Sei sulla pagina 1di 14

DHCP Server

Updated: September 2, 2008

Dynamic Host Configuration Protocol (DHCP) is a client-server technology that allows DHCP servers to
assign, or lease, IP addresses to computers and other devices that are enabled as DHCP clients.

When you deploy DHCP servers on your network, you can automatically provide client computers and other
TCP/IPv4 and IPv6 based network devices with valid IP addresses. You can also provide the additional
configuration parameters these clients and devices need, called , which allow them to connect to other
network resources, such as DNS servers, WINS servers, and routers.

DHCP Step-by-Step Guide: Demonstrate DHCP Link Layer-


based Filtering in a Test Lab
Security and network administrators are increasingly wary of internal security threats, in addition to threats
from the outside, due to the introduction of uncertified hardware and software on the network, such as
packet sniffers, Remote Monitoring (RMON) probes, and personal portable computers and PDAs that are
potentially compromised and non-security compliant. Link layer-based filtering for Dynamic Host
Configuration Protocol (DHCP) enables administrators to control network access based on media access
control (MAC)address, providing a low-level security method. Combined with other network access
technologies, such as Network Access Protection (NAP), Internet Protocol security (IPsec), and Windows
Firewall with Advanced Security, link layer-based filtering can be an integral piece of your internal network
defense. The link layer filtering controls are built into the DHCP console for easy configuration and allow the
administrator to specify which MAC addresses are allowed on the network and which are denied access. You
can use wild cards to allow or deny network access based on vendor MAC prefixes. Link layer filtering is
currently available for IPv4 address only.

The step-by-step instructions in this paper will show you how to deploy link layer-based filtering in a test lab
so that you can better understand how this configuration works.

In this guide
This paper contains an introduction to link layer based filtering and instructions for setting up a test lab
using one DHCP server and three client computers.

Important

The following instructions are for configuring a test lab using the minimum number of computers. Individual computers are n
provided on the network and to clearly show the desired functionality. This configuration is not designed to reflect best practi
recommended configuration for a production network. This configuration, including IP addresses and all other configuration p
work on a separate test lab network.
Scenario overview
In this test lab, link layer-based filtering is deployed on one server running the Windows Server® 2008 R2
operating system with DHCP installed, and three client computers running the Windows® 7operating system
with the DHCP Client service running. A computer running Windows Server 2003 is also used in the test lab
as a domain controller and Domain Name System (DNS) server.

• All the domain-joined DHCP clients are configured to dynamically obtain the IP address from the
DHCP server in the domain.

• DHCP Client 1 is a healthy network authorized client computer that is active and has an IP address
from the DHCP server.

• DHCP Client 2 is a malicious unauthorized client computer that is active and has an IP address from
DHCP Server 1.
• DHCP Client 3 is a new client computer that is inactive and does not have network connectivity.

Software requirements
The following are required components of the test lab:

• The product disc for Windows Server 2008 R2.

• The product disc for Windows Server 2003 with Service Pack 2 (SP2).

• The product disc for Windows 7.

This lab demonstrates link layer-based filtering with a DHCP server in a domain with Active
Directory® directory services and Windows Server 2003 installed. You can also make the domain
controller in this lab run Windows Server 2008 R2.

Steps for configuring the test lab


The following are the installation, configuration, and post-installation configuration stages required to set up
this test lab:

• Configure DC1.

DC1 is a server running the Windows Server 2003 Standard Edition operating system. DC1 is
configured as a domain controller with Active Directory. It is also configured as the primary DNS
server for the intranet subnet.

• Configure DHCP Server 1.

DHCP Server 1 is a server running Windows Server 2008 R2. DHCP Server 1 is configured with the
DHCP Server service, and functions as a DHCP server in the domain.

• Configure Windows-based DHCP clients

DHCP Client 1, DHCP Client 2, and DHCP Client 3 are client computers running Windows 7. DHCP
Client 1, DHCP Client 2, and DHCP Client 3 are configured to request IP addresses from DHCP
Server 1.

After all the components are configured, this guide will provide steps to demonstrate how link layer-based
filtering gives you the control to allow or deny network access to the three clients based on MAC address.

Configure DC1
DC1 is a computer running Windows Server 2003 Standard Edition with SP2 that provides the following
services:

• A domain controller for the Contoso.com Active Directory domain.

