Windows DNS Zone Demonstration

Подписаться 214 тыс.

Просмотров 82 тыс.

0% 0

This video will look at how to create primary, secondary, stub zones, and reverse look up zones using Microsoft DNS server. Check out / itfreetraining or itfreetraining.com for more of our always free training videos. The video also looks at how to replicate changes between different zones. By the end of video you will be able to create the correct zone for your replication needs inside your company and also to external companies.
Download the PDF handout ITFreeTraining.com/handouts/dn...
Demonstration
This video uses Remote Server Administration Tools (RSAT) on Windows 8. To install, see the following link. itfreetraining.com/tools
1. To open DNS Manager, open charms by moving the mouse to the top right hand corner of the screen and then perform a search for dnsmgmt.msc
2. If you receive a prompt for the server, enter the name of the server that is running DNS. In this case, DNS is running on the Domain Controller NYDC1.
3. When you expand down through DNS Manager, there is a section called Forward Lookup Zones. This section will contain all zones except for reverse look up zones. In this case, a domain exists so the zone ITFreeTraining.local has automatically been created and DNS records have been added to it. To find out more information about a particular zone, right click the zone and select properties.
4. In the properties of the zone, at the top is section called type. This will tell you if the zone is Active Directory Integrated, Primary, Secondary or Stub zone. If you want to change the type of zone, press the button "change" next to it.
5. On the change zone type "dialog", if you un-tick the option "Store the zone in Active Directory (available only if DNS server is a domain controller)", this will remove the zone from Active Directory and store it in a text file. If the zone file is stored in Active Directory, it will be available from any Domain Controller in the domain that has DNS installed on it. It may also be available to other Domain Controllers with DNS installed on them if the replication for the DNS zone is configured for forest wide replication.
6. If a zone is changed so it not stored in Active Directory, dynamic updates will be changed to none. Secure dynamic updates are only available for Active Directory Integrated zones. If you have a non- Active Directory Integrated zone, it can only support secure updates if non-secure updates are allowed as well.
7. To connect to another Windows DNS server, right click DNS at the top and select the option "Connect to DNS Server" and then enter in the name of the computer that you want to connect to.
8. To create a new zone, right click on Forward Lookup Zones and select the option "new zone" to launch the new zone wizard. From the wizard, select the zone that you want, these can be primary zone, secondary zone, or stub zone. If the option "Store the zone in Active Directory (available on only if DNS server is a writeable domain controller" is grayed out, DNS is not installed on a server that is a Domain Controller.
9. If you are creating a new secondary zone, the wizard will ask for the name of the DNS zone and then ask for an IP Address of a master zone. This can be any DNS server that has a copy of the DNS zone and does not matter if it is Active Directory Integrated, Primary or Secondary. If you receive an error message stating "Validation error, please try again later" it is most likely that the other DNS server has not been configured to replicate zone data.
10. To configure a zone to allow zone transfers, right click the zone and select properties. From here, select the tab "zone transfers". In order to allow other DNS servers to transfer zone data from that zone, the option "Allow zone transfers" needs to be ticked. By default this option is not ticked. There are 3 different options available. These are, "To any server", "only to servers listed on the Name Servers tab" and "Only to the following server". If you select the option "to any server", this will allow zone transfers to anyone who asks for it. This can be used by a hacker to gain information about the network, called foot printing. If your DNS server is behind a firewall, this may be an acceptable security risk. If the option "Only to servers listed on the Name Server tab" is selected, then only DNS servers that are listed on the Name Server Tab in the properties for that zone will be allowed to receive zone transfers.
Description to long for RU-vid. Please see the following link for the rest of description.
itfreetraining.com/dns#zone-demo
See / itfreetraining or itfreetraining.com for our always free training videos. This is only one video from the many free courses available on RU-vid.
References
"Name server" en.wikipedia.org/wiki/Name_se...

Опубликовано:

21 июл 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 37

@tony6626 Год назад

Still relevant to this day and fundamental information that is missed in training. Always loved your videos and regularly come back to them for a refresher. Thanks so much for sharing.

@itfreetraining Год назад

I appreciate that!

@davidadams2395 8 лет назад

Fantastic video! But I'll have to watch again just to fully integrate the information, as you cover much that's above my head. I'm only just learning server administration and, though DNS is straightforward, there is a lot of information to learn.

