2. Configuring Names Resolution (22 percent) Flashcards
What is LLMNR?
LOCAL LINK MULTICAST NAME RESOLTION
Enabled on WIN 7 and windows 8
works on local subnet
multicasts not broad casts
What is NETBIOS?
Uses Broadcasts WINS LMHosts
Netbios Node types?
b node broadcast
p node point to point (uses WINS)
m node mixed broad cast & Wins
h node hybrid cast & Wins then LMHosts (default)
Netbios large organizations?
use push pull replication
What are the ZONES used by DNS?
Primary zone
Secondary zone
Stub zone
What is a primary zone?
Primary zone
When a zone that this DNS server hosts is a primary zone, the DNS server is the primary source for information about this zone, and it stores the master copy of zone data in a local file or in AD DS. When the zone is stored in a file, by default the primary zone file is named zone_name.dns and it is located in the %windir%\System32\Dns folder on the server.
What is a Secondary zone?
Secondary zone
When a zone that this DNS server hosts is a secondary zone, this DNS server is a secondary source for information about this zone. The zone at this server must be obtained from another remote DNS server computer that also hosts the zone. This DNS server must have network access to the remote DNS server that supplies this server with updated information about the zone. Because a secondary zone is merely a copy of a primary zone that is hosted on another server, it cannot be stored in AD DS.
What is a stub zone?
Stub zone
When a zone that this DNS server hosts is a stub zone, this DNS server is a source only for information about the authoritative name servers for this zone. The zone at this server must be obtained from another DNS server that hosts the zone. This DNS server must have network access to the remote DNS server to copy the authoritative name server information about the zone.
NS & assosiated a records
What is a resolver?
The requesting client
What replacement for NETBIOS/WINS?
GMZ
Global Names Zone
Create a new zone called ‘GLOBALNAMES’
to enable use cmd
dnscmd . /config /enableglobalnamessupport 1
. is local server else use name of the server
0 disable
1 enable
Ipconfig?
/registerdns : register client on DNS
/release - /renew
/flushdns :clearcache :
AAAA
Host record for IPv6
Forwards
(same as A record)
CMD install DNS on CORE?
start /locsetup DNS-Server-Core-Role
Using /w prevents the command prompt from returning until the installation completes. Without /w, there is no indication that the installation completed.
Case sensitive
CORE: Add zone
dnscmd /Zoneadd
Syntax
dnscmd [ServerName] /zoneadd ZoneName ZoneType [/dp FQDN| {/domain|/enterprise|/legacy}] /load
Example
dnscmd dnssvr1.contoso.com /zoneadd test.contoso.com /dsprimary
CORE: Add record
dnscmd recordadd
Syntax
dnscmd [ServerName] /recordadd ZoneName NodeName RRType RRData
Example
dnscmd dnssvr1.contoso.com /recordadd contoso.com test A 10.0.0.5
CORE: Update AD DNS
dns /zoneupdatefromdns
dnscmd ServerName /zoneupdatefromds ZoneName
CMD: Server dns using old host
dnscmd /clearcache
Difference between a conditional forwarder and a forwarder?
a forwarder forwards all external (internet) dns queries to another dns server
a conditional forwarder checks the query first and depending on the requested domain he sends it to another server or resolves it himself
dnscmd cmd to tighten security
dnscmd /config /CachLockingPercent 90
Prevent malisious overwriting DNS Cache with spoofed hosts
dnscmd /config /SocketPoolSize 5000
Source port randomization is a method that can be used to protect against DNS cache poisoning attacks.
cache poisoning :
How to check/start SRV records in promoted DC sever….
- Restart the Netlogon service on domain controller.
- Run DcDiag /fix
- Run NetDiag /ifx
- Re-register from Netlogon.dns file in \Windows or Winnt\System32\Config directory.
The SRV Records of a domain controller in the domain plays an important role in Active Directory. Active Directory can not work without a DNS server. The DNS server in Active Directory is used to locate Domain Controllers in the forest or domain with the help of SRV records. Service Records or SRV records are registered specifically for domain controllers when you promote a member server to domain controller. The Netlogon service on domain controller is responsible to register SRV records.
