https://www.highcpmrevenuegate.com/znhs9k46?key=09d687ecc7889173937172adb21a36b0

Friday, 22 February 2013

How to configure DNS for Internet access in Windows Server 2003

How to configure DNS for Internet access in Windows Server 2003

 

This step-by-step guide describes how to configure Domain Name System (DNS) for Internet access in the Windows Server2003 products. DNS is the core name resolution tool that is used on the Internet. DNS handles resolution between host names and Internet addresses.

How to Start with a Stand-Alone Server Running Windows Server 2003

The stand-alone server running Windows Server 2003 becomes a DNS server for your network. In the first step, you assign this server a static Internet Protocol (IP) address. DNS servers must not use dynamically assigned IP addresses because a dynamic change of address could cause clients to lose contact with the DNS server.

Step 1: Configure TCP/IP

  1. Click Start, point to Control Panel, point to Network Connections, and then click Local Area Connection.
  2. Click Properties.
  3. Click Internet Protocol (TCP/IP), and then click Properties.
  4. Click the General tab.
  5. Click Use the following IP address, and then type the IP address, subnet mask, and default gateway address in the appropriate boxes.
  6. Click Advanced, and then click the DNS tab.
  7. Click Append primary and connection specific DNS suffixes.
  8. Click to select the Append parent suffixes of the primary DNS suffix check box.
  9. Click to select the Register this connection's addresses in DNS check box.

    Note that DNS servers running Windows Server 2003 must point to themselves for DNS. If this server needs to resolve names from its Internet service provider (ISP), you must configure a forwarder. Forwarders are discussed in the How to Configure Forwarders section later in this article.
  10. Click OK three times.

    NOTE: If you receive a warning from the DNS Caching Resolver service, click OK to dismiss the warning. The caching resolver is trying to contact the DNS server, but you have not finished configuring the server.

Step 2: Install Microsoft DNS Server

  1. Click Start, point to Control Panel, and then click Add or Remove Programs.
  2. Click Add or Remove Windows Components.
  3. In the Components list, click Networking Services (but do not select or clear the check box), and then click Details.
  4. Click to select the Domain Name System (DNS) check box, and then click OK.
  5. Click Next.
  6. When you are prompted, insert the Windows Server 2003 CD-ROM into the computer's CD-ROM or DVD-ROM drive.
  7. On the Completing the Windows Components Wizard page, click Finish when Setup is complete.
  8. Click Close to close the Add or Remove Programs window.

Step 3: Configure the DNS Server

To configure DNS by using the DNS snap-in in Microsoft Management Console (MMC), follow these steps:
  1. Click Start, point to Programs, point to Administrative Tools, and then click DNS.
  2. Right-click Forward lookup zones, and then click New Zone
  3. When the New Zone Wizard starts, click Next.

    You are prompted for a zone type. The zone types include:

    • Primary zone: Creates a copy of a zone that can be updated directly on this server. This zone information is stored in a .dns text file.
    • Secondary zone: A standard secondary zone copies all of the information from its master DNS server. A master DNS server can be an Active Directory, primary, or secondary zone that is configured for zone transfers. Note that you cannot modify the zone data on a secondary DNS server. All of its data is copied from its master DNS server.
    • Stub zone: A Stub zone contains only those resource records that are necessary to identify the authoritative DNS servers for that zone. Those resource records include Name Server (NS), Start of Authority (SOA), and possibly glue Host (A) records.
    There is also an option to the store zone in Active Directory. This option is only available if the DNS server is a Domain controller.
  4. The new forward lookup zone must be a primary or an Active Directory-integrated zone so that it can accept dynamic updates. Click Primary, and then click Next.
  5. The new zone contains the locator records for this Active Directory-based domain. The name of the zone must be the same as the name of the Active Directory-based domain, or be a logical DNS container for that name. For example, if the Active Directory-based domain is named "support.microsoft.com", valid zone names are "support.microsoft.com" only.

    Accept the default name for the new zone file. Click Next.

    NOTE: Experienced DNS administrators may want to create a reverse lookup zone, and are encouraged to explore this branch of the wizard. A DNS server can resolve two basic requests: a forward lookup and a reverse lookup. A forward lookup is more common. A forward lookup resolves a host name to an IP address with an "A" or Host Resource record. A reverse lookup resolves an IP address to a host name with a PTR or Pointer Resource record. If you have your reverse DNS zones configured, you can automatically create associated reverse records when you create your original forward record.