• A DNS server for the Contoso.com DNS domain.

To configure DC1 complete the following tasks:

• Install the operating system.

• Configure Transmission Control Protocol/Internet Protocol (TCP/IP)

• Install Active Directory and DNS.


• Create a user account and group in Active Directory.

The following sections explain these tasks in detail.

Install the operating system on DC1


Install Windows Server 2003 SP2 as a stand-alone server.

To install the operating system on DC1


1. Start your computer using the Windows Server 2003 product disc.

2. When prompted for a computer name, type DC1.

Configure TCP/IP on DC1


Configure TCP/IP with a static IP address of 172.16.1.1 and the subnet mask of 255.255.255.0.

To configure TCP/IP on DC1


1. Click Start, click Control Panel, and then double-click Network Connections.

2. Right-click Local Area Connection, and then click Properties.

3. Click Internet Protocol (TCP/IP), and then click Properties.

4. Select Use the following IP address. Type 172.16.1.1 next to IP


address and 255.255.255.0 next to Subnet mask.

5. Verify that Preferred DNS server is blank.

6. Click OK, click Close, and then close the Network Connections window.

Configure DC1 as a domain controller and DNS server


DC1 will serve as the only domain controller and DNS server for the Contoso.com domain.

To configure DC1 as a domain controller and DNS server


1. To start the Active Directory Installation Wizard, click Start, click Run, type dcpromo, and then
press ENTER.

2. In the Active Directory Installation Wizard dialog box, click Next.

3. Operating system compatibility information is displayed. Click Next again.

4. Verify that Domain controller for a new domain is selected, and then click Next.

5. Verify that Domain in a new forest is selected, and then click Next two times.

6. On the Install or Configure DNS page, select No, just install and configure DNS on this
computer, and then click Next.

7. Type Contoso.com next to Full DNS name for new domain, and then click Next.

8. Confirm that the Domain NetBIOS name shown is CONTOSO, and then click Next.

9. Accept the default Database Folder and Log Folder directories, and then click Next.

10. Accept the default folder location for Shared System Volume, and then click Next.
11. Verify that Permissions compatible only with Windows 2000 or Windows Server 2003
operating systems is selected, and then click Next.

12. Leave the Restore Mode Password and Confirm Password text boxes blank, and then
click Next.

13. View the summary information provided, and then click Next.

14. Wait while the wizard completes configuration of Active Directory and DNS services, and then
click Finish.

15. When prompted to restart the computer, click Restart Now.

16. After the computer is restarted, log on to the CONTOSO domain using the Administrator account.

Create a user account in Active Directory


Next, create a user account in Active Directory. This account will be used when logging in to DHCP Server 1
and DHCP Server 2.

To create a user account in Active Directory


1. Click Start, point to Administrative Tools, and then click Active Directory Users and
Computers.

2. In the console tree, double-click Contoso.com, right-click Users, point to New, and then
click User.

3. In the New Object - User dialog box, next to Full name, type User1, and in User logon name,
type User1.

4. Click Next.

5. In Password, type the password that you want to use for this account, and in Confirm password,
type the password again.

6. Clear the User must change password at next logon check box, and select the Password
never expires check box.

7. Click Next, and then click Finish.

8. Leave the Active Directory Users and Computers console open for the following procedure.

Add user1 to the DHCP Administrators group


Next, add the newly created user to the DHCP Administrators group and use it for all of the configuration
activities.

To add a user to the DHCP Administrators group


1. In the Active Directory Users and Computers console tree, click Users.

2. In the details pane, double-click DHCP Administrators.

3. In the DHCP Administrators Properties dialog box, click the Members tab, and then click Add.

4. Under Enter the object names to select (examples), type User1, the user name that you
created in the previous procedure, click OK, and then click OKagain.
5. Leave the Active Directory Users and Computers console open for the following procedure.

Configure DHCP Server 1


For the test lab, DHCP Server 1 will be running Windows Server 2008 R2, with the DHCP Server service,
which provides IP addresses and leases for the requesting DHCP clients. To configure DHCP Server 1,
complete the following tasks:

• Install the operating system.

• Configure TCP/IP.

• Join the computer to the domain.

• Install DHCP server roles.

• Configure DHCP.

