1 / 61

[TNT1-114]

[TNT1-114]. DNS and Active Directory NYeWin 6/2/2005 Michael J. Murphy TechNet Presenter MJMurphy@microsoft.com http://blogs.technet.net.com/mjmurphy. Prerequisite Knowledge. Windows Server 2003 Active Directory Structure DNS Concepts. Level 200. Agenda. DNS Features &Configuration

tamekah-blanchard
Download Presentation

[TNT1-114]

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. [TNT1-114]

  2. DNS and Active Directory NYeWin 6/2/2005 Michael J. Murphy TechNet Presenter MJMurphy@microsoft.com http://blogs.technet.net.com/mjmurphy

  3. Prerequisite Knowledge • Windows Server 2003 • Active Directory Structure • DNS Concepts Level 200

  4. Agenda • DNS Features &Configuration • Active Directory Integration • Installing and Managing DNS

  5. DNS Features &Configuration DNS Basics • Domain Naming System • Name Resolution Protocol for TCP/IP Networks • Hierarchical, Distributed Database Forward Lookup Zone Reverse Lookup Zone Who is NY-CERT-01? Who is 192.168.80.9? TCP/IP NY-CERT-01 = 192.168.80.6 192.168.80.9 = NY-WXP-01

  6. DNS Features &Configuration Namespace Structure Internet Root . Top-level Domains com org Second Level Domains gov Contoso.com WideWorldImporters.com IRS.gov us.Contoso.com research.Contoso.com Sub-domains

  7. DNS Features &Configuration Namespace Structure Contoso.local us.Contoso.local research.Contoso.local

  8. DNS Features & Configuration Name Resolution by Root Hints DNS Server Query: www.contoso.com Requesting Client

  9. DNS Features & Configuration Name Resolution by Root Hints DNS Server Requesting Client

  10. DNS Features & Configuration Name Resolution by Root Hints DNS Server Query: www.contoso.com Reply: com is delegated to com Server “.” Zone Delegation com Zone Requesting Client

  11. DNS Features & Configuration Name Resolution by Root Hints DNS Server Query: www.contoso.com Reply: com is delegated to com Server “.” Zone Query: www.contoso.com Delegation Reply: contoso.com is delegated to contoso.com Server Reply: 192.168.80.5 Query: www.contoso.com com Zone Delegation contoso.com Zone Requesting Client

  12. DNS Features & Configuration Name Resolution by Root Hints DNS Server Query: www.contoso.com Reply: com is delegated to com Server “.” Zone Query: www.contoso.com Delegation Reply: contoso.com is delegated to contoso.com Server Query: www.contoso.com Reply: 192.168.80.5 com Zone Delegation contoso.com Zone Requesting Client

  13. DNS Features & Configuration Name Resolution by Root Hints DNS Server Query: www.contoso.com Reply: com is delegated to com Server “.” Zone Query: www.contoso.com Delegation Reply: contoso.com is delegated to contoso.com Server Reply: 192.168.80.5 Query: www.contoso.com Reply: 192.168.80.5 com Zone Delegation contoso.com Zone Requesting Client

  14. DNS Features & Configuration Name Resolution by Forwarding Internal DNS Server Query: www.contoso.com Requesting Client

  15. DNS Features & Configuration Name Resolution by Forwarding Internal DNS Server DMZ DNS Server Query: www.contoso.com Requesting Client

  16. DNS Features & Configuration Name Resolution by Forwarding Internal DNS Server DMZ DNS Server “.” Zone Query: www.contoso.com com Zone contoso.com Zone Requesting Client

  17. DNS Features & Configuration Name Resolution by Forwarding Internal DNS Server DMZ DNS Server Query: www.contoso.com Requesting Client

  18. DNS Features & Configuration Name Resolution by Forwarding Internal DNS Server DMZ DNS Server Query: www.contoso.com contoso.com Zone Requesting Client

  19. Agenda • DNS Features & Configuration • Active Directory Integration • Installing and Managing DNS

  20. Active Directory IntegrationPrimary and Secondary Zones London Site Seattle Site Primary DNS Server Secondary DNS Servers Secondary DNS Servers Secondary DNS Servers New York Site Tilbury Site

  21. Active Directory IntegrationPrimary and Secondary Zones London Site Seattle Site Primary DNS Server Secondary DNS Servers Secondary DNS Servers Secondary DNS Servers New York Site Tilbury Site

  22. Active Directory IntegrationPrimary and Secondary Zones London Site Seattle Site Primary DNS Server Secondary DNS Servers Secondary DNS Servers Secondary DNS Servers New York Site Tilbury Site

  23. Active Directory IntegrationPrimary and Secondary Zones London Site Seattle Site Primary DNS Server Secondary DNS Servers Secondary DNS Servers Secondary DNS Servers New York Site Tilbury Site

  24. Active Directory IntegrationPrimary and Secondary Zones London Site Seattle Site Primary DNS Server Secondary DNS Servers Secondary DNS Servers Secondary DNS Servers New York Site Tilbury Site

  25. Active Directory IntegrationActive Directory Integrated Zones London Site Seattle Site Primary DNS Server Primary DNS Servers Primary DNS Servers Primary DNS Servers New York Site Tilbury Site

  26. Active Directory IntegrationActive Directory Integrated Zones London Site Seattle Site Primary DNS Server Primary DNS Servers Primary DNS Servers Primary DNS Servers New York Site Tilbury Site

