1 / 41

Windows System Administration

Windows System Administration. DNS, DHCP and VPN. Borislav Varadinov. Telerik Software Academy. academy.telerik.com. System Administrator. bobi@itp.bg. Table of Contents. Domain Name System (DNS) Dynamic Host Configuration Protocol (DHCP) Virtual Private Network.

eunice
Download Presentation

Windows System Administration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. WindowsSystem Administration DNS, DHCP and VPN Borislav Varadinov Telerik Software Academy academy.telerik.com System Administrator bobi@itp.bg

  2. Table of Contents • Domain Name System(DNS) • Dynamic Host Configuration Protocol (DHCP) • Virtual Private Network

  3. Domain Name System (DNS)

  4. What is Microsoft DNS Server? • DNS is a widely used standardized protocol • A Request for Comments (RFC)-compliant DNS server • Windows Server Role • Used in TCP/IP networks for naming hosts and network services • Locates hosts and services through user-friendly names • Client-Server architecture service • Support for Active Directory integration

  5. DNS Resolution Process News.com DNS Server .com DNS Server Root DNS Server Local DNS Server DNS Request Example.com DNS Request News.com Example.com

  6. What are forward and reverse zones? • Forward Lookup Zone • Supports the primary function of DNS, the resolution of host names to IP addresses • Reverse Lookup Zone • Supports the resolution of IP addresses to host names

  7. DNS Records • There are many different types of DNS records • Most common: • A • CNAME • MX • NS • PTR • SOA • SRV

  8. Dynamic Update • Dynamic update enables DNS client computers to: • Register their resource records • Dynamically update their resource records • Dynamic update is additional DNS standard specification(RFC 2136)

  9. What Are the DNS Zone Types? • Primary • Secondary • Stub • Active Directory-Integrated

  10. Active Directory-integrated DNS • Usually DNS Servers store their zones data as text files on the file system • Active Directory–integrated DNS enables to: • Store zone data in AD database • Replicate DNS zone data through AD replication • Secure Dynamic Updates • Allows multimaster writes to zone • Available only on Domain Controllers

  11. Stub Zone • A stub zone is a copy of a zone that contains only those resource records that are necessary to identify the authoritative DNS servers for that zone

  12. Manageable Name Resolution • Root Hints • Root Hints is a list of IP addresses of DNS servers that are authoritative at the root level of the DNS hierarchy • Forwarders • A forwarder is a DNS server that forwards DNS queries for external names to DNS servers outside that network • Conditional Forwarders • A conditional forwarder is a DNS server that forwards DNS queries according to the DNS domain name in the query

  13. Zone Delegation • DNS provides the option of dividing up the namespace into one or more zones • DNS delegations can be used to: • Delegate management of part of your DNS namespace to another location or department • Divide large zone into smaller zones to distribute traffic loads among multiple servers • Extend the namespace by adding numerous subdomains

  14. High Availability • The DNS Services high availability is achieved by using multiple DNS Servers • Use secondary DNS Servers • Use Active Directory-integrated zones • DNS Client chooses primary DNS Server and if it is no available, it asks the next server • In domain infrastructure always put only Domain Controllers for primary and secondary

  15. Aging and Scavenging • Provides a mechanism for performing cleanup and removal of stale resource records (RRs) • Aging • Scavenging • DNS server can determine that RRs have aged to the point of becoming stale and remove them from zone data

  16. Advanced Server Options • Round Robin • Used to randomize the results of a similar type of query to provide basic load-balancing functionality • Netmask Ordering • Used to return addresses for type A DNS queries to prioritize local resources to the client • Disable Recursion

  17. DNS Management Tools • DNS Manager (DNSMgmt.msc) • DNSCMD.exe

  18. Demonstration • Install DNS Role • Create new forward and reverse lookup zones • Configure Server and Zone settings • Demonstrate DDNS • Demonstrate Active Directory-Integrated replication • Demonstrate Primary and Secondary DNS Server usage • Demonstrate Forwarders and Conditional Forwarders

  19. Dynamic Host Configuration Protocol (DHCP)

  20. What is DHCP? • Widely used standardized protocol • Windows Server Role • Client-Server architecture • Integrated with Active Directory and DNS • Authorization • DNS Dynamic Update

  21. Authorize DHCP Server • DHCP Authorization is a process that: • Register the DHCP Server IP address in Active Directory • Prevent not authorized DHCP Servers to lease IP addresses on the network • Stand-alone DHCP Servers detects if an authorized server is working on the same network segment (Only for Windows Servers)

  22. Demonstration • Install DHCP Server Role • Verify that DHCP Server is authorized

  23. Scope • A scope must be properly defined and activated before DHCP clients can use the DHCP server for automatic TCP/IP configuration • A scope has the following properties: • Scope name • Range of possible IP addresses • Unique subnet mask (which determines the network ID for the scope) • Lease duration values

  24. DHCP Options • The DHCP options are various configuration settings that are passed to the DHCP Clients • Common DHCP options • DNS Servers • DNS Domain Name • Routers • NTP Servers

  25. Reservations • You can reserve IP addresses for assignment to specified computers or devices • Reservations ensure that a specified devices always receives the same IP address. • Use reservations for devices that must always have the same IP address: • such as servers that do not support Domain Name System (DNS) dynamic update.

  26. Preventing address conflicts • Windows Server 2008 DHCP has both server-side and client-side conflict detection to prevent duplicate IP addresses on your network. • Client conflict detection • Server conflict detection

  27. Relay Agent • Relay agent is a service that relays DHCP messages between DHCP clients and DHCP servers on different IP networks

  28. DHCP High Availability • Split Scope • Failover Clustering

  29. Vendor and Users classes • Vendor Class • User Class • Ipconfig /setclassid

  30. DHCP Server Management Tools • DHCP MMC Console • Netsh

  31. Demonstration • Install DHCP Role • Create new scope • Configure Server and Scope settings

  32. VPN and DirectAccess

  33. What Is Routing and Remote Access (RRAS)? • Role Service of Network Access and Policy Services • Provides Routing and NAT functions • Provides Dial-Up and VPN functions

  34. VPN Internet

  35. Tunneling Protocols for VPN • PPTP • L2TP • SSTP • IKEv2

  36. VPN Server Requirements • Two NICs • IP Address allocation • Local Administrator

  37. CMAK Connection Profile • Management software that simplifies and enhances the management of remote connections • Usesprofiles made of connection settings that allow connections from the local computer to a remote network • Profiles can be distributed to client computers

  38. Network Policy Server (NPS) • Network Policy Server (NPS) can be used as a RADIUS server • Performs (For RADIUS clients): • Authentication • Authorization • Accounting

  39. DirectAccess • New remote access feature • Allows connectivity to corporate network • Differs from the traditional VPN connections • Provides support only for domain-joined Windows 7 and above • Enables seamless connectivity to corporate networks

  40. Group Policy http://academy.telerik.com

  41. Free Trainings @ Telerik Academy • "Web Design with HTML 5, CSS 3 and JavaScript" course @ Telerik Academy • html5course.telerik.com • Telerik Software Academy • academy.telerik.com • Telerik Academy @ Facebook • facebook.com/TelerikAcademy • Telerik Software Academy Forums • forums.academy.telerik.com

More Related