Configure DNS records, zones and conditional forwarding

20411B Module 02 Lab 1: Configuring and Troubleshooting DNS: Full
Objetivo
The objectives of this lab are to learn how to:
Configure DNS resource records
Configure DNS conditional forwarding
Install and configure DNS zones
Troubleshoot DNS
Panorama
A. Datum is a global engineering and manufacturing company with its head office in London, UK. An IT office and a
data center are located in London to support the head office and other locations. A. Datum has recently deployed a
Windows Server 2012 server and client infrastructure.
You have been asked to add several new resource records to the DNS service installed on LON-DC1. Records include
a new MX record for Exchange Server 2010 and a SRV record for a Microsoft Lync deployment that is occurring.
A. Datum is working with a partner organization, Contoso, Ltd. You have been asked to configure internal name
resolution between the two organizations. A small branch office has reported that name resolution performance is
poor. The branch office contains a Windows Server 2012 server that performs several roles. However, there is no
plan to implement an additional domain controller. You have been asked to install the DNS server role at the branch
office and create a secondary zone of Adatum.com. To maintain security, you have been instructed to configure the
branch office server to be on the Notify list for Adatum.com zone transfers. You also should update all branch office
clients to use the new name server in the branch office.
You should configure the new DNS server role to perform standard aging and scavenging, as necessary and as
specified by corporate policy. After implementing the new server, you need to test and verify the configuration by
using standard DNS troubleshooting tools.
Mquinas virtuales
Las mquinas virtuales siguientes se requieren para la terminacin de este laboratorio:
1. 20411B-LON-DC1
2. 20411B-LON-SVR1
3. 20411B-LON-CL1
Ejercicio I: Configuring DNS Resource Records
In this exercise you will learn how to:
Add the required MX record
Add the required Lync server records
Create the reverse lookup zone
Scenario
You have been asked to add several new resource records to the DNS service installed on LON-DC1. Records include
a new MX record for Exchange Server 2010, and a SRV record required for a Lync deployment that is taking place
currently. You have also been asked to configure a reverse lookup zone for the domain.
1. Activate Windows Logon
Press Ctrl + Alt + End to activate the Windows Logon screen.
Pgina 1 de 9 Lab Manual -- 20411B Module 02 Lab 1: Configuring and Troubleshooting DNS: F...
18/02/2014 https://lod.ttsc.net/labprofile/manual/12335
You need to activate the Ctrl + Alt + Delete sequence to bring up the logon page. You can do this in
one of two ways:
1. By pressing Ctrl + Alt + End within the virtual machine.
2. By selecting Ctrl + Alt + Del from the Machine Commands menu in the upper-right hand
corner of the screen.
2. Sign In to LON-DC1
Sign in to 20411B-LON-DC1 as Adatum\ Administrator with the following password: Pa$$w0rd and
press Enter.
Note: You may also use the Machine Commands menu to automatically paste the virtual machine
default Password (Pa$$w0rd).
3. Open DNS
In Server Manager, click Tools, and then click DNS.
4. Create New Host Record
In DNS Manager, expand LON-DC1, expand Forward Lookup Zones, and then click
Adatum.com. Right-click Adatum.com, and then click New host (A or AAAA).
5. Set Address for Mail1
In the New Host dialog box, in the Name box, type: Mail1. In the IP address box, type: 172.16.0.250
and then click Add Host.
6. Acknowledge Success
In the DNS dialog box, click OK.
7. Close New Host Dialog
In the New Host dialog box, click Done.
8. Create New Mail Exchanger (MX)
Right-click Adatum.com, and then click New Mail Exchanger (MX).
9. Set FQDN of Mail Server: Mail1.Adatum.com
In the New Resource Record dialog box, in the Fully qualified domain name (FQDN) of mail server
box, type: Mail1.Adatum.com and then click OK.
10. Create New Host Record
Right-click Adatum.com, and then click New host (A or AAAA).
11. Set Address for Lync-svr1
In the New Host dialog box, in the Name box, type: Lync-svr1. In the IP address box, type:
172.16.0.251 and then click Add Host.
12. Acknowledge Success
In the DNS dialog box, click OK.
13. Close New Host Dialog
In the New Host dialog box, click Done.
14. Access Other Record Types
Right-click Adatum.com, and then click Other New Records.
Create SRV Record
In the Resource Record Type dialog box, in the Select a resource record type list, click Service
Location (SRV), and then click Create Record.
16. Set SRV Attributes
In the New Resource Record dialog box, in the Service box, type: _sipinternaltls. In the Protocol
box, type: _tcp. In Port Number, type: 5061. In the Host offering this service box, type: Lync-
svr1.adatum.com. Click OK, and then click Done.
17. Start Reverse Lookup Zone Wizard
In DNS Manager, in the navigation pane, click Reverse Lookup Zones. Right-click Reverse Lookup