Install Windows Server 2008 R2


To install Windows Server 2008 R2
1. Start your computer using the Windows Server 2008 R2 product CD.

2. When prompted for the installation type, select Custom.

3. Follow the instructions that appear on your screen to finish the installation.

Install the DHCP server role


1. Click Start, and then click Server Manager.

2. Under Roles Summary, click Add roles, and then click Next.

3. On the Select Server Roles page, select the DHCP server, and then click Next two times.

4. On the Select Network Connection Bindings page, verify that 172.16.1.2 is selected, and then
click Next on DHCP Server 1. Similarly, on the Select Network Connection Bindings page,
verify that 172.16.1.3 is selected, and then click Next on DHCP Server 2.

5. On the Specify IPv4 DNS Server Settings page, verify that contoso.com is listed under Parent
domain.

6. Type 172.16.1.1 under Preferred DNS server IP address, and then click Validate. Verify that
the result returned is valid, and then click Next.

7. On the Specify WINS Server Settings page, accept the default setting of WINS is not required
on this network, and then click Next.

8. On the Add or Edit DHCP Scopes page, click Add.

9. In the Add Scope dialog box, type SS Scope next to Scope Name. Next to Starting IP
Address, type 172.16.1.4, next to Ending IP Address, type172.16.1.204, and next to Subnet
Mask, type 255.255.255.0.

10. Select the Activate this scope check box, click OK, and then click Next.
11. On the Configure DHCPv6 Stateless Mode page, select Disable DHCPv6 stateless mode for
this server, and then click Next.

12. On the Authorize DHCP Server page, select Use current credentials. Verify
that CONTOSO\user1 is displayed next to Username, and then click Next.

13. On the Confirm Installation Selections page, click Install.

14. Verify that the installation was successful, and then click Close.

Configure DHCP on DHCP Server 1


DHCP Server 1 is the member servers that will provide DHCP addressing. The DHCP service was partially
configured during installation with Server Manager on both of these servers.

We will configure scope options further for DHCP Server 1.

Open the DHCP console


To open the DHCP console
1. Click Start, click Run, type dhcpmgmt.msc, and then press ENTER.

2. Leave this window open for all DHCP configuration tasks.

Configure the default user class on DHCP Server 1


Next, configure scope options for the default user class. These server options are used when a client
computer attempts to access the network and obtain an IP address from the DHCP server.

To configure default user class scope options


1. In the DHCP console tree, under Scope [172.16.0.0] SS Scope, right-click Scope Options, and
then click Configure Options.

2. On the Advanced tab, verify that Default User Class is selected next to User class.

3. Select the 006 DNS Servers check box, in IP Address, under Data entry, type 172.16.1.1, and
then click Add.

4. Select the 015 DNS Domain Name check box, in String value, under Data entry,
type contoso.com, and then click OK.

Note

The 003 Router option is configured in the default user class if a default gateway is required for client computers. Be
lab are located on the same subnet, this option is not required.

Configure the DHCP Clients


DHCP Client 1, DHCP Client 2, and DHCP Client 3 are computers running Windows Server 2008 R2 that you
will use to demonstrate DHCP clients requesting IP Addresses from the DHCP Server in the domain. To
configure the DHCP clients, complete the following steps:

• Install the operating system.

• Configure TCP/IP.

• Verify network connectivity.


• Join the computer to the domain and restart the computer.

Install Windows 7 Client on DHCP Clients


To install the operating system on DHCP Client 1, DHCP Client 2, and DHCP Client 3
1. Start your computer using the product discs for Windows 7.

2. When prompted for the installation type, select Custom Installation.

3. When prompted for a computer name, type DHCP Client 1, DHCP Client 2, and DHCP Client 3.

4. On the Select your computer's current location page, click Work.

5. Follow the rest of the instructions that appear on your screen to finish the installation.

Configure TCP/IP on the 3 DHCP Clients


Complete all of the following steps on each of the three client computers.

To configure TCP/IP on DHCP Client 1, DHCP Client 2, and DHCP Client 3


1. Click Start, and then click Control Panel.

2. Click Network and Internet, click Network and Sharing Center, and then click Manage
network connections.

3. Right-click Local Area Connection, and then click Properties.

4. In the Local Area Connection Properties dialog box, clear the Internet Protocol Version 6
(TCP/IPv6) check box. This will reduce the complexity of the lab, particularly for those who are
not familiar with IPv6.

