DNS windows server(2008R2) & linux(SLES 11)

81
NETWORK ADMINISTRATION DNS Server(Windows & Linux) 2013-2014 PASSERELLES NUMERIQEUS CAMBODIA Street 371 Phum Tropeang Chhuk (Borey Sorla), Sangkat Tek Thia Khan Sek Sok P.O. Box 511 Phnom Penh, Cambodia

Transcript of DNS windows server(2008R2) & linux(SLES 11)

Page 1: DNS windows server(2008R2) & linux(SLES 11)

NETWORK ADMINISTRATION DNS Server(Windows & Linux)

2013-2014

PASSERELLES NUMERIQEUS CAMBODIA

Street 371 Phum Tropeang Chhuk (Borey Sorla), Sangkat Tek Thia Khan Sek Sok P.O. Box 511 Phnom Penh, Cambodia

Page 2: DNS windows server(2008R2) & linux(SLES 11)

Table of Content

1. Configure Domain Name ................................................................................................................................2

2. Install Bind package ..........................................................................................................................................4

3. Create: Forward Lookup zone file & Reverse Lookup zone file in the

master DNS zone. .........................................................................................................................................................4

4. Create Resource Record with: ....................................................................................................................5

5. Create Zone transfer .............................................................................................................................................. 10

5. Encryption transfer protocol...................................................................................................................... 17

I. On Windows: ................................................................................................................................................... 20

1. Install DNS + AD service ............................................................................................................................ 22

2. Configure DNS zone: .............................................................................................................................................. 30

- Configure Forward ............................................................................................................................................ 30

-Revers lookup zone ........................................................................................................................................... 31

3. Create Resource Record: ..................................................................................................................................... 38

A(Resolve from host to host) ........................................................................................................... 38

PTR(pointer) ................................................................................................................................................... 40

CNAME(alias) .................................................................................................................................................. 42

MX(Mail Exchanger) .................................................................................................................................. 45

4. Create multiple domains name ........................................................................................................................ 48

-Forward New zone ................................................................................................................................................... 48

-Reverse New Zone .................................................................................................................................................. 52

5. Configure DNS zone transfer............................................................................................................................. 57

- Configure on Primary DNS server ................................................................................................................ 57

- Allow only sna2015.lan ....................................................................................................................................... 59

- Configure on Secondary DNS server (Transfer only sna2015.lan) .......................................... 60

-Enable master transfer zone ............................................................................................................................. 66

6. Active Directory-integrated DNS zone: ....................................................................................................... 68

- Configure AD-integrated Replication .......................................................................................................... 68

- Set Dynamic update as Security only ........................................................................................................ 79

Page 3: DNS windows server(2008R2) & linux(SLES 11)

Suse Linux:

1. Configure Domain Name

-Go to by type yast lan =>Hostname/DNS =>input the Domain name and

Server name => OK

-Configure by input the domain name: tola091.lan

Page 4: DNS windows server(2008R2) & linux(SLES 11)

-Show IP Address and restart network services config(rcnetwork restart,

ifconfig)

-Show hostname

Page 5: DNS windows server(2008R2) & linux(SLES 11)

2. Install Bind package

-Types the yast –I => install the packet bind (bind) =>type bind in the

Search Phrase and Accept to install. Or (zipper install –y bind)

OR

3. Create: Forward Lookup zone file & Reverse Lookup zone file

in the master DNS zone.

- After we finished install the dns services, we need to back up the file

named.conf that store in the locate /etc to other or some locations.( cp

/etc/named.conf /etc/named.conf.bk)

Page 6: DNS windows server(2008R2) & linux(SLES 11)

- Forward zone is a zone that map name of host to IP address.

- Reverse zone is a zone that map IP address to name of host.

- Create these zone we need to: vim /etc/name.conf for configure the file

named.conf.

