There are two ways to manage the Microsoft DNS server. Use the DNS Manager or manually edit the DNS configuration files. This lesson reviews the tools used to administer a DNS server.
After this lesson, you will be able to
Estimated lesson time: 60 minutes
The primary tool that you use to manage a Windows 2000 DNS server is the DNS console, which is illustrated in Figure 10.5. Because the DNS server has no initial information about a user's network, the DNS server installs as a caching-only name server for the Internet. This means that the DNS server contains only information on the Internet root servers. For most DNS server configurations, additional information must be supplied to obtain the preferred operation.
Figure 10.5 DNS settings in Microsoft Management Console (MMC)
In the Configure DNS Server Wizard, you can create one or more forward lookup zones. The following are types of zones you can create:
The DNS server may be configured manually by editing files in the default installation path \%systemroot%\System32\Dns. Administration is identical to traditional DNS administration. The files can be modified using a text editor, as illustrated in Figure 10.6. The DNS service must then be stopped and restarted.
Figure 10.6 Editing the Cache.dns file
The first step in configuring the DNS server is to determine the hierarchy for your DNS domains and zones. Once the domain and zone information has been determined, this information must be entered into the DNS configuration using the DNS console.
You add primary and secondary zones through the DNS console, as illustrated in Figure 10.7. After you enter your zone information, DNS Manager constructs a default zone file name. If the zone file already exists in the DNS directory, DNS console automatically imports these records.
Figure 10.7 Creating a new zone with the DNS console
A primary zone stores name-to-address mappings locally. When you configure a primary zone, you need no information other than the zone name.
Secondary zones obtain name-to-address mappings from a master server by zone transfer. When you configure a secondary zone, you must supply the names for the zone and master name server.
Once all zones have been added to the server, subdomains under the zones can be added. If multiple levels of subdomains are needed, create each successive subdomain. There is a key written to the DNS registry entry for each zone for which the DNS will be authoritative. The keys are located under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Zones.
Each zone has its own key that contains the name of the database file, which indicates whether the DNS server is a primary or secondary name server. For example, for the zone dev.volcano.com, there is the following registry entry: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Zones\dev.volcano.com.
After you have successfully added a zone, you can configure and modify the zone properties, which are described in Table 10.3.
Table 10.3 Zone Properties
|General||Configures the zone file in which the resource records are stored and specifies whether this is a primary or secondary name server.|
|SOA record||Configures zone transfer information and the name server administrator mailbox.|
|Notify||Specifies the secondary servers to be alerted when the primary server database changes. Also, additional security can be applied to the name server by specifying that only the listed secondary servers can contact this server.|
|WINS lookup||Enables the name server to query WINS to resolve names. A list of WINS servers can be configured in this dialog. The WINS servers can be set on a per-name-server basis by selecting the Settings Only Affect Local Server check box. If this is not selected, secondary servers will also use the configured WINS servers.|
In this practice, you configure the DNS server by adding a primary zone. Complete this practice from the DNS server computer.
Before you continue with the lesson, run the Ch10b.exe demonstration file located in the Media folder on the Supplemental Course Materials CD-ROM that accompanies this book. The file provides an overview of configuring the DNS Server service.
Zone1.org.dns will be the file name (where zone1.org is your zone name).
The Forward Lookup Zones folder now contains your new zone, as illustrated in Figure 10.8.
Figure 10.8 Zone added to the Forward Lookup Zones folder
Once the zones and subdomains are configured, resource records can be added. To create a new host, right-click a zone or subdomain and then click New Host, as illustrated in Figure 10.9. Simply type the host name and click Add Host, and the host record is created.
Figure 10.9 Adding a new host
To create a record of a different type, right-click a zone or subdomain and then click Other New Records. Next, select which resource record type to create. A dialog box displays various fields specific to record type, as illustrated in Figure 10.10.
Figure 10.10 Selecting a type of record to create
If you just have the host's IP address, and you want to be able to find the host's name, you need to use a reverse lookup zone. Like all zones, you must create the reverse lookup zone before it can be used.
You create a reverse lookup zone for each subnet on which the hosts in the DNS database reside. Adding a reverse lookup zone is procedurally identical to adding any other type of zone, except for the zone name which is reversed. For example, if a host has an address of 188.8.131.52, it would be represented in the in-addr.arpa domain as 184.108.40.206.in-addr.arpa. To enable this host to appear to a client who has the host's IP address, a zone would need to be added to the DNS for 25.231.198.in-addr.arpa. All PTR records for the network 220.127.116.11 would be added to this reverse lookup zone.
The first step in configuring Windows 2000 DNS server is to determine the hierarchy for your DNS domains and zones. Using MMC, you can create Active Directory-integrated zones, standard primary zones, and standard secondary zones. Once the zones and subdomains are configured, resource records can be added.
If you want the ability to find a host name using only the host IP address, you need to create a reverse lookup zone for each subnet on which hosts in the DNS database reside.