How to Remove the Root DNS Zone

A DNS server running Windows Server 2003 follows specific steps in its name-resolution process. A DNS server first queries its cache, it checks its zone records, it sends requests to forwarders, and then it tries resolution by using root servers.

By default, a Microsoft DNS server connects to the Internet to process DNS requests more with root hints. When you use the Dcpromo tool to promote a server to a domain controller, the domain controller requires DNS. If you install DNS during the promotion process, a root zone is created. This root zone indicates to your DNS server that it is a root Internet server. Therefore, your DNS server does not use forwarders or root hints in the name-resolution process.

  1. Click Start, point to Administrative Tools, and then click DNS.
  2. Expand ServerName, where ServerName is the name of the server, click Properties and then expand Forward Lookup Zones.
  3. Right-click the "." zone, and then click Delete.

How to Configure Forwarders

Windows Server 2003 can take advantage of DNS forwarders. This feature forwards DNS requests to external servers. If a DNS server cannot find a resource record in its zones, it can send the request to another DNS server for additional attempts at resolution. A common scenario might be to configure forwarders to your ISP's DNS servers.
  1. Click Start, point to Administrative Tools, and then click DNS.
  2. Right-click ServerName, where ServerName is the name of the server, and then click the Forwarders tab.
  3. Click a DNS domain in the DNS domain list. Or, click New, type the name of the DNS domain for which you want to forward queries in the DNS domain box, and then click OK.
  4. In the Selected domain's forwarder IP address box, type the IP address of the first DNS server to which you want to forward, and then click Add.
  5. Repeat step 4 to add the DNS servers to which you want to forward.
  6. Click OK.

How to Configure Root Hints

Windows can use root hints. The Root Hints resource records can be stored in either Active Directory or in a text file (%SystemRoot%\System32\DNS\Cache.dns). Windows uses the standard Internic root server. Also, when a server running Windows Server 2003 queries a root server, it updates itself with the most recent list of root servers.
  1. Click Start, point to Administrative Tools, and then click DNS.
  2. Right-click ServerName, where ServerName is the name of the server, and then click Properties.
  3. Click the Root Hints tab. The DNS server's root servers are listed in the Name servers list.

    If the Root Hints tab is unavailable, your server is still configured as a root server. See the How to Remove the Root DNS Zone section earlier in this article. You may have to use custom root hints that are different from the default. However, a configuration that points to the same server for root hints is always incorrect. Do not modify your root hints. If your root hints are incorrect and have to be replaced, click the following article number to view the article in the Microsoft Knowledge Base:
    237675 Setting up the Domain Name System for Active Directory

How to Configure DNS Behind a Firewall

Proxy and Network Address Translation (NAT) devices can restrict access to ports. DNS uses UDP port 53 and TCP port 53. The DNS Service Management console also uses RCP. RCP uses port 135. These are potential issues that may occur when you configure DNS and firewalls.

 

How To Create an Active Directory Server in Windows Server 2003

How To Create an Active Directory Server in Windows Server 2003

 This article describes how to install and configure a new Active Directory installation in a laboratory environment that includes Windows Server 2003 and Active Directory. Note that you will need two networked servers that are running Windows Server 2003 for this purpose in a laboratory environment.

Creating the Active Directory

After you have installed Windows Server 2003 on a stand-alone server, run the Active Directory Wizard to create the new Active Directory forest or domain, and then convert the Windows Server 2003 computer into the first domain controller in the forest. To convert a Windows Server 2003 computer into the first domain controller in the forest, follow these steps:
  1. Insert the Windows Server 2003 CD-ROM into your computer's CD-ROM or DVD-ROM drive.
  2. Click Start, click Run, and then type dcpromo.
  3. Click OK to start the Active Directory Installation Wizard, and then click Next.
  4. Click Domain controller for a new domain, and then click Next.
  5. Click Domain in a new forest, and then click Next.
  6. Specify the full DNS name for the new domain. Note that because this procedure is for a laboratory environment and you are not integrating this environment into your existing DNS infrastructure, you can use something generic, such as mycompany.local, for this setting. Click Next.
  7. Accept the default domain NetBIOS name (this is "mycompany" if you used the suggestion in step 6). Click Next.
  8. Set the database and log file location to the default setting of the c:\winnt\ntds folder, and then click Next.
  9. Set the Sysvol folder location to the default setting of the c:\winnt\sysvol folder, and then click Next.
  10. Click Install and configure the DNS server on this computer, and then click Next.
  11. Click Permissions compatible only with Windows 2000 or Windows Server 2003 servers or operating systems, and then click Next.
  12. Because this is a laboratory environment, leave the password for the Directory Services Restore Mode Administrator blank. Note that in a full production environment, this password is set by using a secure password format. Click Next.
  13. Review and confirm the options that you selected, and then click Next.
  14. The installation of Active Directory proceeds. Note that this operation may take several minutes.
  15. When you are prompted, restart the computer. After the computer restarts, confirm that the Domain Name System (DNS) service location records for the new domain controller have been created. To confirm that the DNS service location records have been created, follow these steps:
    1. Click Start, point to Administrative Tools, and then click DNS to start the DNS Administrator Console.
    2. Expand the server name, expand Forward Lookup Zones, and then expand the domain.
    3. Verify that the _msdcs, _sites, _tcp, and _udp folders are present. These folders and the service location records they contain are critical to Active Directory and Windows Server 2003 operations.

