1 week 7 – dns and adds integration review of dns concepts, components, and processes install and...
TRANSCRIPT
![Page 1: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/1.jpg)
1
Week 7 – DNS and ADDS Integration
• Review of DNS Concepts, Components, and Processes
• Install and Configure DNS in an AD DS Domain
• AD DS, DNS, and Windows
• Advanced DNS Configuration and Administration
![Page 2: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/2.jpg)
2
Why DNS?
• Computers connect using IP addresses
• Humans prefer names
• DNS resolves names to IP addresses
DNS ServerClient207.46.16.252
technet.microsoft.com
technet.microsoft.com?
207.46.16.252
![Page 3: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/3.jpg)
3
The DNS Hierarchy
microsoft.com
.com
Root.
.uk
.co.uk
.microsoft.co.uk
contoso.com
![Page 4: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/4.jpg)
4
Zones
• A database stored on a DNS server
• Supports resolution for a portion of the DNS namespacestarting with a domain: contoso.com
• A server hosting a zone for a domain is authoritative for that domain
contoso.com• hqdc01• filesvr01• desktop101
zone
DNS Server
![Page 5: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/5.jpg)
5
Resource Records (RRs)
• Host or Address (A or AAAA) : name-to-IPv4/IPv6 address
Name: hqdc01Data: 10.0.0.11
• Alias or Canonical Name (CNAME) : alias-to-name
Name: ftpData: internetserver.contoso.com
• Mail Exchange (MX): points to the e-mail server
Data: exchange.contoso.com
• Name service (NS): points to a name server
Name: contoso.comData: nameserver01.contoso.com
• Server Locator Record (SRV): locates DC, GC servers
![Page 6: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/6.jpg)
6
Resource Record Management
• Manual
• Dynamic
Client registers its own records
Secure dynamic updates: prevents spoofing
![Page 7: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/7.jpg)
7
Zone Replication• File-based zone
Primary zone: writable copy of the zonehosted by one (and only one) DNS server
Secondary zone: read-only copy of the zonehosted by zero or more DNS servers
Zone transfer copies zone data from primary zone to secondary zones
• Requires permission on source server for zone
• Traditionally the entire zone (can be quite large) is copied
• Active Directory integrated zone
Zone is hosted on domain controllers
Multimaster replication: important in dynamic update environments
Data replicated using efficient Active Directory replication topology and processes
Incremental updates
![Page 8: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/8.jpg)
8
Subdomains
• A zone supports resolution for a portion of the DNS namespace, starting with a domain: contoso.com
• europe.contoso.com?
Subdomain
• Records to support resolution for the subdomain
Delegation
• NS records that point to name server(s) for subdomain
• List of name server(s) is static and updated manually
Stub zone
• NS records that point to name server(s) for subdomain
• List of name servers is updated automatically
• Requires TCP port 53 to be open between the host (parent) DNS server and all name servers in the stub domain
![Page 9: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/9.jpg)
9
DNS Client (Resolver)
• Client application makes request
• DNS Client service examines DNS resolver cache
Pre-loaded with HOSTS file at service start or HOSTS file change
Caches query responses (including negative answers!)
ipconfig /flushdns
• nslookup.exe Queries the DNS server without
checking the DNS resolver cache
technet.microsoft.com?
DNS Resolver Cache
HOSTS File
DNS Client Service
![Page 10: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/10.jpg)
10
Query to DNS Server
• DNS Client queries primary DNS server
Requests recursive or iterative query
• Recursive: DNS server continues performing query for client and returns a definitive answer
• Iterative: DNS server returns only what it knows (“best guess”) and client continues query
Queries secondary DNS server only if primary server doesn’t respond
• If primary server returns negative answer,secondary server not queried as “second opinion”
• Ensure that each DNS server is able to resolve all client queries
DNS Client Service DNS Server
![Page 11: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/11.jpg)
11
DNS Server Resolution
• DNS server checks its local zones
Resolution returned as an authoritative response
• DNS server checks its cache
Resolution returned as a positive response
• If no resolution found
Iterative query: DNS server returns best guess Recursive query: DNS server performs query
DNS Server Cache
contoso.com• hqdc01• filesvr01• desktop101
zone
DNS Client Service
Client’s DNS Server
technet.microsoft.com?
