chapter 4 dns
Your partner company is preparing to launch a Web server. They expect heavy traffic to the Web site, so they would like your assistance with configuring a load balancing solution. As a temporary measure, you have decided to replicate the static Web content from one server to two other servers, and then use DNS round robin to load balance requests to the Web server. Complete the following tasks: -Enable round robin for the PartnerServer DNS server. -Create three host (A) records in the PartnerNet.org zone using the following information: Host name IP address www.PartnerNet.org 73.44.216.5 73.44.216.6 73.44.216.7 -Create the associated pointer (PTR) records for each host record.
1. From Server Manager, select Tools > DNS. 2. Right-click the DNS server and select Properties. 3. Select the Advanced tab. 4. In Server options, select Enable round robin. Click OK. 5. Expand the server and the Forward Lookup Zones nodes. 6. Right-click the zone that will hold the new host record. Select New Host (A or AAAA)... . 7. Enter the host name and IP address. 8. Click Add Host, and then click OK. 9. To create the PTR record automatically, select Create associated pointer (PTR) record. The reverse lookup zone must exist for this record to be created. 10. Add additional hosts as necessary, and then click Done to close the New Host dialog.
You work as the IT Administrator for a small corporate network. Your company has just signed an agreement to work closely with a partner company. You have been asked to improve name resolution between the two companies. Your plan is to create a conditional forwarder from your site to PartnerNet.org. You also plan to allow the partner company to place a forward lookup Stub zone for CorpNet on their server. They have asked for your help to create the Stub zone. Complete the following tasks: On CorpDC, configure a conditional forwarder for the PartnerNet.org domain to PartnerServer (73.44.216.15). Store the conditional forwarder in Active Directory and replicate to all DNS servers in the Domain. Configure the CorpNet zone to allow zone transfer only to server 73.44.216.15 (PartnerServer). On PartnerServer, create a forward lookup stub zone CorpNet on the DNS server named PartnerServer at the partner location. Copy zone data from the CorpDC server (192.168.0.11). Use Change Location to switch between servers.
Configure a Conditional Forwarder From Hyper-V Manager, click CORPSERVER. Expand the window to view all virtual machines. Right-click the CorpDC server and select Connect... (maximize the window for easier viewing if desired). From Server Manager, select Tools > DNS. Expand the server node, then right-click Conditional Forwarders and select New Conditional Forwarder.... Enter the DNS Domain name. Type the IP address or name of the DNS server to which DNS requests will be forwarded, and then press Enter. If necessary, select Store this conditional forwarder in Active Directory, and replicate as follows, and then select the replication scope. Click OK. Enable and Restrict Zone Transfers From DNS Manger on CorpDC, . Expand the Forward Lookup Zones node. Right-click the zone, and select Properties. Select the Zone Transfers tab. Select Allow zone transfers. Select Only to the following servers to restrict zone transfer to those servers listed on this tab. To configure a specific name server: Click Edit. Type the IP address of the allowed server and press Enter. Click OK. Click OK. Create a Stub Zone Click Change Location and select PartnerServer to change to the PartnerServer console. From Server Manager, select Tools > DNS. Expand the server node. Right-click the Forward Lookup Zones node and choose New Zone.... Click Next to begin the New Zone Wizard. Choose Stub zone as the zone type. If the server is a domain controller, you can also choose to store data in Active Directory. Click Next. Type the name of the zone. Click Next. Click Next to accept the zone file name. Type the IP address of the server that holds the master copy of the zone, and then press Enter. Click Next. Click Finish.
The Accounting department is testing a new payroll system server. To facilitate their tests, they would like to add the server to DNS to support name resolution. You would like to create a new zone to support their request, and to accelerate lookups, you would like to place a copy of this zone on the DNS server in Building B. Complete the following tasks: On CorpDC, create a Primary forward lookup zone called acct.CorpNet. Do not store the zone in Active Directory. Use the default name for the zone file. Do not allow dynamic updates. Configure the zone to allow zone transfers to any server. On CorpDC3, create a Secondary forward lookup zone called acct.CorpNet. Specify CorpDC (192.168.0.11) as the master DNS server for the zone. For your convenience, all DNS servers have been added to the DNS Manager console on CorpDC. You can also use Change Location to access each server and its console directly.
