How To Set Up And Configure DNS On Windows Server 2016?
Domain Name System (DNS) is central to TCP/IP hostname resolution and Active Directory itself.
Domain Name System (DNS), defined in several Request for Comments (RFC) documents, performs a single task: translating user-friendly hostnames to IPv4 or IPv6 addresses. The DNS server in Windows Server 2016 works the same basic way as it does in Windows Server 2012 R2. However, the microsoft has added some worthwhile enhancements, including DNS policies and Response Rate Limiting (RRL).
Installing the DNS Server Role
To install the DNS Server role, we can open an elevated Windows PowerShell console (right-click the PowerShell icon and select Run as Administrator from the shortcut menu) and run a single command:
Install-WindowsFeature -Name DNS -IncludeAllSubFeature -IncludeManagementTools
If you’re more of a GUI-minded administrator, you can use Server Manager to install DNS Server.
Setting DNS Server Preferences
We can manage the Windows Server DNS Server in a variety of ways:
- DNS Manager Microsoft Management Console (MMC)
- Windows PowerShell DNS cmdlets
- Dnscmd.exe command-line utility
Windows Server 2016 also includes the traditional Nslookup.exe and IPConfig.exe command-line tools as well.
If you install the Remote Server Administration Tools (RSAT) tools on your administrative workstation, you’ll get all the aforementioned DNS Server management utilities.
Open the DNS Manager by typing dnsmgmt.msc from your elevated PowerShell console. Right-click your server and you’ll see a number of configuration options directly on the shortcut menu. For instance, you can:
Create a new forward or reverse lookup zone
Scour your DNS zone files for outdated and/or inaccurate records
Pause, stop, start, or restart the server
Configuring a Windows Server 2016 DNS server
In the previous screenshot you see the Advanced page from my DNS servers’ Properties sheet.
Run the following command to retrieve a list of all 130-odd PowerShell DNS functions:
Get-Command -Module DNSServer | Select-Object -Property Name
Use Get-DNSServer to retrieve the local server’s configuration data. In the following example, I use Set-DNSServer to migrate configuration data from server01 to server02:
Get-DnsServer -CimSession ‘server01’ | Set-DnsServer -ComputerName ‘server02’
Of course, we use the native PowerShell *-Service cmdlets to operate on the server directly. For instance, to restart the local DNS server we can run:
Restart-Service -Name DNS -Force
Creating a Forward Lookup Zone
Although you can configure a DNS server to do nothing but fulfill name resolution requests and cache the results, the primary work of a Windows DNS server is to host one or more lookup zones.
Let’s create a simple forward (that is, hostname-to-IP address) lookup zone for a domain called toms.local.
In DNS Manager, right-click Forward Lookup Zones and select New Zone from the shortcut menu. This launches the New Zone Wizard, which will ask us to specify the following information:
Zone type. Options are primary, secondary, stub, and Active Directory-integrated. Let’s choose primary here, and deselect the AD integration option (the AD integraded option is available only on AD DS domain controllers, by the way)
Zone name. In our case, we’ll specify toms.local.
Zone file name. We’ll accept the default name, which is toms.local.dns. This is a simple plain text file, actually.
Dynamic updates. Accept the default, which is to disallow dynamic updates. In production business networks, you’ll want to enable this option so DNS clients can update their DNS records on their own.
By default, your new zone will have two DNS records:
Start of Authority (SOA): This record identifies which server is authoritative for the zone
Name Server (NS): This record identifies the servers that host records for this zone
Right-click the new zone and you’ll see various resource record creation options directly in the shortcut menu; these include:
Host (A): This is your “bread and butter” record that identifies a single host
Alias (CNAME): This record allows you to map more than one hostname to a single IP address
Mail Exchanger (MX): This record identifies your company’s e-mail server(s) that are attached to the current DNS domain
We’ll finish it by using PowerShell to define a new A record for a host named ‘client1’ and verify its existence. To create the record, we use Add-DnsServerResourceRecordA (yes, that’s a long command name.)
Add-DnsServerResourceRecordA -Name ‘client1’ -ZoneName ‘toms.local’ -IPv4Address 172.16.1.100
We finally run the equally awkward command Get-DnsServerResourceRecord to retrieve client1’s A record:
Reviewing our new DNS zone contents.
In the previous screen capture we can see our new client1 A record both in DNS Manager as well as in the Windows PowerShell console.