![Page 12: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/12.jpg)
12
Recursion
• Iterative query to root DNS servers Root DNS servers configured in DNS server’s “root hints”
Root DNS server returns referral to .com name servers
• Iterative query to .com server .com returns referral to microsoft.com name servers
• Iterative query to microsoft.com server
• Cache response
• Return to client as positive answer
Client’s DNS Server
“.” Root DNS server
“com” DNS Server
“microsoft.com” DNS Server
• .com• .edu• .ca• .uk
• microsoft.com• contoso.com• tailspintoys.com
• technet• www• msdn
DNS Client service
technet.microsoft.com?
![Page 13: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/13.jpg)
13
Install and Manage the DNS Server Role
• Methods
Server Manager Roles Add Role
Active Directory Domain Services Installation Wizard
• DNS Manager snap-in
Server Manager
DNS Manager console (dnsmgmt.msc)
• dnscmd.exe
![Page 14: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/14.jpg)
14
Create a Zone
• Right-click Forward Lookup Zones
• Select zone type
• Specify replication(Active Directoryintegrated zones only)
All DNS servers in forest
All DNS servers in domain
All domain controllersin domain (for compatibility with Windows® 2000 DCs)
• Enter zone name (DNS domain name)
• Manage updates
![Page 15: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/15.jpg)
15
Create a Zone: Dynamic Update
![Page 16: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/16.jpg)
16
Create Resource Records
• Right-click the zone
• Dialog box appears specific to the record type you choose
![Page 17: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/17.jpg)
17
Configure Redundant DNS Servers
• Active Directory–integrated zone
Add DNS server to another DC
• Standard Primary Zone
Add NS records for secondary servers
• Master server
The server from which the zone will be copied
Need not be the primary server Allow Zone Transfers
• Secondary server
Create a new forward lookup zone Choose a secondary zone Configure the master server
![Page 18: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/18.jpg)
18
Configure Forwarders
• Right-click DNS server Properties Forwarders
• For all names not in your domain, resolve using your Internet service provider’s (ISP’s) DNS servers
• If forwarders are not available, use root servers based on root hints
![Page 19: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/19.jpg)
19
Client Configuration
• IP configuration of client
netsh interface ipv4 set dns "Local Area Connection"static 10.0.0.11 primary
netsh interface ipv4 add dns "Local Area Connection"10.0.0.12
• Dynamic Host Configuration Protocol(DHCP) scope option 6
![Page 20: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/20.jpg)
20
AD DS, DNS, and Windows
• An AD DS domain has a DNS domain name
• DNS zones can be stored in the Active Directory database
• Active Directory can replicate DNS zones to specific domain controllers
• Windows clients can update their own DNS records
• Active Directory can load large Active Directory–integrated zones in the background
• DCs register service locator records in DNS
• Clients use these records to locate DCs
![Page 21: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/21.jpg)
21
Integrate AD DS and the DNS Namespace
• An Active Directory domain must have a DNS name
• Active Directory domain name vs. external DNS namespace Active Directory uses same domain name
Active Directory uses subdomain of public domain
Active Directory uses separate domain name
contoso.com
contoso.com
ad.contoso.com
contoso.net
![Page 22: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/22.jpg)
22
Split-Brain DNS• The zone that supports AD DS
Secured from Internet exposure Dynamic Fully populated with AD DS client, server, and service records
• The zone that supports the external namespace
Secure Static Populated with the records related to external resources
• Some (manually maintained) duplication of records, such as www
contoso.com
contoso.com• hqdc01• filesvr01• desktop101• www
contoso.com• www• ftp• portal
![Page 23: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/23.jpg)
23
Create a Delegation for an Active Directory Domain• Necessary if child domain zone hosted on different DNS servers
• Create the delegation in the parent DNS domain (zone)
Right-click zone New Delegation Refer to the server that is/will be the child domain DNS server
• Configure DNS client on child domain server
Primary DNS server should be the parent DNS server
• Install the DNS role and zone
Server Manager: Add role, then create primary zoneor
DCPromo can install DNS while promoting to a DC
• Optional but typical configuration
Reconfigure child DNS client to refer to itself as primary DNS server Add parent DNS server as a forwarder on the child server Configure new zone to be Active Directory integrated and secure
