Installing DNS from scratch on a Windows Server
Installing DNS from scratch on a Windows Server
This content is from our CompTIA Network + Video Certification Training Course. Start training today!
In order for you to be able to use DNS, if you’re going to use it on an on‑premise environment, which means internally, or if you’re going to set it up as a cache‑only DNS server, one of the first things you’re going to have to do is install DNS.
In this demonstration we’ll learn how to install DNS from scratch on a server. Before we start on the environment, we currently have two 2012 R2 Servers. One server is a standalone server with no DNS, with no roles or features on it, whatsoever. The other server already has DNS installed on it.
To start with the server that doesn’t have DNS installed. While DNS is installing, we’ll switch to the other server so we can show how you go about verifying how DNS is installed. Let’s go ahead and get started.
To begin we’ll bring up the virtualized environment.
This a Microsoft 2012 Server. We can install roles and features on this server in multiple different ways. The one way of installing it is using Server Manager, and then using the manage dropdown box.
Another way of installing it is using PowerShell, which allows us to install roles and features. Because this isn’t a PowerShell lesson, we’ll not force you to use PowerShell.
The third way of installing a role or feature is using a product called DISM, the Deployment, Imaging, and Servicing Managing tool. We’re going to install this using the easiest of the tools, Server Manager and all server products down in the corner.
You will always will have the Server Manager icon if you’re running Microsoft server product. All you’ll do is click on that to launch it, and then it’ll come up to Manage.
Under Manage, it’s going to go out and query the machine to determine what’s already on it.
Next we’ll select Add roles and Features.
You get the Before You Begin screen.
This tells us that we need to be running this as a local administrator.
It gives you the ability to start the wizard to install a role or feature. It also allows you make sure your Windows updates are running, and your latest update.
On the Installation Type, you have an option if you’re going to do a role‑based or feature‑based installation, which is something you want to install on this machine, or are you setting up a virtual desktop infrastructure or VDI environment. We’re going to be installing a role or feature by using the top radio button.
Then we get a chance to select the server. One of the things that Microsoft did in server 2008 R2 was to be able to view roles and features on other servers. In server 2012, we have the ability now to install a role or feature on an actual another server. We couldn’t do that before.
In order to do that, before this screen, where it says, All Servers.
This allows us to add additional servers to our environment. As long as we had administrator rights on those machines, we could select that machine in this screen here to install that role or that feature remotely. We’ll install it on this local machine. Next hit Next.
Next it notifies us what role do we want to install?
We’re installing the DNS server role. When we check this button, it’s going to come out and ask us, if we want the Remote Server Administration Tools?
In other words, do we want the graphical tools to be able manage and administrate DNS? If I say, Cancel, here, it will still install DNS, but it won’t give me any way to manage it accepting from the command line.
We’ll add the features.
For Microsoft, the difference between a role and a feature, just a real quick. Roles are normally something that provide services to somebody else. A feature is something we’re going to do to enhance our capabilities. That’s why you have two different installation screens. Click, Next.
Remember, you are installing DNS which needs to have a static IP address. You should be pointing DNS to itself, which we’re going to show you how to do that momentarily. Hit Next.
Next confirm whether or not we need to install. This is what we want to install. DNS doesn’t require a restart, but if this role or feature required to restart, we don’t want to check this box here. The machine automatically restarts when the role or feature has been installed.
Now we’ll go ahead and check it to show you that the machine doesn’t actually reboot because this role doesn’t require the installation. Now we can click, Install. It begins and shows a progress bar.
Depending on how much memory you have in your computer, how much processing power you have in your computer, this could take 2, 3, up to 10 minutes to install this role.
Now that DNS has finished installing on the server, there’s a couple of things we can do to verify it by selecting Tools and, again, verify that we have the DNS console.
We want to make sure that the DNS console is pointing to this machine and not to another server.
We can always add another server in this console by adding the RSAT tools.
On the Server Manager console, we can verify that we have DNS, and that it’s pointing to this machine, because we could add another machine to this.
A couple of other things down here. We could also go into my services, and verify that my DNS server service is running.
Notice the DNS server service is running.
There’s two things to point out. This little icon down in the corner, everybody always assumes that icons means, “I don’t have the Internet connectivity?”
That is not what that icon means.
That icon is a network location indicator. In a Microsoft operating system, it actually goes out to Microsoft, and it checks two different locations. One to verify, it can resolve its name to a specific IP address, and to verify whether or not it can open a specific website.
There’s a blog, if you want to check, it is called, Why do I have an asterisk on my network icon on my start menu?
Next we can navigate to the machine. We can test that we internet connectivity by pinging [ping, 188.8.131.52], which is Google’s environment.
If we were to try to ping an actual user‑friendly name, ping, www.interfacett.com, you’ll notice it comes back. It says, “I can’t find that host.”
DNS currently isn’t configured in my TCP/IP settings. The next step is to enter into my local server, my Internet connection.
We could have right‑clicked on my start menu network connections. We could have went to the start or the networking sharing center, the control panel, whatever your preference is to getting to your network connections.
Click on the Ethernet icon and then select Properties.
Next select the IPv4 option.
Then navigate down, and enter 172.16.1.20.
That’s the IP address of this server.
Finally, click OK to close this out.
This will take about 45 seconds or so. You’ll see the icon at the bottom will lose the exclamation mark with the triangle.
It’s all automatic, because now we using DNS, and we can resolve to the outside world.
If we go back into my PowerShell command we can go to a ping, www.interfacett.com.
You’ll notice it’s taking a few more seconds this time. It’s going through a name resolution methodology. It is pinging this website because we were able to get to the Internet. Notice the icon has changed.
Notice we’ve installed DNS on this machine. We’ve done zero configuration of this DNS server other than install it, and configuring the fact the IP address to point to itself.
This DNS server is now a cache‑only DNS server. We have not configured any type of zones on this machine. What is meant by cache‑only DNS server, is this machine can resolve anything on the Internet.
If we go into the Internet Explorer, and enter a website such as http://www.interfacett.com. It will bring up the website.
Again, this is a cache‑only DNS server. It allows us to resolve to the outside world with zero configuration of the DNS server once it’s been installed.
All it has to have is the server has the Internet connectivity. We have to be pointing to our self for address.
That said, we’ve installed DNS, and you see how easy it is to build a cache‑only DNS server.
Until next time….
Video Certification Training: CompTIA Network +
You May Also Like
See our class schedule for complete Course Schedule Training. Classes are held in Phoenix, AZ and can be attended online from anywhere in the world with RemoteLive™. Instructor: Rick Trader Video Transcription: One of the things that we might have to do in our corporate network is to take a class of IP addresses and then subnet that into … Continue reading Subnetting a TCP/IP Network using the Magic Box Method
One of the coolest new features in Window Server 2012 and Windows Server 2012 R2 is the ability to clone a Domain Controller. In the past, if we had virtualized Domain Controllers and we actually took a snapshot of it and then rolled back to that snapshot, it would break the logon service on that … Continue reading How to clone a Windows Server 2012 or 2012 R2 Domain Controller
How does an investigator hunt down and identify unknown malware? In this recording of our IT Security training webinar on April 21, 2015, Security expert Mike Danseglio (CISSP / CEH) performed several malware investigations on infected computers and identify symptoms, find root cause, and follow the leads to determine what’s happening. He demonstrated his preferred … Continue reading Detailed Forensic Investigation of Malware Infections – April 21, 2015