5. Click Internet Protocol Version 4 (TCP/IPv4), and then click Properties.

6. Verify that Obtain an IP address automatically and Obtain DNS server address
automatically are selected.

7. Click OK, and then click Close to close the Local Area Connection Properties dialog box.

8. Close the Network Connections and Network and Sharing Center windows.

Join DHCP Clients to the Contoso.com domain


Because the DHCP clients now have access to domain services, they can be joined to the domain. Complete
all of the following steps on each of the three client computers.

To join DHCP Client 1, DHCP Client 2, and DHCP Client 3 to the Contoso.com domain
1. Click Start, right-click Computer, and then click Properties.

2. Under Computer name, domain, and workgroup settings, click Change settings.

3. In the System Properties dialog box, click Change.

4. In the Computer Name/Domain Changes dialog box, select Domain, type Contoso.com, and
then, in Computer Name, typeenggmachine1.contoso.com.

5. Click More, and then, in Primary DNS suffix of this computer, type Contoso.com.

6. Click OK two times.


7. When prompted for a user name and password, type the user name and password for the User1
account, and then click OK.

8. When you see a dialog box that welcomes you to the Contoso.com domain, click OK.

9. When you see a dialog box that tells you that you must restart the computer to apply changes,
click OK.

10. In the System Properties dialog box, click Close.

11. In the dialog box that prompts you to restart the compute, click Restart the computer now.

Release and Renew IP addresses on the DHCP Clients


Next, obtain a new IP address profile for the DHCP clients from DHCP. Complete all of the following steps on
each of the three client computers

To renew IP addressing on the DHCP Clients


• On a DHCP client, in the Administrator: Command Prompt window, type ipconfig /renew, and
then press ENTER.

• In the Command Prompt window, type ping 172.16.1.1, and then press ENTER.

• Verify that the response reads Reply from 172.16.1.1.

• In the Command Prompt window, type ipconfig, and then press ENTER.

• In the command output, verify that the value of Connection-specific DNS


Suffix is contoso.com and that the value of Subnet Mask is 255.255.255.0.

• In the Command Prompt window, type route print -4, and then press ENTER.

• In the command output, below Active Routes, verify that a Network


Destination of 172.16.1.1 is displayed.

• Close the Command Prompt window.

All three clients should have unrestricted access to the network at this point. In the next steps, we will add
clients to the link layer-based filtering on the DHCP Server 1 allow and deny lists and demonstrate that one
client retains access while the other two clients are denied access.

Configure DHCP on DHCP Server 1 to allow and deny DHCP clients


You may remember that our clients represent domain-joined DHCP clients configured to dynamically obtain
IP addresses from the DHCP server in the domain

• DHCP Client 1 is a healthy network authorized client computer that is active and has an IP address
from the DHCP server.

• DHCP Client 2 is a malicious unauthorized client computer that is active and has an IP address from
the DHCP Server 1.

• DHCP Client 3 is a new client computer that is inactive and does not have network connectivity.

Open the DHCP console


Next, we will add DHCP Client 1 to the allow list and DHCP Client 2 to the deny list. DHCP Client 3 will not be
added to any list and therefore will be denied network access as well.
To open the DHCP console
1. Click Start, click Run, type dhcpmgmt.msc, and then press ENTER.

2. Leave this window open for all DHCP configuration tasks.

Configure the Allow filter on DHCP Server 1


Next, configure the Allow filter under the IPv4 node by adding the MAC address of DHCP Client 1. A DHCP
server offers its services to the DHCP clients based on the availability of MAC address filtering. Once the
Allow filter is set, all DHCP operations are based on the access controls (allow/deny).

Note

You can add a valid MAC address to either the Allow or Deny filters, but not both.
To configure the Allow filter
1. In the DHCP console tree of DHCP Server 1, under IPv4, click Filters, under Filters right-
click Allow, and then click New Filter.

2. In the New Allow Filter dialog box, in MAC Address, enter a six hexadecimal number
representing the MAC or physical address of DHCP Client 1, and then click Add.

3. Under Filters right-click the Allow node, and then click the Enable pop-up menu item.

Configure the Deny filter on DHCP Server 1


Next, configure the Deny filter under the IPv4 node by adding the MAC address of DHCP Client 2.

