Information Technology Reference
In-Depth Information
IP address. When computers use DHCP for IP configuration, DHCP can create PTR records
automatically when the computer's IP address changes. Otherwise, PTR records can be
created manually.
Dynamic Updates The final step in creating a new zone is to select whether and how to use
dynamic updates, shown in Figure 9-9. Dynamic updates can be configured in one of three ways:
9
Figure 9-9
Selecting dynamic update options
Allow only secure dynamic updates —Available only for Active Directory-integrated zones,
this option ensures that the host initiating the record creation or update has been authenti-
cated by Active Directory.
Allow both nonsecure and secure dynamic updates —Both authenticated Active Directory
clients and non-Active Directory clients can create and update DNS records. This option
isn't recommended because it allows rogue clients to create DNS records with false infor-
mation. A rogue DNS client can impersonate a server by updating the server's A record
with its own IP address, thereby redirecting client computers to a fraudulent server.
Do not allow dynamic updates —All DNS records must be entered manually. This option
helps secure the environment, but on a network with many hosts that must be accessed by
name, and on networks using DHCP, it's an administrative nightmare. However, this option
does work well for a DNS server that manages names for public resources, such as Web
and mail servers with addresses that are usually assigned statically and don't change often.
Activity 9-4: Creating a Forward Lookup Zone
Time Required : 15 minutes
Objective : Create a forward lookup zone.
Description: Your company has resources your employees must access that aren't part of the
Windows domain. You think the names of these resources should be resolved by the DNS servers
running on domain controllers. You decide to create a new zone that doesn't accept dynamic
updates, so all entries must be created manually.
1. Log on to ServerXX as Administrator and open DNS Manager, if necessary.
2. Click to expand ServerXX in the left pane, if necessary. Right-click Forward Lookup Zones
and click New Zone . Click Next in the welcome window of the New Zone Wizard.
 
Search WWH ::




Custom Search