-Configure the zone by creaete forward zone: tola091.lan.zone and reverse zone:

192.168.1.zone and disable for file include as the picture below:

-Save them after configure by use :x1 or ZZ

4. Create Resource Record with:

-Backup the forward zone and reverse zone of loca to master

Page 7: DNS windows server(2008R2) & linux(SLES 11)

-Create resource record and confure for forward zone and reverse zone

as A, PTR,MX,CNAME

-Type this command vim tola091.lan.zone to configure forward zone

- A = Resolves a host to an IP address

- PTR = Resolves an IP to a host name (1.168.192.in-addr.arpa)

- CNAME = Resolves from hostname to hostname

- MX = The mail Server

Page 8: DNS windows server(2008R2) & linux(SLES 11)

-Type this command vim 192.168.1.zone to configure reverse zone

-Use command rcnamed restart to restart service named

- Use command vim /etc/resolv.conf to add more line of DNS

-NSLookup Tools

Nslookup is a command-line utility used to diagnose DNS infrastructure

Page 9: DNS windows server(2008R2) & linux(SLES 11)

-DIG command

Page 10: DNS windows server(2008R2) & linux(SLES 11)
Page 11: DNS windows server(2008R2) & linux(SLES 11)

+ Let client test

5. Create Zone transfer

- Configure on Master DNS server

Additional command for enable master transfer zone to slave

allow-update { none; };

allow-query { any; };

allow-transfer { 192.168.1.2; };

Page 12: DNS windows server(2008R2) & linux(SLES 11)

- Configure on Slave DNS server

-Check IP and Hostname

-Test Connection

-Configure Domain Name for DNS Slave

Page 13: DNS windows server(2008R2) & linux(SLES 11)

-Use command zipper install –y bind

-Use command cp /etc/named.conf /etc/named.conf.bk for backup

Page 14: DNS windows server(2008R2) & linux(SLES 11)

-Zone Transfer, Use command vim /etc/named.conf to configure to get

the zone transfer from master dns.

-All the zone will transfer from master zone

-Restart rcnamed restart

- The zone will change directory to /var/lib/named/slave so we will

see the zone that transfer from master zone.

Page 15: DNS windows server(2008R2) & linux(SLES 11)

-Show the Reverse Zone Configuration of DNS slave that transfer from

master DNS

-Show the Forward zone Configuration of DNS slave that transfer from

master DNS

Page 16: DNS windows server(2008R2) & linux(SLES 11)

-additional line

-Use NSLookup Tool

Page 17: DNS windows server(2008R2) & linux(SLES 11)

-Use DIG Tool

Page 18: DNS windows server(2008R2) & linux(SLES 11)

5. Encryption transfer protocol

-Encryption zone transfer means we would transfer the zone from master

to slave by using security of encrypt password.

-Type command dnssec-keygen –a HMAC-MD5-b 96 –n HOST tola in

order to create encrypt password.

Page 19: DNS windows server(2008R2) & linux(SLES 11)
Page 20: DNS windows server(2008R2) & linux(SLES 11)

-Copy encryption file from master to slave to bring this key encrypt to

slave.

-Go to the named configuration to pass the encrypt key.

-Restart named services

7. Let testing of Zone transfer and Encryption transfer

Page 21: DNS windows server(2008R2) & linux(SLES 11)

I. On Windows:

+Before we install other services we need to modify the hostname and

assigned the real IP address of host.

-Assigned IP by type command ncpa.cpl to configure the IP address.

Page 22: DNS windows server(2008R2) & linux(SLES 11)

-Right on LAN and then click Properties

-Check Hostname

Page 23: DNS windows server(2008R2) & linux(SLES 11)

1. Install DNS + AD service

-Select Server Manager.Or from the Quick Launch Taskbar.

-Select Roles. Then Add Roles. Before you continue verify that;

-You can skip this page by default.

-Click Next to continue

Page 24: DNS windows server(2008R2) & linux(SLES 11)

-Select Active Directory Domain Services. There is no need to select DNS

Server; this role will be added with DCPROMO. Then Click Next.

Page 25: DNS windows server(2008R2) & linux(SLES 11)

- Ensure you read Things to Note. Then Click Next. Click Install.

