2 DNS Server

7/31/2019 2 DNS Server

1/72

Domain Name Server

N. Ganesan, Ph.D.


2/72

Reference


3/72

Domain Name Structure


4/72

Understanding the DNS


5/72

FQDN for Computers

Computer_Name.Domain_Name.Root_Domain

ganesan.calstatela.edu


6/72

Domain Names

Publicly registered domain names

www.ganesan.com

Internal domain names

nanda.ganesan.com

nanda, in this case, could be a web server

within the company


7/72

Installing and Configuring Active

Directory and DNS


8/72

Important Note

The domain controller server on whichthe Active Directory and DNS are going

to be installed must have a static IP


9/72

Installing DNS with Active Directory

1.Click Start, point to Administrativetools, and then click Configure Your

Server Wizard.

2.On the Manage Your Server page,click Add or remove a role.

3.On the Configure Your ServerWizard page, click Next.

4.Clik Domain Controller (Active

Directory) and then click Next.


10/72

Installing DNS Cont.

5.On theWelcome to the Active DirectoryInstallation Wizard page, click Next.

6.On the Operating System Compatibility page,read the information and then click Next.

If this is the first time you have installed ActiveDirectory on a server running Windows Server 2003,click Compatibility Help for more information.

7.On the Domain Controller Type page, clickDomain controller for a new domain and then clickNext.


11/72

Domain Controller for a New

Domain


12/72

Create a New Domain

8. On the Create New Domain page,click Domain in a new forest and then

click Next.


13/72

Domain in a New Forest


14/72

New Domain Name and Database

and Log Folder Location

9. On the New Domain Name page, typethe full DNS name (such as corp.contoso.com)

for the new domain, and then click Next. 10. On the NetBIOS Domain Name page,

verify the NetBIOS name (for example,CORP), and then click Next.

11. On the Database and Log Folders page,type the location in which you want to installthe database and log folders, or click Browseto choose a location, and then click Next.


15/72

Database and Log Folder Locations


16/72

SYSVOL Folder Location

12. On the Shared System Volumepage, type the location in which you

want to install the SYSVOL folder, orclick Browse to choose a location, andthen click Next.


17/72

Shared System Volume


18/72

DNS Registration

13. On the DNS RegistrationDiagnostics page, click Install and

configure the DNS server on thiscomputer, and set this computer to usethis DNS server as its preferred DNS

server, and then click Next.


19/72

DNS Registration Diagnostics


20/72

Permission Compatibility for

Operating Environment

14. On the Permissions page, select oneof the following:

Permissions compatible with pre-Windows 2000 Server operating systems

Permissions compatible only with

Windows 2000 or Windows Server 2003operating systems


21/72

Permissions


22/72

Specify Administrator Password and

Complete Installation

15. On the Directory Services Restore ModeAdministrator Password page, type a

password that will be used to log on to theserver in Directory Services Restore Mode,confirm the password, and then click Next.

16. Review the Summary page, and then click

Next to begin the installation.

17. After the Active Directory installationcompletes, click OK to restart the computer.


23/72


24/72

Access TCP/IP Properties

1. At the computer that you are configuringto use DNS, click Start, point to Control

Panel, and then click Network Connections. 2. Right-click the network connection that

you want to configure, and then clickProperties.

3. On the General tab, click InternetProtocol (TCP/IP), and then click Properties


25/72

LAN Connection Properties


26/72

Specify DNS Server Address

4. If you want to obtain DNS serveraddresses from a DHCP server, click

Obtain DNS server addressautomatically


27/72

TCP/IP Properties


28/72

Specify DNS Server Addresses

5. If you want to configure DNS serveraddresses manually, click Use the followingDNS server addresses, and in Preferred DNS

server and Alternate DNS server, type theInternet Protocol (IP) addresses of thepreferred DNS server and alternate DNSserver.

6. Click OK to exit. Note: It is not necessary to restart the

computer at this time if you intend to changethe computer's name or domain membershipin the following steps.


29/72

Joining a Network

7. In Control Panel, double-clickSystem.

8. On the Computer Name tab, clickChange.

9. In Computer name, type the name

of the computer (the host name). 10. Click Domain, and then type the

name of the domain you want thecomputer to join.


30/72

Computer Name Changes


31/72

Use Privilege to Join the Computer

to the Network

11. If Computer Name Changesappears, in User Name, type the

domain name and user name of anaccount that is allowed to joincomputers to the domain, and inPassword, type the password of the

account. Separate the domain name anduser name with a backslash (forexample, domain\user_name).


