Microsoft Official Course

Module 7

Implementing Domain Name System

Module Overview Name Resolution for Windows Clients and Servers Installing and Managing a DNS Server
Managing DNS Zones

Lesson 1 Name Resolution for Windows Clients and Servers W!at "re Computer Names# W!at Is DNS# DNS Zones and Re$ords %ow Internet DNS Names "re Resolved W!at Is Lin&Lo$al Multi$ast Name Resolution# %ow a Client Resolves a Name
'rou(les!ooting Name Resolution

W!at "re Computer Names#

Name Description
)p to *++ $!ara$ters long Can $ontain alp!a(eti$ and numeri$

Host name

$!ara$ters, periods, and !yp!ens -art of ./DN

Represent a single $omputer or

group of $omputers 1+ $!ara$ters used for t!e name 10t! $!ara$ter identifies servi$e NetBIOS name .lat namespa$e

W!at Is DNS#
DNS $an (e used to Resolve !ost names to I- addresses Lo$ate domain $ontrollers and glo(al $atalog servers Resolve I- addresses to !ost names Lo$ate mail servers during email delivery

DNS Zones and Re$ords

" DNS 1one is a spe$ifi$ portion of DNS namespa$e t!at $ontains DNS re$ords

Zone types .orward loo&up 1one Reverse loo&up 1one Resour$e re$ords in forward loo&up 1ones in$lude ", M2, SR3, NS, SO", and CN"M4 Resour$e re$ords in reverse loo&up 1ones in$lude -'R

%ow Internet DNS Names "re Resolved

)icroso%t.com DNS ser!er .com DNS ser!er W"at is t"e I# a$$ress o% &&&.microso%t.com' (oot DNS ser!er Loca DNS ser!er

207.46.230.219 Workstation

W!at Is Lin&Lo$al Multi$ast Name Resolution#

LLMNR is an additional met!od for name resolution t!at does not use DNS or WINS
LLMNR is designed for I-v0 Wor&s only on Windows 3ista, Windows Server

*556, and all newer Windows operating systems

Networ& Dis$overy must (e ena(led Can (e $ontrolled via 7roup -oli$y

%ow a Client Resolves a Name

18 Lo$al %ost Name 68 Lm!osts .ile :8 9road$ast 08 WINS Server +8 Net9IOS Name Ca$!e

*8 DNS Resolver Ca$!e ; %osts file $ontent <8 DNS Server =8 LLMNR

'rou(les!ooting Name Resolution

Common tools for trou(les!ooting name resolution are
Nsloo&up Dns$md Dnslint Ip$onfig DNS Server Monitoring

Consider using t!e new $mdlets in Windows

-owerS!ell to manage and trou(les!oot DNS

"lways $lear DNS resolver $a$!e (efore

trou(les!ooting
)se t!e !osts file for trou(les!ooting Isolate pro(lem

Lesson * Installing and Managing a DNS Server W!at "re t!e Components of a DNS Solution# W!at "re Root %ints# W!at "re DNS /ueries# W!at Is .orwarding# %ow DNS Server Ca$!ing Wor&s %ow to Install t!e DNS Server Role
Demonstration Installing t!e DNS Server Role

W!at "re t!e Components of a DNS Solution#

Resour$e Re$ord Root >8?

8$om Resour$e Re$ord DNS Resolvers DNS Servers 8edu

DNS Servers on t!e Internet

W!at "re Root %ints#

Root hints $ontain t!e I- addresses for DNS root servers DNS Servers Root @8A Servers Root %ints

Client

DNS Server

$om mi$rosoft

W!at "re DNS /ueries#

"n iterative Buery dire$ted to a DNS server may (e /ueries are re$ursive or iterative answered wit! a referral to anot!er DNS server " DNS $lients and DNS servers initiate Bueries recursive is sent to a DNS server and Lo$al DNSquery Root !int @8A Iterative Buery server reBuires DNS servers are aut!oritative a $omplete answer or nonaut!oritative for a "s& 8$om namespa$e Iterativ e Bue "n aut!oritativemail18$ontoso8$om DNS server for t!e ry namespa$e 8$omwill "s& $ ontos eit!er o8$o
Re$ ma ursiv il18$ e B ont uery oso 8$o m 1:* 810 80= 811

Return t!e reBuested I- address Iter ativ "u t eB ! Return an aut!oritative >No? orit uer ativ Data*ase y e re " nonaut!oritative 172.16.64.11 DNS server for s t!e will pon namespa$e $ontoso8$om se

eit!er

DNS $lient

C!e$& its $a$!e )se forwarders $lient )se root !ints

Lo$al DNS server

W!at Is .orwarding#
" forwarder is a DNS server designated to using resolve eCternal Conditional forwarding forwards reBuests a domain or offsite DNS domain names name $ondition Buery "ll Iterative ot!er DNS domains .orwarder "s& 8$om Lo$al DNS Iterativ e Bue ry "s& $ $o ontos nto o8$om s Io te 8$ ro am tive "ut Bue !or ry itati ve r 1<181 esp 5:858 ons 11 e Re$ur si mail18 ve Buery fo $onto r so8$om Lo$al DNS server $lient
/u ww ery R w8 for e$u $o rsi nto ve s Bu 1< o8$ er 181 o y 5: m
858 11

