Training Installing and Setting up Microsoft DNS Server Introduction Versions Used • Windows Server 2003 Setup Used i. Server Name = martini ii. Credentials: User = “Administrator” , Password = “password” iii. IP Address: 10.1.1.101 iv. AD Setup: AD Domain Name = echofloor.com v. AD Setup: NetBIOS Domain Name= echofloor Prerequisites As this Training involves changing TCP/IP Settings, knowledge of TCP/IP is the next requirement. In this Tech Note Microsoft terms will be used without explanation. Training CATEGORY Title Installing Active Directory Task List • Install Windows 2003 • Prepare Windows 2003 Server • Prepare TCP/IP Settings • Install DNS • Setup DNS Install Windows 2003 This Training assumes Windows 2003 Server is installed and that all drivers have been installed. Make sure that either a copy of the I386 Directory from the Windows Server installation CD on the local hard drive remains, or the Windows Server installation CD is in the CD Drive. A DNS Server must have a fixed IP so make sure that the server does not get an IP from a DHCP server. The server must be able to reach the Internet but DNS settings are not required as the server will be its own DNS server. Prepare Windows 2003 The first step for installing DNS Server is to set the computer name and Primary DNS Suffix. The computer name and Primary DNS Suffix must be set from System Properties. • From System Properties go to the Computer Name tab. On this tab the full computer name and the workgroup can be seen. Workgroup name is not important, as this will not be used; • Computer name, membership and Primary DNS Suffix can be changed by clicking the Change button; • The More button brings up the DNS Suffix and NetBIOS Computer Name dialog; • In the Primary DNS Suffix of this computer field the Domain Name to be used by your DNS Server must be filled in; e.g., echofloor.com; • After applying these setting the server needs to be restarted. Note: Without a restart the Server will not get the new server name and / or DNS Suffix. This will result in the failure of the DNS server that has to be installed later in this Training. Prepare TCP/IP Settings Once the proper name and DNS Suffix are setup, some adjustments have to be made to the TCP/IP settings. For this go to the properties of the Primary Local Area Connection in Network Connections. • Select Internet Protocol (TCP/IP) and click the Properties button; • Make sure that the server has a static IP address and a Default Gateway. For Preferred DNS Server, fill in the server’s IP address. These settings will point all DNS requests from your server to its own DNS and WINS server. Without these settings your server will not be able to register itself in its own DNS tables. Install DNS DNS (Domain Name System) Server is an installable windows component and needs to be installed via Add/Remove Programs from Control Panel. • From Windows Components select Networking Services; • Click Details to select the Networking Services you want to install; • Select Domain Name System (DNS). To install Windows Components, the I386 Directory from the Original Windows Server 2003 is needed. If the CD is not in the CD Drive, a popup will allow you to select the location of the I386 directory. Once installation is complete, two additional Services and two additional Administrative Tools can be found on the server. Setup DNS DNS setup consists of multiple steps: -Setup DNS server properties; -Setup Forward Lookup Zone; -Setup Reverse Lookup Zone; -Add DNS records. Microsoft DNS Server is configured via DNS Manager. DNS Manager can be launched via the DNS shortcut within Administrative Tools. Setup DNS Server properties By default DNS server settings are set for normal operations and do not have to be changed. In some circumstances modifications are needed. DNS Server by default listens for DNS queries on all IP addresses. When needed this can be limited to a single or multiple IP addresses. Be aware that changes here need to be reflected in TCP/IP settings. By default DNS server uses Root Hints to resolve external domain names. In some circumstances the DNS server needs to forward its DNS queries to a specific server. This can be configured on the Forwarders tab. Forwarders can be configured for all domains, or for a specific domain. This is called conditional forwarding. Examples when forwarding need to be used: -DNS queries need to be forwarded to the Internet Service Provider’s DNS server Some ISPs block outbound DNS queries, and only allow outbound DNS queries to be