@itfreetraining 8 лет назад

+David Adams There is quite a lot to Windows Server so do not worry. Thanks for watching!

@muhammadsafdar189 4 года назад

Indeed, the best video i have ever seen on dns. Thank you soo much for sharing such quality info with us free of cast

@itfreetraining 4 года назад

Glad you liked it

@tristanchef1 10 лет назад

Top notch video again, thank you!

@itfreetraining 10 лет назад

Thanks very much, glad you like the video.

@eliaszeray7981 4 года назад

Great explanation and please,feed us such kind of video on powerdns on Linux machine. Thank u.

@littleboygir 8 лет назад

Another great video!!

@itfreetraining 8 лет назад

+Christopher Bell Thanks very much!

@vincentirudayaraj6747 5 лет назад

Thanks.. Very Helpful!

@itfreetraining 5 лет назад

You're very welcome!

@TokyoUnderworld 5 лет назад

at <a href="#" class="seekto" data-time="240">4:00</a> , you don't click "apply". is this on purpose not to save the changes?

@harryelow 8 лет назад

GREAT video!

@itfreetraining 8 лет назад

+Series Thanks!

@alihaleem2705 6 лет назад

thanks ..great video

@itfreetraining 6 лет назад

Thank you for the excellent feedback!

@aualex1472 9 лет назад

great video! May I ask two questions please? 1.How do I setup a secondary domain with DNS server which replicate the primary dc? 2. If I setup 2 primary zones in forward zone, the host A record will be updated on both or it will be updated on one of them only (Assuming i have a host desktop resolved a www.google.com via the dns server) Thanks

@itfreetraining 9 лет назад

Au Alex If you are using Active Directory Integrated zones, each DNS install on a Domain Controller will have a primary zone. These will replicate automatically to all other server using Active Directory replication. When you configure a secondary zone, it will ask which server you want to replicate from. You can change it later on if you need to.

@truthoflife4378 3 года назад

Well explained keep I li up!

@itfreetraining 2 года назад

Thanks, will do!

@calebpanahon6187 10 лет назад

Hi Sir, Correct me please if Im wrong.. Can we consider this secondary zone as our alternate dns server since it holds the up to date copy of zone file? Thank you very much for this videos.

@itfreetraining 10 лет назад

Yes you can. Assuming it is up to date it can answer queries just as well as the primary can. It is quite common for one of the DNS servers on a client to be configured to the primary and the other DNS server configured to a secondary DNS server. Or both configured on the client to secondary DNS servers, depending on how your network is setup.

@Construction-agencyCoUk 7 лет назад

Great vid

@itfreetraining 7 лет назад

Thanks!

@k.chriscaldwell4141 6 лет назад

Thank you. Would it be possible to publish somewhere the configuration of the test network used in this video? I would like to replicate it in my lab. I have become lost stopping and starting to attempt the configuration of my network to duplicate yours. Regardless, thank you for the tutorial.

@itfreetraining 6 лет назад

Here is the network map itfreetraining.com/handouts/lab/network-map.pdf If you want to set up a virtual home router, have a look at our home router course. itfreetraining.com/lab/index

@k.chriscaldwell4141 6 лет назад

Thanks so much. Cheers.

@sunil122345 9 лет назад

How can DNS validate whether that particular name server is an Authoritative server or not. Since you got an error while adding a name server "The server with this IP addresses is not an authoritative for the required zone" I'm bit confused here.

@itfreetraining 9 лет назад

Sunil Kumar In the DNS zone there is an SOA record. This record defines the authority DNS server.

@Dkcode 6 лет назад

Thanks bro

@itfreetraining 6 лет назад

You're most welcome!

@fernandodicarlo2524 8 лет назад

Sir, what is the video about "DHCP provides updates to client that cannot use secure update"?

@itfreetraining 8 лет назад

+Fernando Di Carlo The video series on DHCP has not been released yet.

@tytyprada 5 лет назад

@@itfreetraining Is the DHCP course coming out?

@itfreetraining3035 10 лет назад

DNS is running on Windows Server 2012 or Windows Server 2012 R2. Windows 8 is only used to perform remote administration. The procedure used in this demo will work on Windows Server 2000, 2003, 2008, 2012 as nothing in DNS and changed. I guess we could put something at the start of the video saying the video applies to all OS's. We will update the playlist and web site once enough of the DNS course is done. We got to many complains about releasing the intro videos before the course was finished.