The Difference between DNS and AD Domains

For some reason, our industry often uses the same term to represent completely different things. In Chapter 7 we discussed DNS (Domain Name System) domains. A DNS server is used to resolve TCP/IP host names into IP addresses. A DNS domain represents a piece of the overall DNS namespace. DNS is a service used to find resources: A process submits a host name, and DNS attempts to find a record that matches. If a match is found, DNS returns the appropriate IP address to the requestor. As such, we could define a DNS domain as a bounded portion of a DNS namespace used to find IP host information.

In this chapter, we will discuss NT domains, concentrating on how they relate to Active Directory. For our purposes, we can define an NT domain as a bounded area of an AD namespace used to organize network resources.

Comparing the two definitions, we can make two generalizations:

♦ DNS domains are for finding resources.

♦ AD domains are for organizing resources.

I know that we have said that the Active Directory database is used to "find" resources, so let me clarify. While AD holds information about resources on the network, it (or the client, depending upon the process involved) uses DNS to find and resolve distinguished names into IP addresses. In other words, AD and DNS work together to return connection information to users or to other processes that request such information, as you can see in Figure 8.3.

Figure 8.3

AD and DNS work together to provide services.

Figure 8.3

AD and DNS work together to provide on Server



AD returns IP address

3 AD finds record and calls DNS.

AD Database on Server

4 DNS returns IP address

DNS Server for


In Figure 8.3, Susan uses the AD database to find a share point. Here is what happens:

1. Susan browses the directory and clicks the \Data resource.

2. The client software sends a request to an AD server.

3. The AD server searches the directory database for the resource record. In the record, it finds the DNS name of the server on which the share point is located. AD queries DNS for the IP address of the appropriate server.

4. DNS searches its database for the record for server Once it finds this record, DNS returns the IP address to AD.

5. AD returns the IP address of server to the client.

At this point, the client software can establish a connection with the server using the appropriate TCP/IP technologies.

note DNS is a critical piece of the AD puzzle. Without DNS, AD cannot resolve user requests into IP addresses of resources. To put this into perspective, AD will not allow itself to be installed without DNS: either by access to an existing DNS server or through the installation of DNS on the first AD server. For this reason, you must have a good grounding in DNS before installing and configuring Active Directory.

Was this article helpful?

+26 -4


  • penelope
    What is the difference between domain and active directory?
    8 years ago
    What is the difference between windows server 2003 dns and windows server 2008 dns?
    8 years ago
  • dodinas
    What is adsdatebasewhat is ad namespace?
    7 years ago
  • ulrich
    What is the diference between dns and wins server2003?
    7 years ago
    What is the difference between tcpip domain and windows domain?
    7 years ago
  • romano
    What is difference between dns server and active directory in windows server 2008?
    7 years ago
  • Fulvus
    What is the major difference between ads and dns?
    2 years ago
  • tewelde mehari
    Is there such a thing as a primary dns server in active directory domain?
    13 days ago

Post a comment