Zones, and then click New Zone.
18. Advance Wizard
In the New Zone Wizard, click Next.
19. Set Primary Zone Type
On the Zone Typepage, click Primary zone, and then click Next.
20. Accept AD Replication Scope
On the Active Directory Zone Replication Scope page, click Next.
21. Set IPv4 Reverse Lookup Zone
On the Reverse Lookup Zone Namepage, click I Pv4 Reverse Lookup Zone, and then click Next.
22. Set Network ID: 172.16.0
On the second Reverse Lookup Zone Name page, in the Network ID: box, type: 172.16.0 and then
click Next.
23. Accept Dynamic Update Default
On the Dynamic Update page, click Next.
24. Finish Wizard
On the Completing the New Zone Wizard page, click Finish.
Congratulations!
You have now successfully learned how to:
Add the required MX record
Add the required Lync server records
Create the reverse lookup zone
Click Continue to advance to the next exercise.
Ejercicio II : Configuring DNS Conditional Forwarding
Add the conditional forwarding record for contoso.com
Scenario
You have been asked to configure internal name resolution between A. Datum Corporation and its partner
organization, Contoso Ltd.
1. Create Conditional Forwarder
In DNS, in the navigation pane, click Conditional Forwarders. Right-click Conditional Forwarders, and
then click New Conditional Forwarder.
2. Set Domain and IP Address
In the New Conditional Forwarder dialog box, in the DNS Domain box, type: contoso.com. Click in
the <Click here to add an IP address or DNS Name> box. Type: 131.107.1.2 and then press Enter.
Validation will fail since the server cannot be contacted.
3. Store Conditional Forwarder in AD
Select the Store this conditional forwarder in Active Directory, and replicate it as follows check
box. Click OK.
Congratulations!
Add the conditional forwarding record for contoso.com
Ejercicio II I : Installing and Configuring DNS Zones
Install the DNS server role on LON-SVR1
Create the required secondary zones on LON-SVR1
Enable and configure zone transfers
Configure TTL, aging, and scavenging
Configure clients to use the new name server
Scenario
A small branch office has reported that name resolution performance is poor. The branch office contains a Windows
Server 2012 Server that performs several roles. However, there is no plan to implement an additional domain
controller. You have been asked to install the DNS server role at the branch office, and then create a secondary zone
of Adatum.com. To maintain security, you also have been instructed to configure the branch office server to be on
the Notify list for Adatum.com zone transfers. You also should update all branch office clients to use the new name
server in the branch office, and then configure the new DNS server role to perform standard aging and scavenging,
as needed and specified by corporate policy.
1. Switch to LON-SVR1
Switch to LON-SVR1 by clicking on the Activate Machine icon to the left of the Done button.
You can also select the machine using the Machines panel.
one of two ways:
3. Sign In to LON-SVR1
Sign in to 20411B-LON-SVR1 as Adatum\ Administrator with the following password: Pa$$w0rd and
press Enter.
4. Start Add Roles Wizard
In Server Manager, in the navigation pane, click Dashboard, and then in the details pane, click Add
roles and features.
5. Advance Wizard
In the Add Roles and Features Wizard, click Next.
6. Set Role-based Installation
On the Select installation type page, click Role-based or feature-based installation, and then click
Next.
7. Accept Destination Server
On the Select destination server page, click Next.
8. Add DNS Server Role and Features
On the Select server roles page, in the Roles list, select the DNS Server check box. In the Add Roles
and Features Wizard dialog box, click Add Features.
9. Advance Wizard
On the Select server roles page, click Next.
10. Accept Default Features
On the Select features page, click Next.
11. Review DNS Information
On the DNS Server page, click Next.
12. Install DNS Server Role and Features
On the Confirm installation selections page, click Install.
13. Close Wizard
After the role is installed, click Close.
14. Access Start Screen
Pause your mouse pointer in the lower left of the display, and then click Start.
15. Open Command Prompt
From Start, type: cmd.exe and then press Enter.
16. Create Secondary Zone
At the command prompt, type the following command, and then press Enter:
Dnscmd.exe / zoneadd Adatum.com / secondary 172.16.0.10
17. Open DNS
In Server Manager, click Tools, and then click DNS.
18. Verify New Zone
In DNS Manager, in the navigation pane, expand LON-SVR1, and then click Forward Lookup Zones.
Notice the new zone.
Switch to LON-DC1
Switch to LON-DC1 by clicking on the Activate Machine icon to the left of the Done button.
20. Access Start Screen
Pause your mouse pointer in the lower-left of the display, and then click Start.
21. Open Command Prompt
From Start, type: cmd.exe and then press Enter.
22. Reset Secondary Zone
At the command prompt, type the following command, and then press Enter:
Dnscmd.exe / zoneresetsecondaries Adatum.com / notifylist 172.16.0.21
