Configure a DNS Server on Windows Server 2008 R2 to Use OpenDNS


Configure a DNS Server on Windows Server 2008 R2 to Use OpenDNS


If you’re running Active Directory (AD) and want to use OpenDNS, you would think that you just need to update your DHCP server to give out their DNS servers, right?  Wrong!  Clients in an Active Directory need to point to AD DNS servers.  Pointing the clients to third-party DNS can cause problems connecting to AD, Group Policy problems, and a number of other issues.First, make sure that your clients are using AD DNS.  If you only have one Domain Controller (DC), that’s the IP address you want to use.  Next, you’ll need to make a configuration change to your DNS server.
In the Windows Server 2008 R2, click on the Start Menu, Administrative Tools, DNS.
This will open the DNS Manager.  In the DNS Manager, double-click on Forwarders.
You should be taken to the Forwarders tab in the server’s Properties.  Click the Edit… button.
This will open the Edit Forwarders dialog.  Type in the IP addresses for OpenDNS:  208.67.222.222 and 208.67.220.220.
It should look something like this when you’re done.  Click OK to close the dialog box.
After clicking OK, you’ll be taken back to the DNS server’s Properties.  It should look something like the screenshot below.
By default, the Use root hints if no forwarders are available will be checked.  This option is a double-edged sword:  If you leave it checked, your DNS server may consult with the root hints servers to resolve a DNS entry and could bypass OpenDNS.  If you don’t check it, you could have DNS timeouts that could result in DNS timeouts.
So, what option do you choose?  Well, it really depends on how you’re using OpenDNS.  If you’re using OpenDNS as a filter in a situation where the filter always has to work like a school, uncheck the box.  If it is more important that clients always get timely DNS responses, check the box.
When you’re done, click OK.
Now that you’ve updated your Forwarders.  You’ll need to clear the DNS cache.  To do this, right-click on Cached Lookups in the DNS Manager and choose Clear Cache.
You’re done!  If you have more than one Windows Server 2008 R2 DNS server, you’ll need to perform this change on each one.  You’ll also need to run an ipconfig.exe /flushdns on your clients if you want this to start using OpenDNS immediately.  Otherwise, you can wait and they’ll move over on their own as items in the DNS cache expire.