Download - Ownership and auditing
![Page 1: Ownership and auditing](https://reader036.vdocuments.us/reader036/viewer/2022062321/568131f7550346895d985416/html5/thumbnails/1.jpg)
Ownership and auditing
![Page 2: Ownership and auditing](https://reader036.vdocuments.us/reader036/viewer/2022062321/568131f7550346895d985416/html5/thumbnails/2.jpg)
Overview
Configure DNS to prepare for Domain Controller installation
Checking configuration
Running DCPROMO.EXE
![Page 3: Ownership and auditing](https://reader036.vdocuments.us/reader036/viewer/2022062321/568131f7550346895d985416/html5/thumbnails/3.jpg)
Why?
Why is DNS so important?
Computer need to find domain controllers when they boot and
Users need to find domain controllers when they want to log on.
Domain controllers need to find other domain controllers for replication.
HOW??? Through SRV records in DNS
![Page 4: Ownership and auditing](https://reader036.vdocuments.us/reader036/viewer/2022062321/568131f7550346895d985416/html5/thumbnails/4.jpg)
Start with…
First Domain controllerin the First Domain or Root Domain
This is called the root domain of a forest.
The name you choose for this domain will be inherited by all other sub-domains.
![Page 5: Ownership and auditing](https://reader036.vdocuments.us/reader036/viewer/2022062321/568131f7550346895d985416/html5/thumbnails/5.jpg)
Step 1 : preparing DNS on the 1ste DC in a new root domain
Install DNS service.
Configure TCP IP settings on the member server.Preferred dns setting = your own ip address.
Create a new Forward lookup zone: e.g.sales.hq.comsales.localmycompany.edu
Make sure that the zone file supports :DYNAMIC UPDATES
Change the “primary dns suffix” (properties: my computer)
![Page 6: Ownership and auditing](https://reader036.vdocuments.us/reader036/viewer/2022062321/568131f7550346895d985416/html5/thumbnails/6.jpg)
Checkup dynamic update
At this point it is best to check if dynamic update is working correctly.
How?
Ipconfig / registerdns
ipconfig /flushdns
ipconfig /displaydns
Support tools : dcdiag.exe or netdiag.exe
![Page 7: Ownership and auditing](https://reader036.vdocuments.us/reader036/viewer/2022062321/568131f7550346895d985416/html5/thumbnails/7.jpg)
Step 2: running dcpromo
Start > run DCPROMO.EXE
Watch out for
Dns name you choose (has to be the same as what you prepared in DNS)
Recovery password.
Sysvol share
Reboot
![Page 8: Ownership and auditing](https://reader036.vdocuments.us/reader036/viewer/2022062321/568131f7550346895d985416/html5/thumbnails/8.jpg)
Step 3 : check registration
During the first boot after installation,the domain controller needs to register its SRV records on the DNS server.
This can sometimes take a long time.
You can speed it up and check it at the same time by restarting the DNS service and by checking the DNS zone file.
Compare: before DCPROMO after DCPROMO:
![Page 9: Ownership and auditing](https://reader036.vdocuments.us/reader036/viewer/2022062321/568131f7550346895d985416/html5/thumbnails/9.jpg)
Check again
Before you add new domain controllers or new domains, check:
Dns
Zone file
Dcdiag
Now you can continue to build extra domains into your forest
![Page 10: Ownership and auditing](https://reader036.vdocuments.us/reader036/viewer/2022062321/568131f7550346895d985416/html5/thumbnails/10.jpg)
Step 4: adding clients to the domain
Set the preferred dns setting to point to your dns server.
Check dynamic updates
Add the computer to the domain.
![Page 11: Ownership and auditing](https://reader036.vdocuments.us/reader036/viewer/2022062321/568131f7550346895d985416/html5/thumbnails/11.jpg)
Uninstalling AD
You run DCPROMO.EXE and demote the server back to member server.
![Page 12: Ownership and auditing](https://reader036.vdocuments.us/reader036/viewer/2022062321/568131f7550346895d985416/html5/thumbnails/12.jpg)
AD and DNS integration.
If you want to replicate zone file information,
you can use primary and secundary dns zones
Disadvantage : not flexible to configure, not adapted to network topology, uses more bandwith, no scheduling
Or you can put the zone files IN the AD database. Each time that AD replicates with other DNS servers and Domain controllers, zone files are also replicated.
Advantage : you can schedule replication, configure protocols used for replication…
![Page 13: Ownership and auditing](https://reader036.vdocuments.us/reader036/viewer/2022062321/568131f7550346895d985416/html5/thumbnails/13.jpg)
How to integrate DNS zone in AD?
Properties of a dns zone:
Choose AD integrated.
You don’t notice any changes in the dns interface.