Computers Windows Internet
Expand
home

Enable and configure the DNS server. DNS server installation DNS server installation

Installation and setup DNS servers and Active Directory v Windows Server 2016 practically does not differ from previous releases of Microsoft servers, such as Windows Server 2012, 2008. After a few steps, the DNS role and Active Directory Domain Services are installed, and the name server will also require a little configuration.

Installing and Configuring the DNS Server Role and Active Directory Domain Services

Before installing server roles, you need to set a name for the future server, as well as a static IP address. Also, if available, specify the IP address of the gateway.

1. Right-click on "This PC" and select "Properties". In the window that opens - "Change settings" - "Change". Set the computer name and click OK. For the changes to take effect, restart your computer.


2. In order to open network connections, in the "Search" field, type the command ncpa.cpl. Select the desired network interface, right-click - "Properties". IP version 6 (TCP / IPv6) is disabled if not used. Then select the IP version (TCP / IPv4). Fill in the fields:

IP address: server address (e.g. 192.168.100.5)

Subnet mask: netmask (e.g. 255.255.255.0)

Main gate: gateway if available (for example, 192.168.100.1)

Preferred DNS Server: (for example, 192.168.100.5)


3. Now you can start installing server roles. To do this, select "Server Manager".


4. In the next window - "Add roles and features".


5. Read "Before you start" and click "Next". Then leave the default checkbox "Install roles or features" and again "Next". In the next window, select the server on which we will install the roles and "Next".


6. Selecting server roles - check the boxes next to "DNS server" and "Active Directory Domain Services". When prompted to add components - "Add components". Then "Next".



8. After the installation of the selected server roles is complete, click on the warning icon in "Server Manager" and select "Promote this server to a domain controller".


9. In the next window - "Add new forest". The root domain name is the unique name of your domain.


10. In the "Parameters of the domain controller" we leave the default mode of operation of the forest and domain - "Windows Server 2016". We enter the password for Directory Services Restore Mode (DSRM). This password may come in handy, it must be remembered or written down in a safe place.


11. In the "DNS Settings" window - click "Next".


12. In "Advanced Options" - "Next".


13. The location of the AD DS database, log files and SYSVOL folders is left by default, click "Next".



15. After the server verifies that the prerequisites are met, you can click "Install".


16. After configuring the domain controller, you can proceed to configure the reverse zone of the DNS server. To do this, in the "Server Manager" select "Tools", then "DNS".


17. In the window that opens, select our server, then "Reverse Lookup Zone". Right mouse button - "Create a new zone ...".


18. In the wizard for creating a new zone, leave the type of zone - "Main zone", then "Next".


19. Leave the default checkbox on "For all DNS servers running on domain controllers in this domain, again "Next".


20. In the next window - "IPv4 Reverse Lookup Zone", then "Next".


21. To configure the reverse lookup zone, set the "Network ID" (for example, 192.168.100). After that, the reverse lookup zone will appear automatically. Click "Next".


22. In the next window, leave the default "Allow only secure dynamic updates", then "Next".


23. To complete the setup for creating a new zone, check the settings and click "Finish".


24. The reverse lookup zone for the domain appears.


25. In the "Server Manager" select "Active Directory Users and Computers". Checking the operation of Active Directory.


This completes the installation and configuration of the selected server roles.

You can see what and how to do here:

DNS stands for Domain Name System, that is, "Domain Name System". This is such a system in which all domain names of servers are distributed according to a certain hierarchy. Let's see what DNS servers are for, how to set them up on Windows 7, what to do if the server does not respond, and how to fix possible errors.

What is DNS and why is it needed

The DNS server stores information about domains. What is it for? The fact is that the computer does not understand our letter designations of network resources. Here, for example, yandex.ru. We call it a website address, and for a computer, it's just a set of characters. But the computer perfectly understands IP addresses and how to access them. IP addresses are represented as four numbers of eight characters in binary. For example, 00100010.11110000.00100000.11111110. For convenience, binary IP addresses are written as identical decimal numbers (255.103.0.68).

So, a computer, having an IP address, can immediately access the resource, but it would be difficult to remember the four-digit addresses. Therefore, special servers were invented, which stored the corresponding symbolic designation for each IP address of the resource. Thus, when you write a website address into the browser's search bar, the data is sent to the DNS server, which looks for matches with its database. Then DNS sends the correct IP address to the computer, and then the browser accesses the network resource directly.