23. Refresh Adatum.com
In DNS Manager, in the navigation pane, click Adatum.com, and then on the toolbar, click Refresh.
24. Open Adatum.com Properties
Right-click Adatum.com, and then click Properties.
25. Verify Server to be Notified
In the Adatum.com Properties dialog box, click the Zone Transfers tab. Click Notify, and verify that
the server 172.16.0.21 is listed. Click Cancel.
26. Close Adatum.com Properties
Click OK to close the Adatum.com Properties dialog box.
27. Reopen Adatum.com Properties
In DNS Manager, right-click Adatum.com, and then click Properties.
28. Set Minimum TTL to 2 Hours
In the Adatum.com Properties dialog box, click the Start of Authority (SOA) tab. In the Minimum
(default) TTL box, type: 2 and then click OK.
29. Open Set Aging/ Scavenging
Right-click LON-DC1, and then click Set Aging/ Scavenging for All Zones.
30. Scavenge Stale Resource Records
In the Set Aging/ Scavenging Properties dialog box, select the Scavenge stale resource records
check box, and then click OK.
31. Apply to Existing AD-Integrated Zones
In the Server Aging/ Scavenging Confirmation dialog box, select the Apply these settings to the
existing Active Directory-integrated zones check box, and then click OK.
32. Switch to LON-CL1
Switch to LON-CL1 by clicking on the Activate Machine icon to the left of the Done button.
one of two ways:
34. Sign In to LON-CL1
Sign in to 20411B-LON-CL1 as Adatum\ Administrator with the following password: Pa$$w0rd and
press Enter.
35. Access Control Panel
On the Start screen, type: Control and then click Control Panel.
36. Open Network and Internet
In Control Panel, click Network and Internet.
37. Open Network and Sharing Center
In Network and Internet, click Network and Sharing Center.
38. Access Local Area Connection
In Network and Sharing Center, to the right of the Adatum.com Domain network, click Local Area
Connection.
39. Open LAC Properties
In the Local Area Connection Status dialog box, click Properties.
40. Open TCP/ IPv4 Properties
Click Internet Protocol Version 4 (TCP/ IPv4), and then click Properties.
41. Set Preferred DNS Server Address
In the I nternet Protocol Version 4 (TCP/ IPv4) Properties dialog box, in the Preferred DNS server
box, type: 172.16.0.21 and then click OK.
42. Close LAC Properties
In the Local Area Connection Properties dialog box, click Close.
43. Close Status Dialog Box
In the Local Area Connection Status dialog box, click Close.
Congratulations!
Install the DNS server role on LON-SVR1
Create the required secondary zones on LON-SVR1
Enable and configure zone transfers
Configure TTL, aging, and scavenging
Configure clients to use the new name server
Ejercicio IV: Troubleshooting DNS
Test simple and recursive queries
Verify start-of-authority (SOA) resource records with Windows PowerShell
Scenario
After implementing the new server, you need to test and verify the configuration by using standard DNS
troubleshooting tools.
1. Switch to LON-DC1
Switch to LON-DC1 by clicking on the Activate Machine icon to the left of the Done button.
2. Open LON-DC1 Properties
In DNS Manager, in the navigation pane, right-click LON-DC1, and then click Properties.
3. Test Simple Query
Click the Monitoringtab. On the Monitoring tab, select A simple query against this DNS server, and
then click Test Now.
4. Test Recursive Query
On the Monitoring tab, select A recursive query to other DNS servers, and then click Test Now.
Notice that the Recursive test fails for LON-DC1, which is normal given that there are no forwarders
configured for this DNS server to use.
5. Stop DNS Service
In the Command Prompt window, at the command prompt, type the following command, and then
press Enter:
sc stop dns
6. Test Queries Again
Switch back to DNS Manager. In DNS Manager, in the LON-DC1 Properties dialog box, on the
Monitoring tab, click Test Now. Now, both simple and recursive tests fail because no DNS server is
available.
7. Start DNS Service
Switch to the command prompt. At the command prompt, type the following command, and then press
Enter:
sc start dns
8. Retest Queries
Switch back to DNS Manager. On the Monitoring tab, click Test Now. The simple test completes
successfully.
9. Close LON-DC1 Properties
Close the LON-DC1 Properties dialog box.
10. Open PowerShell
On the taskbar, click Windows PowerShell.
11. Verify SOA Records
At the Windows PowerShell prompt, type the following command, and then press Enter:
resolve-dnsname name Adatum.com type SOA
12. Close All Windows
Close all open windows.
Congratulations!
Test simple and recursive queries
Verify start-of-authority (SOA) resource records with Windows PowerShell
Click Continue to close and finalize this lab.

Configure DNS records, zones and conditional forwarding

Încărcat de

Informații document

Descriere originală:

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Configure DNS records, zones and conditional forwarding

Încărcat de

Drepturi de autor:

Formate disponibile

20411B Module 02 Lab 1: Configuring and Troubleshooting DNS: Full

S-ar putea să vă placă și