Tag Archives: DNS server

Step by Step guide to setup Active Directory on Windows Server 2012

This tutorial will explain how to install AD on server 2012 R2.

Requirement:

Minimum: 1.4 Ghz 64-bit processor

Minimum: 512 MB RAM

Minimum: 32 GB or greater

The first step is to get server 2012 install on a server. it is very similar to server 2008 install and in one of my previous posts i have discribe how to do the install in details.

1

Next thing we need to do is get network interfaces configured. it is obvious to use static ip address for the server. Since the server will be act as DNS server, for DNS server field you can use local host address 127.0.0.1

2

It is recommend to use meaning full name as the server name. in demo i renamed it as "DCPR1"

3

After this we are ready to start on the AD install. As per my next step i will start DNS role install first. This is not must to do, you also can install dns during the AD install. But as per best practice i always prefer to add DNS role first.
To do this we need to start "Server Manager" it can opne using shortcut on task bar or from Start > Server Manager

4

Then in Server Manager window click on option "Add roles and features" option.

5

Then it will load the "Add Role Wizard", Click next to continue

6

In next window keep "Role-based or feature-based installation" default selection and click on next.

7

In next window we can select which server to install role. in our case it will be local. so keep the default selection and click on next.

8

In next window it give option to select the roles. select the "DNS Server" and click on box to tick it.

9

Then it will prompt window to inform about the related additional features which DNS role need. click on "Add features" to continue.

10

In next window it gives option to select any additional feature, but in here i will keep it default. click on next to continue

11

Then it will give brief introduction about the DNS role, click on next button to continue

12

In next window it will give details about the selected features and click on "Install" to begin the installation

13

Then it will begin the installation and we need to wait till it completes.

14

Once its completes click on close.

15

Then you can access DNS server using server manager > tools > DNS

16

 

17

Now we have every thing ready for AD install. so lets load server manager again and click on "Add roles and features"

5

Then it will load the "Add roles and features" wizard. click on next to continue.

6

In next window keep "Role-based or feature-based installation" default selection and click on next.

7

In next window we can select which server to install role. in our case it will be local. so keep the default selection and click on next.

8

In next window it gives option to select the roles. select and click on tick box "Active Directory Domain Services"

dc1

Then it will prompt window to indicate the additional feature installations related to selected role. click on "Add Features" to continue.

dc3

Then in next window click on next to continue

dc4

In next window it will give option to select addtional feature to install. but i will keep the default selection. click next to install.

dc5

In next window it give brief description about the AD service. click on next to continue.

dc6

In next window it gives brief about the installation. click on "install" to start the installation.

dc7

In next window it will begins the service install and we have to wait till it finish.

dc8

Once it finish click on "close" to exit from the wizard. then next step is to reboot the server to complete the installation.

dc9

After that completes we need to start on the DC setup. to start that open the "Server Manager" and click Task flag on right hand corner. then it will list option as below picture. click on "promote this server to a domain controller" option ( highlighted with yellow in picture)

c1

Then it starts the DCPROMO wizard. on the first window since its going to be new forest i have selected option "Add a new forest" and i typed the domain name "contoso.com" which i will be using on the forest. once fill the info click on "next" to continue.

c2

In next window we can select the forest and domain functional levels. i will keep it default. then in domain controller capabilities its by default selected DNS server and Global Catalog as its first DC in the forest. then we need to defined password to use in DC recovery. click on next to continue.

c3

In next window it will give following error but it can be ignore. click on next to continue.

c4

c5

In next window it ask for the netbios name. we can keep it default and click on next to continue.

c6

In next window it give option to change file paths for AD database, log files and SYSVOL files. we can change the paths or keep them defaults. once changes are done click on next to continue.

c7

In next window it gives description about the installation. click on next to continue.

c8

In next window it will run system check and verify system is compatible with the selected installation. once test completes successfully click on install button to begin the installation. if its passes any critical errors those needs to be address before the installation begin.

c9

then it will start the install and we need to wait till it finishes.

c10

Once its complete the install it will automatically reboot the server.

Once server is rebooted log in to server using domain admin credentials.

In our demo it will be in format of

user : contoso\Administrator

password : XXXXXXXXX

Once login, load the "Server manager" and click on "AD DS" option in right hand list. then select and right click as showed in screenshot to start with AD configuration.

c11

Now we successfully completed with the DC setup on server 2012 R2. if you have any issue about the steps feel free to contact me on rebeladm@live.com

How to create child domain server ?

Sometime to maintain network hierarchy in a domain environment you may need to create child domains. I have seen in various occasions its called as "sub domain" as well. But the microsoft recommended term for this is "Child Domain".

In a domain environment child domains can be use on separate departments, branches. it can be in different geographical areas or even in same building. It is hard to define exact situations where child domains should implement on a domain environment. But this helps to define security, resources boundaries. you can apply different policies, permissions for set of users, resources in child domain with out affecting parent domain rules, policies. its provide more control over the network and its resources and get best benefits out of it.

in here my demo i have parent domain called sprint.local installed. it is windows 2008 R2. I will install child domain called "sales" under parent domain sprint.local.

Before we start on setup, the server need to be prepare by installing windows server 2008 r2, DNS server role, Active directory domain services role. I have described how these roles can be added in previous section. Also server ip addresses should be changed in to static and change it to the same network segment where primary domain controller runs.