When you set up DNS on your computer, the network connection will go through the DNS server, which allows you to protect your computer from viruses, set parental controls, block certain websites, and much more.

How to find out if the DNS server is enabled on the computer

You can find out if the DNS server is enabled on your computer and its address through the "Control Panel".

How to install

Video: DNS server setup

Why you need to change the DNS server

Of course, your ISP also has its own DNS server, your connection is defined through this server by default. But standard servers are not always the best choice: they can be very slow or even not work at all. Very often, the DNS servers of operators cannot cope with the load and “fall”. Because of which it is impossible to access the Internet.

In addition, standard DNS servers only have the functions of determining IP addresses and converting them to character ones, but they do not have any filtering function. Third-party DNS servers of large companies (for example, Yandex.DNS) do not have these shortcomings. Their servers are always located in different places, and your connection goes through the nearest one. As a result, page loading speed is increased.

They have a filtering function and implement a parental control function. If you have children, then this is the best option - dubious and not intended for children's audience sites will become inaccessible to them.

They have a built-in antivirus and a blacklist of sites. So fraudulent sites and sites containing malware will be blocked, and you will not be able to accidentally catch the virus.

Third-party DNS servers allow you to bypass site blocking. It sounds a bit absurd, because we said that DNS servers are designed to block unwanted resources. But the fact is that Internet providers are forced to prohibit access to sites prohibited by Roskomnadzor in their DNS servers. Independent DNS servers of Goggle, Yandex and others are not required to do this at all, so various torrent trackers, social networks and other sites will be available for visiting.

How to set up/change DNS

Here you can configure the order in which DNS servers are accessed. Inexperienced users should be explained that there is no one such server that would store all existing Internet addresses. There are too many websites now, so there are many DNS servers. And if the entered address is not found on one DNS server, the computer turns to the next one. So, in Windows, you can configure the order in which to access DNS servers.

You can configure DNS suffixes. If you do not know this, then you do not need these settings. DNS suffixes are a very difficult thing to understand and are more important for the providers themselves. In general terms, all url-addresses are divided into subdomains. For example, server.domain.com. So, com is the first level domain, domain is the second, server is the third. In theory, domain.com and sever.domain.com are completely different resources, with different IP addresses and different content. However, server.domain.com is still within domain.com, which in turn is within com. The DNS suffix when accessing the server is domain.com. Even though the IP addresses are different, the server can only be found through domain.com. In Windows, you can customize how to assign suffixes, which has certain advantages for internal networks. As for the Internet, the creators of DNS servers have already configured everything necessary automatically.

Possible errors and how to fix them

What to do if the server is not responding or not found

What should I do if I get the error "Computer settings are correct, but the device or resource (DNS server) is not responding" when I try to access a website? It is possible that the DNS service has been disabled on the computer for some reason. It is possible that the DNS server you are using has stopped working.


Doesn't resolve names correctly

If the DNS server does not resolve names, or resolves names incorrectly, there are two possible causes:

  1. DNS misconfigured. If you have exactly everything set up correctly, then there may be an error in the DNS server itself. Change the DNS server, the problem should be solved.
  2. Technical problems on the servers of the telecom operator. The solution to the problem is the same: use a different DNS server.

DHCP server: what is it and what are its features

The DHCP server automatically configures the network settings. Such servers will help in the home network so as not to configure each connected computer separately. DHCP independently prescribes network parameters to the connected device (including the host IP address, gateway IP address and DNS server).

DHCP and DNS are different things. DNS simply processes the request as a symbolic address and passes the corresponding IP address. DHCP is a much more complex and intelligent system: it organizes devices on a network, independently distributing IP addresses and their order, creating a network ecosystem.

So, we figured out that DNS servers are designed to transmit the IP address of the requested resource. Third-party DNS servers allow you to speed up the Internet (unlike standard provider servers), protect your connection from viruses and scammers, and enable parental control. Setting up a DNS server is not difficult, and most problems with it can be solved by switching to a different DNS server.

Viewed: 125678

0

Configuring a DNS Server to Point to Itself

One of the first tasks that should be done immediately after a DNS server is installed is to configure its TCP/IP settings so that it points to itself when resolving DNS names, unless there is some special reason for it to didn't do it.

3. In the Network Connections window, right-click the Local Area Connection icon and select Properties from the context menu.

