Difficulty: Medium
Correct Answer: When the DNS server is connected to the Internet
Explanation:
Introduction / Context:
Domain Name System (DNS) is the core naming service for Windows 2000 networks and the Internet. A DNS root server hosts the root zone, which is the starting point of name resolution. In Windows 2000, the Configure DNS Server Wizard simplifies initial setup, but it also enforces certain restrictions to prevent misconfiguration. One such restriction is related to when you can configure a DNS server as a root server.
Given Data / Assumptions:
Concept / Approach:
In practice, DNS root servers for the public Internet are a special set of servers managed by designated organizations. Microsoft does not want administrators to accidentally configure a general purpose DNS server connected to the Internet as an authoritative root for the entire namespace. Therefore, the wizard refuses to create a root zone on a DNS server that is connected to the Internet. Windows 2000 expects internal private root configurations only on isolated or non Internet facing servers. The presence of Active Directory, dynamic IP addresses or forwarder relationships does not by themselves prevent configuration as a root server in the way the exam describes.
Step-by-Step Solution:
Step 1: Understand that a DNS root server hosts the dot zone, written simply as ".".Step 2: Recognize that configuring a root server on a machine that is also connected to the Internet could cause serious name resolution conflicts.Step 3: Examine each condition. Active Directory on the DNS server is a common configuration for Active Directory integrated zones and does not prevent root zone creation in an internal context.Step 4: Having a dynamic IP address is not ideal for DNS, but the wizard restriction described in the exam focuses on Internet connectivity and potential conflict with public roots.Step 5: Serving as a forwarder or being used by other servers as a forwarder does not in itself prevent root zone creation.Step 6: The exam objective clearly states that when the DNS server is connected to the Internet, the Configure DNS Server Wizard will not allow configuration as a root server.
Verification / Alternative check:
Documentation and practice questions about Windows 2000 DNS make this point explicit. Internal root servers are typically used in isolated networks that do not rely on public root servers. The wizard effectively assumes that a server with Internet connectivity should use the existing Internet root infrastructure instead of attempting to override it. This behavior helps prevent accidental disruption of name resolution for clients that might depend on Internet resources.
Why Other Options Are Wrong:
Installing Active Directory on the DNS server is a standard deployment for domain controllers and does not on its own stop you from creating a root zone. Dynamic IP addresses present manageability issues but are not the specific condition the wizard checks for in this context. The fact that another server uses this DNS server as a forwarder is a normal design choice and does not prohibit root configuration. Only Internet connectivity triggers the wizard restriction described in the question.
Common Pitfalls:
Many candidates confuse internal private forest root configurations with public root servers and assume any special configuration requires the absence of Active Directory. Others focus too heavily on IP addressing modes, thinking that a dynamic address always blocks advanced DNS roles. The key idea is to separate internal non Internet connected environments, where you can safely run a root zone, from Internet connected servers, where you should rely on public root servers and avoid conflicting root authority.
Final Answer:
The Configure DNS Server Wizard will not permit root server configuration when the DNS server is connected to the Internet.
Discussion & Comments