Microsoft_DNS_Server by wuyunyi


									    Training                Installing and Setting up Microsoft DNS Server


Versions Used
    •   Windows Server 2003

Setup Used
                    i.   Server Name = martini 
                   ii.   Credentials:  User = “Administrator” , Password = “password” 
                  iii.   IP Address:   
                  iv.    AD Setup: AD Domain Name = 
                   v.    AD Setup: NetBIOS Domain Name= echofloor 

As this Training involves changing TCP/IP Settings, knowledge of TCP/IP is the next requirement. In this Tech Note
Microsoft terms will be used without explanation.
   CATEGORY                 Title
                            Installing Active Directory

Task List
    •   Install Windows 2003
    •   Prepare Windows 2003 Server
    •   Prepare TCP/IP Settings
    •   Install DNS
    •   Setup DNS

Install Windows 2003
This Training assumes Windows 2003 Server is installed and that all drivers have been installed. Make sure that either a
copy of the I386 Directory from the Windows Server installation CD on the local hard drive remains, or the Windows
Server installation CD is in the CD Drive.

A DNS Server must have a fixed IP so make sure that the server does not get an IP from a DHCP server. The server
must be able to reach the Internet but DNS settings are not required as the server will be its own DNS server.
Prepare Windows 2003
The first step for installing DNS Server is to set the computer name and Primary DNS Suffix.
The computer name and Primary DNS Suffix must be set from System Properties.

    •   From System Properties go to the Computer Name tab. On this tab the full computer name and the workgroup
        can be seen. Workgroup name is not important, as this will not be used;
    •   Computer name, membership and Primary DNS Suffix can be changed by clicking the Change button;
    •   The More button brings up the DNS Suffix and NetBIOS Computer Name dialog;
    •   In the Primary DNS Suffix of this computer field the Domain Name to be used by your DNS Server must be filled
        in; e.g.,;
    •   After applying these setting the server needs to be restarted.

Note: Without a restart the Server will not get the new server name and / or DNS Suffix. This will result in the failure of the
DNS server that has to be installed later in this Training.
Prepare TCP/IP Settings
Once the proper name and DNS Suffix are setup, some adjustments have to be made to the TCP/IP settings. For this go
to the properties of the Primary Local Area Connection in Network Connections.

    •   Select Internet Protocol (TCP/IP) and click the Properties button;
    •   Make sure that the server has a static IP address and a Default Gateway. For Preferred DNS Server, fill in the
        server’s IP address.

These settings will point all DNS requests from your server to its own DNS and WINS server. Without these settings your
server will not be able to register itself in its own DNS tables.
Install DNS
DNS (Domain Name System) Server is an installable windows component and needs to be installed via Add/Remove
Programs from Control Panel.

    •   From Windows Components select Networking Services;
    •   Click Details to select the Networking Services you want to install;
    •   Select Domain Name System (DNS).

                               To install Windows Components, the I386 Directory from the Original Windows Server
                               2003 is needed. If the CD is not in the CD Drive, a popup will allow you to select the
                               location of the I386 directory.

Once installation is complete, two additional Services and two additional Administrative Tools can be found on the server.
Setup DNS
DNS setup consists of multiple steps:
-Setup DNS server properties;
-Setup Forward Lookup Zone;
-Setup Reverse Lookup Zone;
-Add DNS records.

Microsoft DNS Server is configured via DNS Manager. DNS Manager can be launched via the DNS shortcut within
Administrative Tools.
Setup DNS Server properties

By default DNS server settings are set for normal operations and do not have to be changed. In some circumstances
modifications are needed.

DNS Server by default listens for DNS queries on all IP addresses. When needed this can be limited to a single or
multiple IP addresses. Be aware that changes here need to be reflected in TCP/IP settings.
By default DNS server uses Root Hints to resolve external domain names. In some circumstances the DNS server needs
to forward its DNS queries to a specific server. This can be configured on the Forwarders tab.
Forwarders can be configured for all domains, or for a specific domain. This is called conditional forwarding.

Examples when forwarding need to be used:
-DNS queries need to be forwarded to the Internet Service Provider’s DNS
       Some ISPs block outbound DNS queries, and only allow outbound
       DNS queries to be targeted at their DNS servers. In this case
       forwarder IP addresses need to be configured for all domains.