4. Double-click the Internet Protocol (TCP/IP) entry.

5. In the section of the window that is associated with the DNS server, make sure that the Use the following DNS server address check box is selected, and enter the IP address of your DNS server in the "Preferred DNS server" field.

6. If there is another DNS server, enter its IP address in the Alternative DNS server field.

7. Double-click the OK button for the changes to take effect.

Setting up a DNS server

1. Open the Server Manager console.

2. Expand the Roles, DNS Server, and DNS nodes, and then click the name of the DNS server.

3. From the Action menu, select Configure DNS Server.

4. On the Welcome page of the DNS Server Configuration Wizard, click the Next button.

5. Select the Create forward and reverse lookup zones check box (recommended for large networks) and click the Next button.

6. Select Yes, create a forward lookup zone now (recommended) and click the Next button.

7. Specify what type of zone you want to create, in this case selecting the Primary zone option, and click the Next button. If the server is a write-access domain controller, the Save zone in Active Directory check box will also be available for selection.

8. If you save the zone in Active Directory, select the replication area and click the Next button.

9. Enter the zone's fully qualified domain name (FQDN) in the Zone name field and click Next.

10. At this stage, if you create a non-AD-integrated zone, you can either create a new text file for the zone or import an existing one. In this case, select the Create a new file with this name option and leave the default options, then click Next to continue.

11. On the next page, you will be prompted to allow or deny dynamic updates to the DNS server. In this example, we will prevent the DNS server from accepting dynamic updates by selecting the Disable dynamic updates check box and clicking the Next button.

12. The next page prompts you to create a reverse lookup zone. In this case, select the Yes, create a reverse lookup zone now check box and click the Next button.

13. Specify that the reverse lookup zone should be the primary zone by selecting the Primary zone radio button, and click the Next button.

14. If you save this zone in Active Directory, select the replication area and click the Next button.

15. Leave the default IPv4 Reverse Lookup Zone selected and click Next.

16. Enter the network ID for the reverse lookup zone and click the Next button. (Typically, the first set of octets from the zone IP address is entered as the Network ID. For example, if the network uses the Class C IP address range 192.168.0.0/24, then 192.168.0 can be entered as the Network ID.

17. If you create a non-AD-integrated zone, you will again be prompted to either create a new file for the zone or import an existing one. In this example, select the Create a new file with this name radio button and click the Next button.

18. You will then be prompted to specify whether dynamic updates should be allowed. For the purposes of this example, select the Disable dynamic updates check box and click the Next button.

19. On the next page, you will be prompted to configure the parameters of the repeaters. In this example, select the No, requests should not be redirected check box, and then click Next.

20. The final screen will provide a summary of the changes and zones that you have selected to make and add to the DNS database. Click on the Finish button to make all these changes and create the desired zones.

Open the Server Manager console. Expand the nodes Roles, DNS server, DNS, server name, forward lookup zones in sequence and select the zone we created.

A DNS server is an extremely useful feature to protect your own computer from malicious sites. The process of working for beginners seems difficult, but in reality everything is much simpler, and the procedure for installing a dns server will not take much time.

DNS is an acronym derived from Domain Name System. From English into Russian, this translates as "Domain Name System", which changes them into IP addresses. And the dns server stores the corresponding addresses in the database.

The work is carried out in this way: the browser, going to the site, accesses the DNS server to find out the desired address. The Server determines the site, sends a request to it, and sends the response back to the user.

How to know if the DNS server is enabled on a computer

The current DNS server settings are defined as follows:

  1. "Control Panel" -> "Network and Internet" -> "View network status and tasks". Highlight your network connection, go to the General panel, then properties.
  2. Go to the properties of "Internet Protocol Version 4 (TCP/IPv4)".
  3. Open the General tab. If the option to use the following DNS server addresses is activated, it means that it is in working mode.

Repeat the previous steps, activate "Use DNS server". After that, you will need to specify the primary DNS server, and then the secondary.

How to set up/change DNS

When changing or additional configuration, you do not need to perform many actions. You must use the window that was opened earlier, go to the "Advanced" item. Here, detailed adjustment of access to DNS servers is performed. In Windows 7, it's all possible to configure it yourself. Therefore, the question of how to change the dns server yourself will not cause problems.

DNS suffixes are also available for management. The average user does not need them. This setting, which helps to conveniently share resources, was created for providers.

On a wifi router

When using a router in the DNS options, you must set its IP address. To perform these manipulations, you will need enabled DNS relay and DHCP server.

