DNS in Small Networks Step-by-Step Guide.doc

8/11/2019 DNS in Small Networks Step-by-Step Guide.doc

1/33

DNS in Small Networks Step-by-Step Guide

Microsoft CorporationPublished: January 2008

Author: Jim Groves

Editor: Jim ec!er

Abstract

"his #uide helps you implement $omain %ame &ystem '$%&( on the )indo*s &erver+ 2008

operatin# system in a small net*or!, )indo*s &erver 2008 uses $%& to translate computer

names to net*or! addresses, An Active $irectory+ domain controller can act as a $%& server

that re#isters the names and addresses of computers in the domain and then provides the

net*or! address of a member computer *hen the domain controller receives a -uery *ith thename of the computer, "his #uide e.plains ho* to set up $%& on a simple net*or! that consists

of a sin#le domain,


2/33

"his document supports a preliminary release of a soft*are product that may be chan#ed

substantially prior to final commercial release/ and is the confidential and proprietary information

of Microsoft Corporation, t is disclosed pursuant to a non1disclosure a#reement bet*een the

recipient and Microsoft, "his document is provided for informational purposes only and Microsoft

ma!es no *arranties/ either e.press or implied/ in this document, nformation in this document/includin# 34 and other nternet )eb site references/ is sub5ect to chan#e *ithout notice, "he

entire ris! of the use or the results from the use of this document remains *ith the user, nless

other*ise noted/ the companies/ or#ani6ations/ products/ domain names/ e1mail addresses/

lo#os/ people/ places/ and events depicted in e.amples herein are fictitious, %o association *ith

any real company/ or#ani6ation/ product/ domain name/ e1mail address/ lo#o/ person/ place/ or

event is intended or should be inferred, Complyin# *ith all applicable copyri#ht la*s is the

responsibility of the user, )ithout limitin# the ri#hts under copyri#ht/ no part of this document may

be reproduced/ stored in or introduced into a retrieval system/ or transmitted in any form or by

any means 'electronic/ mechanical/ photocopyin#/ recordin#/ or other*ise(/ or for any purpose/

*ithout the e.press *ritten permission of Microsoft Corporation,

Microsoft may have patents/ patent applications/ trademar!s/ copyri#hts/ or other intellectual

property ri#hts coverin# sub5ect matter in this document, E.cept as e.pressly provided in any

*ritten license a#reement from Microsoft/ the furnishin# of this document does not #ive you any

license to these patents/ trademar!s/ copyri#hts/ or other intellectual property,

7 2008 Microsoft Corporation, All ri#hts reserved,

Active $irectory/ &harePoint/ )indo*s/ )indo*s &erver/ )indo*s ista/ the )indo*s lo#o/ and

the Microsoft lo#o are trademar!s of the Microsoft #roup of companies,

All other trademar!s are property of their respective o*ners,


3/33

Contents

$%& in &mall %et*or!s &tep1by1&tep Guide,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, 9

Abstract,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, 9

Contents,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

&tep1by1&tep Guide for $%& in &mall %et*or!s,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, ;

Plannin# $%&,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, ,,,,,,,, , n Default gateway/ type the address of the default #ate*ay of the domain controller,

90, Clic! se the following DNS ser%er addresses/ and in Preferred DNS ser%er/ type the

P address of the domain controller that you installed in nstallin# and Confi#urin# A$ $&

and $%&,

Important

$o not use the P address of a $%& server that is provided by your &P as a

primary or alternate $%& server,99, Clic! 36to e.it,

92, f Internet Protocol 5ersion : "CP8IP%:/is selected/ clic! it/ and then clic! Properties,

Perform the same steps as for "CP@Pv;/ and then clic! 36and Close,

Note

t is not necessary to restart the computer at this time if you intend to chan#e the

2


24/33

computerBs name or domain membership in the follo*in# steps,

9, n Control Panel/ clic! System and &aintenance/ and then clic! System,

9;, nder Computer name4 domain4 and workgroup settings/ clic! Change settings,

2


25/33

9


26/33

9=, Clic! Domain/ and then type the name of the domain that you created in nstallin# and

