Networking
-
Support DOH/DOT Server
In line with the announcement that Windows 10 will support DOH, the Windows DNS server should support name resolution using the DOH or DOT protocols.
This is separate to the DNS server supporting DOH/DOT to upstream DNS servers (be they forwarders or the root DNS servers).
All DNS traffic from my clients would be encrypted, while maintaining the existing administrative controls.
1 vote -
DNS records make it easy and fast
create a new DNS records list as MAC OS has it to be easy to manage and access
PC name IP and DNS record
Server 1 | 192.. | A
Server 2 | 192.. | MXon the IIS 7 have this option to DNS records for easy management
Windows Server should only be as Server using the right tools for Server and not work as wndows desktop
make the Windows Server just as Server and run the programms need
windows desktop as desktop only and not with option to run as server
1 vote -
Support SSHFP records in Windows DNS Server and its admin tools
Since Windows now supports OpenSSH natively, as well as other clients/servers on the same network, supporting this standard for server authentication seems like an obvious win.
2 votes -
Support CAA records in nslookup
The nslookup command line tool should support CAA (id=257) DNS resource record types. Bonus points for teaching Resolve-DnsName about this type as well. Super bonus points for supporting and rendering arbitrary record types: just print the data in a side-by-side hex/ASCII view. This way I can view newer record types without needing an OS update.
6 votes -
Fix -WhatIf, -Verbose, and -ErrorAction support in the DnsServer PowerShell module
The new cmdlets for DNS policies in particular have inconsistent and downright broken support for -WhatIf and -Verbose.
Example:
Add-DnsServerClientSubnet -cn MyDC -Name 'Whatever' -IPv4Subnet 10.0.0.0/32
That works if you explicitly add -WhatIf. But if I make the call inside an advanced function that SupportsShouldProcess and call the outer function with -WhatIf, the preference will NOT carry over. In order to do that, I have to use -WhatIf:$WhatIfPreference.
The same is true with -Verbose, having to use -Verbose:$VerbosePreference because it won't inherit it.
This is true on the cmdlets for:
- Client Subnets
- Zone Scopes
- Query Reoslution Policies…
6 votes -
DNS: Application high availability
Hello,
On your site "What's new in DNS Server in Windows Server 2016" is written that there will be a new feature called "DNS Policies", which can be used for "Application high availability". But i can't find this feature, which allows me to redirect clients to the healthiest endpoint like a failover-cluster. I'm not looking for a loadbalancer.
Other People are looking too for this Feature and some documentation, when will it be available?
This feature would be great for applications like ADFS and so on.
"What's New" https://technet.microsoft.com/en-us/windows-server-docs/networking/dns/what-s-new-in-dns-server
Other person: https://social.technet.microsoft.com/Forums/office/en-US/84d3b0de-e427-4987-b498-6b053851e2dc/dns-policies-application-high-availability?forum=WinServerPreview9 votes -
Move the GlobalBlocklist to the ADS
Everytime you set up a new DC with DNS (integrated DNS Zones) you have to remember to clear the GlobalBlocklist in the Registry (when using wpad and isatap). If you set up new DC everytime a new OS is live, you have to remember for this every ~ 3 years. Please move the GlobalBlocklist to a Paramter in the integrated zones, so that every DNS Server with this zone get a real "Global" Blocklist. Or, at least, make the Blocklist visible in the mmc. Would make the search for the misconfiguration a lot faster.
2 votes -
Provide logging around DNS record aging
It would be nice to have DNS logging around what records would be scavenged if scavenging was turned on.
Add a log (or easy PowerShell way) to pull the records that would be scavenged, following the built-in algorithm that DNS uses (https://technet.microsoft.com/en-us/library/cc959277.aspx)
2 votes -
DnsServer Module cmdlets need a credential parameter
It would be extremely useful if the cmdlets in the DnsServer module had the credential parameter. It's a lot easier to provide the credentials in a variable versus having to wrap the cmdlet in a script block every time you want to run it with different credentials.
6 votes -
Fix DNS management console sorting bug
Come on, after 8 years you have still not fixed this bug?
https://social.technet.microsoft.com/Forums/windowsserver/en-US/f1b686ad-824f-4c16-a66c-f9470a2dfa6d/2008-dns-ip-address-sorting-issue
And NO, this is neither MMC nor regional settings problem, since DHCP management console sorts the same (IP addresses) values CORRECTLY.
And NO, exporting to Excel is NOT an option!
Come on grow up and get serious, even in Srv 2K and 2K3 it worked like charm!86 votes -
Improve DNS logging options
Allow us to put a filter in to log for specific lookups. We should be able to specify a list of names, a list of domains. We will at times have a misbehaving client or piece of malware, or we have an old domain or host and we'd like to know what's still using it. Being able to create a targeted log for these types of situations would often come in handy. As it is, we end up needing to run a network capture on all our domain controllers. The ability to use a Powershell or dnscmd command to add…
21 votes
- Don't see your idea?