dynamic update
![Page 24: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/24.jpg)
24
Active Directory–Integrated Zones
• DNS zone data is stored in AD DS
• Allows multimaster writes to zone
• Replicates DNS zone information using AD DS replication
Leverages efficient replication topology
Uses efficient Active Directory replication processes: incremental updates
• Enables secure dynamic updates
• Security: Can delegate zones, domains, Resource recordscontoso.com• hqdc01• filesvr01• desktop101
zone
![Page 25: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/25.jpg)
25
Application Partitions for DNS Zones
•Store DNS zones in one of the default application partitions
•Or create a custom partition and define its scope
To all domain controllers that are DNS servers in the AD DS domainTo all domain controllers that are DNS servers in the AD DS domain
To all domain controllers in the replication scope for the application partition
To all domain controllers in the replication scope for the application partition
To all domain controllers that are DNS servers in the AD DS forestTo all domain controllers that are DNS servers in the AD DS forest
To all domain controllers in the AD DS domain (as in Windows 2000)To all domain controllers in the AD DS domain (as in Windows 2000)
Domain
Config
Schema
DomainDNSZone
ForestDNSZones
Custom Partition
![Page 26: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/26.jpg)
26
DNS Application Partitions
• Create an application partition
dnscmd ServerName /CreateDirectoryPartition FQDN
• Change zone replication scope
Properties of zone General Change replication
![Page 27: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/27.jpg)
27
Dynamic Updates
Client sends Start ofAuthority (SOA) query
DNS server returns SOA RR
Client sends dynamic updaterequest(s) to identify theprimary DNS server
DNS server respondsthat it can perform update
Client sends unsecured update to DNS server
Resource Records
DNS Server
11
33
44
22
55
11 22 33 44 55 66 77
If zone permits only secureupdates, update is refused66
Client sends secured update to DNS server77
DHCP Client service registers records for client• During client startup• If new/changed IP address (fixed/DHCP) on any network connection• If ipconfig /registerdns is run
![Page 28: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/28.jpg)
28
Background Zone Loading
When a domain controller with Active Directory-integrated DNS zones starts, it:
• Enumerates all zones to be loaded
• Loads root hints from files or AD DS servers
• Loads all zones that are stored in files rather than in AD DS
• Begins responding to queries and remote procedurecalls (RPCs)
• Starts one or more threads to load the zones that are stored in AD DS
![Page 29: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/29.jpg)
29
Service Locator (SRV) Records
SRV resource records allow DNS clients to locate TCP/IP-based services. SRV resource records are used when:
• A domain controller needs to locate replication partners
• A client computer authenticates to AD DS
• A user changes his or her password
• A Microsoft Exchange server performs a directory lookup
• An admin opens Active Directory Users and Computers
_ldap._tcp.contoso.com 600 IN SRV 0 100 389 hqdc01.contoso.com_ldap._tcp.contoso.com 600 IN SRV 0 100 389 hqdc01.contoso.com
protocol.service.name TTL class type priority weight port targetprotocol.service.name TTL class type priority weight port target
SRV record syntax:
Example of an SRV record
![Page 30: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/30.jpg)
30
Domain Controller Location
1. New client queries for all DCs in the domain
Retrieves SRVs from_tcp.domain
2. Attempts LDAP bind to all
3. First DC to respond
Examines client IP andsubnet definitions
Refers client to a site
4. Client stores site in registry
5. Client queries for all DCs in the site
Retrieves SRVs from _tcp.site._sites.domain
6. Attempts LDAP bind to all
7. First DC to respond
Authenticates client
Client forms affinity
8. Subsequently
Client binds to affinity DC
DC offline? Client queries for DCs in registry-stored site
Client moved to another site? DC refers client to another site
![Page 31: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/31.jpg)
31
Read-Only DNS Zones
•DNS server on an RODC with Active Directory–integrated zones
•RODC can resolve client queries
•Changes not allowed on the read-only DNS zone
Records cannot be added manually
Dynamic updates cannot be made
•Dynamic updates are “referred” to writeable DC
Client attempts update
RODC returns an SOA of a writeable Windows Server 2008 domain controller
![Page 32: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/32.jpg)