Create a Primary Forward Lookup Zone From Hyper-V Manager, click CORPSERVER. Expand the window to view all virtual machines. Right-click the CorpDC server and select Connect... (maximize the window for easier viewing if desired). From Server Manager, select Tools > DNS. Expand the DNS server that will host the zone. Right-click Forward Lookup Zones and select New Zone.... Click Next. Select the Primary zone option. As necessary, deselect the Store the zone in Active Directory (this option is only available for domain controllers). Click Next. Enter the name for the zone, and then click Next. Verify that Create a new file with this file name is selected and click Next. Specify the updates that will be accepted for the DNS zone. Click Next. Click Finish to complete the New Zone Wizard. To configure zone transfer, right-click the new zone and select Properties. Select the Zone Transfers tab. Verify that Allow zone transfers is selected, select To any server, and then click OK. Create a Forward Secondary Zone From DNS Manager, expand the server node that will host the new zone. Right-click Forward Lookup Zones and select New Zone.... Click Next. Select Secondary zone as the zone type and click Next. Enter the zone name. This name must match the name of the Primary zone you created. Click Next. Enter the IP address or Name of a server that hosts a copy of the zone. Press Enter or click away from the IP address to begin validation. Once validated, click Next. Click Finish to complete the New Zone Wizard.
You work as the IT Administrator of a small corporate network. You want to enable dynamic DNS in order to minimize administration of the CorpNet DNS zone. DNS is running on CorpDC and DHCP is running on CorpDHCP12. Complete the following tasks: On CorpDC, configure the CorpNet DNS zone to accept only secure dynamic updates. On CorpDHCP12, configure the Subnet1 and Subnet2 DHCP scopes to always dynamically update information in DNS, even if DHCP clients do not explicitly request it or do not support dynamic DNS.
Enable Dynamic DNS Updates on a Zone From Hyper-V Manager, click CORPSERVER. Expand the window to view all virtual machines. Right-click the CorpDC server and select Connect... (maximize the window for easier viewing if desired). From Server Manager, select Tools > DNS. Expand the server node and browse to the appropriate zone. Right-click the zone and select Properties. On the General tab, select the required option for Dynamic updates. If the zone is an Active Directory-integrated zone, select Secure only to configure secure dynamic updates. If not, then select Nonsecure and secure to configure dynamic updates. Click OK. If desired, close DNS Manager and the Hyper-V window for CorpDC. Enable Dynamic DNS Updates for a Scope In Hyper-V Manager on CORPSERVER, right-click the CorpDHCP12 server and select Connect... (maximize the window for easier viewing if desired). From Server Manager, select Tools > DHCP. Browse to the scope for which you want to configure DNS updates. Right-click the scope and select Properties from the menu. Click the DNS tab. Select Enable DNS dynamic updates according to the settings below: to enable the DHCP server to update DNS records for hosts within the scope. With dynamic updates enabled, you can select from the following: Select Dynamically update DNS A and PTR records only if requested by the DHCP clients to update DNS records based on the requests from clients. Select Always dynamically update DNS A and PTR records to configure the server to update records for all clients, regardless of whether they request it or not. Select Discard A and PTR records when lease is deleted to configure the DHCP server to notify the DNS server to remove the host record when the IP address is no longer assigned to the client. Select Dynamically update DNS A and PTR records for DHCP clients that do not request updates (for example, clients running Windows NT 4.0) to configure the DHCP server to update all DNS records for clients that do not support dynamic DNS updates. This includes all non-Windows clients and Windows 2000/XP/2003/Vista/2008 clients with dynamic updates disabled. Click OK. Repeat steps 4 through 7 for additional scopes.
