DNSSEC Client Install
**In this Video we will: **
- We will demonstrate a step-by-step hands-on Windows DNS Security (DNSSEC) client installation.
- We will define technical terms you will need as we progress through the installation.
- At the completion of this lecture you will gain valuable-work related knowledge and experience by utilizing and implementing the steps given in this lecture.
**Prerequisites: You must have access to or have installed in your lab the following: **
- One Windows 2016 Server with Active Directory installed and promoted to a domain controller (DNS installs automatically).
- Or a VM with the identical configuration.
- Some experience with Active Directory Group Policy Management Console would be helpful.
- Don’t forget to download the supplemental information that I have supplied with this lecture.
**Adequate permissions will be needed **
- To configure a DNS server that is running on a domain controller, you must be a member of the DNS Administrators, Domain Administrators, or Enterprise Administrators group.
**Windows DNSSEC Client Installation **
Windows client computers normally don’t try to validate DNS data, they must be told to validate the data. The best way to integrate DNSSEC into your clients is by using group policy.
**Here is an overview of this lecture: **
- We will create an OU called Protected Clients.
- Create a Group Policy Object called NRPT, which means, (Name Resolution
Policy Table)
This policy will state that any computer that is part of this OU must use DNS security validation.
-
Configure the NRPT policy to define what part of the DNS environment this policy will affect.
-
**Create an OU called Protected Clients **
Open server management, tools, Group Policy Management.
Double click Domains, in this case I highlight DNS.COM. Right click on DNS.COM, New Organizational Unit, type Protected Clients, click OK.
![](https://z…
No comments yet. Add the first comment to start the discussion.