0%

0/1 Lessons

Course Introduction

• 10min

0 / 2 lessons complete

DNS Basics

• 1hr 16min

0 / 8 lessons complete

DNS Resource Records

• 46min

0 / 5 lessons complete

DNS Zones

• 3hr 41min

0 / 12 lessons complete

DNS Delegation

• 50min

0 / 4 lessons complete

DNS Security Techniques

• 36min

0 / 5 lessons complete

Advanced DNS Topics

• 22min

0 / 5 lessons complete

DNS Security (DNSSEC)

• 1hr 16min

0 / 6 lessons complete

DNS Policies

• 54min

0 / 6 lessons complete

PowerShell for DNS

• 1hr 27min

0 / 6 lessons complete

Troubleshooting DNS Issues - Troubleshooting Tools

• 1hr 39min

0 / 8 lessons complete

DNS Console Overview

Instructions

Q&A (0)

Notes (0)

Resources (0)

Saving Progress...

Resources

There are no resources for this lesson.

Notes can be saved and accessed anywhere in the course. They also double as bookmarks so you can quickly review important lesson material.

Create note

Purpose:  

The purpose of this video is to familiarize you with the various components of the DNS console manager. Specific details on the functionality of each component will be given in future videos. 

You may start the DNS manager from Server Manager by selecting Tools > DNS. 

Slide 1 The DNS Manager will appear. This manager allows you to manage this DNS server as well as a remote DNS server.

Slide 2 Connect to a DNS server. Right-click on DNS, select Connect to DNS server.

I will type SVR-DE-DNS1, which is my other DNS server on the network.

Slide 3 The DNS information from SVR-DE-DNS1 has been added to the

SVR-US-DNS1 console. From here I can configure the US or the DE server  

Right-click on SVR-DE-DNS1 and delete the information from this console. Left-click on the server name the following is displayed: 

Forward Lookup Zones – Most common type of Zone, DNS clients use this zone to provide mapping from host names to IP addresses.

Reverse Lookup Zone - DNS clients use this zone provide mapping from IP addresses to host names.

Trust Points - A trust anchor (or trust “point”) is a public cryptographic key for a signed zone.  

Conditional Forwarders - A DNS server that forwards all the queries it receives based upon the name designated in the query, to the IP address of a specific DNS server or servers.

Root Hints file – If your network is connected to the internet this file contains DNS root server mapping records, for DNS servers that are located on the internet.

Forwarders - A forwarder is a Domain Name System (DNS) server on a network that is used to forward DNS queries for external DNS names to DNS servers outside that network.

Right-click on the server name, the following items are displayed: 

Configure a DNS Server wizard – Assists in creating a forward and reverse lookup zone, root hints and forwarders.

Create Default Application Directory Partitions wizard - When you create an application directory partition for DNS, you can control the scope of replication for the zone that is stored in that partition

New Zone Wizard – This wizard assists you in creating a primary, secondary, Stub zone and gives you the option of storing the primary or stub zone in Active Directory

Set Aging/ Scavenging for all Zones – This is a script that provides cleanup and removal of stale resource records, which can accumulate in zone data over time.

Scavenge Stale Data Files – Command to remove all stale records on the server.

Update Server Data Files - This command forces an update to the record file, no matter where it is stored, whether in AD or a text file.

Clear Cache – Provides a way to force flush DNS server cache.

Launch nslookup – Command line tool that enables you to troubleshoot DNS problems.  

5. Let’s launch nslookup and search for my other DNS server SVR-DEDNS1 “itfws001”. All I need to do is type “itfws001” and press enter to execute the command.

Now assuming you are not on a production network (one that is currently servicing users), let’s stop the DNS server and try running the same command to see what happens. Right-click on the DNS server (ITFDC01) and choose All Tasks > Stop. Now go back to nslookup and run the same command. We can now see the server is offline so nslookup was not able to query our DNS resource records.

Properties – Click properties and the following details about the server are displayed:

Server Academy Members Only

Sorry, this lesson is only available to Server Academy Full Access members. Become a Full-Access Member now and you’ll get instant access to all of our courses.

0 0 votes
Lesson Rating
Subscribe
Notify of
profile avatar
2 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments

profile avatar
miroslavr(@miroslavr)
Member
6 months ago
  1. Is there any other way to map/scan/find out what are the other servers on my network? What if for example like I can search wifi on my cellphone to try to find it.
  2. In Windows server 2019 I do not have Security tab on properties. What can be the issue?
profile avatar
Ricardo P(@ricardop)
Admin
Reply to  miroslavr
6 months ago

Hi profile avatar Miroslav Ristic,

Any “other” server, or any other “DNS” servers? For DNS servers integrated with Active Directory, you can see them in the Domain Controllers OU node in Active Directory Users and Computers. Here you will find the domain controllers for the domain which most likely have the DNS server role installed. You can see these DNS servers from ipconfig /all .

There might be network DNS server or non Active Directory integrated. For these, as you joined the wifi you will be assigned a DNS server by DHCP on that network. On a phone you might need to check the wifi network adapter to see the dns server assigned.

Also, you can use nmap to do a network scan on port 53 looking for open ports. These DNS servers will have it open and will appear on the network scan whether they are AD integrated or Standalone DNS servers.

Windows has a special GPO setting that allows hiding the Security tab from the Windows File Explorer. To make sure that the setting is enabled for the current user on the computer, use PowerShell to get the value of the NoSecurityTab registry parameter:

Get-ItemProperty -Path “HKCU:\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer”|select NoSecurityTab

If the NoSecurityTab is set to 1, this means that the Security tab in the properties of files and folders in File Explorer is hidden from the user.

Ricardo