32/72

Joining the Network with Permission


33/72

Complete Client Installation

12. Click OK to close all dialog boxes.


34/72

Advanced DNS Configuration


35/72

Adding Records

Host address (A) record

Maps a computer's DNS domain name to

the computer's IP address.

Mail Exchanger (MX) record

Maps a DNS domain name to the name of

a computer that exchanges or forwards e-mail.


36/72

Adding Host Resource Records


37/72

Host Resource Records

Windows clients and servers use the Dynamic HostConfiguration Protocol (DHCP) Client service todynamically register and update their own A

resource records in DNS when an IP configurationchange occurs.

DHCPenabled client computers running earlierversions of Microsoft operating systems can havetheir A resource records registered and updated byproxy if they obtain their IP address lease from aqualified DHCP server. (Only the Windows 2000 andWindows Server 2003 DHCP Server service supportsthis feature.)


38/72

Host Resource Records Continued

You can manually create an A resourcerecord for a static TCP/IP client

computer or a computer running non-Windows operating systems by usingthe DNS snap-in.


39/72

Adding a Host Resource Record

1. At the DNS server, click Start, pointto Administrative Tools, and then click

DNS. 2. In the console tree, right-click the

applicable zone, and then click NewHost (A).

3. In Name (uses parent domain ifblank), type the name of the computer(host) that you are creating an A

resource record for.


40/72

Adding a Host Resource Record

Continued

4. In IP address, type the address ofthe computer that you are creating an A

resource record for. Important: Make sure that you correctly

type the address and that it is assigned as astatic address (not assigned by DHCP). If

the address is incorrect or changes, clientcomputers will not be able to locate thehost by using DNS.


41/72

New Host Addition


42/72

Adding MX Resource Records


43/72

MX Resource Records

The MX resource record is used by e-mailapplications to locate a mail server by usingthe DNS domain name that appears in thedestination e-mail address for the recipient

For example, a DNS query for the namesales.corp.contoso.com can be used to find anMX resource record, which enables an e-mailapplication to forward or exchange mail to auser with the e-mail [email protected]


44/72

MX Resource Records Priority of

Delivery

The MX resource record shows the fullyqualified DNS domain name for the computer

that processes e-mail for a domain. If multiple MX resource records exist, the

DNS Client service attempts to contact the e-mail servers in the order of preference using

the Mail server priority field. The lowestvalue has the highest priority, and the highestvalue has the lowest priority.

Addi M il E h MX


45/72

Adding a Mail Exchanger MX

Resource Record to a Zone

1. At the DNS server, click Start, point toAdministrative Tools, and then click DNS.

2. In the console tree, right-click theapplicable zone, and then click New MailExchanger (MX).

3. In Host or child domain, type the name

of the host or domain of the mail exchangerfor this domain only if it is different from theparent domain; otherwise, leave this fieldblank.

Addi N MX R


46/72

Adding a New MX Resource

Record

S if i M il S d


47/72

Specifying Mail Server and

Priority

4. In Fully qualified domain name (FQDN)of mail server, type the DNS domain name ofan existing mail server that can function as a

mail exchanger for the domain. 5. In Mail server priority, type a number

between 0 and 65535 that indicates thepriority of the mail server among other mail

exchangers for this domain. The mailerattempts to deliver mail to servers with lowerpriority numbers before attempting to deliverto servers with higher priority numbers.


48/72

Removing Outdated Resource

Records


49/72

Removing Records

You can configure the DNS server totrack the age of each dynamically

assigned record and to periodicallyremove records older than a specifiednumber of days, a process known as

scavenging


50/72

Dynamic Updating on DNS

The age of a record is based on when itwas created or last updated. By default,

computers running Windows 2000,Windows XP, and WindowsServer 2003 send a request to the DNS

server to update their records every 24hours


51/72

Scavenging of Stale Records

1. At the DNS server you want to enablescavenging on, click Start, point toAdministrative Tools, and then click DNS.

2. In the console tree, click the applicableDNS server.

3. On the Action menu, click Properties.

4. Click the Advanced tab, select Enableautomatic scavenging of stale records, andthen click OK.

E bli A t ti S i


52/72

Enabling Automatic Scavenging

of Stale Records

Scavenging Records


53/72

Scavenging Records

Specifications

5. On the Action menu, click SetAging/Scavenging for All Zones, click

Scavenge stale resource records, andthen click OK.