You work as the IT Administrator of a small corporate network. After enabling dynamic updating, your zones are accumulating unnecessary resource records. You want to ensure that these stale records don't degrade DNS server performance. Complete the following tasks: Enable automatic scavenging of stale records on the CorpDC DNS server. Scavenge records every 10 days. Enable scavenging of stale resource records on all Active Directory zones. Set the no-refresh interval to 5 days Set the refresh interval to 5 days Apply the setting to existing Active Directory-integrated zones
Following are steps that an expert might take to perform the tasks in this lab: From Hyper-V Manager, click CORPSERVER. Expand the window to view all virtual machines. Right-click the CorpDC server and select Connect... (maximize the window for easier viewing if desired). From Server Manager, select Tools > DNS. Right-click the DNS server and select Properties. Select the Advanced tab. Select Enable automatic scavenging of stale records, and then configure the scavenging period as required. Click OK. Right-click the DNS server and select Set Aging/Scavenging for All Zones.... Select Scavenge stale resource records, and then configure the no-refresh interval and the refresh interval as required. Click OK. Select Apply these settings to the exiting Active Directory-integrated zones, and then click OK.
Your network consists of three sites: a main site and two branch offices. You have configured DNS for the two branch offices. These locations host their own DNS servers and are represented by the following domains: Branch1.CorpNet.local Branch2.CorpNet.local While configuring the DNS servers in the Branch Office sub domains, delegations did not get created, so you are having problems resolving host names at the Branch Offices. In this lab, your job is to manually create a delegation within the CorpNet zone for each new sub domain. Delegate the domains using the following settings: Domain Server/IP Address Branch1.CorpNet.local BranchDC1.Branch1.CorpNet.local 192.168.20.10 Branch2.CorpNet.local BranchDC2.Branch2.CorpNet.local 192.168.30.10 When creating the delegations, the FQDN for the server will not resolve to the sub domain without the delegations in place, but the IP addresses will validate.
From Hyper-V Manager, click CORPSERVER. Expand the window to view all virtual machines. Right-click the CorpDC server and select Connect... (maximize the window for easier viewing if desired). From Server Manager, select Tools > DNS. Expand the appropriate server node. Expand either the Forward Lookup Zones node or the Reverse Lookup Zones node. If necessary, expand child domains until you can view the parent zone or domain for the new delegation. Right-click the zone and choose New Delegation.... Click Next. Type a name for the delegated domain. Click Next. Click Add.... Type the full DNS name of the server that will host the new zone, and then click Resolve. Click OK. Click Next. Click Finish. Repeat steps 6 through 13 to create additional delegations.
You work as the IT Administrator for a small corporate network. You plan to install three additional servers on the network soon. As these servers have static addresses, you need to create DNS records for these servers on the CorpDC DNS server. Your task in this lab is to manually create A records and PTR records for the following hosts: Host IP Address CorpWDS.CorpNet 192.168.0.18 CorpNPS.CorpNet 192.168.0.19 CorpVPN1.CorpNet 192.168.0.20
From Hyper-V Manager, click CORPSERVER. Expand the window to view all virtual machines. Right-click the CorpDC server and select Connect... (maximize the window for easier viewing if desired). From Server Manager, select Tools > DNS. Expand the server and the Forward Lookup Zones nodes. Right-click the zone that will hold the new host record and select New Host (A or AAAA).... Enter the host name and IP address. To create the PTR record automatically, check the Create associated pointer (PTR) record option. The reverse lookup zone must exist for this record to be created. Click Add Host, and then click OK. Repeat steps 6 through 8 to add additional host records as necessary. Click Done to close the New Host dialog.
The Sales department wants to create an intranet website for all Sales employees. Web Services (IIS) is installed on an existing server (CorpWeb) that will be used to host the intranet site. Employees must be able to access the Web server using one of the following URLs: http://sales.private http://intranet.sales.private http://www.sales.private You have already created a sales.private zone on the CorpDC server. Enable clients to connect to the Web server by creating the following records in the zone: Create an Alias (CNAME) record leaving the name blank. (This allows users to connect to the server using the sales.private URL.) Create an Alias (CNAME) record named intranet. Create an Alias (CNAME) record named www. When creating Alias records, point each record to the CorpWeb host record in the CorpNet zone.
