).
-
-
SecureResponses
-
-
Data type: boolean
-
Access type: Read/write
Indicates whether the DNS Server exclusively saves records of names in the same subtree as the server that provided them.
-
-
SendPort
-
-
Data type: uint32
-
Access type: Read/write
Port on which the DNS Server sends UDP queries to other servers. By default, the DNS Server sends queries on a socket bound to the DNS port.
Under certain situations, this is not the best configuration. One obvious case is when an administrator blocks the DNS port with a firewall to prevent outside access to the DNS Server, but still wants the server to be able to contact Internet DNS Servers to provide name resolution for internal clients. Another case is when the DNS Server is supporting disjoint nets (the property DisjointNets set to TRUE identifies this scenario). In these cases, setting the SendOnNonDnsPort property to a nonzero value directs the DNS Server to bind to an arbitrary port for sending to remote DNS Servers.
If the SendOnNonDnsPort value is greater than 1024, the DNS Server binds explicitly to the port value given. This configuration option is useful when an administrator needs to fix the DNS query port for firewall purposes.
**Windows Server 2003: **
Setting the SendPort property to a non-zero value causes the DNS server to bind to an arbitrary port for sending to remote DNS servers.
-
-
ServerAddresses
-
-
Data type: string array
-
Access type: Read-only
Enumerates the list of IP addresses for the DNS Server.
-
-
StrictFileParsing
-
-
Data type: boolean
-
Access type: Read/write
Indicates whether the DNS Server parses zone files strictly. If undefined or zero, the server will log and ignore bad data in the zone file and continue to load. If nonzero, the server will log and fail on zone file errors.
-
-
UpdateOptions
-
-
Data type: uint32
-
Access type: Read-only
Restricts the type of records that can be dynamically updated on the server, used in addition to the AllowUpdate settings on Server and Zone objects.
**Windows Server 2003: **
0: No restrictions.
1: Do not allow dynamic updates of SOA records.
2: Do not allow dynamic updates of NS records at the zone root.
4: Do not allow dynamic updates of NS records not at the zone root (delegation NS records).
Sum these values to determine the setting value.
-
-
Version
-
-
Data type: uint32
-
Access type: Read-only
Version of the DNS Server.
-
-
WriteAuthorityNS
-
-
Data type: boolean
-
Access type: Read/write
Specifies whether the DNS Server writes NS and SOA records to the authority section on successful response.
-
-
XfrConnectTimeout
-
-
Data type: uint32
-
Access type: Read/write
Time, in seconds, the DNS Server waits for a successful TCP connection to a remote server when attempting a zone transfer.
-
Requirements
Requirement | Value |
---|---|
Minimum supported client |
None supported |
Minimum supported server |
Windows 2000 Server [desktop apps only] |
Namespace |
Root\MicrosoftDNS |
MOF |
|
See also
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for