32
Resolving Single-Label Names
• Client-side resolution process
1. Query DNS with fully qualified domainname (FQDN) created by adding
• DNS suffix of client: ad.contoso.com
- Domain name “devolution”ad.contoso.com then contoso.com
or• DNS suffix search order
- Manage with Group Policy
2. WINS 12 seconds = timeout!
• Server-side resolution
GlobalNames Zone: Specialized zone with single-label CNAME RRs
WINS forward lookup: If zone lookup fails, DNS queries WINS
http://legalapphttp://legalapp
![Page 33: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/33.jpg)
33
Resolve Names Outside Your Domain
• Secondary zone
Create a copy of a zone from another DNS server Requires permissions from the master DNS server
• Forwarders
Send unresolved query as recursive query to other DNS server(s)
• Root hints
Begin iterative queries against root, “.”, name servers DNS server has list of root servers updated with Windows Update
• Conditional forwarders
Send unresolved query for specific domain to other server(s)
• Stub zone
Can be for any domain; dynamically updates NS records Requires TCP Port 53 to be open to all name servers in the domain
![Page 34: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/34.jpg)
34
Reverse Lookup Zone
• Query for IP address, response with host name
• IP address is reversed (specific–to–generic) and appended with in-addr.arpa domain
IP address: 10.0.1.34
Query: 34.1.0.10.in-addr.arpa
• Special domain to support this: in-addr.arpa
Pointer (PTR) record with name (IP octet) and data (hostname)
Fixed IP client registers its PTR
DHCP server registers PTR for client
• Not required, but recommended
Services/applications usereverse lookup as a security check: Who is thisrequest coming from?
DNS ServerClient
34.1.0.10.in-addr.arpa
file34.contoso.com
![Page 35: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/35.jpg)
35
DNS Server and Zone Maintenance
• Scavenge stale resource records
Important in dynamic environments, particularly for SRV RRs
Server aging and scavenging properties
• Defaults for Active Directory-integrated zones
Zone aging and scavenging properties
• Active Directory-integrated zone inherits server property or per-zone• Primary zone ignores server property; must set per-zone.
Scavenging
• Configure automatic scavenging: Server properties Advanced• Manually launch scavenging: Right-click server
• Manage the cache
View the cache: View menu Advanced Features Clear server cache: Right-click server or Cached Lookups node
![Page 36: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/36.jpg)
36
Test and Troubleshoot DNS Server
• Event logs
Visible in DNS Manager, Server Manager, and Event Viewer
• Debug logging
Server Properties dialog box
• Recursive and iterative query tests
Server Properties dialog box
•dcdiag.exe /test:DNS
Performs a wide variety of tests to ensure that AD DS and DNS are working well together
• Network Monitor (packet capture)
![Page 37: 1 Week 7 – DNS and ADDS Integration Review of DNS Concepts, Components, and Processes Install and Configure DNS in an AD DS Domain AD DS, DNS, and Windows](https://reader034.vdocuments.mx/reader034/viewer/2022051516/56649ebc5503460f94bc44d5/html5/thumbnails/37.jpg)
37
Test and Troubleshoot DNS Client
•ipconfig /all
•NSLookup
set server=IP address [Default: Primary DNS Server]
set type=record type [Default: A]
record
•ipconfig /displaydns : display client DNS resolver cache
•ipconfig /flushdns : purge client DNS resolver cache
•ipconfig /registerdns : register client DNS records