|
|
| (One intermediate revision by the same user not shown) |
| Line 1: |
Line 1: |
| {| style="float:right;border:1px solid black"
| |
| | <strong> Setup Details </strong>
| |
| |-
| |
| |
| |
| <pre>
| |
| Details
| |
| Platform: Ubuntu 20.04 LTS
| |
| Domain: corp.zeta.tech
| |
| Realm: CORP
| |
| DNS: Forward only DNS
| |
| Server Locations
| |
| -Bengaluru:
| |
| - Diamond District: Microsoft DNS
| |
| - 172.16.64.51
| |
| - 172.16.64.52
| |
| - AMR Tech Park: Bind 9
| |
| - 172.25.20.28
| |
| - Harman Office:
| |
| -Mumbai:
| |
| - Plex: Microsoft DNS
| |
| - 172.16.64.51
| |
| - 172.16.64.52
| |
| -Hyderabad:
| |
| - My Home Twitza: Bind 9
| |
| - 172.25.65.22
| |
| - 172.25.65.23
| |
| -------------------------
| |
| User Details
| |
| admin user: itadmin
| |
| Pwd: qwedsa@123
| |
| -------
| |
| admin user: itadmin
| |
| password: qwedsa@123
| |
| </pre>
| |
| |}
| |
| =Pre-requisites=
| |
| The default DNS for the Zeta domain - corp.zeta.tech is the built-in DNS that Samba provides while provisioning the domain controller. There are limitations with respect to the built-in DNS as it does not provide for configuring forward zones and reverse zones for resources not part of Active Directory. Hence forward only DNS server is setup using bind9. Along with '''bind9, webmin will also''' be installed to configure, maintain and manage the DNS services through an easy-to-use browser interface. Following are the pre-requisites
| |
|
| |
|
| * Ubuntu server 20.04 LTS, fully patched
| |
| * User account with sudo access
| |
| * Internet Access
| |
|
| |
| =Bind 9 and webmin installation=
| |
| ==Install bind9==
| |
| * For installing bind9: ssh into the dns server using the credentials and run the following commands
| |
| <pre>
| |
| $ sudo apt update && sudo apt upgrade -y
| |
| $ sudo bind9 bind9utils bind9-doc dnsutils
| |
| </pre>
| |
| * Check if the service started
| |
| <pre>
| |
| $ sudo systemctl status bind9.service
| |
| </pre>
| |
| * After installing the bind9 server, there are three main files that need to be modified
| |
| ** /etc/bind/named.conf.options
| |
| ** /etc/bind/named.conf.local
| |
| ** /etc/resolv.conf
| |
| * Make changes to /etc/bind/named.conf.options. Make a copy of the original file by renaming the original file as something else as a backup in case there are any issues with the configurations
| |
| <pre>
| |
| $ sudo cp -prav /etc/bind/named.conf.options /etc/bind/named.conf.options_ORG
| |
| </pre>
| |
| * Open /etc/bind/named.conf.options in an editor and make following changes
| |
| <pre>
| |
| directory "/var/cache/bind";
| |
| recursion yes;
| |
| allow-query { any; };
| |
| forwarders {
| |
| 8.8.8.8;
| |
| 8.8.4.4;
| |
| };
| |
| forward only;
| |
| </pre>
| |
| *Save the file and restart the bind9 service
| |
| <pre>
| |
| $ sudo systemctl restart bind9.service
| |
| </pre>
| |
| * Make changes to /etc/bind/named.conf.local. Make a copy of the original file by renaming the original file as something else as a backup in case there are any issues with the configurations
| |
| <pre>
| |
| $ sudo cp -prav /etc/bind/named.conf.local /etc/bind/named.conf.local_ORG
| |
| </pre>
| |
| * Open the /etc/bind/named.conf.local in an editor and add the following details
| |
| <pre>
| |
| zone "internal.zeta.in" {
| |
| type forward;
