Why we still use WINS when we have AD

By SysAdmin1138 on | 2 Comments
WINS... the Windows Internet Name Service. Introduced in, I believe, Windows NT 3.5 in order to allow Windows name resolution to work across different IP subnets. NetBIOS relies on broadcasts for name resolution, and WINS allowed it to work by using a unicast to the WINS server to find addresses. In theory, DNS in Active Directory (now nine years old!) replaced it.

Not for us.

There are two things that drive the continued existence of WINS on our network, and will ensure that I'll be installing the Server 2008 WINS server when I upgrade our Domain Controllers in the next two weeks:
  1. We still have a lot of non-domained workstations
  2. Our DNS environment is mind-bogglingly fragmented
Here is a list of domains we have, and this is just the domains we're serving with DHCP. There are a lot more:
  • admcs.wwu.edu
  • ac.bldg.wwu.edu
  • ae.bldg.wwu.edu
  • ah.bldg.wwu.edu
  • ai.bldg.wwu.edu
  • cv.bldg.wwu.edu
  • es.bldg.wwu.edu
  • om.bldg.wwu.edu
  • rh.bldg.wwu.edu
  • rl.bldg.wwu.edu
  • archives.wwu.edu
  • bh319lab.wwu.edu
  • bldg.wwu.edu
  • canada.wwu.edu
  • ci.wwu.edu
  • clsrm.wwu.edu
  • cm.wwu.edu
  • crc.wwu.edu
  • etd110.lab01.wwu.edu
  • fm.wwu.edu
  • hh101lab.wwu.edu
  • hh112lab.wwu.edu
  • hh154lab.wwu.edu
  • hh245lab.wwu.edu
  • history.wwu.edu
  • lab03.wwu.edu
  • math.wwu.edu
  • mh072lab.wwu.edu
  • psych.wwu.edu
  • soclab.wwu.edu
  • spmc.wwu.edu
  • ts.wwu.edu
There are more we're serving with DHCP, I just got bored making the list. The thing is, a lot of those networks, and especially the labs, contain 100% domained workstations. Since we only have the one domain, this means all those computers are in a flat DNS structure. In effect, each domained workstation on campus has two DNS names: the one on our BIND servers, and the one in the MS-DNS servers.

That said, for those machines that AREN'T in the domain the only way they can find anything is to use WINS. We will be using until the University President says unto the masses, "Thou Shalt Domain Thy PC, Or Thou Shalt Be Denied Service." Until then, WINS will continue to be the best way to find Windows resources on campus.

Categories:

2 Comments

patrickbuller | August 14, 2009 10:05 AM

Why do you have BIND and MS-DNS?

sysadmin1138 | August 14, 2009 10:13 AM

That was decided back when we deployed AD, which was before I got here. As I understand it, our DNS administrators didn't want to use MS-DNS as our authoritative DNS servers, and didn't want to enable the Dynamic DNS bits that BIND needed to act as the AD DNS server. So a compromise was reached. The MS-DNS servers would be maintained, the BIND servers would have secondary zones for the AD domains, and all workstations would point to the BIND servers for DNS. Workstations would still register their DNS with the AD DNS domain, and the BIND servers would continue to be authoritative for the reverse-lookup domains.