From Hyper-V Manager, click CORPSERVER. Expand the window to view all virtual machines. Right-click the CorpDC server and select Connect... (maximize the window for easier viewing if desired). From Server Manager, select Tools > DNS. Expand the server and the Forward Lookup Zones nodes. Right-click the zone that will hold the record. Choose New Alias (CNAME).... Enter the alias name. To use the parent domain name for the alias, leave the field blank. Type or browse to add the fully qualified domain name of the host. Click OK. Repeat steps 5 through 8 as needed for additional records.
You work as the IT Administrator for a small corporate network. The Marketing department wants to create an intranet site that is only accessible from the private network. You have selected mrktg.private as the domain name that will hold all records for the zone. You want all client computers in the domain to update their records automatically with DNS. Because security is important, you want to make sure only the computer that created the DNS record can update it in the future. Complete the following tasks: Create the mrktg.private zone on the CorpDC DNS server. Configure the new zone to be stored in Active Directory. Replicate data with all DNS servers in the domain. Allow only secure dynamic updates.
From Hyper-V Manager, click CORPSERVER. Expand the window to view all virtual machines. Right-click the CorpDC server and select Connect... (maximize the window for easier viewing if desired). From Server Manager, select Tools > DNS. Expand the server node that will host the new zone. Right-click Forward Lookup Zones and choose New Zone.... Click Next. Select Primary zone as the zone type and verify the Store the zone in Active Directory option. Click Next. Select how you want DNS data replicated through your network. Click Next. Enter the zone name. Click Next. Select the dynamic update option. Click Next. Click Finish.
The CorpDC server is the DNS server for the 192.168.0.0/24 subnet. The CorpDHCP12 server is the DHCP server for this subnet. All clients are running Windows 7 or Window 8 and receive their IP addresses and other TCP/IP configuration information from the CorpDHCP12 server. You want DNS to be updated automatically with the A and PTR records for all hosts in the CorpNet domain. When you check the DNS server, you discover that although host records have been created automatically, the corresponding PTR records have not been created. Examine the DNS and DHCP configurations to diagnose and correct the problem. Both CorpDC and CorpDHCP12 run as Hyper-V guests on CorpServer.
From Hyper-V Manager, click CORPSERVER. Expand the window to view all virtual machines. Right-click the CorpDC server and select Connect... (maximize the window for easier viewing if desired). From Server Manager, select Tools > DNS. Expand the server node that will host the new zone. Right-click Reverse Lookup Zones and choose New Zone.... Click Next to begin the New Zone wizard. Select Primary zone as the zone type, verify that the Store the zone in Active Directory option is selected, and then click Next. Select how you want to replicate data, and then click Next. Select the type of reverse lookup zone you wish to create (IPv4 or IPv6). Click Next. Enter the network ID. From the address, omit any trailing zeroes that are excluded based on the subnet mask. (Examples: Type 192.168.1 for subnet 192.168.1.0/24. Type 10.1. for subnet 10.1.0.0/16.) Click Next. If necessary, change the zone file name. Click Next. Specify the type of dynamic updates that will be accepted for the DNS zone. Click Next. Click Finish.
The CorpDC3 server is a domain controller in the CorpNet domain. The server holds an Active Directory-integrated zone for the CorpNet domain. You want to secure zone data and prevent anyone from copying zone data from the CorpDC3 server through zone transfer. Because all zone information is replicated automatically through Active Directory replication, you know you can disable zone transfers while still replicating data with other domain controllers. Your task in this lab is to disable zone transfers for the CorpNet zone.
From Hyper-V Manager, click CORPSERVER. Expand the window to view all virtual machines. Right-click the CorpDC3 server and select Connect... (maximize the window for easier viewing if desired). From Server Manager, select Tools > DNS. Expand the server and Forward Lookup Zones nodes. Right-click the zone you want to edit and choose Properties. Select the Zone Transfers tab. Deselect Allow zone transfers. Click OK.