The router interface is intended for checking and subsequent detailed settings. First you need to check the DNS in the WAN port. DNS relay is activated in the LAN port settings.

On the computer

Setting up a DNS server in Windows 10 is similar to a similar situation in earlier versions of the OS. First you need to select the properties of "Internet Protocol Version 4 (TCP/IPv4)". Go to advanced options and configure the list of servers.

Setting up a DNS server on a computer and on a laptop is the same.

On a tablet

Depending on the installed operating system, the actions are somewhat different, but they are all united by the following points:

  • Open the "Wi-Fi" menu located in the "Settings".
  • Go to the properties of the current Internet connection.
  • Click "Change network", then - "Show advanced options".
  • Scroll to the DNS servers item, then register them.

On a smartphone

Since now there is not much difference between the operating systems of a phone and a tablet, in order to configure the necessary dns servers, it is enough to know the instructions described above.

Possible errors and how to fix them

Problems with the Internet occur when the DNS server settings are incorrect, including when they fail unexpectedly.

What to do if the server is not responding or not found

Most often, this problem occurs when a server shutdown or lost settings. To do this, open the "Control Panel", go to "System and Security", then - "Administrative Tools". Click on "Services", find "DNS Client" and double click on it. The status bar shows the "Running" command. Otherwise, you need to select the automatic startup type from the drop-down list above.

If the service is running but the error still appears, there is a server problem. First, it is better to change the DNS server addresses according to the above instructions. However, it is still possible to reinstall the network card drivers, check the Internet connection and ask the provider about possible technical problems.

Doesn't resolve names correctly

With such an error, you need to check the correctness of the parameters of your DNS server. And it's better to just resort to changing the address of the dns server to get rid of the problem.

Also, problems are possible on the operator's servers, and the problem is solved in the same way - by changing the DNS.

For an inexperienced user, there is a list of quality and free servers:

Addresses: 8.8.8.8; 8.8.4.4

Like all Google services, it performs its tasks qualitatively, but it has a well-known disadvantage - it collects and stores user statistics. Despite this, the server does not have any access to personal data, so you should not worry about security.

If you want to learn more about server-work, there is official documentation on the information site.

OpenDNS

Addresses: 208.67.222.222; 208.67.220.220

A popular server due to the presence of a large range of filters and protection against identity theft. Basic features are free, but you can purchase premium access to create a "blocked network environment" and increase connection speed.

DNS.WATCH

Addresses: 84.200.69.80; 84.200.70.40

Does not require registration to use, provides a more serious level. The only negative is the low speed.

Norton ConnectSafe

Addresses: 199.85.126.10; 199.85.127.10

It also does not “request” pre-registration, it securely stores user data. Created by the developers of Norton antivirus, without requiring additional advertising.

Level3 DNS

Addresses: 4.2.2.1; 4.2.2.2

Suitable not only for personal use, but also for corporate purposes. A completely free resource, it ranks third in world popularity.

Comodo Secure DNS

Addresses: 8.26.56.26; 8.20.247.20

The basic version is free, but for some money it is possible to purchase a large number of useful services. In both paid and free versions, it provides reliable data protection.

OpenNIC DNS

Addresses: you should go to the project website, it will select the best ones depending on the user's location.

Due to its huge coverage, it allows you to conveniently surf the Internet anywhere in the world.

DHCP server: what is it and what are its features

Most suitable for grids with a large number of computers, due to the transfer of its network settings to all connected devices.

Such a server allows the administrator to set a range of server hosts and avoid spending a lot of time on detailed optimization.

It only works with IP address settings and the addresses themselves.

Conclusion

The primary task of DNS servers is to transmit an IP address. Servers from other companies, some of which are described above, can speed up and greatly facilitate Internet surfing. At the same time, it does not need painstaking configuration, and many errors are solved using another server.

By enabling this service on a VPNKI network, you will be able to use Microsoft Windows network protocols inside your VPN tunnels. This will allow you to refer to devices within your network by their names, such as \\SERVER or \\COMPUTER

You can also use the browse feature of Microsoft Windows resources on your network. The "Network" or "Network Places" tab in various versions of Windows is usually responsible for this. Using WINS you will be able to see, for example, such a picture.

on this picture:

CAR is a home laptop,

WINS is the VPNKI nameserver,

VILLAGE and FOREST - RaspberryPi devices in the country,

KUT - also RaspberryPi, but in a city apartment,

LIL - server in parents' apartment

As you can see from the picture, the main task of the WINS server is to find a computer by its name in the Microsoft network. It's almost like a DNS service on the Internet, only for the Netbios protocol. To be honest, the illogicality of this service and the number of different terms born inside Microsoft for its work is the topic of a separate article.

