I've always worked with DNS in a domain, but I inherited a workgroup environment and have a few questions on how to proceed. I've a number of questions from my testing, but I think most will be quick answers. I appreciate your input.

Current environment...

- Single Windows Server 2008 R2 server running File Services
- Workstations are all Windows 7
- Workgroup is named WORKGROUP and contains the server, 20 workstations using DHCP, and printers and a NAS with static addresses
- Network is 10.10.0.0/255.255.255.0
- The firewall/router is now handling DNS & DHCP

Goal is to move DNS and DHCP to the server. DHCP will not be an issue, but I have a few questions on the DNS because my testing was not looking right.

- What am I naming my zone? Does it need to be WORKGROUP or WORKGROUP.LOCAL or can I name it anything such as ABC or ABC.LOCAL?
- Is it correct to configure DNS server to point to itself and then the ISP servers?
- I consider this a small network, so do I need to configure a reverse lookup zone? Is there an advantage to this, or does it just mean systems cannot resolve lookups by IP address?
- After creating the zone, do I need to create A records for anything other than my server, such as printers, NAS, etc?
- Will workstations create their forward lookup records in the zone? If not, do I need to do anything with record creation?
- Should I use DDNS even though it is not secure?
- Confirming...if I name my zone ABC or ABC.LOCAL, then this is what goes in option 15 on the DHCP scope options?
- Is there any configuration I need to do on the workstations to get this solution working properly?

Thank you very much for your help!

  There is no relation whatever between DNS and a workgroup. (Workgroups are a hangover from the NT days before Windows domains used DNS at all - that did not happen until Windows 2000.) Workgroups used NetBIOS names only.

  If you want to run your own DNS server in a workgroup environment you can call it anything you like. The workgroup won't know or care. Or you can run without any local DNS and let your router handle DNS resolution for foreign URLs and use NetBIOS names locally.

- You would need an ending, ABC.LOCAL or ABC.LAN is common

- yes, your server will use the DNS service on "itself". The server and the service running on it are two different thing. You will set your ISP DNSes on the Forwarders tab in your DNS server.

- DNS can work without it, but if not sure, just better doing it properly and create it. Might save you some time later.

- If you add, you can call your printer by some name like PRN01.abc.local instead of it's IP. That's all up to you. Note, that PRN01 (without fqdn) will work only if your clients have their DNS SUFFIX set properly. But that's a DHCP thing.

- You must set that DNS dynamic updates are nonsecure - because its a workgroup. AND, in DHCP, on the scope DNS tab, set this as well, to have DHCP update on behalf of the clients.

- Fix IP is preferred over DDNS. But hey, in what way do you see DDNS related to your internal DNS? (It isnt really)

- Yes.

- You pointed out the catches yourself. The above should work I think. Also, enable DNS aging/scavenging, the defaults are fine (7-7), if your DHCP lease time is less. Check and manually delete stale records from time to time.