Discussion:
DCDIAG DNS Failure
(too old to reply)
dlove106
2006-08-04 05:03:01 UTC
Permalink
I suspect that DNS issues are causing me to have email messages arrive hours
or even a day late. It does not happen all the time, but does I have
confirmed the problem. I ran dcdiag /test:dns and received the output below.
I am able to successfully query other domains, and everything appears to be
functioning fine. I'm not sure why the test is failing or what caused it.
Without the sometimes slow mail delivery, I would not even know there was a
problem. Any help in troubleshooting the problem would be greatly
appreciated.

DNS is running on a DC in the Parent container; Exchange 2003 server is
located in child domain.

Thanks.

Domain Controller Diagnosis

Performing initial setup:
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\SDSERVER
Starting test: Connectivity
......................... SDSERVER passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\SDSERVER

DNS Tests are running and not hung. Please wait a few minutes...

Running partition tests on : SDSR

Running partition tests on : Schema

Running partition tests on : Configuration

Running enterprise tests on : Shiprepair.com
Starting test: DNS
Test results for domain controllers:

DC: sdserver.SDSR.Shiprepair.com
Domain: SDSR.Shiprepair.com


TEST: Basic (Basc)
Warning: adapter [00000005] HP NC7760 Gigabit Server
Adapter has invalid DNS server: 172.20.100.10 (<name unavailable>)
Error: all DNS servers are invalid

TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the
network adapters

Summary of test results for DNS servers used by the above domain
controllers:

DNS server: 172.20.100.10 (<name unavailable>)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 172.20.100.10

Summary of DNS test results:

Auth Basc Forw Del Dyn RReg
Ext

________________________________________________________________
Domain: SDSR.Shiprepair.com
sdserver PASS FAIL n/a n/a n/a FAIL
n/a

......................... Shiprepair.com failed test DNS
--
DLove
randy benson
2006-08-04 06:59:24 UTC
Permalink
... and the others should point to it as primary, too.
Post by dlove106
I suspect that DNS issues are causing me to have email messages arrive hours
or even a day late. It does not happen all the time, but does I have
confirmed the problem. I ran dcdiag /test:dns and received the output below.
I am able to successfully query other domains, and everything appears to be
functioning fine. I'm not sure why the test is failing or what caused it.
Without the sometimes slow mail delivery, I would not even know there was a
problem. Any help in troubleshooting the problem would be greatly
appreciated.
DNS is running on a DC in the Parent container; Exchange 2003 server is
located in child domain.
Thanks.
Domain Controller Diagnosis
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SDSERVER
Starting test: Connectivity
......................... SDSERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SDSERVER
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : SDSR
Running partition tests on : Schema
Running partition tests on : Configuration
Running enterprise tests on : Shiprepair.com
Starting test: DNS
DC: sdserver.SDSR.Shiprepair.com
Domain: SDSR.Shiprepair.com
TEST: Basic (Basc)
Warning: adapter [00000005] HP NC7760 Gigabit Server
Adapter has invalid DNS server: 172.20.100.10 (<name unavailable>)
Error: all DNS servers are invalid
TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the
network adapters
Summary of test results for DNS servers used by the above domain
DNS server: 172.20.100.10 (<name unavailable>)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 172.20.100.10
Auth Basc Forw Del Dyn RReg
Ext
________________________________________________________________
Domain: SDSR.Shiprepair.com
sdserver PASS FAIL n/a n/a n/a FAIL
n/a
......................... Shiprepair.com failed test DNS
--
DLove
randy benson
2006-08-04 07:03:35 UTC
Permalink
Sorry wrong thread. My bad.
Post by randy benson
... and the others should point to it as primary, too.
Post by dlove106
I suspect that DNS issues are causing me to have email messages arrive hours
or even a day late. It does not happen all the time, but does I have
confirmed the problem. I ran dcdiag /test:dns and received the output below.
I am able to successfully query other domains, and everything appears to be
functioning fine. I'm not sure why the test is failing or what caused it.
Without the sometimes slow mail delivery, I would not even know there was a
problem. Any help in troubleshooting the problem would be greatly
appreciated.
DNS is running on a DC in the Parent container; Exchange 2003 server is
located in child domain.
Thanks.
Domain Controller Diagnosis
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SDSERVER
Starting test: Connectivity
......................... SDSERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SDSERVER
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : SDSR
Running partition tests on : Schema
Running partition tests on : Configuration
Running enterprise tests on : Shiprepair.com
Starting test: DNS
DC: sdserver.SDSR.Shiprepair.com
Domain: SDSR.Shiprepair.com
TEST: Basic (Basc)
Warning: adapter [00000005] HP NC7760 Gigabit Server
Adapter has invalid DNS server: 172.20.100.10 (<name unavailable>)
Error: all DNS servers are invalid
TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the
network adapters
Summary of test results for DNS servers used by the above domain
DNS server: 172.20.100.10 (<name unavailable>)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 172.20.100.10
Auth Basc Forw Del Dyn RReg
Ext
________________________________________________________________
Domain: SDSR.Shiprepair.com
sdserver PASS FAIL n/a n/a n/a FAIL
n/a
......................... Shiprepair.com failed test DNS
--
DLove
Jorge Silva
2006-08-04 16:48:21 UTC
Permalink
Hi

Can you describe a little more about network config:

-Did you monitored the exchange (Memory,CPU,DISK,SMTP Queues,virtual
memory,etc)?
-Exchange configuration (NIC Properties).
-Existent DNS servers and its configuration.
-How the mail is being delivered to Exchange.
-DNS structure.
-Etc.
--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
I suspect that DNS issues are causing me to have email messages arrive hours
or even a day late. It does not happen all the time, but does I have
confirmed the problem. I ran dcdiag /test:dns and received the output below.
I am able to successfully query other domains, and everything appears to be
functioning fine. I'm not sure why the test is failing or what caused it.
Without the sometimes slow mail delivery, I would not even know there was a
problem. Any help in troubleshooting the problem would be greatly
appreciated.
DNS is running on a DC in the Parent container; Exchange 2003 server is
located in child domain.
Thanks.
Domain Controller Diagnosis
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SDSERVER
Starting test: Connectivity
......................... SDSERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SDSERVER
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : SDSR
Running partition tests on : Schema
Running partition tests on : Configuration
Running enterprise tests on : Shiprepair.com
Starting test: DNS
DC: sdserver.SDSR.Shiprepair.com
Domain: SDSR.Shiprepair.com
TEST: Basic (Basc)
Warning: adapter [00000005] HP NC7760 Gigabit Server
Adapter has invalid DNS server: 172.20.100.10 (<name unavailable>)
Error: all DNS servers are invalid
TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the
network adapters
Summary of test results for DNS servers used by the above domain
DNS server: 172.20.100.10 (<name unavailable>)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 172.20.100.10
Auth Basc Forw Del Dyn RReg
Ext
________________________________________________________________
Domain: SDSR.Shiprepair.com
sdserver PASS FAIL n/a n/a n/a FAIL
n/a
......................... Shiprepair.com failed test DNS
--
DLove
dlove106
2006-08-04 18:49:02 UTC
Permalink
1 AD domain - Parent DC is located in Shiprepair, which is also the sole DNS
server, which has forwarders to our ISP. Child DC has has all member servers
including 2003 exchange. Exchange points to parent dc as preferred dns
server (no alternate). Exchange 2003 is co-existing with Exchange5.5, with
2003 handling both inbound and outbound traffic. Presently, 95% of the
mailboxes still reside in 5.5, which is located in a NT4 domain.