To configure the Deny filter


1. In the DHCP console tree of DHCP Server 1, under IPv4, click Filters, right-
click Deny under Filters, and then click New Filter.

2. In the New Deny Filter dialog box, in MAC Address, enter a six hexadecimal number representing
the MAC or physical address of DHCP Client 2, clickAdd, and then click Close.

3. Under Filters right-click the Deny node, and then click the Enable pop-up menu item.

Release and Renew IP addresses on the DHCP clients


Now that the Allow and Deny filters are set, renew the IP addresses on the client computers and notice that
DHCP Client 1 retains network connectivity while DHCP clients 2 and 3 are denied access. Repeat the
following steps on each of the DHCP clients.

To renew IP addressing on the DHCP clients


• On DHCP Client 1, in the Administrator: Command Prompt window, type ipconfig /renew, and
then press ENTER.

• In the Command Prompt window, type ping 172.16.1.1, and then press ENTER.

• Verify that the response reads Reply from 172.16.1.1 on DHCP Client 1 and Response timed
out for DHCP clients 2 and 3.

• In the Command Prompt window, type ipconfig, and then press ENTER.

• In the command output, verify that the value of Connection-specific DNS


Suffix is contoso.com and that the value of Subnet Mask is 255.255.255.0for DHCP Client 1
and that these filed are blank for DHCP clients 2 and 3.

• In the Command Prompt window, type route print -4, and then press ENTER.
• In the command output, below Active Routes, verify that a Network
Destination of 172.16.1.1 is displayed for DHCP Client 1, and that there is no route displayed for
DHCP clients 2 and 3.

• Close the Command Prompt window.

Appendix
This appendix will help you with troubleshooting techniques and the setting of optional features in Windows
Server 2008 R2 and Windows 7.

Review DHCP client events


Reviewing information contained in DHCP client events can help you with troubleshooting. It can also help
you understand DHCP client functionality.

To review DHCP client events in Event Viewer


1. Click Start, point to All Programs, click Accessories, and then click Run.

2. Type eventvwr.msc, and press ENTER.

3. In the left tree, navigate to Event Viewer (Local)\Windows Logs\System.

4. Click an event in the middle pane.

5. By default, the General tab is displayed. Click the Details tab to view additional information.

6. You can also right-click an event and then click Event Properties to open a new window for
reviewing events.

Review DHCP server events


Reviewing information contained in Windows System events on your DHCP servers can help you with
troubleshooting. It can also help you understand DHCP server functionality.

To review DHCP server events in Event Viewer


1. Click Start, and then click Run.

2. Type eventvwr.msc, and then press ENTER.

3. In the left tree, navigate to Event Viewer (Local)\Custom Views\Server Roles\DHCP Server.

4. Click an event in the middle pane.

5. By default, the General tab is displayed. Click the Details tab to view additional information.

6. You can also right-click an event and then click Event Properties to open a new window for
reviewing events. The following are the events that pertain to this feature:

• 20093 - ERROR_DHCP_LINKLAYER_ADDRESS_EXISTS

Address or address pattern is already contained in one of the list.

• 20094 - ERROR_DHCP_LINKLAYER_ADDRESS_RESERVATION_EXISTS

Address to be added to Deny list or to be deleted from allow list has an associated reservation.
• 20095 - ERROR_DHCP_LINKLAYER_ADDRESS_DOES_NOT_EXIST

Address or Address pattern is not contained in either list

• 20096 - EVENT_FILTER_DENIED_IN_DENY_LIST

DHCP services were denied to computer with hardware address %1, hardware type %4, and
FQDN/Hostname %2 because it matched entry %3 in the Deny list.

• 20097 - EVENT_FILTER_DENIED_NOT_IN_ALLOW_LIST

DHCP services were denied to computer with hardware address %1, hardware type %3, and
FQDN/Hostname %2 because it did not match any entry in the Allow list.

• 20098 - EVENT_FILTER_EMPTY_ALLOW_LIST

No DHCP clients are being served because the Allow list is empty and the server was configured to
provide DHCP services to clients whose hardware addresses are present in the Allow list.

• 20099 - EVENT_FILTER_DENIED_IN_DENY_LIST_UNSPECIFIED

DHCP services were denied to computer with hardware address %1, hardware type %4, and
unspecified FQDN/Hostname%2 because it matched entry %3 in the Deny list.