Root !int @8A ISDNS

.com

$ontoso8$om

Client $omputer

$ontoso8$om DNS

%ow DNS Server Ca$!ing Wor&s

DNS server $a$!e %ost name I- address ''L *6 se$onds Server"8$ontoso8$om 1<1815:858==

Server" is at W!ereDs 1<1815:858= Server" = #

Client1 Client*

Server" W!ereDs Server" is at Server" 1<1815:858== #

%ow to Install t!e DNS Server Role

DNS Server Installation Met!ods Server Manager "$tive Dire$tory Domain Servi$es Installation Wi1ard 'ools availa(le to manage DNS Server DNS Manager SnapEIn Server Manager DNS Manager $onsole @dnsmgmt8ms$A DNSCmd $ommandEline tool Windows -owers!ell Remote Server "dministrative tools

Demonstration Installing t!e DNS Server Role

In t!is demonstration, you will see !ow to
Install a se$ond DNS Configure forwarding

server

Lesson < Managing DNS Zones W!at "re DNS Zone 'ypes# W!at "re Dynami$ )pdates# W!at "re "$tive Dire$toryFIntegrated Zones#
Demonstration Creating an "$tive Dire$toryF

Integrated Zone

W!at "re DNS Zone 'ypes#

+ones -rimary Se$ondary Stu( "$tive Dire$toryF integrated Description Read;write $opy of a DNS data(ase ReadEonly $opy of a DNS data(ase Copy of a 1one t!at $ontains only re$ords used to lo$ate name servers Zone data is stored in "D DS rat!er t!an in 1one files

W!at "re Dynami$ )pdates#

18 Client sends SO" Buery *8 DNS server returns SO" resour$e re$ord <8 Client sends dynami$ update reBuest@sA to identify t!e primary DNS server =8 DNS server responds t!at it $an perform update +8 Client sends unse$ured update to DNS server 1 2 3 4 5 6 7 08 If 1one permits only se$ure updates, update is refused :8 Client sends se$ured (eso,rce DNS update to DNS server (ecor$s Ser!er

W!at "re "$tive Dire$toryFIntegrated Zones#

9enefits of an "$tive Dire$toryFintegrated 1one in$lude "llows multimaster writes to 1one Repli$ates DNS 1one information (y using "D DS repli$ation Leverages effi$ient repli$ation topology )ses effi$ient in$remental updates for "$tive Dire$tory repli$ation pro$esses 4na(les se$ure dynami$ updates Se$urity Can delegate 1ones, domains, resour$e re$ords
contoso.com hqdc01 filesvr01 desktop101 zone

Demonstration Creating an "$tive Dire$toryF Integrated Zone

In t!is demonstration, you will see !ow to
-romote a server as

a domain $ontroller

Create an "$tive Dire$toryFintegrated 1one Create a re$ord 3erify repli$ation to a se$ond DNS

server

La( Implementing DNS 4Cer$ise 1 Installing and Configuring DNS 4Cer$ise * Creating %ost Re$ords in DNS
4Cer$ise < Managing t!e DNS Server Ca$!e

Logon Information 3irtual ma$!ines *5=159GLONGDC1 *5=159GLONGS3R1 *5=159GLONGCL1 )ser name -$at,m.-$ministrator -assword #a//&0r$ 4stimated 'ime =5 minutes

La( S$enario
"8 Datum Corporation !as an I' offi$e and data $enter in London, w!i$! supports t!e London lo$ation and ot!er lo$ations8 "8 Datum !as re$ently deployed a Windows *51* Server infrastru$ture wit! Windows 6 $lients8 Hou need to $onfigure t!e infrastru$ture servi$e for a new (ran$! offi$e8 Hour manager !as as&ed you to $onfigure t!e domain $ontroller in t!e (ran$! offi$e as a DNS server8 Hou !ave also (een as&ed to $reate some new !ost re$ords to support a new appli$ation t!at is (eing installed8 .inally, you need to $onfigure forwarding on t!e DNS server in t!e (ran$! offi$e to support Internet name resolution8

La( Review Can you install t!e DNS server role on a server t!at is not a domain $ontroller# If yes, are t!ere any limitations# W!at is t!e most $ommon way to $arry out Internet name resolution on a lo$al DNS#
%ow $an you (rowse t!e $ontent of t!e DNS

resolver $a$!e on a DNS server#

Module Review and 'a&eaways Review /uestions 'ools 9est -ra$ti$e

Common Issues and 'rou(les!ooting 'ips