We actually have 2 email addresses, 1 from corporate with DNS handled by
them (Mail working fine), the other handled locally by me (does not route
thru corporate). Incoming mail is forwarded from 2003 Exchange to 5.5
exchange after going thru spam filter.

The DNS structure has a zone configured for the parent domain and a child
zone for the child domain, with the appropriate host, NS, and SOA's in the
parent and host records in the child. Reverse lookup zones are also
configured.

I hope this help. If you need more specifics let me know.

Thanks for the help.
--
DLove
Post by Jorge Silva
Hi
-Did you monitored the exchange (Memory,CPU,DISK,SMTP Queues,virtual
memory,etc)?
-Exchange configuration (NIC Properties).
-Existent DNS servers and its configuration.
-How the mail is being delivered to Exchange.
-DNS structure.
-Etc.
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
I suspect that DNS issues are causing me to have email messages arrive hours
or even a day late. It does not happen all the time, but does I have
confirmed the problem. I ran dcdiag /test:dns and received the output below.
I am able to successfully query other domains, and everything appears to be
functioning fine. I'm not sure why the test is failing or what caused it.
Without the sometimes slow mail delivery, I would not even know there was a
problem. Any help in troubleshooting the problem would be greatly
appreciated.
DNS is running on a DC in the Parent container; Exchange 2003 server is
located in child domain.
Thanks.
Domain Controller Diagnosis
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SDSERVER
Starting test: Connectivity
......................... SDSERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SDSERVER
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : SDSR
Running partition tests on : Schema
Running partition tests on : Configuration
Running enterprise tests on : Shiprepair.com
Starting test: DNS
DC: sdserver.SDSR.Shiprepair.com
Domain: SDSR.Shiprepair.com
TEST: Basic (Basc)
Warning: adapter [00000005] HP NC7760 Gigabit Server
Adapter has invalid DNS server: 172.20.100.10 (<name unavailable>)
Error: all DNS servers are invalid
TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the
network adapters
Summary of test results for DNS servers used by the above domain
DNS server: 172.20.100.10 (<name unavailable>)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 172.20.100.10
Auth Basc Forw Del Dyn RReg
Ext
________________________________________________________________
Domain: SDSR.Shiprepair.com
sdserver PASS FAIL n/a n/a n/a FAIL
n/a
......................... Shiprepair.com failed test DNS
--
DLove
Jorge Silva
2006-08-05 09:49:26 UTC
Permalink
This sounds more like a Exchange missconfiguration.
to check DNS config:
- Make sure that you configure the Preferred DNS server in TCP/IP properties
on each Domain Controller to use itself as Primary DNS Server (If DC IP
Address is 10.0.0.1 then Dns should be 10.0.0.1).When adding an additional
DC to an existent Domain, do not configure the domain controller to utilize
its own DNS service for name resolution until you have verified that both
inbound and outbound Active Directory replication is functioning and up to
date. During the DCPromo process, you must configure additional domain
controllers to point to another domain controller that is running DNS in
their domain and site, and that hosts the namespace of the domain in which
the new domain controller is installed. More Info here:

Best practices for DNS client settings in Windows 2000 Server and in Windows
Server 2003

http://support.microsoft.com/kb/825036/en-us

- Make sure that every DNS server can resolve all existent domains in the
forest. (You can use Forwarding, Stub Zones or Secondary Zones).

DNS Conditional Forwarding in Windows Server 2003

http://www.windowsnetworking.com/articles_tutorials/DNS_Conditional_Forwarding_in_Windows_Server_2003.html

DNS Stub Zones in Windows Server 2003

http://www.windowsnetworking.com/articles_tutorials/DNS_Stub_Zones.html

How To Create a Child Domain in Active Directory and Delegate the DNS
Namespace to the Child Domain

http://support.microsoft.com/kb/255248/

- Make sure that all clients only use their local(s) Dns Server. Note That
DNS client does not utilize each of the DNS servers listed in TCP/IP
configuration for each query. By default, on startup the DNS client will
attempt to utilize the server in the Preferred DNS server entry. If this
server fails to respond for any reason, the DNS client will switch to the
server listed in the alternate DNS server entry. The DNS client will
continue to use this alternate DNS server until: fails to respond to a DNS
query, or The ServerPriorityTimeLimit value is reached (15 minutes by
default). For more information:

How To Install and Configure DNS Server in Windows Server 2003

http://support.microsoft.com/kb/814591/en-us

Best practices for DNS client settings in Windows 2000 Server and in Windows
Server 2003

