FlatPress My FlatPress blog FlatPress Admin 2020 2020-05-25T08:37:29+00:00 Admin ~/ DNSSEC Requirements concerning IPAM ~/?x=entry:entry200318-144607 2020-03-18T14:46:07+00:00 2020-03-18T14:46:07+00:00

The IPAM system, which is used to manage DNS should support the following capabilities with regards to DNSSEC:
# Hosting of DNSSEC-enabled Zones
_- incl. [Mehr lesen…]

Migrate Active Directory DNS (in a Nutshell) ~/?x=entry:entry200101-111213 2020-01-01T11:12:13+00:00 2020-01-01T11:12:13+00:00

Disable AD Replication (per Domain Controller)

C:> repadmin /options <DC-NAME> +DISABLE_OUTBOUND_REPL
C:> repadmin /options <DC-NAME> +DISABLE_INBOUND_REPL

Backup AD DNS Zones

PowerShell:
PS C:> Export-DnsServerZone -Name "<zone-name>" -FileName "<file-name>"
PS C:> Export-DnsServerZone -Name "example.com" -FileName "db.example.com"

CMD:
C:> dnscmd /zoneexport <zone-name> <file-name>
C:> dnscmd /zoneexport example.com db.example.com

Sure, there are scripts to automate this.

Configure Global Forwarding for Microsoft DNS
# delete all authoritative Zones
# allow Recursion
# enable “query logging” in MS DNS (C:/Windows/System32/dns/<hostname>.log)
# test Caching-Only Configuration of MS DNS
# change TCP/IP Stack of Domain Controller (new DNS Server’s IP)

Restart netlogon Service
# registers AD records in new DNS (“underscore” stuff)
_> _msdcs.example.com
_> _sites.example.com
_> _tcp.example.com
_> _udp.example.com
_> ForestDnsZones.example.com
_> DomainDnsZones.example.com

C:> net stop netlogon
C:> net start netlogon

Register Domain Controller’s Host Record in new DNS

C:> ipconfig /registerdns

Enable AD Replication (per Domain Controller)

C:> repadmin /options <DC-NAME> -DISABLE_OUTBOUND_REPL
C:> repadmin /options <DC-NAME> -DISABLE_INBOUND_REPL

Need Assistance?
We’re happy to help you: Migration

Protecting your Domain Names ~/?x=entry:entry191119-141542 2019-11-19T14:15:42+00:00 2019-11-19T14:15:42+00:00

* Review Access to Domain Name Registrars
* Review DNS Roles and Responsibilities
* Employee Transitions
* Update all Registration Information
* Use Roles for Domain Registration Information
* Don’t Use Personal Email Addresses
* Protect against Phishing Attacks
* Credential Updates
* Two-Factor Authentication (2FA) for Registrar Accounts
* Understand Registrar Security Policies, Tools, and Processes
* Review the Privacy Registration Options
* Review and Maintain Records in your Zone
* DNS Zone File Revision Control
* Is your Domain Locked at the Registrar?

Source: https://blogs.akamai.com/2019/02/protecting-your-domain-names-taking-the-first-steps.html

Reasons for long or short TTLs ~/?x=entry:entry191112-175312 2019-11-12T17:53:12+00:00 2019-11-12T17:53:12+00:00

There are many reasons why network operators choose long or short TTLs

Longer caching results in faster responses: a longer TTL enables caching for longer periods, and cache hits are far faster than retrieving answers from authoritative servers, as the .uy experience illustrates. [Mehr lesen…]

Digitization in Facility Management ~/?x=entry:entry190630-130725 2019-06-30T13:07:25+00:00 2019-06-30T13:07:25+00:00

When it comes to facility management, it means managing buildings, maintaining technical facilities and repair equipment. [Mehr lesen…]