Active Directory 整合 DNS 區域Active Directory-Integrated DNS Zones

適用於:Windows Server 2016、Windows Server 2012 R2、Windows Server 2012Applies To: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012

執行網域控制站的網域名稱系統」(DNS) 伺服器可以將其區域儲存在 Active Directory Domain Services (AD DS)。Domain Name System (DNS) servers running on domain controllers can store their zones in Active Directory Domain Services (AD DS). 如此一來,不需要設定另一個 DNS 複寫拓撲使用一般的 DNS 區域轉送因為所有區域資料會自動都複製透過複寫 Active Directory。In this way, it is not necessary to configure a separate DNS replication topology that uses ordinary DNS zone transfers because all zone data is replicated automatically by means of Active Directory replication. 這簡化部署 DNS 的程序,並提供下列優點:This simplifies the process of deploying DNS and provides the following advantages:

  • 多個主機建立 DNS 複寫。Multiple masters are created for DNS replication. 因此,執行 DNS 伺服器服務的網域中的任何網域控制站可以撰寫 Active Directory 整合 DNS 網域名稱他們的授權的區域的更新。Therefore, any domain controller in the domain running the DNS Server service can write updates to the Active Directory-integrated DNS zones for the domain name for which they are authoritative. 另外 DNS 區域傳輸拓撲就不需要。A separate DNS zone transfer topology is not needed.

  • 支援的安全的動態更新。Secure dynamic updates are supported. 安全的動態更新可讓您控制哪些電腦更新哪些名稱,以避免覆寫現有的 dns 名稱未經授權的電腦系統管理員。Secure dynamic updates allow an administrator to control what computers update what names and prevent unauthorized computers from overwriting existing names in DNS.

Windows Server 2008 的 active Directory 整合 DNS 儲存應用程式 directory 磁碟分割區資料。Active Directory-integrated DNS in Windows Server 2008 stores zone data in application directory partitions. (有任何行為變更的 Active Directory 與 Windows Server 2003 DNS 整合。)下列的 DNS 特定應用程式 directory 磁碟分割 AD DS 安裝期間建立:(There are no behavioral changes from Windows Server 2003-based DNS integration with Active Directory.) The following DNS-specific application directory partitions are created during AD DS installation:

  • 樹系應用程式 directory 磁碟分割,稱為「ForestDnsZonesA forest-wide application directory partition, called ForestDnsZones

  • 針對每個、樹系網域全網域應用程式 directory 磁碟分割名 DomainDnsZonesDomain-wide application directory partitions for each domain in the forest, named DomainDnsZones

如需如何 AD DS DNS 會將資訊儲存的應用程式的磁碟分割的相關資訊,請查看DNS 技術參考For more information about how AD DS stores DNS information in application partitions, see the DNS Technical Reference.


我們建議您安裝 DNS,當您執行 Active Directory Domain Services 安裝精靈 (Dcpromo.exe)。We recommend that you install DNS when you run the Active Directory Domain Services Installation Wizard (Dcpromo.exe). 若您這樣做,精靈會自動建立 DNS 區域委派。If you do this, the wizard creates the DNS zone delegation automatically. 如需詳細資訊,請查看部署 Windows Server 2008 森林根網域For more information, see Deploying a Windows Server 2008 Forest Root Domain.