http://support.microsoft.com/kb/825036/en-us

How to configure DNS for Internet access in Windows Server 2003

http://support.microsoft.com/kb/323380/en-us

How to configure TCP/IP to use DNS in Windows XP

http://support.microsoft.com/default.aspx?scid=kb;en-us;305553
--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
1 AD domain - Parent DC is located in Shiprepair, which is also the sole DNS
server, which has forwarders to our ISP. Child DC has has all member servers
including 2003 exchange. Exchange points to parent dc as preferred dns
server (no alternate). Exchange 2003 is co-existing with Exchange5.5, with
2003 handling both inbound and outbound traffic. Presently, 95% of the
mailboxes still reside in 5.5, which is located in a NT4 domain.
We actually have 2 email addresses, 1 from corporate with DNS handled by
them (Mail working fine), the other handled locally by me (does not route
thru corporate). Incoming mail is forwarded from 2003 Exchange to 5.5
exchange after going thru spam filter.
The DNS structure has a zone configured for the parent domain and a child
zone for the child domain, with the appropriate host, NS, and SOA's in the
parent and host records in the child. Reverse lookup zones are also
configured.
I hope this help. If you need more specifics let me know.
Thanks for the help.
--
DLove
Post by Jorge Silva
Hi
-Did you monitored the exchange (Memory,CPU,DISK,SMTP Queues,virtual
memory,etc)?
-Exchange configuration (NIC Properties).
-Existent DNS servers and its configuration.
-How the mail is being delivered to Exchange.
-DNS structure.
-Etc.
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
I suspect that DNS issues are causing me to have email messages arrive hours
or even a day late. It does not happen all the time, but does I have
confirmed the problem. I ran dcdiag /test:dns and received the output below.
I am able to successfully query other domains, and everything appears
to
be
functioning fine. I'm not sure why the test is failing or what caused it.
Without the sometimes slow mail delivery, I would not even know there
was
a
problem. Any help in troubleshooting the problem would be greatly
appreciated.
DNS is running on a DC in the Parent container; Exchange 2003 server is
located in child domain.
Thanks.
Domain Controller Diagnosis
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SDSERVER
Starting test: Connectivity
......................... SDSERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SDSERVER
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : SDSR
Running partition tests on : Schema
Running partition tests on : Configuration
Running enterprise tests on : Shiprepair.com
Starting test: DNS
DC: sdserver.SDSR.Shiprepair.com
Domain: SDSR.Shiprepair.com
TEST: Basic (Basc)
Warning: adapter [00000005] HP NC7760 Gigabit Server
Adapter has invalid DNS server: 172.20.100.10 (<name unavailable>)
Error: all DNS servers are invalid
TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the
network adapters
Summary of test results for DNS servers used by the above domain
DNS server: 172.20.100.10 (<name unavailable>)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 172.20.100.10
Auth Basc Forw Del Dyn RReg
Ext
________________________________________________________________
Domain: SDSR.Shiprepair.com
sdserver PASS FAIL n/a n/a n/a FAIL
n/a
......................... Shiprepair.com failed test DNS
--
DLove
dlove106
2006-08-07 15:39:02 UTC
Permalink
Jorge,

I have looked at most of the articles you sited and I have configured DNS
accordingly sometime ago. My clients are pointing to my internal DNS server
only. The DNS server lists only itself as the preferred server with no
alternate. I am not certain about the reverse lookup zone setup as I have 3
entries that seem to refer to the loopback address. I'm not sure which one
is the correct one. They list as follows:

0.0.127.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)

0.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)

127.in-addr.arpa (Has NS & SOA records pointing the lone DNS server) This
one also has a child entry as follows:
0 (Yellow folder with 1 record listed below)
0 (NS record)

I hope this sheds a little more light on what I am seeing and can help in
how to proceed.

