WEBVTT

00:00.960 --> 00:09.320
High in the Folarin next lessons will configure DNS server we'll add the zones and her his services

00:09.360 --> 00:17.080
records and you'll also learn how to configure Duge to entirely without even those power shell.

00:17.340 --> 00:21.100
So let's get started with DNS.

00:21.190 --> 00:30.080
The first thing we have to find out is about primary zones and about managing DNS loans in whole.

00:30.240 --> 00:38.530
So primary DNS zone provides authoritative name resolution for the zone in traditional DNS.

00:38.550 --> 00:46.830
There is a single primary zone and as many secondary zones as needed to support the name resolution

00:46.830 --> 00:56.290
traffic for the zone Windows server supports traditional primary and secondary zones and Stob zones

00:56.640 --> 01:06.590
but to use as an Active Directory integrated primary DNS zone by default because Active Directory integration

01:06.650 --> 01:07.460
is used.

01:07.460 --> 01:15.950
The zone can be stored on all ADT as domain controllers provide providing a higher level of fault tolerance

01:16.340 --> 01:25.510
and distributing the name revolution directly across all domain controllers secondary DNS zones are

01:25.570 --> 01:33.620
it only zones that help distribute the network traffic and pro-white Foster name resolution.

01:33.800 --> 01:39.860
They contain full copies of all DNS records for the zone.

01:39.980 --> 01:50.180
They are primarily useful with traditional primary DNS lungs as Stob DNS loan doesn't contain full DNS

01:50.180 --> 01:52.200
information for the zone.

01:52.310 --> 02:01.220
All of the necessary information about which servers are authoritative for the long stub zones are useful

02:01.220 --> 02:10.400
when you don't want to expose all the details of a particular loan but still need to provide name resolution.

02:10.470 --> 02:18.850
The stop zone has records only for the primary DNS servers for the zone when a DNS request for the zone

02:18.870 --> 02:21.280
has received the stop zone.

02:21.280 --> 02:24.210
Where is the name servers.

02:24.650 --> 02:30.730
It has a list stop loan to also the DNS request.

02:30.740 --> 02:39.890
Remember when you deploy your first forest and the main Your initial domain and forest in active directory

02:40.700 --> 02:48.160
integrated primary DNS zone was created and configured for then your domain automatically this Fosler

02:48.180 --> 02:49.880
forward Look-Up zone.

02:50.090 --> 02:58.730
That is a zone that allows name lookups and redounds IP addresses the forest creation process does not

02:58.730 --> 03:08.310
however create reverse look up loan that allows IP address lookups that return the machine name.

03:08.330 --> 03:16.520
You can create additional DNS zones and configure them either as Active Directory integrated or to use

03:16.520 --> 03:18.780
standalone zone files.

03:19.980 --> 03:30.290
Secondary DNS zone always use standalone files when you can figure zone by use alone files their zone

03:30.350 --> 03:43.100
is stored in those zone files the default location for DNS a zone file is then your system 32 DNS folder

03:43.640 --> 03:53.480
with a file name of a long name dot DNS so DNS extension is for zone file where zone name is the name

03:53.480 --> 03:58.820
of the zone and the DNS extension I've mentioned already.

03:59.760 --> 04:10.500
As an example in my case it's come towards the dot com dot DNS primary DNS zones are the core of name

04:10.500 --> 04:16.320
resolution and are used for both for word look up and regards Low-Carb zones.

04:16.740 --> 04:24.870
You can create new zone change the set of the existing zones convert zones from file based to Active

04:24.870 --> 04:34.980
Directory integrated or even convert an Active Directory integrated into a file based on by first expert

04:35.040 --> 04:36.060
in the zone.

04:36.080 --> 04:47.130
Deleting it from a radius and then recreate in the zone as a file based on load existing parameter in

04:47.130 --> 04:48.700
both a shell.

04:48.750 --> 04:57.390
So let's create new primer rezone you can create new zone for both Active Directory integrated and file

04:57.390 --> 05:06.960
based loan's use the Add Desch DNS server primer Ozon comment lead to create more loans to create an

05:07.020 --> 05:18.630
Active Directory integrated primary for a lookup zone for let's say OLAP dord local use for the following

05:18.660 --> 05:27.090
command and there's DNS server primary Lohm Desch name and the name of the zone.

05:27.090 --> 05:38.220
In my case it's the lap dog let's say it will be Lebda dot com in and quotes another parameterless computer

05:38.220 --> 05:39.010
name.

05:39.030 --> 05:44.110
So in my case it will be in quotes.

05:44.130 --> 05:48.470
Lapidus see whammed dot com dot com.

05:48.620 --> 05:51.880
Then a replication scope.

05:52.020 --> 05:59.470
It will be for domain replication scope and dynamic updates will be secure.

06:01.570 --> 06:09.630
This creates an active directory integrated long letters replicated to the domain only except secure

06:09.640 --> 06:11.180
dynamic updates.

06:11.280 --> 06:17.610
They're pass through parameter tells Windows shell to report the results of the command.

06:17.620 --> 06:19.950
We've already used this parameter.

06:19.990 --> 06:24.620
It's very good parameter to remember.

06:24.740 --> 06:29.710
Of course you can always check it in the graphical user interface.

06:29.750 --> 06:37.700
In DNS manager after the loan you'll have dot com is added to by yours empowers shell.