Course 2277: Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Managing and Monitoring Domain Name System To adjust the TTL value for a zone: 1. Log on with a non-administrative user account. 2. On the Start menu, click Control Panel. 3. In Control Panel, open Administrative Tools, right-click Manage Your Server, and then click Run as. 4. In the Run As dialog box, click The following user, type a user account and password that have the appropriate permissions to complete the task, and then click OK. 5. In Manage Your Server, click Manage this DNS Server. 6. In the console tree, right-click the applicable zone, and then click Properties. 7. On the General tab, verify that the zone type is either Primary or Active Directoryintegrated. 8. Click the Start of Authority (SOA) tab. 9. In the Minimum (default) TTL section, select the interval (seconds, minutes, hours, or days) and then type a number in the text box. 10. Click OK to save the adjusted interval. To adjust the TTL value for a resource record: 2. In the console tree, click DNS. 3. On the View menu, click Advanced. 4. In the console tree, expand the applicable zone. In the details pane, right-click the applicable record, and then click Properties. 5. In the Properties dialog box for the record, adjust the TTL in the Time to live (TTL) box. 6. Click OK to save the adjusted TTL. To set aging and scavenging parameters for the DNS server: 2. In the console tree, right-click the applicable DNS server, and then click Set Aging/Scavenging for All Zones. 3. In the Server Aging/Scavenging Properties dialog box, click Scavenge stale resource records. 4. In the No-refresh interval box, select the increment, and then type a value. (For example: the increment is days and the value is 5 for a no-refresh interval of 5 days.) 5. In the Refresh box, select the increment, and then type a value. (For example: the increment is days and the value is 5 for a refresh interval of 5 days.) 6. In the Server Aging/Scavenging Properties dialog box, click OK. 1
To set the aging and scavenging properties for a zone: 2. In the console tree, right-click the applicable zone, and then click Properties. 3. On the General tab, click Aging. 4. In the Zone Aging/Scavenging Properties dialog box, click Scavenge stale resource records. 5. In the No-refresh interval box, select the increment, and then type a value. (For example: the increment is days and the value is 5 for a no-refresh interval of 5 days.) 6. In the Refresh box, select the increment, and then type a value. (For example: increment is days and the value is 5 for a refresh interval of 5 days.) 7. In the Zone Aging/Scavenging Properties dialog box, click OK. 8. Close the DNS console. To enable automatic scavenging of stale resource records on a DNS server: 2. In the console tree, right-click the applicable DNS server, and then click Properties. 3. Click the Advanced tab. 4. Select Enable automatic scavenging of stale records. 5. In the Scavenging period box, select the increment, and then type a value. 6. In the DNS server Properties dialog box, click OK. To start immediate scavenging of stale resource records: 2. In the console tree, right-click the applicable DNS server, and then click Scavenge Stale Resource Records. 3. When you are asked to confirm that you want to scavenge all stale resource records on the server, click OK. 4. Close the DNS console. To view when a zone can start scavenging stale resource records: 3. Right-click the applicable zone, and then click Properties. 4. On the General tab, click Aging. 5. In the Zone Aging/Scavenging Properties dialog box, view the value in the Date and time box to ascertain the date after which the zone is eligible to be scavenged for outdated resource records, and then click OK. 6. In the Zone Properties dialog box, click OK. 2
To configure the time stamp on a DNS resource record: 3. Right-click the applicable resource record, and then click Properties. 4. In the Resource Record Properties dialog box, select Delete this record when it becomes stale, and then click Apply. 5. Verify that a date and time value appears in the Record time stamp box. 6. In the Resource Record Properties dialog box, click OK. To view the time stamp on a dynamic DNS resource record: 3. Right-click the applicable resource record, and then click Properties. 4. In the Resource Record Properties dialog box, view the value in the Date and time box to ascertain when the resource record was created in DNS. 5. In the Resource Record Properties dialog box, click OK. 6. Close the DNS console. To manually test a simple query on the DNS server: 2. In the console tree, click the appropriate DNS server. 5. On the Monitoring tab, select A simple query against this DNS server. 6. On the Monitoring tab, click Test Now. 7. In the Test results section, in the Simple Query column, verify that the word PASS appears. 8. In the DNS Server Properties dialog box, click OK. To manually test a recursive query on the DNS server: 2. In the console tree, click the appropriate DNS server. 5. On the Monitoring tab, select A recursive query to other DNS servers. 6. On the Monitoring tab, click Test Now. 7. In the Test results section, in the Recursive Query column, verify that the word PASS appears. 8. In the DNS Server Properties dialog box, click OK. 3