Thanks.
--
DLove
Post by Jorge Silva
This sounds more like a Exchange missconfiguration.
- Make sure that you configure the Preferred DNS server in TCP/IP properties
on each Domain Controller to use itself as Primary DNS Server (If DC IP
Address is 10.0.0.1 then Dns should be 10.0.0.1).When adding an additional
DC to an existent Domain, do not configure the domain controller to utilize
its own DNS service for name resolution until you have verified that both
inbound and outbound Active Directory replication is functioning and up to
date. During the DCPromo process, you must configure additional domain
controllers to point to another domain controller that is running DNS in
their domain and site, and that hosts the namespace of the domain in which
Best practices for DNS client settings in Windows 2000 Server and in Windows
Server 2003
http://support.microsoft.com/kb/825036/en-us
- Make sure that every DNS server can resolve all existent domains in the
forest. (You can use Forwarding, Stub Zones or Secondary Zones).
DNS Conditional Forwarding in Windows Server 2003
http://www.windowsnetworking.com/articles_tutorials/DNS_Conditional_Forwarding_in_Windows_Server_2003.html
DNS Stub Zones in Windows Server 2003
http://www.windowsnetworking.com/articles_tutorials/DNS_Stub_Zones.html
How To Create a Child Domain in Active Directory and Delegate the DNS
Namespace to the Child Domain
http://support.microsoft.com/kb/255248/
- Make sure that all clients only use their local(s) Dns Server. Note That
DNS client does not utilize each of the DNS servers listed in TCP/IP
configuration for each query. By default, on startup the DNS client will
attempt to utilize the server in the Preferred DNS server entry. If this
server fails to respond for any reason, the DNS client will switch to the
server listed in the alternate DNS server entry. The DNS client will
continue to use this alternate DNS server until: fails to respond to a DNS
query, or The ServerPriorityTimeLimit value is reached (15 minutes by
How To Install and Configure DNS Server in Windows Server 2003
http://support.microsoft.com/kb/814591/en-us
Best practices for DNS client settings in Windows 2000 Server and in Windows
Server 2003
http://support.microsoft.com/kb/825036/en-us
How to configure DNS for Internet access in Windows Server 2003
http://support.microsoft.com/kb/323380/en-us
How to configure TCP/IP to use DNS in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;305553
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
1 AD domain - Parent DC is located in Shiprepair, which is also the sole DNS
server, which has forwarders to our ISP. Child DC has has all member servers
including 2003 exchange. Exchange points to parent dc as preferred dns
server (no alternate). Exchange 2003 is co-existing with Exchange5.5, with
2003 handling both inbound and outbound traffic. Presently, 95% of the
mailboxes still reside in 5.5, which is located in a NT4 domain.
We actually have 2 email addresses, 1 from corporate with DNS handled by
them (Mail working fine), the other handled locally by me (does not route
thru corporate). Incoming mail is forwarded from 2003 Exchange to 5.5
exchange after going thru spam filter.
The DNS structure has a zone configured for the parent domain and a child
zone for the child domain, with the appropriate host, NS, and SOA's in the
parent and host records in the child. Reverse lookup zones are also
configured.
I hope this help. If you need more specifics let me know.
Thanks for the help.
--
DLove
Post by Jorge Silva
Hi
-Did you monitored the exchange (Memory,CPU,DISK,SMTP Queues,virtual
memory,etc)?
-Exchange configuration (NIC Properties).
-Existent DNS servers and its configuration.
-How the mail is being delivered to Exchange.
-DNS structure.
-Etc.
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
I suspect that DNS issues are causing me to have email messages arrive hours
or even a day late. It does not happen all the time, but does I have
confirmed the problem. I ran dcdiag /test:dns and received the output below.
I am able to successfully query other domains, and everything appears
to
be
functioning fine. I'm not sure why the test is failing or what caused it.
Without the sometimes slow mail delivery, I would not even know there
was
a
problem. Any help in troubleshooting the problem would be greatly
appreciated.
DNS is running on a DC in the Parent container; Exchange 2003 server is
located in child domain.
Thanks.
Domain Controller Diagnosis
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SDSERVER
Starting test: Connectivity
......................... SDSERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SDSERVER
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : SDSR
Running partition tests on : Schema
Running partition tests on : Configuration
Running enterprise tests on : Shiprepair.com
Starting test: DNS
DC: sdserver.SDSR.Shiprepair.com
Domain: SDSR.Shiprepair.com
TEST: Basic (Basc)
Warning: adapter [00000005] HP NC7760 Gigabit Server
Adapter has invalid DNS server: 172.20.100.10 (<name unavailable>)
Error: all DNS servers are invalid
TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the
network adapters
Summary of test results for DNS servers used by the above domain
DNS server: 172.20.100.10 (<name unavailable>)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 172.20.100.10
Auth Basc Forw Del Dyn RReg
Ext
________________________________________________________________
Domain: SDSR.Shiprepair.com
sdserver PASS FAIL n/a n/a n/a FAIL
n/a
......................... Shiprepair.com failed test DNS
--
DLove
Jorge Silva
2006-08-07 22:55:38 UTC
Permalink
Ok, disable the advance view on DNS console, what do you see now?
No zones?
If yes then you can configure one zone, make AD integrated (If the server is
a DC), run ipconfig /registerdns
--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
Jorge,
I have looked at most of the articles you sited and I have configured DNS
accordingly sometime ago. My clients are pointing to my internal DNS server
only. The DNS server lists only itself as the preferred server with no
alternate. I am not certain about the reverse lookup zone setup as I have 3
entries that seem to refer to the loopback address. I'm not sure which one
0.0.127.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)
0.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)
127.in-addr.arpa (Has NS & SOA records pointing the lone DNS server) This
0 (Yellow folder with 1 record listed below)
0 (NS record)
I hope this sheds a little more light on what I am seeing and can help in
how to proceed.
Thanks.
--
DLove
Post by Jorge Silva
This sounds more like a Exchange missconfiguration.
- Make sure that you configure the Preferred DNS server in TCP/IP properties
on each Domain Controller to use itself as Primary DNS Server (If DC IP
Address is 10.0.0.1 then Dns should be 10.0.0.1).When adding an additional
DC to an existent Domain, do not configure the domain controller to utilize
its own DNS service for name resolution until you have verified that both
inbound and outbound Active Directory replication is functioning and up to
date. During the DCPromo process, you must configure additional domain
controllers to point to another domain controller that is running DNS in
their domain and site, and that hosts the namespace of the domain in which
Best practices for DNS client settings in Windows 2000 Server and in Windows
Server 2003
http://support.microsoft.com/kb/825036/en-us
- Make sure that every DNS server can resolve all existent domains in the
forest. (You can use Forwarding, Stub Zones or Secondary Zones).
DNS Conditional Forwarding in Windows Server 2003
http://www.windowsnetworking.com/articles_tutorials/DNS_Conditional_Forwarding_in_Windows_Server_2003.html
DNS Stub Zones in Windows Server 2003
http://www.windowsnetworking.com/articles_tutorials/DNS_Stub_Zones.html
How To Create a Child Domain in Active Directory and Delegate the DNS
Namespace to the Child Domain
http://support.microsoft.com/kb/255248/
- Make sure that all clients only use their local(s) Dns Server. Note That
DNS client does not utilize each of the DNS servers listed in TCP/IP
configuration for each query. By default, on startup the DNS client will
attempt to utilize the server in the Preferred DNS server entry. If this
server fails to respond for any reason, the DNS client will switch to the
server listed in the alternate DNS server entry. The DNS client will
continue to use this alternate DNS server until: fails to respond to a DNS
query, or The ServerPriorityTimeLimit value is reached (15 minutes by
How To Install and Configure DNS Server in Windows Server 2003
http://support.microsoft.com/kb/814591/en-us
Best practices for DNS client settings in Windows 2000 Server and in Windows
Server 2003
http://support.microsoft.com/kb/825036/en-us
How to configure DNS for Internet access in Windows Server 2003
http://support.microsoft.com/kb/323380/en-us
How to configure TCP/IP to use DNS in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;305553
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
1 AD domain - Parent DC is located in Shiprepair, which is also the sole DNS
server, which has forwarders to our ISP. Child DC has has all member servers
including 2003 exchange. Exchange points to parent dc as preferred dns
server (no alternate). Exchange 2003 is co-existing with Exchange5.5, with
2003 handling both inbound and outbound traffic. Presently, 95% of the
mailboxes still reside in 5.5, which is located in a NT4 domain.
We actually have 2 email addresses, 1 from corporate with DNS handled by
them (Mail working fine), the other handled locally by me (does not route
thru corporate). Incoming mail is forwarded from 2003 Exchange to 5.5
exchange after going thru spam filter.
The DNS structure has a zone configured for the parent domain and a child
zone for the child domain, with the appropriate host, NS, and SOA's in the
parent and host records in the child. Reverse lookup zones are also
configured.
I hope this help. If you need more specifics let me know.
Thanks for the help.
--
DLove
Post by Jorge Silva
Hi
-Did you monitored the exchange (Memory,CPU,DISK,SMTP Queues,virtual
memory,etc)?
-Exchange configuration (NIC Properties).
-Existent DNS servers and its configuration.
-How the mail is being delivered to Exchange.
-DNS structure.
-Etc.
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
I suspect that DNS issues are causing me to have email messages
arrive
hours
or even a day late. It does not happen all the time, but does I have
confirmed the problem. I ran dcdiag /test:dns and received the
output
below.
I am able to successfully query other domains, and everything appears
to
be
functioning fine. I'm not sure why the test is failing or what
caused
it.
Without the sometimes slow mail delivery, I would not even know there
was
a
problem. Any help in troubleshooting the problem would be greatly
appreciated.
DNS is running on a DC in the Parent container; Exchange 2003 server is
located in child domain.
Thanks.
Domain Controller Diagnosis
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SDSERVER
Starting test: Connectivity
......................... SDSERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SDSERVER
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : SDSR
Running partition tests on : Schema
Running partition tests on : Configuration
Running enterprise tests on : Shiprepair.com
Starting test: DNS
DC: sdserver.SDSR.Shiprepair.com
Domain: SDSR.Shiprepair.com
TEST: Basic (Basc)
Warning: adapter [00000005] HP NC7760 Gigabit Server
Adapter has invalid DNS server: 172.20.100.10 (<name unavailable>)
Error: all DNS servers are invalid
TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the
network adapters
Summary of test results for DNS servers used by the above domain
DNS server: 172.20.100.10 (<name unavailable>)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 172.20.100.10
Auth Basc Forw Del Dyn RReg
Ext
________________________________________________________________
Domain: SDSR.Shiprepair.com
sdserver PASS FAIL n/a n/a n/a FAIL
n/a
......................... Shiprepair.com failed test DNS
--
DLove
dlove106
2006-08-08 15:36:02 UTC
Permalink
--
DLove
Post by Jorge Silva
Ok, disable the advance view on DNS console, what do you see now?
No zones?
If yes then you can configure one zone, make AD integrated (If the server is
a DC), run ipconfig /registerdns
I still see zones after disabling the advance view (Expected?). The only
change is I no longer see 3 of the reverse lookup zones. They are as follows:
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa

