In line with the announcement that Windows 10 will support DOH, the Windows DNS server should support name resolution using the DOH or DOT protocols.

This is separate to the DNS server supporting DOH/DOT to upstream DNS servers (be they forwarders or the root DNS servers).

All DNS traffic from my clients would be encrypted, while maintaining the existing administrative controls.

create a new DNS records list as MAC OS has it to be easy to manage and access

PC name IP and DNS record

Server 1 | 192.. | A
Server 2 | 192.. | MX

on the IIS 7 have this option to DNS records for easy management

Windows Server should only be as Server using the right tools for Server and not work as wndows desktop

make the Windows Server just as Server and run the programms need

windows desktop as desktop only and not with option to run as server

Since Windows now supports OpenSSH natively, as well as other clients/servers on the same network, supporting this standard for server authentication seems like an obvious win.

The nslookup command line tool should support CAA (id=257) DNS resource record types. Bonus points for teaching Resolve-DnsName about this type as well. Super bonus points for supporting and rendering arbitrary record types: just print the data in a side-by-side hex/ASCII view. This way I can view newer record types without needing an OS update.

Hello,

On your site "What's new in DNS Server in Windows Server 2016" is written that there will be a new feature called "DNS Policies", which can be used for "Application high availability". But i can't find this feature, which allows me to redirect clients to the healthiest endpoint like a failover-cluster. I'm not looking for a loadbalancer.

Other People are looking too for this Feature and some documentation, when will it be available?

This feature would be great for applications like ADFS and so on.

"What's New" https://technet.microsoft.com/en-us/windows-server-docs/networking/dns/what-s-new-in-dns-server
Other person: https://social.technet.microsoft.com/Forums/office/en-US/84d3b0de-e427-4987-b498-6b053851e2dc/dns-policies-application-high-availability?forum=WinServerPreview

Everytime you set up a new DC with DNS (integrated DNS Zones) you have to remember to clear the GlobalBlocklist in the Registry (when using wpad and isatap). If you set up new DC everytime a new OS is live, you have to remember for this every ~ 3 years. Please move the GlobalBlocklist to a Paramter in the integrated zones, so that every DNS Server with this zone get a real "Global" Blocklist. Or, at least, make the Blocklist visible in the mmc. Would make the search for the misconfiguration a lot faster.

It would be nice to have DNS logging around what records would be scavenged if scavenging was turned on.

Add a log (or easy PowerShell way) to pull the records that would be scavenged, following the built-in algorithm that DNS uses (https://technet.microsoft.com/en-us/library/cc959277.aspx)

It would be extremely useful if the cmdlets in the DnsServer module had the credential parameter. It's a lot easier to provide the credentials in a variable versus having to wrap the cmdlet in a script block every time you want to run it with different credentials.

Come on, after 8 years you have still not fixed this bug?
https://social.technet.microsoft.com/Forums/windowsserver/en-US/f1b686ad-824f-4c16-a66c-f9470a2dfa6d/2008-dns-ip-address-sorting-issue
And NO, this is neither MMC nor regional settings problem, since DHCP management console sorts the same (IP addresses) values CORRECTLY.
And NO, exporting to Excel is NOT an option!
Come on grow up and get serious, even in Srv 2K and 2K3 it worked like charm!