targeted at their DNS servers. In this case forwarder IP addresses need to be configured for all domains. -DNS queries for a certain domain need to be forwarded to an internal DNS server In some cases access to an internal DNS server for domain is available. For example a VPN tunnel to SonicWALL is available and internal DNS needs to be used. In this case a DNS domain needs to be added. For this domain the internal DNS servers will be used as forwarder IP for this domain. Note: Windows 2000 DNS server can not do conditional forwarding. Create Forward Lookup Zone After configuring DNS server settings the next step is to setup a Forward Lookup Zone. This can be done by selecting and right clicking Forward Lookup Zones and choosing the New Zone option. This will launch the New Zone Wizard • The first step is to select the Zone Type. Select Primary Zone; • For Zone Name, fill in the Domain Name needed for the Domain -- in this case echfloor.com; • For Zone File, leave the option on Create a new file and leave the filename as it is; • On the Dynamic Update option, choose to Allow both nonsecure and secure option for an internal DNS server and Do not allow dynamic updates for a public DNS server. Completing the New Zone Wizard will create the Forward Lookup Zone. Create Reverse Lookup Zone Once the Forward Lookup Zone is created, the next step is to create a Reverse Lookup Zone. The steps to create a Reverse Lookup Zone are very similar to creating a Forward Lookup Zone. • For Reverse Lookup Zone Name, fill in the Network ID needed for the Domain. The network ID consists of the IP Subnet ID. In this case 10.1.1; • For Zone File, leave the option on Create a new file and leave the filename as it is; • On the Dynamic Update option, choose to Allow both nonsecure and secure option for an internal DNS server and Do not allow dynamic updates for a public DNS server. Completing the New Zone Wizard will create the Reverse Lookup Zone. Add DNS Records Once the DNS server is set up, the DNS server can be filled with DNS records. There are 6 basic types of DNS records: A A, or address, records describe the IP that a given DNS node has; CNAME CNAME or alias, records add secondary DNS names attached to an A record MX MX, or mail exchange, records describe the machines to contact in order to send mail to a given DNS node; NS An NS record tells name servers which machines are in charge of a given domain Zone; SOA This is a record used when using DNS to synchronize data between multiple computers. TXT TXT, or text, records are arbitrary text strings which can be attached to given DNS nodes. Certain protocols, such as SPF, use this field to store protocol-specific data. SPF SPF records are actually TXT records. PTR PTR or Pointer, records are used in reverse DNS and describe the DNS name to a given IP address Note: A given zone must have precisely one SOA record. Microsoft DNS server will set itself as SOA by default when creating a zone. A record An A record, or host record consists of a name and an IP address. To add an A record: • Fill in the Name; the domain name will be automatically added; • Fill in the IP address; • Optionally check the Create associated pointer record. Note: duplicate A records can be created to map a DNS name to multiple IP addresses CNAME record A CNAME record, or ALIAS record, consists of a name and an A record. To add a CNAME record: • Fill in the Alias name; • Browse to an existing A record. MX record An MX record, or Mail Exchanger record, consists of a domain name, an A record and a priority. Priority is used for failover. The lowest priority will be used first. To add an MX record: • Optionally fill in the host or child domain; • Browse to an existing A record; • Set the Mail Server Priority (default is 10). NS record An NS, or Name Server, record consists of a domain name and an IP address. To add an NS record: • Go to properties of the Zone; • Go to Name Servers tab; • Add a name server. SPF record An SPF (Sender Policy Framework) record consists of an optional Record name To add an SPF record: • Select Other New Records; • Select TXT; • Add the Text “v=spf1 ms –all”; • Click ok; • Repeat the process but add the Mail Server’s name in the Record name field. PTR record A PTR, or pointer record, consists of a Host IP Number and a Host name. To add a PTR record: • Fill in the Host IP number; • Fill in a Host name or Browse to the appropriate A record. Note: Unlike the other records, PTR records are created in the Reverse Lookup Zone This concludes this training.