Confi#urin# A$ $& and $%&,

98, f the Computer Name Changesdialo# bo. appears:

n ser Name/ type the domain name and user name of an account that has

permission to 5oin computers to the domain,

n Password/ type the pass*ord of the account, &eparate the domain name and

user name *ith a bac!slash/ for e.ample/ domainVuser_name,

9>, Clic! 36to close all dialo# bo.es,

Ad%anced DNS Configuration

n most cases/ deployin# Active $irectory $omain &ervices 'A$ $&(Winte#rated $omain %ame&ystem '$%&( on a small/ )indo*s1based net*or! re-uires little confi#uration beyond the initial

setup, ccasionally/ ho*ever/ you may have to perform additional confi#uration tas!s/ such as

addin# resource records to handle unusual situations or confi#urin# automatic removal of

outdated resource records,

2


27/33

Adding resource records3esource records store information about specific net*or! computers/ such as the names/ P

addresses/ and services that the computers provide, n most cases/ )indo*s1based computers

use dynamic update to update their resource records on $%& servers, "his dynamic update

process eliminates the need for an administrator to mana#e the resource records, Uo*ever/ if

your net*or! contains computers that are not )indo*s1based or if it contains computers that you

*ant to desi#nate to handle e1mail/ you may have to add host 'A( resource records to the 6one

on your $%& server,

Important

)hen the Active $irectory $omain &ervices nstallation )i6ard installs and confi#ures

$%& on the ne* domain controller/ it creates resource records that are necessary for the

correct operation of the $%& server on the domain controller, $o not remove or chan#e

these resource records, Chan#e or remove only those resource records that you add

yourself,

Uost 'A( resource records associate the $%& domain name of a computer 'or host( to its P

address, ou do not need to have a host 'A( resource record for all computers/ but you must have

one for any computer that shares resources on a net*or! and that must be identified by its $%&

domain name,

)indo*s 2000/ )indo*s DP/ and )indo*s &erver 200 clients and servers use the $ynamic

Uost Confi#uration Protocol '$UCP( Client service to dynamically re#ister and update their

host 'A( resource records in $%& *hen an P confi#uration chan#e occurs,

)indo*s ista and )indo*s &erver 2008 clients use the $%& Client service to dynamically

re#ister and update their host 'A( resource records in $%& *hen an P confi#uration chan#e

occurs,

ou can manually create a host 'A( resource record for a static "CP@P client computer 'or fora computer runnin# non1)indo*s operatin# systems( by usin# the $%& Mana#er

administrative tool,

"o add a host A/ resource record to a DNS +one

9, n the $%& server/ clic! Start/ point to Administrati%e "ools/ and then clic! DNS,

2, n the console tree/ ri#ht1clic! the applicable $%& 6one/ and then clic! New ;ost A/,

, n Name uses parent domain if blank// type the name of the computer 'host( for *hich

you are creatin# a host 'A( resource record,

;, n IP address/ type the address of the computer for *hich you *ant to create a host 'A(

resource record,

Important

Ma!e sure that you type the address correctly and that you assi#n it as a static

address 'not one that is assi#ned by $UCP(, f the address is incorrect or

chan#es/ client computers cannot use $%& to locate the host,

2


28/33

Automatically remo%ing outdated resourcerecords

"he ability of $UCP to re#ister host 'A( and pointer 'P"3( resource records automatically

*henever you add a ne* device to the net*or! simplifies net*or! administration, Uo*ever/ it hasone dra*bac!: unless you remove those resource records/ they remain in the $%& 6one

database indefinitely, Althou#h this is not a problem *ith static net*or!s/ it ne#atively affects

net*or!s that chan#e fre-uently 'for e.ample/ a net*or! to *hich you add or remove portable

computers( because the accumulation of resource records can prevent host names from bein#

reused,

ortunately/ $UCP services and the )indo*s &erver 2008 $%& server cooperate to help prevent

this problem from happenin#, ou can confi#ure the $%& server to trac! the a#e of each

dynamically1assi#ned record and to periodically remove records that are older than the number of

days that you specify, "his process is !no*n as scavenging,

"he a#e of a resource record is based on *hen it *as created or last updated, y default/

computers runnin# )indo*s send a re-uest to the $%& server to update their records every

2; hours,

Note

"o prevent unnecessary replication/ you can confi#ure the )indo*s &erver 2008 $%&

server to i#nore update re-uests for a period of time that you specify,

n this manner/ )indo*s1based computers notify the $%& server that they are still on the net*or!

and that their records are not sub5ect to scaven#in#,

ecause scaven#in# can cause problems on a net*or! if it is not confi#ured correctly/ )indo*s

&erver 2008 disables scaven#in# by default, )e recommend that you enable scaven#in# *ith

default settin#s if you fre-uently add computers to or remove computers from your net*or!,

"o enable sca%enging on a DNS ser%er

9, n the $%& server on *hich you *ant to enable scaven#in#/ clic! Start/ point to