-DNS queries for a certain domain need to be forwarded to an internal DNS
       In some cases access to an internal DNS server for domain is
       available. For example a VPN tunnel to SonicWALL is available and
       internal DNS needs to be used. In this case a DNS domain needs to
       be added. For this domain the internal DNS servers will be used as
       forwarder IP for this domain.

Note: Windows 2000 DNS server can not do conditional forwarding.
Create Forward Lookup Zone

After configuring DNS server settings the next step is to setup a Forward Lookup Zone. This can be
done by selecting and right clicking Forward Lookup Zones and choosing the New Zone option.

This will launch the New Zone Wizard

   •   The first step is to select the Zone Type. Select Primary Zone;

   •   For Zone Name, fill in the Domain Name needed for the Domain -- in this case;
   •   For Zone File, leave the option on Create a new file and leave the filename as it is;
   •   On the Dynamic Update option, choose to Allow both nonsecure and secure option for an internal DNS server
       and Do not allow dynamic updates for a public DNS server.

Completing the New Zone Wizard will create the Forward Lookup Zone.
Create Reverse Lookup Zone

Once the Forward Lookup Zone is created, the next step is to create a Reverse Lookup Zone.

The steps to create a Reverse Lookup Zone are very similar to creating a Forward Lookup Zone.

   •   For Reverse Lookup Zone Name, fill in the Network ID needed for the Domain. The network ID consists of the IP
       Subnet ID. In this case 10.1.1;
   •   For Zone File, leave the option on Create a new file and leave the filename as it is;

   •   On the Dynamic Update option, choose to Allow both nonsecure and secure option for an internal DNS server
       and Do not allow dynamic updates for a public DNS server.

Completing the New Zone Wizard will create the Reverse Lookup Zone.
Add DNS Records

Once the DNS server is set up, the DNS server can be filled with DNS records.

There are 6 basic types of DNS records:
A              A, or address, records describe the IP that a given DNS node has;
CNAME          CNAME or alias, records add secondary DNS names attached to an A
MX             MX, or mail exchange, records describe the machines to contact in order to
               send mail to a given DNS node;
NS             An NS record tells name servers which machines are in charge of a given
               domain Zone;
SOA            This is a record used when using DNS to synchronize data between
               multiple computers.
TXT            TXT, or text, records are arbitrary text strings which can be attached to
               given DNS nodes. Certain protocols, such as SPF, use this field to store
               protocol-specific data.
SPF            SPF records are actually TXT records.
PTR            PTR or Pointer, records are used in reverse DNS and describe the DNS name to a given IP

Note: A given zone must have precisely one SOA record. Microsoft DNS server will set itself as SOA by
default when creating a zone.

A record

An A record, or host record consists of a name and an IP address.

To add an A record:
    • Fill in the Name; the domain name will be automatically added;
    • Fill in the IP address;
    • Optionally check the Create associated pointer record.

Note: duplicate A records can be created to map a DNS name to multiple IP

CNAME record

A CNAME record, or ALIAS record, consists of a name and an A record.

To add a CNAME record:
    • Fill in the Alias name;
    • Browse to an existing A record.
MX record

An MX record, or Mail Exchanger record, consists of a domain name, an A record
and a priority.
Priority is used for failover. The lowest priority will be used first.

To add an MX record:
    • Optionally fill in the host or child domain;
    • Browse to an existing A record;
    • Set the Mail Server Priority (default is 10).

NS record

An NS, or Name Server, record consists of a domain name and an IP address.

To add an NS record:
    • Go to properties of the Zone;
    • Go to Name Servers tab;
    • Add a name server.

SPF record

An SPF (Sender Policy Framework) record consists of an
optional Record name

To add an SPF record:
    • Select Other New Records;
    • Select TXT;
    • Add the Text “v=spf1 ms –all”;
    • Click ok;

    •   Repeat the process but add the Mail Server’s name in
        the Record name field.
PTR record

A PTR, or pointer record, consists of a Host IP Number and a Host

To add a PTR record:
    • Fill in the Host IP number;
    • Fill in a Host name or Browse to the appropriate A record.

Note: Unlike the other records, PTR records are created in the
Reverse Lookup Zone

This concludes this training.

To top