Adding Users and Computers to the Active Directory Domain

After the new Active Directory domain is established, create a user account in that domain to use as an administrative account. When that user is added to the appropriate security groups, use that account to add computers to the domain.
  1. To create a new user, follow these steps:
    1. Click Start, point to Administrative Tools, and then click Active Directory Users and Computers to start the Active Directory Users and Computers console.
    2. Click the domain name that you created, and then expand the contents.
    3. Right-click Users, point to New, and then click User.
    4. Type the first name, last name, and user logon name of the new user, and then click Next.
    5. Type a new password, confirm the password, and then click to select one of the following check boxes:

      • Users must change password at next logon (recommended for most users)
      • User cannot change password
      • Password never expires
      • Account is disabled
      Click Next.
    6. Review the information that you provided, and if everything is correct, click Finish.
  2. After you create the new user, give this user account membership in a group that permits that user to perform administrative tasks. Because this is a laboratory environment that you are in control of, you can give this user account full administrative access by making it a member of the Schema, Enterprise, and Domain administrators groups. To add the account to the Schema, Enterprise, and Domain administrators groups, follow these steps:
    1. On the Active Directory Users and Computers console, right-click the new account that you created, and then click Properties.
    2. Click the Member Of tab, and then click Add.
    3. In the Select Groups dialog box, specify a group, and then click OK to add the groups that you want to the list.
    4. Repeat the selection process for each group in which the user needs account membership.
    5. Click OK to finish.
  3. The final step in this process is to add a member server to the domain. This process also applies to workstations. To add a computer to the domain, follow these steps:
    1. Log on to the computer that you want to add to the domain.
    2. Right-click My Computer, and then click Properties.
    3. Click the Computer Name tab, and then click Change.
    4. In the Computer Name Changes dialog box, click Domain under Member Of, and then type the domain name. Click OK.
    5. When you are prompted, type the user name and password of the account that you previously created, and then click OK.

      A message that welcomes you to the domain is generated.
    6. Click OK to return to the Computer Name tab, and then click OK to finish.
    7. Restart the computer if you are prompted to do so.

Troubleshooting

You Cannot Open the Active Directory Snap-ins

After you have completed the installation of Active Directory, you may not be able to start the Active Directory Users and Computers snap-in, and you may receive an error message that indicates that no authority can be contacted for authentication. This can occur if DNS is not correctly configured. To resolve this issue, verify that the zones on your DNS server are configured correctly and that your DNS server has authority for the zone that contains the Active Directory domain name. If the zones appear to be correct and the server has authority for the domain, try to start the Active Directory Users and Computers snap-in again. If you receive the same error message, use the DCPROMO utility to remove Active Directory, restart the computer, and then reinstall Active Directory.

For additional information about configuring DNS on Windows Server 2003, click the following article numbers to view the articles in the Microsoft Knowledge Base:
323380 How To Configure DNS for Internet Access in Windows Server 2003
324259 How To Configure DNS in a New Workgroup Environment in Windows Server 2003
323418 How To Integrate DNS with an Existing DNS Infrastructure If Active Directory Is Enabled in Windows Server 2003
323417 How To Integrate Windows Server 2003 DNS with an Existing DNS Infrastructure in Windows Server 2003
324260 How To Configure DNS Records for Your Web Site in Windows Server 2003
323445 How To Create a New Zone on a DNS Server in Windows Server 2003

Microsoft Excel 2021 Full Course Tutorial (4+ Hours)

Creating a full course tutorial for Microsoft Excel 2021 is a comprehensive task beyond the scope of a single response. However, I can provi...