You work as the IT Administrator for a small corporate network. Building B is on a separate subnet from the Main office in Building A. Some users in Building B run programs that need to look up the DNS name of certain computers based on their IP addresses. You need to configure a reverse lookup zone for these users. Your task in this lab is to create an IPv4 Primary reverse lookup DNS zone on CorpDC3 for the 192.168.10.0/24 subnet used in Building B. Complete the following: Store zone information in Active Directory. Replicate the data to all DNS servers on Domain Controllers in the domain. Allow only secure dynamic updates.
From Hyper-V Manager, click CORPSERVER2. Expand the window to view all virtual machines. Right-click the CorpDC3 server and select Connect... (maximize the window for easier viewing if desired). From Server Manager, select Tools > DNS. Expand the DNS server that will host the zone. Right-click Reverse Lookup Zones and choose New Zone.... Click Next to begin the New Zone Wizard. Select Primary zone as the zone type. If necessary, verify that Store the zone in Active Directory is selected, and then click Next. Select the appropriate replication scope, and then click Next. Select the type of reverse lookup zone you wish to create (IPv4 or IPv6). Click Next. Enter the network ID. From the address, omit any trailing zeroes that are excluded based on the subnet mask. (Examples: Type 192.168.1 for subnet 192.168.1.0/24. Type 10.1. for subnet 10.1.0.0/16.) Click Next. Specify the type of dynamic updates that will be accepted for the DNS zone. Click Next. Click Finish.
You work as the IT Administrator for a small corporate network. CorpDC is a Domain Controller and DNS server, which hosts the CorpNet zone. For name resolution requests in other zones, you want the server to forward requests to Name Servers at the ISP (163.128.80.93 and 163.128.78.93). Your task in this lab is to configure the DNS service on CorpDC to: Forward name resolution requests outside of the CorpNet domain to the ISP DNS servers. Use root hints for requests if the ISP DNS servers are unavailable.
In this lab, you need to configure DNS on CorpDC to: Forward name resolution requests outside of the CorpNet domain to the ISP DNS servers (163.128.80.93 and 163.128.78.93). Use root hints for requests if the ISP DNS servers are unavailable. The following are steps that an expert might take to perform the tasks in this lab: From Hyper-V Manager, click CORPSERVER. Expand the window to view all virtual machines. Right-click the CorpDC server and select Connect... (maximize the window for easier viewing if desired). From Server Manager, select Tools > DNS. Right-click the DNS server and choose Properties . Click the Forwarders tab. Click Edit.... Click Click here to add an IP Address or DNS Name. Type the IP address of the DNS server to which DNS requests will be forwarded, and then click OK. If required, deselect the Use root hints if no forwarders are available to disable root hints. Click OK to apply the changes.
You are the administrator for the CorpNet domain. The CorpDC and CorpDC3 servers are the DNS servers for the domain. You are responsible for CorpDC, which resides in Building A. Users report that they are unable to contact the CorpWeb server. Complete the following: Ping the CorpWeb server using its full name (CorpWeb.CorpNet.local). What happens? Ping the CorpWeb server using its IP address (192.168.0.15). What happens? Create any DNS records needed to fix the problem. Use the Ping command to verify that the problem has been fixed.
Right-click the Start thumbnail in the lower left and select Command Prompt (Admin). Type Ping CorpWeb.CorpNet.local. The ping is unable to find CorpWeb. Type Ping 192.168.0.15. The ping succeeds using the IP Address, indicating a problem with the CorpWeb DNS record. From Hyper-V Manager, click CORPSERVER. Expand the window to view all virtual machines. Right-click the CorpDC server and select Connect... (maximize the window for easier viewing if desired). From Server Manager, select Tools > DNS. Expand the server and the Forward Lookup Zones nodes. Right-click the zone that will hold the new host record. Choose New Host (A or AAAA)... . Enter the host name and IP address. To automatically create the PTR record for the new host, select Create associated pointer (PTR) record. Click Add Host, and then OK. Click Done to close the New Host dialog. From the Command Prompt window on CorpServer, type Ping CorpWeb.CorpNet.local. The ping now succeeds.