Windows Active Directory: Difference between revisions

Revision as of 20:29, 19 July 2024

Client Commands

List Applied GPO's

rsop.msc (GUI version)

gpresult /r /scope computer (CLI version)

or save it to an html file with /h:

gpresult /h c:\gpresult.html

Confirm DC is Reachable

net view \\<source DC name>

Domain Controller Admin

Show DC GUID

 repadmin /showreps

Domain Controller Diagnostics

Verify DNS Services for DC

 dcdiag /test:dns

Comprehensive, Run all tests, Verbose

 dcdiag /c /v

Force registration of all DC-specific DNS records

 nltest.exe /dsregdns

Linux BIND DNS Servers with Dynamic Updates

ACL

 acl "DOMAIN-CONTROLLERS" {
     10.144.30.101;  // DC1-dave
     10.144.35.2;    // DC2-dave
     10.150.30.5;    // DC-jim
 };

Zone Delcarations

Master Config

 zone "_msdcs.lambnet.us" IN {
     type master;
     file "dynamic/_msdcs.lambnet.us";
     allow-update { DOMAIN-CONTROLLERS; };
 };
 
 zone "_sites.lambnet.us" IN {
     type master;
     file "dynamic/_sites.lambnet.us";
     allow-update { DOMAIN-CONTROLLERS; };
 };
 
 zone "_tcp.lambnet.us" IN {
     type master;
     file "dynamic/_tcp.lambnet.us";
     allow-update { DOMAIN-CONTROLLERS; };
 };
 
 zone "_udp.lambnet.us" IN {
     type master;
     file "dynamic/_udp.lambnet.us";
     allow-update { DOMAIN-CONTROLLERS; };
 };

Slave Config

 zone "_msdcs.lambnet.us" IN {
     type slave;
     masters { 10.144.30.4; };
     file "dynamic/_msdcs.lambnet.us";
     allow-update-forwarding { DOMAIN-CONTROLLERS; };
 };
 
 zone "_sites.lambnet.us" IN {
     type slave;
     masters { 10.144.30.4; };
     file "dynamic/_sites.lambnet.us";
     allow-update-forwarding { DOMAIN-CONTROLLERS; };
 };
 
 zone "_tcp.lambnet.us" IN {
     type slave;
     masters { 10.144.30.4; };
     file "dynamic/_tcp.lambnet.us";
     allow-update-forwarding { DOMAIN-CONTROLLERS; };
 };
 
 zone "_udp.lambnet.us" IN {
     type slave;
     masters { 10.144.30.4; };
     file "dynamic/_udp.lambnet.us";
     allow-update-forwarding { DOMAIN-CONTROLLERS; };
 };

Logging

 channel update-log {
     file "/var/log/named/named.update" versions 5 size 5m;
     severity info;
     print-category yes;
     print-severity yes;
     print-time yes;
 };
 
 category update       { update-log; };

@@ Line 37: / Line 37: @@
 ==Linux BIND DNS Servers with Dynamic Updates==
-===Master Config===
+===ACL===
+  acl "DOMAIN-CONTROLLERS" {
+.144.30.101;  // DC1-dave
+.144.35.2;    // DC2-dave
+.150.30.5;    // DC-jim
+  };
+===Zone Delcarations===
+====Master Config====
    zone "_msdcs.lambnet.us" IN {
@@ Line 63: / Line 73: @@
    };
-===Slave Config===
+====Slave Config====
-====Zone Declarations====
    zone "_msdcs.lambnet.us" IN {