Windows Server 2012 R2 Brings Improvements to DNS and DHCP Management

DNS and DHCP – they are like two sides to same coin.  At the core, DNS maps human friendly names to IP addresses so we can find resources on the Internet easily, the other hands out IP addresses and other configuration information to computers so they can be accessible on the network.
Both have been around since what seems like the beginning of time, but both have some new improvements with Windows Server 2012 R2.

First, there have been some improvements for DNSSEC support. In Server 2012, the Key Master role only existed for AD-integrated zone, but now that has been extended to support file-backed multi-master zones as well.

Also, the key management service (key generation, storage, retirement) has been isolated to only the key master of a zone.  All other primary DNS servers for zone can continue signing a zone by accessing the keys managed by the master.

Next, let’s bring on the PowerShell improvements.  While DNS on Windows Server 2012 already has a substantial list of statistics available using the Get-DnsServerStatistics, new Zone related statistics have been added for zone query stats, zone transfer stats and zone update stats.

There are also some brand new cmdlets for controlling DNSSEC, to support some of the improvements, like managing Trust Anchors. You can find the complete list of the cmdlets on TechNet, at

For the DHCP Server, new PowerShell cmdlets have been added for managing superscopes and multicast scopes, as well as improvements in some of the existing commands for changing failover relationships and interacting with DNS. There are over a dozen new additions, but some of the cmdlets include:

  • Add-DhcpServerv4MulticastScope
  • Add-DhcpServerSecurityGroup
  • Get-DhcpServerv4MulticastScopeStatistics
  • Get-DhcpServerv4SuperscopeStatistics

But it’s not all about PowerShell improvements. There are two DHCP improvements that enhance client DNS registrations. 

The first one extends DHCP polices to configure conditions based on the FQDN of the clients. Or clients can be registered using a different DNS suffix than the one configured on the client.
The second enhancement enables you to configure the DHCP server to register only A records for clients with the DNS server.  This can avoid failed attempts to register PTR records when a reverse lookup zone isn’t configured. PTR record registration can be disabled for all clients of a DHCP server, or by specific subnet or attribute.

Overall these new features can give you better granular control of devices on the network, including workgroup and guest devices. 

Looking for more information about what’s new with Windows Server 2012 R2?  Check out the full list of blog posts in this series, Why Windows Server 2012 R2?.  Also, don’t forget to take a moment to download the Server 2012 R2 bits so you can try it all out for yourself.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s