Monday, May 4, 2009

::DNS:: Configuring TCP/IP to use DNS

CONFIGURING TCP/IP TO USE DNS

To configure TCP/IP to use DNS

1. Open Network Connections.

2. Right-click the network connection you want to configure, and then click Properties.

3. On the General tab (for a local area connection) or the Networking tab (for all other connections), click Internet Protocol (TCP/IP), and then click Properties.

4. If you want to obtain DNS server addresses from a DHCP server, click Obtain DNS server address automatically.

5. If you want to manually configure DNS server addresses, click Use the following DNS server addresses, and in Preferred DNS server and Alternate DNS server, type the preferred DNS server and alternate DNS server IP addresses.

6. To configure advanced DNS properties, click Advanced, click the DNS tab, and do one or more of the following:

· To configure an additional DNS server IP address:

Under DNS server addresses, in order of use, click Add.

In TCP/IP DNS server, type the IP address of the DNS server, and then click Add.

  • To modify the resolution behavior for unqualified DNS names, do the following:

To resolve an unqualified name by appending the primary DNS suffix and the DNS suffix of each connection (if configured), click Append primary and connection specific DNS suffixes. If you also want to search the parent suffixes of the primary DNS suffix up to the second level domain, select the Append parent suffixes of the primary DNS suffix check box.

To resolve an unqualified name by appending the suffixes from a list of configured suffixes, click Append these DNS suffixes (in order), and then click Add to add suffixes to the list.

  • To configure a connection-specific DNS suffix, type the DNS suffix in DNS suffix for this connection.
  • To modify DNS dynamic update behavior, do the following:

To use a DNS dynamic update to register the IP addresses of this connection and the primary domain name of the computer, select the Register this connection's addresses in DNS check box. This option is enabled by default. The primary domain name of the computer is the primary DNS suffix appended to the computer name and can be viewed as the full computer name on the Computer Name tab (available in System in Control Panel).

To use a DNS dynamic update to register the IP addresses and the connection-specific domain name of this connection, select the Use this connection's DNS suffix in DNS registration check box. This option is disabled by default. The connection-specific domain name of this connection is the DNS suffix for this connection appended to the computer name.

Posted by at No comments:

::CheckList:: For installing DNS

CHECK LIST: VERYFYING DNS BEFORE INSTALLING ACTIVE DIRECTORY

STEP 1

Verify that a network connection on the server on which you are installing Active Directory is configured with a DNS server to query for domain names. If you are installing Active Directory on a server in an existing forest, then the network connection of the server must be configured with one or more DNS servers. If not, then configure the network connection with the IP addresses of one or more DNS servers. If you are installing Active Directory to create a new forest, and no DNS servers are available on the network, then the Active Directory Installation Wizard can automatically install and configure a local DNS server. The DNS server will be installed on the server where you are running the wizard and the server's preferred DNS server setting will be configured to use the new local DNS server. If you install a local DNS server using the Active Directory Installation Wizard, you may stop using this checklist.

STEP 2


Verify DNS resource records.

If you are installing Active Directory on a server in an existing forest, verify that the appropriate service (SRV) resource records and the corresponding address (A) resource records exist in DNS.

-> Additional domain controller in an existing domain: _ldap._tcp.dc._mcdcs.ActiveDirectoryDomainDNSName

-> First domain controller in a new child domain: _ldap._tcp.dc._mcdcs.ParentActiveDirectoryDomainDNSName

-> First domain controller in a new tree: _ldap._tcp.dc._mcdcs.ForestRootDomainDNSName


If the required SRV and A resource records do not exist in DNS, you can add these records



Posted by at No comments:

::Active Directory:: Creating a forest

CREATING A FOREST

To create a new forest

1. Click Start, click Run, and then type dcpromo to start the Active Directory Installation Wizard.

2. On the Operating System Compatibility page, read the information and then click Next.
If this is the first time you have installed Active Directory on a server running Windows Server 2003, click Compatibility Help for more information.

3. On the Domain Controller Type page, click Domain controller for a new domain, and then click Next.

4. On the Create New Domain page, click Domain in a new forest, and then click Next.

5. On the New Domain Name page, type the full DNS name for the new domain, and then click Next.

6. On the NetBIOS Domain Name page, verify the NetBIOS name, and then click Next.

7. On the Database and Log Folders page, type the location in which you want to install the database and log folders, or click Browse to choose a location, and then click Next.

8. On the Shared System Volume page, type the location in which you want to install the Sysvol folder, or click Browse to choose a location, and then click Next.