In this tutorial, we will try to briefly reflect the working settings and at the same time not go too deep into what is happening. The work of Netbios and WINS inside the local network is far from optimal, and even inside the VPN it is a double nightmare :)

Usage example

Let's say that in your home network there is a server or computer named \\SERVER, on which the network folder PHOTOS is given for public use (in terms of Microsoft Windows). You want to access this folder from anywhere on your network, even if you're connected via a VPN.

1. For this you need activate the WINS server service, which will act as a single registration point for Microsoft Windows resources within your distributed network. Its address on your network is 172.16.255.10

IMPORTANT 1: One small condition - all this will work if your computer or server belongs to the so-called workgroup named

You can check it in Windows OS, going into system settings:

If you have WORKGROUP in your system parameters, then feel free to move on. If not, then you can change it. You really need to reboot.

After starting the server, check its availability by running the command ping 172.16.255.10(Naturally, with a tunnel connected to the VPNKI system).

2. If the ping was successful, then register your devices that have Microsoft Windows resources (shared folders, printers, and other devices). Registration implies prescribing the address of the WINS server server - 172.16.255.10 in the settings of your devices. To do this, you need to make some changes:

2.1. For devices with Windows OS in the network connection settings (VPN tunnel to VPNKI), set the checkboxes as shown in the pictures below and specify the address of the WINS server

2.2. For devices with Linux OS specify the WINS server address 172.16.255.10 in the /etc/samba/smb.conf file settings

If you do not have samba, then install it with the command sudo apt-get install samba

Don't forget to check the workgroup name, it should be -

In no case should you set "wins supprot = yes", as this will force your samba to be a wins server.

Then restart samba (service samba stop, service samba start on systems with systemd and or /etc/init.d/)

3. After making changes to the network connection settings (for Windows OS) or Samba settings (for Linux), establish a connection with VPNKI and wait about 10 minutes.

During this time, a breathtaking process of registering resources in the WINS server takes place (you can’t say otherwise about the Netbios protocol).

After that, you can try to access your resource by typing its name in the Windows Explorer line in the format \\NAME.

This is how I access all my servers in the first picture... for example \\LIL or \\FOREST

4. The end point of the whole event was the desire to see all your resources in a networked environment (on a Windows computer). Try it - with the right settings, they should appear there. At a minimum, you should be able to see the WINS server itself. However, there is a difficulty...

IMPORTANT 2: The Browse function (that is, searching for resources on the network) will work if your network There is NO device that acts as Local Master (or Master Browser). It happens that when you start the smb service on home routers, it is your router that becomes the Local Master in your network, and with this function it will interfere with browsing and searching for Netbios resources throughout your network.

5. After successfully registering resources on the WINS server, you will be able to access them from anywhere in your network, even when connected through a VPN tunnel.

The device that will connect through the VPN tunnel must also use the WINS server setting, which can be:

  • hard to specify in the VPN connection settings, as indicated in paragraph 2.1. (WINS server address is visible on your page - 172.16.255.10)
  • or get the address of the WINS server via DHCP when connecting the tunnel to VPNKI (only for devices that support DHCP)

If you want to obtain the WINS server address automatically, then indicate this need on the "Apply applications to tunnels" page by checking the box next to the selected tunnel.

Technical features

Your WINS server at 172.16.255.10 is only the WORKGROUP nameserver and does not contain any other data.

If you establish a VPN connection with a PC that is connected to an office network that also has the workgroup name WORKGROUP, then in your network environment you will most likely see not only the workstations of your office colleagues, but also your home resources. Don't worry - no one but you sees these names, it's just that your Windows has combined their display on a single page.

Service testing period

We plan that the period of testing the WINS server service will take about a month.

Cancellation of the service

You can cancel the service at any time. In this case, all your device registrations will be deleted and the WINS server will be stopped.



Did not find an answer to your question? Look at here
Carrying out rescue operations in damaged (destroyed) buildings and structuresCarrying out rescue operations in damaged (destroyed) buildings and structures
Rescue operations in case of collapse of buildings and structuresRescue operations in case of collapse of buildings and structures
Autocad mechanical setting dimension stylesAutocad mechanical setting dimension styles