In past Inside Out columns, I've shown you how to use simple batch files to set up just-installed systems as domain controllers (DCs) and to create disaster-recovery tools. I've also shown you how to use Netsh to configure and fine-tune your IP stack—the first step toward making a Windows Server 2003 or Windows 2000 server ready to ascend to DC status. What an Active Directory (AD) setup needs next is a dynamic DNS (DDNS) infrastructure.
In my ongoing example, I'm creating a single-domain forest called bigfirm.biz that contains two DCs: UptownDC.bigfirm.biz at 192.168.0.2 and DowntownDC.bigfirm.biz at 10.0.0.2. The 192 and 10 subnets both use a 255.255.255.0 subnet mask, and I intend for each machine to be both a DC and a DNS server. Both systems boast freshly installed copies of Windows 2003 or Win2K Server, as well as Microsoft's DNS server software, which ships with both OSs. Each system's IP stack is already set up through the earlier columns' batch files, and each system's DNS suffix is set to bigfirm.biz. The goal of my latest batch file is to set up DNS on each system. UptownDC will be the primary DNS server for bigfirm.biz and for a 192.168.0.x reverse-lookup zone, and it will be the secondary DNS server for a 10.0.0.x reverse-lookup zone. DowntownDC will be a secondary DNS server for bigfirm.biz and for the 192.168.0.x reverse-lookup zone, and it will be the primary DNS server for the 10.0.0.x reverse-lookup zone.
My primary tool for command-line DNS configuration is Dnscmd, which is in the Windows 2003 Support Tools folder and the Microsoft Windows 2000 Resource Kit. I need to install this tool on both UptownDC and DowntownDC. Dnscmd is powerful but has a fairly convoluted syntax, so I hope you find the examples in these batch files useful.
First, to create the bigfirm.biz zone, use the command
dnscmd localhost /zoneadd
bigfirm.biz /primary
/file bigfirm.biz.dns
The localhost parameter tells Dnscmd the DNS server on which to perform the command. I'm running this batch file directly on UptownDC, so localhost suffices. However, the tool's remote capability means that I could simply install Dnscmd on a Windows XP box and run the batch file to set up UptownDC and DowntownDC—assuming I had connectivity to them and had established the proper credentials. The /zoneadd parameter creates a new zone on localhost; in this case, the name of the zone is bigfirm.biz. The /primary parameter makes the zone a primary zone. The purpose of the /file bigfirm.biz.dns parameter will be clear to anyone who has ever used the wizard to set up a DNS zone. Microsoft DNS needs a file in which to store the zone's information. Bigfirm.biz.dns will reside in \windows\system32\dns\bigfirm.biz (in Windows 2003) or \winnt\system32\dns\bigfirm.biz (in Win2K).
As an alternative to the /primary parameter, you can use the /secondary parameter to create a secondary DNS zone or the /DsPrimary parameter to create AD-integrated zones. If you're wondering why I'm not creating an AD-integrated zone, remember that I don't have AD running yet. I'll be able to shift from primary to AD-integrated later by using the command
dnscmd localhost /zoneresettype /DsPrimary
The Dnscmd /zoneadd command almost completes the zone's initial setup, but you have one more task ahead of you: enabling dynamic updates. To perform that task, you use the command
dnscmd localhost /config bigfirm.biz /AllowUpdate 1
Next, I want to tell the bigfirm.biz zone that it will have two DNS servers—Name Servers (NSs), in DNS parlance—called UptownDC and DowntownDC. Microsoft DNS automatically installs an NS record for the server you use as a zone's primary DNS server, so UptownDC is covered, but I need to add the NS record for DowntownDC. To do so, I'd typically insert an NS record into the zone, as follows:
@ ns downtowndc.bigfirm.biz
In this record, the at symbol (@) means that this record refers to the current zone, ns specifies that you're adding an NS to that zone, and downtowndc.bigfirm.biz is that NS's name. However, telling the bigfirm.biz zone that I've got an NS called downtowndc.bigfirm.biz doesn't complete the task. The DNS server hosting the zone also needs DowntownDC's IP address. So I'd also include a host record to tell the zone that downtowndc.bigfirm.biz has an IP address of 10.0.0.2:
downtowndc A 10.0.0.2
Alternatively, you can use the Dnscmd /recordadd command to tell the batch file to insert the NS and host records:
dnscmd localhost /recordadd bigfirm.biz
@ NS downtowndc.bigfirm.biz
dnscmd localhost /recordadd bigfirm.biz
downtowndc A 10.0.0.2
As before, the command starts by naming the host (in this example, localhost) on which to perform the operation. Then, the /recordadd option needs the name of the zone to which to add the record, followed by the particular record to add.
Previous
Register