Page 26: DNS windows server(2008R2) & linux(SLES 11)

- The Active Directory Binaries have been installed. Click Close this wizard

and launch dcpromo.exe. You can also launch dcpromo from the Run box.

Click Next. Or type the dcpromo on the run.

- Operating System Compatibility warning about new Server 2008 security

settings. Check there is no compatibility issue with existing network

infrastructure. If none click Next.

Page 27: DNS windows server(2008R2) & linux(SLES 11)

- Select Create a new domain in a new forest and Click Next.

Page 28: DNS windows server(2008R2) & linux(SLES 11)

-

- There are 3 Forest functional levels Windows 2000, Windows 2003,

Windows 2008 and Windows Server 2008 R2.

Page 29: DNS windows server(2008R2) & linux(SLES 11)

- Select DNS server then Next to continue. Next to continue. The Wizard

cannot contact the DNS server for this zone. Select yes to continue; DNS

will then be installed. The Database folders are assigned. Click Next to

accept the defaults. Restore mode password must be set, click Next to

continue.

Page 30: DNS windows server(2008R2) & linux(SLES 11)

- The Active Directory components are installed. Click Finish to complete

the installation. The Server needs to be restarted to finalise the

installation. Click Restart Now. Server restarts.

Page 31: DNS windows server(2008R2) & linux(SLES 11)

-

2. Configure DNS zone:

- Configure Forward

A Forward lookup is the most common form of DNS lookup. This

type of lookup converts a hostname into an IP address. A Forward

Lookup-Zone contains Name to IP Address mappings.

-Click Start> Administrative Tools> DNS >Expand by clicking the + next

to the DNS server

Page 32: DNS windows server(2008R2) & linux(SLES 11)

-To add a New Forward Lookup Zone Right click Forward Lookup Zones.

Click New Zone.

-Revers lookup zone

- Right click Reverse Lookup Zones and Select New Zone.

- Select Primary Zone and tick Store

Page 33: DNS windows server(2008R2) & linux(SLES 11)

- Select IPv4 Reverse Lookup Zone. and Next to continue

Page 34: DNS windows server(2008R2) & linux(SLES 11)

- Type in the Network ID and Next to continue

- The Wizard will ask you if you want to accept dynamic updates. As the

wizard shows there are drawbacks to having it enabled, but there are also

drawbacks for having it disabled.

Page 35: DNS windows server(2008R2) & linux(SLES 11)

- New Delegation to class Monitor as Admin

- To open DNS Manager, click Start, point to Administrative Tools, and

then click DNS.

Page 36: DNS windows server(2008R2) & linux(SLES 11)

- right-click the applicable subdomain, and then click New Delegation.

- Follow the instructions in the New Delegation Wizard to finish creating

the new delegated domain.

Page 37: DNS windows server(2008R2) & linux(SLES 11)
Page 38: DNS windows server(2008R2) & linux(SLES 11)
Page 39: DNS windows server(2008R2) & linux(SLES 11)

3. Create Resource Record:

A(Resolve from host to host)

-Open DNS Manager

- right-click the forward lookup zone to which you want to add the record,

and then click New Host (A or AAAA).

Page 40: DNS windows server(2008R2) & linux(SLES 11)

- In Name, type the DNS computer name for the new host.

In IP address, type the IP address for the new host. You can type the

address in IP version 4 (IPv4) format (to add a host (A) resource record)

or format (to add a host (AAAA) resource record).

Page 41: DNS windows server(2008R2) & linux(SLES 11)

-

PTR(pointer)

-You can use this procedure to create a pointer (PTR) resource record in a

reverse lookup zone in Domain Name System (DNS).

- right-click the reverse lookup zone that you want to manage, and then

click New Pointer (PTR).

Page 42: DNS windows server(2008R2) & linux(SLES 11)

-In the Host IP number text box, type the host IP address in IP version 4

(IPv4),

-As an option, you can click Browse to search the DNS namespace for

hosts that have host (A or AAAA) resource records already defined.

