Microsoft Windows Server 2016 is an updated version and a powerful operating system capable of many different, highly customizable roles and functions. However, to prevent overloading the hardware and severely degrading the performance of the hardware, Windows Server 2016 continues to provide a modular approach to tasks and roles in a server administrative environment through the Add Roles and Features.
In addition to the current powerful capabilities offered by Windows Server 2012’s DNS role, Windows Server 2016 includes updated and improved features. To name a few:
- GP settings for NRPT allows the DNS Client to no longer bind to a specific interface
- DNS policies added
- RRP/Response Rate Limiting added
- DNS Based authentication of Named Entities (DANE)
- Unknown Record support
- IPv6 Root Hints
- Windows Powershell support Improved
To setup and configure DNS, you’ll need to install the DNS Server Role on Windows Server 2016. This article will guide you through the DNS installation and configuration process in Windows Server 2016. Please note that you’ll need to be logged into your Windows server, by our VNC feature, or through Remote Desktop Connection. When you’re ready to proceed, please refer to the following steps.
How To Get The DNS Server Role Installed On Windows Server 2016
1. Open the Server Manager window and proceed to Local Server
2. Click Manage and “Add Roles and Features”
3. Once the Add Roles and Features Wizard window appears, take the time to read the information in the “Before you begin” section, before clicking next
4. If you are using Role-based or Feature-based installation, select the radio button next to it
5. Select the server you wish to use for this role. Typically for a DNS-Only setup, its the same one as the machine you’re looking at this on. However, the option to remotely install the role is available
6. Select the DNS Server role.
7. A window then asks you to confirm the dependencies (usually just the Administration Tools required for the DNS role) to also be installed. Click Add Features, as this is usually required
8. The check box should be marked in a black check icon. (The black box in this window typically means that not all features are installed in this tree. Usually this is by default a thing for File and Storage Services). Then click Next to move forward
9. In the features window you can install additional features which are often not needed for a DNS-only configuration, however, do not hesitate to take a look at them and keep them in mind if you find a absolute need for them later
10. In the next window, it gives you a brief description of the services and its functions, indicating things that may be affected by this role or requires this role to be installed
11. The final confirmation of the installation. It presents the option to restart the destination server (recommended for bulk installations) and returns you to the server manager window
Running/Configuring DNS Role
1. Select the DNS option on the sidebar of the Server Manager
2. Select the server you wish to manage, right click it, and click DNS Manager (Alternate method, Click the Start Menu, select Administrative Tools, and click DNS)
3. Click Action
4. Click Configure a DNS Server…
5. A prompt will appear, welcoming you to the Configure a DNS Server wizards, click Next.
6. Select one of the 3 options you wish to use that may suit your needs.
Forward Lookup Zone
1. Once either option is selected, it will move forward requesting the zone name. Enter in the zone name.
2. If the ISP Maintained DNS option is selected, it will request the information for the ISP DNS. If the Server maintains the zone, it will ask for a zone name. Any name can work.
3. After clicking next on server maintains the zone, it will then ask if you want to create a new file, or use an existing file, input the information or file you wish to use and then click next
4. Next, It will present you 3 options, 2 if Active Directory is not installed. Heed any warnings it presents, select the option you wish to use, and click next.
5. On this section, it will ask you if it should forward queries to DNS servers with a specific IP, or if it shouldn’t. Select the option you wish to use, input any needed information, and click next.
6. Finally, confirm the details with you, and “Finish” will complete the process.
Forward and Reverse Lookup Zone
This option uses a similar process for the first half (Forward Lookup Zone), with a difference being the option of Primary, Secondary, and Stub Zones. The options provide a description of the options for each, and proceeds to the Reverse Lookup Zone half.
1. Select if you want to create a reverse lookup zone now.
2. Click next. If you selected to create one now, it will proceed into a similar screen to the Forward Lookup zone, choosing whichever option is desired. However if you opt to not choose to set a Reverse Lookup zone, it will end the process.
3. The Reverse Lookup Zone uses a similar process to the Forward Lookup Zone but requires rDNS information
Advanced View displays Reverse Lookup Zones for 0, 127.0.0.1, and 255 broadcast. It additionally displays the Cached Lookups. Only enable Advanced View if the need dictates it, as editing these can cause problems.
Trust Points need to be set for public cryptographic key signed zones. Also known as a Trust Anchor and must be configured on a non-authoritative DNS server.
Conditional Forwarders Allow the user to resolve names to a private namespace or speed up the resolution to a public namespace. It functions similarly to a bridged connection between two internal sites for communication.
If you clicked Root Hint, it will send you to the end and complete the task. If you select the Forward or Forward and Reverse lookup Zone options, it will proceed forward.