9. On the DNS Registration Diagnostics page, verify if an existing DNS server will be authoritative for this forest or, if necessary, choose to install and configure DNS on this server by clicking Install and configure the DNS server on this computer, and set this computer to use this DNS server as its preferred DNS server, and then click Next.

10. On the Permissions page, select one of the following:

· Permissions compatible with pre-Windows 2000 Server operating systems

· Permissions compatible only with Windows 2000 or Windows Server 2003 operating systems

11. Review the Summary page, and then click Next to begin the installation.

12. Restart the computer.

Notes

  • To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure.
  • The server on which you install Active Directory using this procedure will be the first domain controller in the forest root domain.
  • Before installing Active Directory, you will need to consider pre-Windows 2000 compatible security levels and identify the DNS name of the domain. For more information, see the checklist in Related Topics.
  • The wizard options on the Permissions page affect application compatibility with computers running pre-Windows 2000 and Windows Server 2003 operating systems and are not related to domain functionality. For more information about permissions, see Related Topics.
  • The Active Directory Installation Wizard allows Active Directory domain names up to 64 characters or up to 155 bytes. Although the limit of 64 characters is usually reached before the limit of 155 bytes, the opposite could be true if the name contains Unicode characters consuming three bytes. These limits do not apply to computer names.
  • You cannot install Active Directory on a computer running Windows Server 2003, Web Edition, but you can join the computer to an Active Directory domain as a member server. For more information about Windows Server 2003, Web Edition, see Related Topics.

Posted by at No comments:

::DNS:: How to add host (A) record to zone

ADDING A HOST (A) RECORD TO ZONE

Using the Windows interface

1. Open DNS.

2. In the console tree, right-click the applicable forward lookup zone and click New Host.

3. In the Name text box, type the DNS computer name for the new host.

4. In the IP address text box, type the IP address for the new host.

5. As an option, select the Create associated pointer (PTR) record check box to create an additional pointer record in a reverse zone for this host, based on the information you entered in Name and IP address.

6. Click Add Host to add the new host record to the zone.

Notes

  • To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure. As a security best practice, consider using Run as to perform this procedure.
  • To open DNS, click Start, click Control Panel, double-click Administrative Tools, and then double-click DNS.
  • PTR resource records created automatically when adding an A resource record to a zone will be deleted automatically if the corresponding A resource record is deleted.

Using a command line

1. Open Command Prompt.

2. Type: dnscmd ServerName /RecordAdd ZoneNameNodeName [/Aging] [/OpenAcl] [Ttl] A IPAddress

Value

Description

dnscmd

Specifies the name of the command-line program.

ServerName

Required. Specifies the DNS host name of the DNS server. You can also type the IP address of the DNS server. To specify the DNS server on the local computer, you can also type a period (.).

/RecordAdd

Required. Adds a new resource record.

ZoneName

Required. Specifies the fully qualified domain name (FQDN) of the zone.

NodeName

Required. Specifies the FQDN of the node in the DNS namespace. You can also type the node name relative to the ZoneName or @, which specifies the zone's root node.

/Aging

Specifies that this resource record is able to be aged and scavenged. If this command is not used, the resource record remains in the DNS database unless it is manually updated or removed.

/OpenAcl

Specifies that new records are open to modification by any user. Without this parameter, only administrators may modify the new record.

Ttl

Specifies the Time-To-Live (TTL) setting for the resource record. (The default TTL is defined in SOA resource record).

A

Required. Specifies the resource record type of the record you are adding.

IPAddress

Required. The IP address for the host.

Notes

  • To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure. As a security best practice, consider using Run as to perform this procedure.
  • To open a command prompt, click Start, point to All programs, point to Accessories, and then click Command prompt.
  • This procedure requires the Dnscmd Windows support tool. For information about installing Windows support tools, see Related Topics.
  • To view the complete syntax for this command, at a command prompt, type:
     dnscmd /RecordAdd /help
  • PTR resource records are deleted automatically if the corresponding A resource record is deleted.

Formatting legend

Format

Meaning

Italic

Information that the user must supply

Bold

Elements that the user must type exactly as shown

Ellipsis (...)

Parameter that can be repeated several times in a command line

Between brackets ([])

Optional items

Between braces ({}); choices separated by pipe (|). Example: {even|odd}

Set of choices from which the user must choose only one

Courier font

Code or program output

Posted by at No comments:
Subscribe to: Posts (Atom)