So, with advance view I have 4 forward lookup zones and 10 reverse lookup
zones. Without advance view I have 4 forward lookup zones and 7 reverse
lookup zones.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
Jorge,
I have looked at most of the articles you sited and I have configured DNS
accordingly sometime ago. My clients are pointing to my internal DNS server
only. The DNS server lists only itself as the preferred server with no
alternate. I am not certain about the reverse lookup zone setup as I have 3
entries that seem to refer to the loopback address. I'm not sure which one
0.0.127.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)
0.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)
127.in-addr.arpa (Has NS & SOA records pointing the lone DNS server) This
0 (Yellow folder with 1 record listed below)
0 (NS record)
I hope this sheds a little more light on what I am seeing and can help in
how to proceed.
Thanks.
--
DLove
Post by Jorge Silva
This sounds more like a Exchange missconfiguration.
- Make sure that you configure the Preferred DNS server in TCP/IP properties
on each Domain Controller to use itself as Primary DNS Server (If DC IP
Address is 10.0.0.1 then Dns should be 10.0.0.1).When adding an additional
DC to an existent Domain, do not configure the domain controller to utilize
its own DNS service for name resolution until you have verified that both
inbound and outbound Active Directory replication is functioning and up to
date. During the DCPromo process, you must configure additional domain
controllers to point to another domain controller that is running DNS in
their domain and site, and that hosts the namespace of the domain in which
Best practices for DNS client settings in Windows 2000 Server and in Windows
Server 2003
http://support.microsoft.com/kb/825036/en-us
- Make sure that every DNS server can resolve all existent domains in the
forest. (You can use Forwarding, Stub Zones or Secondary Zones).
DNS Conditional Forwarding in Windows Server 2003
http://www.windowsnetworking.com/articles_tutorials/DNS_Conditional_Forwarding_in_Windows_Server_2003.html
DNS Stub Zones in Windows Server 2003
http://www.windowsnetworking.com/articles_tutorials/DNS_Stub_Zones.html
How To Create a Child Domain in Active Directory and Delegate the DNS
Namespace to the Child Domain
http://support.microsoft.com/kb/255248/
- Make sure that all clients only use their local(s) Dns Server. Note That
DNS client does not utilize each of the DNS servers listed in TCP/IP
configuration for each query. By default, on startup the DNS client will
attempt to utilize the server in the Preferred DNS server entry. If this
server fails to respond for any reason, the DNS client will switch to the
server listed in the alternate DNS server entry. The DNS client will
continue to use this alternate DNS server until: fails to respond to a DNS
query, or The ServerPriorityTimeLimit value is reached (15 minutes by
How To Install and Configure DNS Server in Windows Server 2003
http://support.microsoft.com/kb/814591/en-us
Best practices for DNS client settings in Windows 2000 Server and in Windows
Server 2003
http://support.microsoft.com/kb/825036/en-us
How to configure DNS for Internet access in Windows Server 2003
http://support.microsoft.com/kb/323380/en-us
How to configure TCP/IP to use DNS in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;305553
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
1 AD domain - Parent DC is located in Shiprepair, which is also the sole DNS
server, which has forwarders to our ISP. Child DC has has all member servers
including 2003 exchange. Exchange points to parent dc as preferred dns
server (no alternate). Exchange 2003 is co-existing with Exchange5.5, with
2003 handling both inbound and outbound traffic. Presently, 95% of the
mailboxes still reside in 5.5, which is located in a NT4 domain.
We actually have 2 email addresses, 1 from corporate with DNS handled by
them (Mail working fine), the other handled locally by me (does not route
thru corporate). Incoming mail is forwarded from 2003 Exchange to 5.5
exchange after going thru spam filter.
The DNS structure has a zone configured for the parent domain and a child
zone for the child domain, with the appropriate host, NS, and SOA's in the
parent and host records in the child. Reverse lookup zones are also
configured.
I hope this help. If you need more specifics let me know.
Thanks for the help.
--
DLove
Post by Jorge Silva
Hi
-Did you monitored the exchange (Memory,CPU,DISK,SMTP Queues,virtual
memory,etc)?
-Exchange configuration (NIC Properties).
-Existent DNS servers and its configuration.
-How the mail is being delivered to Exchange.
-DNS structure.
-Etc.
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
I suspect that DNS issues are causing me to have email messages
arrive
hours
or even a day late. It does not happen all the time, but does I have
confirmed the problem. I ran dcdiag /test:dns and received the
output
below.
I am able to successfully query other domains, and everything appears
to
be
functioning fine. I'm not sure why the test is failing or what
caused
it.
Without the sometimes slow mail delivery, I would not even know there
was
a
problem. Any help in troubleshooting the problem would be greatly
appreciated.
DNS is running on a DC in the Parent container; Exchange 2003 server is
located in child domain.
Thanks.
Domain Controller Diagnosis
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SDSERVER
Starting test: Connectivity
......................... SDSERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SDSERVER
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : SDSR
Running partition tests on : Schema
Running partition tests on : Configuration
Running enterprise tests on : Shiprepair.com
Starting test: DNS
DC: sdserver.SDSR.Shiprepair.com
Domain: SDSR.Shiprepair.com
TEST: Basic (Basc)
Warning: adapter [00000005] HP NC7760 Gigabit Server
Adapter has invalid DNS server: 172.20.100.10 (<name unavailable>)
Error: all DNS servers are invalid
TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the
network adapters
Summary of test results for DNS servers used by the above domain
DNS server: 172.20.100.10 (<name unavailable>)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 172.20.100.10
Auth Basc Forw Del Dyn RReg
Ext
________________________________________________________________
Domain: SDSR.Shiprepair.com
sdserver PASS FAIL n/a n/a n/a FAIL
n/a
......................... Shiprepair.com failed test DNS
--
DLove
Jorge Silva
2006-08-08 18:04:29 UTC
Permalink
Inline
Post by dlove106
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa
- these are loopback related, don't worry.
Post by dlove106
So, with advance view I have 4 forward lookup zones and 10 reverse lookup
zones. Without advance view I have 4 forward lookup zones and 7 reverse
lookup zones.
- are you hosting 4 different domains?
domain01.com, domain02.com,etc?
did you created MX records for the exchange domains that you're hosting?