To enable automatic query testing on the DNS server: 2. In the console tree, click the applicable DNS server. 5. On the Monitoring tab, select the type of testing to be used during automatic query testing. You can select either or both of the following options: - A simple query against this DNS server - A recursive query to other DNS servers 6. On the Monitoring tab, select Perform automatic testing at the following interval. 7. On the Monitoring tab, in the Test interval box, type a number, and then select an interval value (for example: 5 minutes). 8. On the DNS Server Properties dialog box, click OK. Verify that a resource record exists in DNS by using nslookup: 1. Open the command prompt. 2. At the command prompt, type nslookup RootServerIPAddress. 3. At the command prompt, type nslookup. 4. At the next prompt, type set q=a. 5. At the next prompt, type the host name. 6. Look through the returned resource records for the fully qualified domain name (FQDN) of the host. 7. Type exit. 8. Close the command prompt. To install DNSCmd: 1. Insert the Windows Server 2003 CD into your CD-ROM drive. 2. If you are prompted to reinstall Windows, click No. 3. When the Welcome screen appears, click Perform additional tasks, and then click Browse this CD. 4. Go to the \Support\Tools folder. 5. For complete setup information, refer to the Readme.htm file that is available in this folder. 6. Double-click suptools.msi. 7. Follow the instructions that appear on your screen. To display a complete list of the zones configured on a DNS server by using DNSCmd: At the command prompt, type dnscmd [ComputerName] /enumzones To display information about a specific zone that is configured on a DNS server by using the DNSCmd: At the command prompt, type dnscmd [ComputerName] /zoneinfo [zone] 4
To create the DNSLint report: 1. Open the command prompt for a directory in which you want to create the report. 2. At the command prompt, type dnslint. 3. At the command prompt, type dnslint /ql autocreate. 4. At the command prompt, type Notepad in-dnslint.txt. 5. In Notepad, in the sixth line from the bottom of the file, change dns1.cp.msft.net to ComputerName.nwtraders.msft. 6. In Notepad, in the last four lines of the file, change any instances of Microsoft.com to the name of the domain that you are querying. 7. In Notepad, in the last five lines of the file, change any instances of 207.46.197.100 to the IP address of the DNS server that you are querying. 8. In Notepad and the directory where in-dnslint.txt is located, save the file as Dnslintquery.txt, and then close Notepad. 9. At the command prompt, type dnslint /ql dnslintquery.txt /v. 10. When the HTML report opens, verify the contents, and then close the report. 11. Close the command prompt. To enable and configure debug logging options on the DNS server: 2. In the console tree, (right) click the appropriate DNS server, and then click Properties. 3. In the DNS Server Properties dialog box, click the Debug Logging tab. 4. On the Debug Logging tab, select Log packets for debugging. 5. On the Debug Logging tab, select the options of the debug criteria that you want to store in the debug log box. 6. On the Debug Logging tab, in the File path and name box, type the path where the debug log will be stored, and also type the name of the debug log. If no path and name is configured, the default path is %Systemroot%\System32\Dns and the default name is Dns.log. 7. On the Debug Logging tab, in the Maximum size box, type the maximum size for the Dns.log file. Configure a maximum log size. Store the file on a separate drive from the system drive. 8. On the Debug Logging tab, click OK. To view the DNS server event log located on another computer: 1. Open the DNS console, then click DNS. 2. On the Action menu, click Connect to DNS server. 3. In the Connect to DNS server dialog box, click The following computer, then specify the name or IP address of the remote computer. 4. In the console tree, expand DNS. 5. In the console tree, expand the Event Viewer folder. 6. In the details pane, click DNS Events. 7. To view additional details for a specific event, double-click the event. 5