1 / 13

Ownership and auditing

Ownership and auditing. Overview. Configure DNS to prepare for Domain Controller installation Checking configuration Running DCPROMO.EXE. Why?. Why is DNS so important? Computer need to find domain controllers when they boot and

daphne-burris
Download Presentation

Ownership and auditing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Ownership and auditing

  2. Overview • Configure DNS to prepare for Domain Controller installation • Checking configuration • Running DCPROMO.EXE

  3. Why? • Why is DNS so important? • Computer need to find domain controllers when they boot and • Users need to find domain controllers when they want to log on. • Domain controllers need to find other domain controllers for replication.HOW??? Through SRV records in DNS

  4. Start with… • First Domain controllerin the First Domain or Root Domain • This is called the root domain of a forest. • The name you choose for this domain will be inherited by all other sub-domains.

  5. Step 1 : preparing DNS on the 1ste DC in a new root domain • Install DNS service. • Configure TCP IP settings on the member server.Preferred dns setting = your own ip address. • Create a new Forward lookup zone: e.g.sales.hq.comsales.localmycompany.edu • Make sure that the zone file supports :DYNAMIC UPDATES • Change the “primary dns suffix” (properties: my computer)

  6. Checkup dynamic update • At this point it is best to check if dynamic update is working correctly. • How?Ipconfig / registerdnsipconfig /flushdnsipconfig /displaydns • Support tools : dcdiag.exe or netdiag.exe

  7. Step 2: running dcpromo • Start > run DCPROMO.EXE • Watch out for • Dns name you choose (has to be the same as what you prepared in DNS) • Recovery password. • Sysvol share • Reboot

  8. Step 3 : check registration • During the first boot after installation,the domain controller needs to register its SRV records on the DNS server. • This can sometimes take a long time. • You can speed it up and check it at the same time by restarting the DNS service and by checking the DNS zone file. • Compare: before DCPROMO after DCPROMO:

  9. Check again • Before you add new domain controllers or new domains, check: • Dns • Zone file • Dcdiag • Now you can continue to build extra domains into your forest

  10. Step 4: adding clients to the domain • Set the preferred dns setting to point to your dns server. • Check dynamic updates • Add the computer to the domain.

  11. Uninstalling AD • You run DCPROMO.EXE and demote the server back to member server.

  12. AD and DNS integration. • If you want to replicate zone file information, • you can use primary and secundary dns zones • Disadvantage : not flexible to configure, not adapted to network topology, uses more bandwith, no scheduling • Or you can put the zone files IN the AD database. Each time that AD replicates with other DNS servers and Domain controllers, zone files are also replicated. • Advantage : you can schedule replication, configure protocols used for replication…

  13. How to integrate DNS zone in AD? • Properties of a dns zone: • Choose AD integrated. • You don’t notice any changes in the dns interface.

More Related