This topic is not directly related to Active Directory, but it often seems to receive little attention. Many companies do not configure DNS aliases for services such as shares, printers, web servers or any other services. This is usually not a problem, but it can lead to frustration and overtime for administrators (and not just admins).
Imagine the following fictitious situation:
The admin installs and configures a new file server. He expects the new server to provide faster access and better control options. The admin therefore installs FileServer01 and does not specify a DNS alias and SPN. In a weekend operation, the admin copies hundreds of gigabytes of data from the old FileServer to FileServer01, after which the admin adapts hundreds of logon scripts (always replacing the "FileServer" entry with "FileServer01"). Then he takes care of the 10 applications that he knows are accessing \\FileServer\Share and adjusts the corresponding names in the configuration. After 24 hours of continuous use, the admin switches off the old file server and tries to get some sleep. The weekend comes to an end, the first users start work on time on Monday and realize: 10 more applications no longer work, somewhere in well-hidden INI files it is still there, the "FileServer". And now? Stress! Nobody appreciates how fast the new FileServer01 is because nobody can work properly.
Recognize the situation? J
This situation occurs frequently, especially in smaller networks with a file server or web server. Unfortunately, nobody is spared the fact that you have to shovel gigabytes of data back and forth on a file server. But you can make life easier for yourself from the outset by using DNS aliases. The FileServer is then no longer accessed via \\FileServer.domain.local\share_name, but via \\DATA.domain.local\share_name, for example. The difference is that "DATA" is only a type of link (DNS alias) with a host name. This alias is then used in all applications and scripts etc. to access the file server. If the host name now changes from FileServer to FileServer01 (e.g. due to a server migration), the data is copied from FileServer to FileServer01 and only the alias is changed. You no longer need to touch the scripts and applications.
Here is an example to illustrate this:
Here you can see that there is a HOST-A entry for the server "FileServer01" (red arrow), the two aliases "Data" and "Printer" are assigned to this server (green arrows)
Here is an example of what the login script for the domain users looks like:
The server is therefore no longer accessed via the host name, but via the alias. If FileServer01 is now replaced by a new FileServer and a dedicated print server is installed at the same time, only the aliases need to be changed to the new host names after the services (and data) have been moved. This then looks like this:
There are therefore 2 new HOST-A entries for PrintServer01 and FileServer02. The aliases "Data" and "Printer" were changed to "FileServer02" and "PrintServer01" after the migration. The annoying changing of host names in scripts is no longer necessary.
Attention: This article refers to Server 2008 or Server 2008 R2, for earlier server versions an additional registry entry must be created:
Create the following value in the registry on the Server 2003 file servers:
Key: HKEY_Local_MachineSystemCurrentControlSetServicesLanmanServerParameters
Name: "DisableStrictNameChecking"
Type: REG_DWORD
Value: 1
The corresponding Microsoft KB article can be found here:
http://support.microsoft.com/?id=281308