• 20100 - EVENT_FILTER_DENIED_NOT_IN_ALLOW_LIST_UNSPECIFIED

DHCP services were denied to computer with hardware address %1, hardware type %3, and
unspecified FQDN/Hostname%2 because it did not match any entry in the Allow list.

• 20101 - ERROR_DHCP_HARDWARE_ADDRESS_TYPE_ALREADY_EXEMPT

This hardware type is already exempt.

• 20102 - ERROR_DHCP_UNDEFINED_HARDWARE_ADDRESS_TYPE

You are trying to delete an undefined hardware type. To define/add a hardware type, use
'add filterexemption'.
DNS Operations Guide
Updated: March 2, 2005

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows
Server 2003 with SP2

The DNS Operations Guide provides administering and troubleshooting information for Domain Name
System (DNS) in the Microsoft® Windows Server™ 2003 with Service Pack 1 (SP1) operating system.

In this guide

Administering DNS Operations


Updated: March 2, 2005

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows
Server 2003 with SP2

This Domain Name System (DNS) Administering guide provides administering information for DNS in the
Microsoft Windows Server 2003 with Service Pack 1 (SP1) operating system.

In this guide

• Introduction to Administering DNS Operations

• Managing DNS

• Monitoring DNS

• Optimizing DNS

• Securing DNS

Introduction to Administering DNS Operations


Updated: March 2, 2005

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows
Server 2003 with SP2

This guide explains how to administer Microsoft Domain Name System (DNS). These activities are part of
the operating phase of the information technology (IT) life cycle. If you are not familiar with this guide,
review the following sections of this introduction.
When to Use This Guide
You should use this guide when:

• You want to manage DNS servers.

• You want to manage DNS clients.

This guide assumes a basic understanding of what DNS is, how it works, and why your organization uses it
for name resolution. You should also have a thorough understanding of how DNS is deployed and managed
in your organization. This includes an understanding of the mechanism that your organization uses to
configure and manage DNS settings.

This guide can be used by organizations that have deployed Windows Server 2003 Service Pack 1 (SP1). It
includes information that is relevant to different roles within an IT organization, including IT operations
management and administrators. This guide contains high-level information that is required to plan a DNS
operations environment, along with management-level knowledge of the DNS and IT processes that are
required to operate it.

In addition, this guide contains more detailed procedures that are designed for operators who have varied
levels of expertise and experience. Although the procedures provide operator guidance from start to finish,
operators must have a basic proficiency with Microsoft Management Console (MMC) and snap-ins and know
how to start administrative programs and access the command line. If operators are not familiar with DNS,
it might be necessary for IT planners or managers to review the relevant operations in this guide and
provide the operators with parameters or data that must be entered when the operations are performed.

How to Use This Guide


The operations areas are divided into the following types of content:

• Objectives are high-level goals for managing, monitoring, optimizing, and securing DNS. Each
objective consists of one or more high-level tasks that describe how the objective is accomplished.
In this guide, Managing Domain Name System Servers is an example of an objective.

• Tasks are used to group related procedures and provide general guidance for achieving the goals of
an objective. In this guide, Modifying an Existing DNS Server is an example of a task.

• Procedures provide step-by-step instructions for completing tasks. In this guide,Change the name-
checking method of a DNS server is an example of a procedure.

If you are an IT manager who will be delegating tasks to operators in your organization, you will want to:

• Read through the objectives and tasks to determine how to delegate permissions and whether you
need to install tools before operators perform the procedures for each task.

• Before assigning tasks to individual operators, ensure that you have all the tools installed where
operators can use them.

• When necessary, create “tear sheets” for each task that operators perform in your organization. Cut
and paste the task and its related procedures into a separate document and then either print these
documents or store them online, depending on the preference of your organization.

Managing DNS
Updated: March 2, 2005
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows
Server 2003 with SP2

This guide describes processes and procedures for improving the management of Windows Server 2003
Domain Name System (DNS) in your network infrastructure. Ensuring that DNS is functioning properly helps
increase system availability for your users.

The following tasks for managing DNS are described in this objective:

• Managing Domain Name System Servers

• Managing Domain Name System Clients

• Managing Domain Name System Zones

• Managing DNS Resource Records

Potrebbero piacerti anche