•    Once all above are done start the dcpromo wizard by Start > Run > dcpromo. Then click on “next” to continue.

ch1

•    Then it will give message about the OS and compatibility. Click on “next” to continue.

ch2

•    The next step is important. In here it will give opportunity to select what kind of setup we need with AD. So as per requirement we will need to use “existing forest” but “create new domain controller in existing forest”. After selecting those options click “next” to continue.

ch3

•    In next window we can input the details about the existing forest. As per setup its “sprint.local” and specify the credentials to log in to it.

ch4

•    In next wizard it asks for the sub domain name. here the parent domain will be “sprint.local” and subdomain will be “sales.sprint.local” then press next to continue.

ch5

•    In next window it will ask to select the site. As I explain here I will not be go for different sites setup. I will be using one site setup. Select the default and click on next to continue.

ch6

•    In next window we need to select to make it as “global catalog” server and “dns server”. It will give opportunity to each department to handle the login requests as well as dns queries.

ch7

•    In next window it will show the paths for logs.

ch8

•    Next window is to define recovery password, once create a password click on “next” to continue.

ch9

•    In next window it will give the summery. Click next to continue.

ch10

•    In next window it will start the installation.

ch11

•    After reboot you can login to domain using

User Name : sales.sprint.local\administrator
Password : xxxxxxx

Under Active Directory Users and Computers it will show the subdomain dc attributes

ch12

•    In Primary domain controller under “Active Directory Sites and Services “we can see the newly added “Test2” DC.

ch13

 

DNS (Domain Name Service)

This is the main and commonly used name resolution technique in modern computer networks. There are two main name space principles, the domain name hierarchy and IP space. DNS represents the domain hierarchy and provide translation services for it and IP name spaces. DNS servers will keep records about hostnames along with the ip addresses and depend on the queries it will translate IP addresses to hostname or hostnames to IP addresses. Users more like to use user-friendly domain names, hostnames instead of complex ip addresses. If you look in to IPV6 it’s really hard to use IP address to communicate as it’s too complex. With use of DNS you don’t need to keep track of those ip addresses.
 
There is lot of DNS servers available from different vendors but it’s all doing the same thing. Most popular DNS servers are Microsoft Windows DNS servers and BIND DNS servers runs on linux/unix kernel.
 
These DNS servers will holds different type of service records such as Mail exchange (MX) which defines the domain mail server settings, Name Server Records (NS), Canonical Name Record (CNAME) to represent alias for another DNS name etc.

Let’s look how you can simply setup DNS server on Windows Server 2008 R2.

1.    As the first option you need to log in to the server with administrator privileges. Then click on “Server Manager” in the Task Bar. It will load the server manager interface. From it select “Roles”.

dns1

2.    Then click on “Add Roles” to continue. It will load the add roles wizard. Click on “Next”

dns2

3.    From the list select “DNS server” and click on “Next” to continue.

dns3

4.    Then it will give description about DNS server. Click “Next” to Continue.

dns4

5.    Then it will give Confirmation and click on “Install” to continue.

dns5

6.    Once it install it will give a confirmation.

dns6

7.    After the installation you can start the server interface by Start > Administrative Tools > DNS

dns7

dns8

8.    Now we need to create Lookup Zones. Let’s starts with Forward Lookup Zones. First right click on “Forward Lookup Zone” and Add new Zone.

dns9

9.    It will open new Wizard and click on “Next” then new window will appear select “Primary Zone” since this going to be the first DC server. Click on Next after selecting.

dns14

10.    In next window it ask about the Zone name. you have to put same name you used as prefix name in previous step.

dns11

11.    In next window click on option “Allow both nonsecure and secure dynamic updates” option to accept updates automatically to DNS Zone. and click “Next” it will end the wizard and click on “Finish” to create Zone.

dns12

12.    The next step is to create “Reverse Lookup Zone”. in DNS window right click on “Reverse Lookup Zone” and click Create new Zone

dns13

13.    In next window click on “Next” to start and select “Primary Zone” as its first server and click on next

dns14

14.    In next window in network id section put the first 3 segments of the ip range. And click on Next

dns15

15.    In next window keep default name for the zone name and click on next.

dns16

16.    In updates window allow “Allow both nonsecure and secure dynamic updates” and click on next

17.    In next window click on finish and it will create the zone. With this we done with the DNS server setup.

dns17

After create the necessary zone files, we can add records to the zones. Computers that need to be accessed from Active Directory and DNS domains must have DNS records. Although there are many different types of DNS records, most of these record types aren't commonly used. Let’s see some of the DNS records available.

•    A (address) Maps a host name to an IP address. When a computer has multiple adapter cards or IP addresses, or both, it should have multiple address records.
•    CNAME (canonical name) Sets an alias for a host name. For example, using this record, zeta.microsoft.com can have an alias as www.greenwich.com
•    MX (mail exchange) Specifies a mail exchange server for the domain, which allows mail to be delivered to the correct mail servers in the domain.
•    NS (name server) Specifies a name server for the domain, which allows DNS lookups within various zones. Each primary and secondary name server should be declared through this record.
•    PTR (pointer) Creates a pointer that maps an IP address to a host name for reverse lookups.
•    SOA (start of authority) Declares the host that's the most authoritative for the zone and, as such, is the best source of DNS information for the zone. Each zone file must have an SOA record (which is created automatically when you add a zone).