- 7 reverse lookup zones?
do you need all these reverse zones or your DNS server is multihomed
(multiple NICs)

-Your exchange server that is giving you problems, can it send Mail outside,
or the problem is only to receive Mails?
if the problem is only to receive mails, check that your FW/ROUTER have the
correct ports (SMTP 25TCP) pointing to the exchange server, also make sure
that the FW/ROUTER for your domain has the correct public address.

-If the problem is between the Exchange 5.5 and 2003 you should check the
connectors between them, goto exchange ng they can help you out better.
--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Ok, disable the advance view on DNS console, what do you see now?
No zones?
If yes then you can configure one zone, make AD integrated (If the server is
a DC), run ipconfig /registerdns
I still see zones after disabling the advance view (Expected?). The only
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa
So, with advance view I have 4 forward lookup zones and 10 reverse lookup
zones. Without advance view I have 4 forward lookup zones and 7 reverse
lookup zones.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
Jorge,
I have looked at most of the articles you sited and I have configured DNS
accordingly sometime ago. My clients are pointing to my internal DNS server
only. The DNS server lists only itself as the preferred server with no
alternate. I am not certain about the reverse lookup zone setup as I
have
3
entries that seem to refer to the loopback address. I'm not sure which one
0.0.127.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)
0.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)
127.in-addr.arpa (Has NS & SOA records pointing the lone DNS server) This
0 (Yellow folder with 1 record listed below)
0 (NS record)
I hope this sheds a little more light on what I am seeing and can help in
how to proceed.
Thanks.
--
DLove
Post by Jorge Silva
This sounds more like a Exchange missconfiguration.
- Make sure that you configure the Preferred DNS server in TCP/IP properties
on each Domain Controller to use itself as Primary DNS Server (If DC IP
Address is 10.0.0.1 then Dns should be 10.0.0.1).When adding an additional
DC to an existent Domain, do not configure the domain controller to utilize
its own DNS service for name resolution until you have verified that both
inbound and outbound Active Directory replication is functioning and
up
to
date. During the DCPromo process, you must configure additional domain
controllers to point to another domain controller that is running DNS in
their domain and site, and that hosts the namespace of the domain in which
Best practices for DNS client settings in Windows 2000 Server and in Windows
Server 2003
http://support.microsoft.com/kb/825036/en-us
- Make sure that every DNS server can resolve all existent domains in the
forest. (You can use Forwarding, Stub Zones or Secondary Zones).
DNS Conditional Forwarding in Windows Server 2003
http://www.windowsnetworking.com/articles_tutorials/DNS_Conditional_Forwarding_in_Windows_Server_2003.html
DNS Stub Zones in Windows Server 2003
http://www.windowsnetworking.com/articles_tutorials/DNS_Stub_Zones.html
How To Create a Child Domain in Active Directory and Delegate the DNS
Namespace to the Child Domain
http://support.microsoft.com/kb/255248/
- Make sure that all clients only use their local(s) Dns Server. Note That
DNS client does not utilize each of the DNS servers listed in TCP/IP
configuration for each query. By default, on startup the DNS client will
attempt to utilize the server in the Preferred DNS server entry. If this
server fails to respond for any reason, the DNS client will switch to the
server listed in the alternate DNS server entry. The DNS client will
continue to use this alternate DNS server until: fails to respond to a DNS
query, or The ServerPriorityTimeLimit value is reached (15 minutes by
How To Install and Configure DNS Server in Windows Server 2003
http://support.microsoft.com/kb/814591/en-us
Best practices for DNS client settings in Windows 2000 Server and in Windows
Server 2003
http://support.microsoft.com/kb/825036/en-us
How to configure DNS for Internet access in Windows Server 2003
http://support.microsoft.com/kb/323380/en-us
How to configure TCP/IP to use DNS in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;305553
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
1 AD domain - Parent DC is located in Shiprepair, which is also the
sole
DNS
server, which has forwarders to our ISP. Child DC has has all
member
servers
including 2003 exchange. Exchange points to parent dc as preferred dns
server (no alternate). Exchange 2003 is co-existing with
Exchange5.5,
with
2003 handling both inbound and outbound traffic. Presently, 95% of the
mailboxes still reside in 5.5, which is located in a NT4 domain.
We actually have 2 email addresses, 1 from corporate with DNS
handled
by
them (Mail working fine), the other handled locally by me (does not route
thru corporate). Incoming mail is forwarded from 2003 Exchange to 5.5
exchange after going thru spam filter.
The DNS structure has a zone configured for the parent domain and a child
zone for the child domain, with the appropriate host, NS, and SOA's
in
the
parent and host records in the child. Reverse lookup zones are also
configured.
I hope this help. If you need more specifics let me know.
Thanks for the help.
--
DLove
Post by Jorge Silva
Hi
-Did you monitored the exchange (Memory,CPU,DISK,SMTP
Queues,virtual
memory,etc)?
-Exchange configuration (NIC Properties).
-Existent DNS servers and its configuration.
-How the mail is being delivered to Exchange.
-DNS structure.
-Etc.
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
I suspect that DNS issues are causing me to have email messages
arrive
hours
or even a day late. It does not happen all the time, but does I have
confirmed the problem. I ran dcdiag /test:dns and received the
output
below.
I am able to successfully query other domains, and everything appears
to
be
functioning fine. I'm not sure why the test is failing or what
caused
it.
Without the sometimes slow mail delivery, I would not even know there
was
a
problem. Any help in troubleshooting the problem would be greatly
appreciated.
DNS is running on a DC in the Parent container; Exchange 2003
server
is
located in child domain.
Thanks.
Domain Controller Diagnosis
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SDSERVER
Starting test: Connectivity
......................... SDSERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SDSERVER
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : SDSR
Running partition tests on : Schema
Running partition tests on : Configuration
Running enterprise tests on : Shiprepair.com
Starting test: DNS
DC: sdserver.SDSR.Shiprepair.com
Domain: SDSR.Shiprepair.com
TEST: Basic (Basc)
Warning: adapter [00000005] HP NC7760 Gigabit Server
Adapter has invalid DNS server: 172.20.100.10 (<name
unavailable>)
Error: all DNS servers are invalid
TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the
network adapters
Summary of test results for DNS servers used by the above domain
DNS server: 172.20.100.10 (<name unavailable>)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the
1.0.0.127.in-addr.arpa. failed on the DNS server 172.20.100.10
Auth Basc Forw Del Dyn RReg
Ext
________________________________________________________________
Domain: SDSR.Shiprepair.com
sdserver PASS FAIL n/a n/a n/a FAIL
n/a
......................... Shiprepair.com failed test DNS