Server Aging and Scavenging


54/72

Server Aging and Scavenging

Properties


55/72

Selecting Zones of Application

6. In the Server Scavenging/AgingConfirmation dialog box, select Apply

these settings to the existing ActiveDirectory-enabled zones, and thenclick OK.

Server Aging/Scavenging


56/72

Server Aging/Scavenging

Confirmation


57/72

Configuring a Forwarder for

Internet Access

Accessing the DNS Properties


58/72

Accessing the DNS Properties

Sheet

1. At the DNS server that you want toconfigure to use forwarders, click Start,

point to Administrative Tools, andthen click DNS.

2. In the console tree, click theapplicable DNS server.

3. On the Action menu, clickProperties.

Specifying the Forwarder


59/72

Specifying the Forwarder

Address

4. On the Forwarders tab, under DNSdomain, click All other domain names.

5. Under Selected domain's forwarderIP address list, type the InternetProtocol (IP) address of a forwardersupplied by your Internet serviceprovider (ISP), and then click Add.

6. Click OK to exit.


60/72

Troubleshooting DNS


61/72

DNS Problems

Most often, DNS configurationproblems are exposed when one or

more DNS client computers are unableto resolve host names

Resolving Problems the First


62/72

Resolving Problems the First

Step

The first step in troubleshooting DNSproblems is to determine the scope of

the problem by using the pingcommand on multiple clients to resolvethe names of hosts on the intranet and

the Internet and to test overall networkconnectivity


63/72

The Use of the Ping Command

Use the following commands on severalDNS client computers and with several

different target computers, and note theresults:

pinginternal_host_ip_address

pinginternal_host_name

pingInternet_host_name


64/72

Scenario 1

Ping Result Cause

Multiple

clientscannotresolve anyintranet or

Internetnames

This might indicate that the clients

cannot access the assigned DNS server.This might be the result of generalnetwork problems, particularly if pingusing IP addresses fails. Otherwise, ifthe clients are configured to obtain

DNS server addresses automatically,the DHCP servers on the network

might not be configured properly.


65/72

Scenario 2

Ping Result Cause

Multiple

clients cannotresolveintranetnames, but

can resolveInternetnames

This suggests that host (A) resource

records or other records (such as SRVrecords) do not exist in the DNS zonedatabase. Check to ensure that theappropriate resource records exist andthat the DNS server is properlyconfigured to receive automaticupdates, as appropriate. If the targethost names are located in a particularchild zone, ensure that delegation of

that zone is properly configured.


66/72

Scenario 3

Ping Result Cause

Multiple clients cannot

resolve Internet names,but can resolve intranetnames

The designated

forwarder of the DNSdomain is unavailable,or the DNS server isnot properly

configured


67/72

Scenario 4

Ping Result Cause

One client only

cannot resolveany intranet orInternet names

If the ping command using IP addressesfails, this indicates that the client computer

cannot connect to the network at all. Ensurethat the client computer is physicallyconnected to the network and that thenetwork adapter for the computer isfunctioning properly. If the ping command

using IP addresses succeeds, but pingcannot resolve DNS domain names, then theTCP/IP settings of the client are probably

incorrect.


68/72

Scenario 5

Ping Result Cause

One client only

cannot resolveintranet names,only Internetnames

If the client computer was previouslyconfigured to connect directly to the Internet,

its TCP/IP properties might be configured touse an external DNS server, such as a DNSserver from an Internet Service Provider(ISP). In most cases, the client should not usea DNS server from an ISP as either the

preferred or alternate DNS server, becausethe DNS server at the ISP is unable to resolveinternal names. Using a DNS server from anISP in the TCP/IP configuration of a clientcan also cause problems with conflicting

internal and external namespaces.


69/72

DNS Settings Verification on the

Clients


70/72

Accessing TCP/IP Properties

1. Log on to the DNS client computer withthe Administrator account.

2. Click Start, click Control Panel, and then

double-click Network Connections. 3. In Network and Dial-up Connections,

right-click the local area connection that youwant, and then click Properties.

4. In Local Area Network ConnectionProperties, click Internet Protocol (TCP/IP),and then click Properties.


71/72

Verify and Correct Settings

5. If Obtain an IP addressautomatically is selected, type the

following at a command prompt, andthen press ENTER:

ipconfig /all

6. Review the DNS server settings andverify that they are correct


72/72

The End

Date post:	05-Apr-2018
Category:	Documents
Upload:	froxplus
View:	234 times
Download:	1 times

2 DNS Server

Documents