DNS Installation and Configuration on Windows Server

STEP 1

dispaly hostname by hotname powershell commmand

first step after opening powershell update-help Get-windowsFeature -Name *DNS* Install-WindowsFeature -Name DNS -IncludeManagementTools Install-WindowsFeature -Name RSAT-DNS-Server Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False

STEP 2

Run the following command on computer from which you want to mange the DNS Server.

Working Method:

  1. Install Windows Server with desktop experience.
  2. Install the dns role with all maangement tools features.
  3. Now if you will try to connect with dns manager application to windows server core machines on which dns services are installed you should be able to connect.
  4. Statrt ->Windows administrative tools->DNS

The method below is not working for me. i am getting error “Access denied, would you like to add it anyway.” when i am try to connect to server on which dns services are installed use dns manager application.

  1. Install-WindowsFeature -Name RSAT-DNS-Server
  2. Right click on My PC.
  3. Click on Map Network Drive.
  4. Enter folder address for example \192.168.88.30\c$
  5. Check the Check box (Connect using different Credentials )
  6. Click ok, New box will open, enter user name “Administrator” and Password will be windows server Administrator account password that you setup after install windows server.

https://docs.microsoft.com/en-us/archive/blogs/jlosey/granting-access-to-dns-management-mmc-to-a-non-admin https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc780538(v=ws.10)?redirectedfrom=MSDN

STEP 3

DNS Server Configuration Using DNS Manager Application

In DNS Manager application->right click on “Forword Lookup Zones”-> New Zone ->new zone wizard open -> Next -> select primary zone -> next -> zone name: company.pri -> Zone file options, select “Create a new file with this file name: company.pri.dns” -> next -> Dynamic Update options, Select: “Allow both nonsecure and secure dynamic updates” -> next -> finish

In DNS Manager application->right click on “Reverse Lookup Zones”-> New Zone ->new zone wizard open -> Next -> select primary zone -> next -> select “IPv4 Reverse Lookup Zone” -> in Network ID: “192.168.88” -> Zone file options, select “Create a new file with this file name” : “88.168.192.in-addr.arpa.dns” -> next -> Dynamic Update options, Select: “Allow both nonsecure and secure dynamic updates” -> next -> finish

In Forword Lookup Zones -> right click on company.pri and click on properties.

In Dialogue box select “Start of Authority(SOA)” tab.

Change Primary server: dc1.company.pri Change Responsible person: hostmaster.company.pri

Next go to Name server tab. change name server dc1 to fully qualified domain name: select dc1. and click on Edit, and change this into dc1.company.pri, remove the ipv6 address and click ok. Nothing to Change on WINS tab. Switch to Zone Transfers tab. - Allow zone tranfers: should be checked - Only to server listed on the name servers tab: should be selected. close this properties tab by click ok. you will be prompted with dialoge saying “Do you wnat to delete the host record dc1.[192.168.88.30]” say yes. again yes.

All the dns zone and configuration are saved in this directory X:\Windows\System32\dns

DNS Server Configuration Using Powershell

Adding Primary Zone

Add-DnsServerPrimaryZone -Name "company.pri" -ZoneFile "company.pri.dns" -DynamicUpdate "NonsecureAndSecure" -ResponsiblePerson "hostmaster.company.pri"

Create a file-backed reverse lookup zone

PS C:> Add-DnsServerPrimaryZone -NetworkID 192.168.11/24 -ZoneFile “11.168.192.in-addr.arpa.dns” -DynamicUpdate “NonsecureAndSecure”

Set-DnsServerPrimaryZone -Name “company.pri” -ComputerName “dc1.company.pri”

Get-DnsServerResourceRecord -ZoneName “company.pri”

commands for windows server

Enable-PSRemoting -SkipNetworkProfileCheck -Force

Commands to run on windows 10 enterprise administrative workstation

Set-Item -Path WSMan:\localhost\Client\TrustedHosts -Value * -Force

download and install powershell core https://github.com/PowerShell/PowerShell/releases

$session = New-PSSession -ComputerName 192.168.11.10 -Credential (Get-Credential)

Copy-Item PowerShell-7.1.3-win-x64.msi C:\ -ToSession $session

cmd

msiexec /i C:\ PowerShell-7.1.3-win-x64.msi

exit

download and install Windows admin center https://aka.ms/wacdownload and add your server by typing ip address of that server.

Enable-ServerManagerStandardUserRemoting -User Administrator -WhatIf Get-NetConnectionProfile -InterfaceAlias “Ethernet0” | Set-NetConnectionProfile -NetworkCategory Private

Step

open register editior

Connect Network Registry type dc1 enter username and password for dc1

go to SYSTEM->CurrentControlSet->Services->Tcpip->Parameters edit the domain reg_sz and enter the domain “company.pri” add new string entery, named as “NV Domain” and enter value “company.pri”

Disabling IPv6 Get-NetAdapterBinding -Name “Ethernet0” Get-NetAdapterBinding -ComponentID “ms_tcpip6” Get-NetAdapterBinding -ComponentID “ms_tcpip6” | Disable-NetAdapterBinding -ComponentID “ms_tcpip6” -PassThru Get-NetAdapterBinding -ComponentID “ms_tcpip6” | Enable-NetAdapterBinding -ComponentID “ms_tcpip6” -PassThru

get-dnsclientserveraddress

DNS Service Management

Restart-Service -Name DNS

DNS loopup services

Try not to use nslookup… nslookup was not working properly as Resolve-DnsName and ping is good for testing.. there are three tests recommended.

use nslookup if you are not sure why you can not resolve a particular domain. because nslookup will tell you the dns server ip address which computer using to resolve the domain name. You may want to use different dns server for dns resolving.

Testing the host address testing fully qualified domain name testing reverse address against hostname

Resolve-DnsName -Name dc1 Resolve-DnsName -Name dc1.company.pri Resolve-DnsName -Name 192.168.11.10 Resolve-DnsName -Name dc1.company.pri -Server 192.168.11.10

ping dc1 ping dc1.company.pri ping 192.168.11.10

Clear client and server cache Clear-DnsServerCache -ComputerName “Win12S-05.DNSServer-01.Contoso.com” -Force Clear-DnsClientCache

nslookup dc1.company.pri

Next