--
DLove
dlove106
2006-08-08 20:18:02 UTC
Permalink
--
DLove
Post by Jorge Silva
Inline
Post by dlove106
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa
- these are loopback related, don't worry.
Post by dlove106
So, with advance view I have 4 forward lookup zones and 10 reverse lookup
zones. Without advance view I have 4 forward lookup zones and 7 reverse
lookup zones.
- are you hosting 4 different domains?
domain01.com, domain02.com,etc?
did you created MX records for the exchange domains that you're hosting?
The domains are valid. I have created an MX record for the exchange domain.
Post by Jorge Silva
- 7 reverse lookup zones?
do you need all these reverse zones or your DNS server is multihomed
(multiple NICs)
My DNS server is not multihomed. Everything certainly worked better after
the reverse zones were created. They are all valid reverse zones.
Post by Jorge Silva
-Your exchange server that is giving you problems, can it send Mail outside,
or the problem is only to receive Mails?
if the problem is only to receive mails, check that your FW/ROUTER have the
correct ports (SMTP 25TCP) pointing to the exchange server, also make sure
that the FW/ROUTER for your domain has the correct public address.
The router has the correct info. The problem is mainly slow delivery, not
so much non-delivery of incoming mail.
Post by Jorge Silva
-If the problem is between the Exchange 5.5 and 2003 you should check the
connectors between them, goto exchange ng they can help you out better.
I am in mixed mode right now with both ek55 and ek2003. I will post in the
exchange group, although I would like to correct the DNS error found in
dcdiag.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Ok, disable the advance view on DNS console, what do you see now?
No zones?
If yes then you can configure one zone, make AD integrated (If the server is
a DC), run ipconfig /registerdns
I still see zones after disabling the advance view (Expected?). The only
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa
So, with advance view I have 4 forward lookup zones and 10 reverse lookup
zones. Without advance view I have 4 forward lookup zones and 7 reverse
lookup zones.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
Jorge,
I have looked at most of the articles you sited and I have configured DNS
accordingly sometime ago. My clients are pointing to my internal DNS server
only. The DNS server lists only itself as the preferred server with no
alternate. I am not certain about the reverse lookup zone setup as I
have
3
entries that seem to refer to the loopback address. I'm not sure which one
0.0.127.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)
0.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)
127.in-addr.arpa (Has NS & SOA records pointing the lone DNS server) This
0 (Yellow folder with 1 record listed below)
0 (NS record)
I hope this sheds a little more light on what I am seeing and can help in
how to proceed.
Thanks.
--
DLove
Post by Jorge Silva
This sounds more like a Exchange missconfiguration.
- Make sure that you configure the Preferred DNS server in TCP/IP properties
on each Domain Controller to use itself as Primary DNS Server (If DC IP
Address is 10.0.0.1 then Dns should be 10.0.0.1).When adding an additional
DC to an existent Domain, do not configure the domain controller to utilize
its own DNS service for name resolution until you have verified that both
inbound and outbound Active Directory replication is functioning and
up
to
date. During the DCPromo process, you must configure additional domain
controllers to point to another domain controller that is running DNS in
their domain and site, and that hosts the namespace of the domain in which
Best practices for DNS client settings in Windows 2000 Server and in Windows
Server 2003
http://support.microsoft.com/kb/825036/en-us
- Make sure that every DNS server can resolve all existent domains in the
forest. (You can use Forwarding, Stub Zones or Secondary Zones).
DNS Conditional Forwarding in Windows Server 2003
http://www.windowsnetworking.com/articles_tutorials/DNS_Conditional_Forwarding_in_Windows_Server_2003.html
DNS Stub Zones in Windows Server 2003
http://www.windowsnetworking.com/articles_tutorials/DNS_Stub_Zones.html
How To Create a Child Domain in Active Directory and Delegate the DNS
Namespace to the Child Domain
http://support.microsoft.com/kb/255248/
- Make sure that all clients only use their local(s) Dns Server. Note That
DNS client does not utilize each of the DNS servers listed in TCP/IP
configuration for each query. By default, on startup the DNS client will
attempt to utilize the server in the Preferred DNS server entry. If this
server fails to respond for any reason, the DNS client will switch to the
server listed in the alternate DNS server entry. The DNS client will
continue to use this alternate DNS server until: fails to respond to a DNS
query, or The ServerPriorityTimeLimit value is reached (15 minutes by
How To Install and Configure DNS Server in Windows Server 2003
http://support.microsoft.com/kb/814591/en-us
Best practices for DNS client settings in Windows 2000 Server and in Windows
Server 2003
http://support.microsoft.com/kb/825036/en-us
How to configure DNS for Internet access in Windows Server 2003
http://support.microsoft.com/kb/323380/en-us
How to configure TCP/IP to use DNS in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;305553
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
1 AD domain - Parent DC is located in Shiprepair, which is also the
sole
DNS
server, which has forwarders to our ISP. Child DC has has all
member
servers
including 2003 exchange. Exchange points to parent dc as preferred dns
server (no alternate). Exchange 2003 is co-existing with
Exchange5.5,
with
2003 handling both inbound and outbound traffic. Presently, 95% of the
mailboxes still reside in 5.5, which is located in a NT4 domain.
We actually have 2 email addresses, 1 from corporate with DNS
handled
by
them (Mail working fine), the other handled locally by me (does not route
thru corporate). Incoming mail is forwarded from 2003 Exchange to 5.5
exchange after going thru spam filter.
The DNS structure has a zone configured for the parent domain and a child
zone for the child domain, with the appropriate host, NS, and SOA's
in
the
parent and host records in the child. Reverse lookup zones are also
configured.
I hope this help. If you need more specifics let me know.
Thanks for the help.
--
DLove
Post by Jorge Silva
Hi
-Did you monitored the exchange (Memory,CPU,DISK,SMTP
Queues,virtual
memory,etc)?
-Exchange configuration (NIC Properties).
-Existent DNS servers and its configuration.
-How the mail is being delivered to Exchange.
-DNS structure.
-Etc.
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
I suspect that DNS issues are causing me to have email messages
arrive
hours
or even a day late. It does not happen all the time, but does I have
confirmed the problem. I ran dcdiag /test:dns and received the
output
below.
I am able to successfully query other domains, and everything appears
to
be
functioning fine. I'm not sure why the test is failing or what
caused
it.
Without the sometimes slow mail delivery, I would not even know there
was
a
problem. Any help in troubleshooting the problem would be greatly
appreciated.
DNS is running on a DC in the Parent container; Exchange 2003
server
is
located in child domain.
Thanks.
Domain Controller Diagnosis
Done gathering initial info.
Jorge Silva
2006-08-08 20:29:29 UTC
Permalink
Ok