  27. Active Directory IntegrationActive Directory Integrated Zones London Site Seattle Site Primary DNS Server Primary DNS Servers Primary DNS Servers Primary DNS Servers New York Site Tilbury Site

  28. Active Directory IntegrationAD Integrated Zone Structure NY-DNS-01 Forward Lookup Zones Contoso.com _msdcs _sites Contoso.com _tcp _udp DomainDnsZones ForestDnsZones Reverse Lookup Zones

  29. Active Directory IntegrationDirectory Partitions DC=WideWorldImporters,DC=com CN=Configuration,DC=WideWorldImporters,DC=com CN=Schema,CD=ConfigurationDC=WideWorldImporters,DC=com

  30. Active Directory IntegrationDirectory Partitions DC=WideWorldImporters,DC=com CN=Configuration,DC=WideWorldImporters,DC=com CN=Schema,CD=ConfigurationDC=WideWorldImporters,DC=com DC=DomainDnsZones,DC=WideWorldImporters,DC=com DC=ForestDnsZones,DC=WideWorldImporters,DC=com

  31. Active Directory IntegrationDirectory Partitions DC=WideWorldImporters,DC=com CN=Configuration,DC=WideWorldImporters,DC=com CN=Schema,CD=ConfigurationDC=WideWorldImporters,DC=com DC=DomainDnsZones,DC=WideWorldImporters,DC=com DC=ForestDnsZones,DC=WideWorldImporters,DC=com DC=Intranet,DC=WideWorldImporters,DC=com

  32. Active Directory IntegrationForward Lookup Zones • Stores all Resource Records for Zone • Translates FQDN into IP Addresses • Required by AD to locate Services

  33. Active Directory IntegrationReverse Lookup Zones • Stores all PTR records for Zone • Resolves IP Addresses to FQDN • Application Security

  34. Active Directory IntegrationStub Zones Stub Zone: research.contoso.com Parent Zone: contoso.com SOA: research.contoso.com NS: DNS01.research.contoso.com A: 192.168.80.25 NS: DNS02.research.contoso.com A: 192.168.80.25 DNS01.contoso.com Zone Transfer Child Zone: research.contoso.com SOA: research.contoso.com NS: DNS01.research.contoso.com A: 192.168.80.25 MX: mail.research.contoso.com SRV: _ldap._tcp.research.contoso.com SRV: _kerberos._tcp.research.contoso.com NS: DNS02.research.contoso.com A: 192.168.80.25 DNS01.research.contoso.com

  35. Active Directory IntegrationDelegation of Authority • Divide Namespace into Additional Zones • Delegate DNS Management • Divide DNS Zones to Distribute Traffic • Extend the Namespace

  36. Active Directory IntegrationDelegation of Authority • Divide Namespace into Additional Zones • Delegate DNS Management • Divide DNS Zones to Distribute Traffic • Extend the Namespace contoso.com research eur asia us

  37. Active Directory IntegrationDelegation of Authority • Divide Namespace into Additional Zones • Delegate DNS Management • Divide DNS Zones to Distribute Traffic • Extend the Namespace Delegation & Glue Records Added research.contoso.com NS dns1.research.contoso.com dns1.research.contoso.com A NS 192.168.32.1 contoso.com research dns1.research.contso.com registers SOA for the delegated zone. eur asia us

  38. Agenda • DNS Features & Configuration • Active Directory Integration • Installing and Managing DNS

  39. Installing and Managing DNS Configure Your Server Wizard • Single Management Interface • Manage Server Roles • Integrated with Microsoft Help

  40. Installing and Managing DNS DNS Installation Wizard • Simplifies Configuration of Server Roles • Installs Only Required Components • Ensures Secure Configuration

  41. Installing and Managing DNS DNS Management Console • Microsoft Management Console Snap-in • Organizes DNS Hierarchy • Manage Multiple DNS Servers

  42. Installing and Managing DNS DNS Resource Records • Start of Authority (SOA)

  43. Installing and Managing DNS DNS Resource Records • Start of Authority (SOA) • Name Server (NS)

  44. Installing and Managing DNS DNS Resource Records • Start of Authority (SOA) • Name Server (NS) • Host (A)

  45. Installing and Managing DNS DNS Resource Records • Start of Authority (SOA) • Name Server (NS) • Host (A) • Alias (CNAME)

  46. Installing and Managing DNS DNS Resource Records • Start of Authority (SOA) • Name Server (NS) • Host (A) • Alias (CNAME) • Mail Exchanger (MX)

  47. Installing and Managing DNS DNS Resource Records • Start of Authority (SOA) • Name Server (NS) • Host (A) • Alias (CNAME) • Mail Exchanger (MX) • Pointer (PTR)

  48. Installing and Managing DNS DNS Resource Records • Start of Authority (SOA) • Name Server (NS) • Host (A) • Alias (CNAME) • Mail Exchanger (MX) • Pointer (PTR) • Service Location (SRV)

  49. Installing and Managing DNS Other Resource Records Types Next Domain (NXT) Mailbox Information (MINFO) Public Key (KEY) Host Information (HINFO) Well Known Services (WKS) Integrated Services Digital Network (ISDN) AFS Database (AFSDB) Responsible Person (RP) Signature (SIG) Renamed Mailbox (MR) Mailbox (MB) ATM Address (ATMA) Route Through (RT) Mail Group (MG) IPv6 Host (AAAA) X.25 (X25) Text (TXT) Option (OPT)

  50. Installing and Managing DNS Registering Service Locator Records • NETLOGON.dns lists SRV records

More Related