Understanding forwarders

Scenario: Your network is a multiple-domain Active Directory with two forests, each containing multiple child domains. Full trust is configured among the domains. When a trust exists between two domains, the authentication mechanisms for each domain trust the authentications coming from the other domain. Trusts help provide for controlled access to shared resources in a resource domain (the trusting domain) by verifying that incoming authentication requests come from a trusted authority (the trusted domain). In this way, trusts act as bridges that allow only validated authentication requests to travel between domains. What Are Domain and Forest Trusts?  The network includes several branch offices with computers in the branch offices running Windows 7 or Windows Server 2008 R2 over low-bandwidth links. Each branch office has a Dynamic Host Configuration Protocol (DHCP) server. Each branch office has at least one domain controller configured as a Domain Name System (DNS) server and hosts an Active Directory-integrated DNS zone. Computers in the branch offices need to use resources throughout the network. You want to configure name resolution for the branch offices. You need to keep the traffic generated by fully qualified domain name (FQDN) resolution attempts to a minimum.

About IPv6 TCP/IP and Windows Server 2008

Overview

Web Running Out of Addresses

In the mid 1990s, we started to run into an ever shrinking pool of IPv4 addresses. According to the Wall Street Journal, February 1, 2011, was the week the last batch of Internet addresses was doled out.

IPv4_address_exhaustion

Because of the growing proliferation of network devices and the expanding Internet, Internet Protocol version 6 (Ipv6), is built into Windows Server 2008. Ipv6 is a new suite of protocols developed to ensure growing Internet client needs. The IPv4 scalability will no longer meet the challenges ahead.

Configuring and Troubleshooting DHCP

Overview of the DHCP Server Role

One of the major problems in networks when the move was made to the TCP/IP protocol, was getting the IP address input onto each machine.

The solution is DHCP (Dynamic Host Configuration Protocol). The DHCP server maintains a pool of IP addresses and DHCP leases out an IP address for a period of time to DHCP-enabled host machines on the network. DHCP provides the IP address along with the subnet mask and default gateway (router). The IP addresses are returned to the pool to be reallocated, when they are no longer in use. DHCP waits for the client to request an IP address using network Broadcasts.

WINS and Server 2008

Overview of the Windows Internet Name Service 

WINS is a NetBIOS Name Server (NBNS). Windows hosts support two types of names, host names and NetBIOS names. 

In a Windows OS, network services can be requested using Windows Sockets, Winsock Kernel, or NetBIOS. If Windows Sockets or Winsock Kernel is requested, the host name is used. Windows Sockets is used to access network services in many applications. The newer applications that were designed for Windows 7 and Windows Server 2008 R2 use Winsock Kernel.  If NetBIOS is used, the application uses a NetBIOS name.

Troubleshooting tips for DNS

Time to Live, Aging, and Scavenging

Feature	Description
Time to Live (TTL)	How long a DNS record will be valid
Aging	When records inserted into the DNS server reach expiration and are removed
Scavenging	Remove old DNS records

Time to Live – TTL depends on the type of DNS record. MX records have a longer TTL than a host A record, for example. The TTL can be modified.
Resource Record Types

Aging – DNS record removal helps to keep DNS accurate and using less disk space.

Scavenging – If DNS records have not been aged, we can force a database cleanup by removing stale records. This can be done by scavenging DNS records. Stale resource records can slow down DNS lookups and cause errors.

Tips on How to Configure DNS Zones

DNS zones allow domains to be logically configured and managed in a structured way. A zone hosts all of a domain or parts of a domain and its subdomains.

Take for example, pcrepairnorthshore.com. Imagine pcrepairnorthshore.com is divided into two zones. The first zone hosts www.pcrepairnorthshore.com and ftp.pcrepairnorthshore.com.  Let’s pretend we have a site called offsite.pcrepairnorthshore.com. We delegate it to a new zone that hosts the offsite.pcrepairnorthshore.com and its subdomains ftp.offsite.pcrepairnorthshore.com and www.offsite.pcrepairnorthshore.com.

Configure the DNS Server Role

Components of a DNS Solution

• DNS Clients. Windows, Unix, Linux, Macs operating systems. Windows systems also maintain a local DNS Resolver cache.
• DNS Servers. Host a distributed heirarchical database of resource records stored by the DNS zone and include:

Installing a DNS Server Role in Windows Server 2008

DNS recognizes computers by alphanumeric names and translates the names to the numerical IP addresses recognized by computers and networking equipment. DNS resolves the computer names to the IP addresses.

DNS is installed as a role in Windows Server 2008. It can be installed with Server Manager and with the DNS Server command from the command prompt. The preferred way is to install the DNS Server Role when Active Directory Domain Services is installed, if you want to integrate the DNS domain namespace with the AD DS domain namespace. In addition, Server Core can act as a DNS Server.

Overview of Server Roles and Features in Windows Server 2008

Server Roles describe the primary functions of a server in Windows Server 2008. On a server, there can be one or more server roles. For example, you can have a DNS server or a Web server, or a server comprising multiple roles.

The Precision Guide to Windows Server 2008 Active Directory Configuration Review

Kurt Dillard's Study Guide for the 70-640 Exam helped me to pass and obtain the Microsoft MCTS Active Directory 2008, Configuring certification. After studying several Microsoft reference materials and practice tests, and still having trouble in a couple of areas, I picked up Kurt's Study Guide. Kurt explains the relevant facts to focus on for the certification test and presents it in a simple to understand format. At the end of each chapter, Kurt has questions and answers for you to check your comprehension. This is a great value and will surely help you to achieve your next certification! I look forward to referencing Kurt's other study guides.

Quick Check Facts for Microsoft Windows Server 2008 Active Directory, Configuring

DNS (Domain Name System) for Active Directory

• Zone Types
• Primary: hosts a writable master copy of the zone data and is authoritative for the zone. Can be integrated with Active Directory.
• Secondary: is a read-only copy of a zone from the master DNS server and is a secondary source of information for the zone. 

DNS Tools and Settings

Useful Tools for Troubleshooting DNS 

About DNS and Windows Active Directory

What is DNS?

Ever curious about how your internet browser knows how how to get to a particular website? When you browse to a website, for example, http://technet.microsoft.com, the name has to be resolved to its server's numerical IP address, 207.46.172.248, because

About Windows Server Core 2008

How to Install Windows Server 2008

There are two options to install Windows Server 2008:

1. Graphical installation
2. Core installation

Windows Server 2008 functionality is based on server roles and features. Server Manager gives you the ability to add and

Identity and Access Solutions with Windows Server 2008: Useful Links

TechNet: Infrastructure Optimization

Active Directory Lightweight Directory Service

Active Directory Certificate Services

Active Directory Domain Services Documentation

Helpful links documenting how to configure and troubleshoot Windows Server Active Directory:

Identity and Access Management

Logon and Authentication Technologies

Authorization and Access Control Technologies

What is the Active Directory Schema?

Windows Server 2008

Microsoft Management Console 3.0