Page 43: DNS windows server(2008R2) & linux(SLES 11)

CNAME(alias)

- Alias (CNAME) resource records are also sometimes called canonical

name resource records. With these records, you can use more than one

name to point to a single host,

Page 44: DNS windows server(2008R2) & linux(SLES 11)

- right-click the applicable forward lookup zone, and then click New Alias.

- In Alias name, type the alias name.

- In Fully qualified domain name (FQDN) for target host, type the FQDN of

the DNS host computer for which this alias is to be used.

As an option, you can click Browse to search the DNS namespace for

hosts in this domain that have host (A) resource records already defined.

Page 45: DNS windows server(2008R2) & linux(SLES 11)

-

-Click OK to add the new record to the zone.

Page 46: DNS windows server(2008R2) & linux(SLES 11)

MX(Mail Exchanger)

-You can use this procedure to add a mail exchanger (MX) resource

record to a Domain Name System (DNS) zone to provide message routing

to a mail exchanger host.

- right-click the forward lookup zone to which you want to add the record,

and then click New Mail Exchanger (MX).

Page 47: DNS windows server(2008R2) & linux(SLES 11)
Page 48: DNS windows server(2008R2) & linux(SLES 11)
Page 49: DNS windows server(2008R2) & linux(SLES 11)

4. Create multiple domains name

- (tola091.lan) New Domain

-Forward New zone

Page 50: DNS windows server(2008R2) & linux(SLES 11)
Page 51: DNS windows server(2008R2) & linux(SLES 11)
Page 52: DNS windows server(2008R2) & linux(SLES 11)
Page 53: DNS windows server(2008R2) & linux(SLES 11)

-Reverse New Zone

Page 54: DNS windows server(2008R2) & linux(SLES 11)
Page 55: DNS windows server(2008R2) & linux(SLES 11)
Page 56: DNS windows server(2008R2) & linux(SLES 11)
Page 57: DNS windows server(2008R2) & linux(SLES 11)
Page 58: DNS windows server(2008R2) & linux(SLES 11)

- sna2015.lan(My own Domain)

5. Configure DNS zone transfer

- Configure on Primary DNS server

Page 59: DNS windows server(2008R2) & linux(SLES 11)
Page 60: DNS windows server(2008R2) & linux(SLES 11)

- Allow only sna2015.lan

Page 61: DNS windows server(2008R2) & linux(SLES 11)

- Configure on Secondary DNS server (Transfer only sna2015.lan)

Page 62: DNS windows server(2008R2) & linux(SLES 11)
Page 63: DNS windows server(2008R2) & linux(SLES 11)
Page 64: DNS windows server(2008R2) & linux(SLES 11)

-Transfer Reverse

Page 65: DNS windows server(2008R2) & linux(SLES 11)
Page 66: DNS windows server(2008R2) & linux(SLES 11)
Page 67: DNS windows server(2008R2) & linux(SLES 11)

-Enable master transfer zone

Page 68: DNS windows server(2008R2) & linux(SLES 11)
Page 69: DNS windows server(2008R2) & linux(SLES 11)

6. Active Directory-integrated DNS zone:

- Configure AD-integrated Replication

Page 70: DNS windows server(2008R2) & linux(SLES 11)
Page 71: DNS windows server(2008R2) & linux(SLES 11)
Page 72: DNS windows server(2008R2) & linux(SLES 11)
Page 73: DNS windows server(2008R2) & linux(SLES 11)
Page 74: DNS windows server(2008R2) & linux(SLES 11)
Page 75: DNS windows server(2008R2) & linux(SLES 11)
Page 76: DNS windows server(2008R2) & linux(SLES 11)
Page 77: DNS windows server(2008R2) & linux(SLES 11)
Page 78: DNS windows server(2008R2) & linux(SLES 11)
Page 79: DNS windows server(2008R2) & linux(SLES 11)
Page 80: DNS windows server(2008R2) & linux(SLES 11)

- Set Dynamic update as Security only

Page 81: DNS windows server(2008R2) & linux(SLES 11)