DNS Error - jude-lindale/Wiki GitHub Wiki
DNS Error
Because we gave our environment a .local top level domain(TLD), an error is indicated during installation. Valid top level domains are domains like .com, .gov, .edu, .net. Because this is an internal domain, we will leave it as is. The naming of local domains is the subject of many debates among systems administrators.
Installation will take a few minutes and a reboot. When you log back in, you will be logging in as the Domain Administrator (with credentials in Active Directory) as opposed to the Local Administrator (credentials stored locally within Windows OS credentials & not in AD domain credentials).
DNS
After installation and a lengthy reboot, the ad01 server's network configuration has changed somewhat. The DNS server now points to 127.0.0.1 (which is the local loopback adapter for ad01, i.e. itโs pointing back to itself), and DNS queries not handled locally are forwarded to fw01 which will in turn forward to its DNS Server.
Adding a DNS Record
- First, on ad01 run the commands:
hostname
ping 10.0.5.2
ping fw01-jude
- Find and invoke DNS Manager from the Server Manager/DNS/AD01 context menu
- Find and expand the forward lookup zone for the new domain
- There should be an entry for ad01.yourname. This allows to ping ad01 by hostname and/or domain name
- From the DNS Manager, select New Host (A or AAAA name):
- Host: fw01-jude
- FQDN: fw01-jude.jude.local
- Ip address: 10.0.5.2
- Add a reference to fw01, go ahead and check "Create associated (PTR) record"
When host is added, the capability to resolve a host by its hostname is enabled. The reverse is not true. We cannot get a hostname by IP address until we create a reverse lookup zone.
Reverse DNS
- Add a reverse primary lookup for all IP addresses in the 10.0.5.0/24 Network by selecting the New Zone options from the right-click context menu as shown below. Use the defaults, and add a Network ID for 10.0.5.
- Create a new PTR record from the A record of fw01-yourname and ad01-yourname by unchecking, applying checking the update PTR record check box, and re-applying fw01's properties.
- Host: fw01-jude
- FQDN: fw01-jude.jude.local
- IP address: 10.0.5.2
- The reverse dns entry for fw01 and ad01 should now be in the 5.0.10 reverse lookup zone. May need to refresh from the DNS option on the left
Create Named Domain Users on ad01
It is very easy to become confused between local accounts on either WKS1 and AD01 and domain accounts that are available on every system in the domain. We are going to create a named domain administrator account as well as a named non-privileged user account.
- On AD01, find the Active Directory Users and Computers option
- Under the Domain's user folder, add a new User
- This user (first.lastname-adm) will be a Domain Administrator and will have a distinct suffix (ADM) to show this
- Uncheck user must change password at next login
- On the user just made left click and choose Add to a group
- Enter the object names to select: Domain Admins
- Create a non-privileged account (Skip the addition to Domain Admins) for user first.lastname