| |
| forward first;
| |
| forwarders { 172.16.64.51; 172.16.64.52; };
| |
| };
| |
|
| |
| zone "internal.directi.com" {
| |
| type forward;
| |
| forward first;
| |
| forwarders { 172.16.140.34; 172.16.140.33; };
| |
| };
| |
|
| |
| zone "corp.zeta.tech" {
| |
| type forward;
| |
| forward first;
| |
| forwarders { 172.16.64.58; 172.16.64.59; };
| |
| };
| |
|
| |
| zone "ciat.supporthub.tech" {
| |
| type forward;
| |
| forward first;
| |
| forwarders { 172.16.64.58; 172.16.64.59; };
| |
| };
| |
|
| |
| zone "kavp.zeta.in" {
| |
| type forward;
| |
| forward first;
| |
| forwarders { 172.16.64.51; 172.16.64.52; };
| |
| };
| |
|
| |
| zone "h-nova.internal.nova.tech" {
| |
| type forward;
| |
| forward first;
| |
| forwarders { 172.16.64.51; 172.16.64.52; };
| |
| };
| |
|
| |
| zone "connect.zeta.tech" {
| |
| type forward;
| |
| forward first;
| |
| forwarders { 172.16.64.58; 172.16.64.59; };
| |
| };
| |
| </pre>
| |
| * Save the above file and make change to /etc/resolv.conf by opening the file in an editor
| |
| <pre>
| |
| search <domainname>
| |
| nameserver <serverip>
| |
| </pre>
| |
| *Save the file and do a configuration test and restart the bind9 server
| |
| <pre>
| |
| $ sudo named-checkconf /etc/bind/named.conf.local
| |
| $ sudo systemctl restart bind9
| |
| </pre>
| |
|
| |
| Bind 9 server is now installed and configured.
| |
|
| |
| ==Webmin Installation==
| |
| Webmin is a web-based interface for system administration for Unix. Using any modern web browser, you can setup user accounts, Apache, DNS, file sharing and much more. Webmin removes the need to manually edit Unix configuration files like /etc/passwd, and lets you manage a system from the console or remotely. Latest webmin will be installed by using the webmin repositories
| |
|
| |
| '''Adding repository'''<br>
| |
|
| |
| Make a copy of the original sources.list file and then add the webmin repository -
| |
| <pre>
| |
| $ sudo cp -prav /etc/apt/sources.list /etc/apt/sources.list_ORG
| |
| </pre>
| |
|
| |
| Add the webmin repository by opening /etc/apt/sources.list file in an editor and adding the below line at the end of the file
| |
| <pre>
| |
| deb http://download.webmin.com/download/repository sarge contrib
| |
| </pre>
| |
| Update and add the signing key
| |
| <pre>
| |
| $ sudo apt update
| |
| $ sudo wget -q -O- http://www.webmin.com/jcameron-key.asc | sudo apt-key add
| |
| </pre>
| |
| '''Install webmin'''
| |
| <pre>
| |
| $ sudo apt install webmin
| |
| </pre>
| |
| '''Start using Webmin'''
| |
| * By default webmin gets installed listening to port 10000
| |
| * Open a browser and browse https://<ip-address>:10000
| |
|
| |
| Webmin is now installed
| |
| =DNS Servers in other locations=
| |
| * There is no diference in the configuration files of the DNS server in other locations. Whenever a new DNS server needs to set up, copy named.conf and named.conf.local files to the new server in the same location and make changes to the /etc/resolv.conf file
| |
| * The DNS server in the new location will be ready
| |
| =References=
| |
| * https://www.linuxtechi.com/install-configure-bind-9-dns-server-ubuntu-debian/
| |
| * https://www.talk-about-it.ca/setup-bind9-with-isc-dhcp-server-dynamic-host-registration/#required-software--prep-work
| |
|
| |
| [[Category:How Tos]]
| |