Administrati%e "ools/ and then clic! DNS,

2, n the console tree/ clic! the applicable $%& server,

, n the Actionmenu/ clic! Properties,

;, Clic! the Ad%ancedtab/ select


29/33


30/33

=, n the Ser%er Aging8Sca%enging Confirmationdialo# bo./ select Apply these settings

to the e*isting Acti%e Directory-integrated +ones/ and then clic! 36,

"roubleshooting DNS

Most often/ $omain %ame &ystem '$%&( confi#uration problems are e.posed *hen one or more

$%& client computers cannot resolve host names,


31/33

"o troubleshoot $%& problems/ you must determine the scope of the problem, "o do this/ you use

the pingcommand on multiple clients to resolve the names of hosts on the intranet and the

nternet/ and to test overall net*or! connectivity, 3un the follo*in# commands on several $%&

client computers and *ith several tar#et computers/ and then note the results:

ping DNS_server_ip_address

ping internal_host_ip_address/ *here internal_host_ip_addressis the P address of a

computer that e.ists in the clientBs domain

ping internal_host_name/ *here internal_host_nameis the fully -ualified domain name

'X$%( of the computer

ping Internet_host_name/ *here Internet_host_nameis the name of a computer that e.ists

on the nternet,

Note

t is not important *hether an nternet computer responds to the pingcommand, )hat is

important is that $%& can resolve the name that you specify to an P address,

"he results of these tests su##est the nature of the problem, "he follo*in# table sho*s possible

results/ causes/ and solutions,

pin#command result Possible cause Possible solution

Multiple clients cannot

resolve any intranet or

nternet names

"his result su##ests that the

clients cannot access the

assi#ned $%& server, "his

mi#ht be the result of #eneral

net*or! problems/ particularly

if the pingcommand usin# P

addresses fails, ther*ise/ if

you have confi#ured the

clients to obtain $%& server

addresses automatically/ you

mi#ht not have confi#ured the

$ynamic Uost Confi#uration

Protocol '$UCP( servers on

the net*or! properly,

3evie* the confi#uration of the

$UCP servers on the net*or!,

Multiple clients cannot

resolve intranet names/ but

they can resolve nternetnames

"his result su##ests that host

'A( resource records/ or

records such as servicelocator '&3( resource

records/ do not e.ist in the

$%& 6one database, Also see

ne client only cannot

resolve intranet names/ only

nternet names,

Ensure that the appropriate

resource records e.ist and that

you have confi#ured the $%&server properly to receive

automatic updates, f the tar#et

host names are located in a

particular child 6one/ ensure that

you have confi#ured dele#ation of

that 6one properly, "o test


32/33

pin#command result Possible cause Possible solution

re#istration of records for a

domain controller/ use the

dcdiag 8test>dns 8%

8s>domain_controllercommand,


resolve any intranet or

nternet names

f the pingcommand usin# P

addresses fails/ this result

indicates that the client

computer cannot connect to

the net*or!, f the ping

command usin# P addresses

succeeds/ but the ping

command cannot resolve $%&

domain names/ the "CP@P

settin#s of the client may beincorrect,

Ensure that the client computer is

physically connected to the

net*or! and that the net*or!

adapter for the computer functions

properly/ or correct the "CP@P

settin#s/ as necessary,

"o correct the settin#s/ see

Confi#urin# Client &ettin#s,


resolve intranet names/ only

nternet names

f you previously confi#ured

the client computer to connect

directly to the nternet/ its

"CP@P properties mi#ht be

confi#ured to use an e.ternal

$%& server/ such as a $%&

server from an nternet service

provider '&P(, n most cases/

the client should not use a

$%& server from an &P as

either the preferred or

alternate $%& server because

the $%& server at the &P is

not able to resolve internal

names, sin# a $%& server

from an &P in the "CP@P

confi#uration of a client can

also cause problems *ith

conflictin# internal and

e.ternal namespaces,

"o correct the settin#s/ see

Confi#urin# Client &ettin#s,

f you have ruled out all of these potential problems for a particular client and still cannot resolve

$%& names/ use the procedures in Confi#urin# Client &ettin#sto verify the $%& client settin#s,

"hen/ at a command prompt/ type ipconfig 8allto vie* the current "CP@P confi#uration,

f the client does not have a valid "CP@P confi#uration/ you can perform one of the follo*in#

tas!s:


33/33

or dynamically confi#ured clients/ use the ipconfig 8renewcommand to manually force the

client to rene* its P address confi#uration *ith the $UCP server,

or statically confi#ured clients/ modify the client "CP@P properties to use valid confi#uration

settin#s or to complete its $%& confi#uration for the net*or!,

Date post:	02-Jun-2018
Category:	Documents
Upload:	jesseamaro77
View:	218 times
Download:	0 times

DNS in Small Networks Step-by-Step Guide.doc

Documents