- can you post here the results for ipconfig /all of your DNS server.
- also can you check if the DNS server is responding to all its IPAddress
(DNS Console->right click->interfaces tab.
also describe (can be other different names) your actual reverse lookup zone
and forward zones.
--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Inline
Post by dlove106
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa
- these are loopback related, don't worry.
Post by dlove106
So, with advance view I have 4 forward lookup zones and 10 reverse lookup
zones. Without advance view I have 4 forward lookup zones and 7 reverse
lookup zones.
- are you hosting 4 different domains?
domain01.com, domain02.com,etc?
did you created MX records for the exchange domains that you're hosting?
The domains are valid. I have created an MX record for the exchange domain.
Post by Jorge Silva
- 7 reverse lookup zones?
do you need all these reverse zones or your DNS server is multihomed
(multiple NICs)
My DNS server is not multihomed. Everything certainly worked better after
the reverse zones were created. They are all valid reverse zones.
Post by Jorge Silva
-Your exchange server that is giving you problems, can it send Mail outside,
or the problem is only to receive Mails?
if the problem is only to receive mails, check that your FW/ROUTER have the
correct ports (SMTP 25TCP) pointing to the exchange server, also make sure
that the FW/ROUTER for your domain has the correct public address.
The router has the correct info. The problem is mainly slow delivery, not
so much non-delivery of incoming mail.
Post by Jorge Silva
-If the problem is between the Exchange 5.5 and 2003 you should check the
connectors between them, goto exchange ng they can help you out better.
I am in mixed mode right now with both ek55 and ek2003. I will post in the
exchange group, although I would like to correct the DNS error found in
dcdiag.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Ok, disable the advance view on DNS console, what do you see now?
No zones?
If yes then you can configure one zone, make AD integrated (If the
server
is
a DC), run ipconfig /registerdns
I still see zones after disabling the advance view (Expected?). The only
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa
So, with advance view I have 4 forward lookup zones and 10 reverse lookup
zones. Without advance view I have 4 forward lookup zones and 7 reverse
lookup zones.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
Jorge,
I have looked at most of the articles you sited and I have
configured
DNS
accordingly sometime ago. My clients are pointing to my internal DNS server
only. The DNS server lists only itself as the preferred server with no
alternate. I am not certain about the reverse lookup zone setup as I
have
3
entries that seem to refer to the loopback address. I'm not sure
which
one
0.0.127.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)
0.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)
127.in-addr.arpa (Has NS & SOA records pointing the lone DNS server) This
0 (Yellow folder with 1 record listed below)
0 (NS record)
I hope this sheds a little more light on what I am seeing and can
help
in
how to proceed.
Thanks.
--
DLove
Post by Jorge Silva
This sounds more like a Exchange missconfiguration.
- Make sure that you configure the Preferred DNS server in TCP/IP properties
on each Domain Controller to use itself as Primary DNS Server (If
DC
IP
Address is 10.0.0.1 then Dns should be 10.0.0.1).When adding an additional
DC to an existent Domain, do not configure the domain controller to utilize
its own DNS service for name resolution until you have verified
that
both
inbound and outbound Active Directory replication is functioning and
up
to
date. During the DCPromo process, you must configure additional domain
controllers to point to another domain controller that is running
DNS
in
their domain and site, and that hosts the namespace of the domain
in
which
Best practices for DNS client settings in Windows 2000 Server and
in
Windows
Server 2003
http://support.microsoft.com/kb/825036/en-us
- Make sure that every DNS server can resolve all existent domains
in
the
forest. (You can use Forwarding, Stub Zones or Secondary Zones).
DNS Conditional Forwarding in Windows Server 2003
http://www.windowsnetworking.com/articles_tutorials/DNS_Conditional_Forwarding_in_Windows_Server_2003.html
DNS Stub Zones in Windows Server 2003
http://www.windowsnetworking.com/articles_tutorials/DNS_Stub_Zones.html
How To Create a Child Domain in Active Directory and Delegate the DNS
Namespace to the Child Domain
http://support.microsoft.com/kb/255248/
- Make sure that all clients only use their local(s) Dns Server.
Note
That
DNS client does not utilize each of the DNS servers listed in TCP/IP
configuration for each query. By default, on startup the DNS client will
attempt to utilize the server in the Preferred DNS server entry. If this
server fails to respond for any reason, the DNS client will switch
to
the
server listed in the alternate DNS server entry. The DNS client will
continue to use this alternate DNS server until: fails to respond
to a
DNS
query, or The ServerPriorityTimeLimit value is reached (15 minutes by
How To Install and Configure DNS Server in Windows Server 2003
http://support.microsoft.com/kb/814591/en-us
Best practices for DNS client settings in Windows 2000 Server and
in
Windows
Server 2003
http://support.microsoft.com/kb/825036/en-us
How to configure DNS for Internet access in Windows Server 2003
http://support.microsoft.com/kb/323380/en-us
How to configure TCP/IP to use DNS in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;305553
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
1 AD domain - Parent DC is located in Shiprepair, which is also the
sole
DNS
server, which has forwarders to our ISP. Child DC has has all
member
servers
including 2003 exchange. Exchange points to parent dc as
preferred
dns
server (no alternate). Exchange 2003 is co-existing with
Exchange5.5,
with
2003 handling both inbound and outbound traffic. Presently, 95%
of
the
mailboxes still reside in 5.5, which is located in a NT4 domain.
We actually have 2 email addresses, 1 from corporate with DNS
handled
by
them (Mail working fine), the other handled locally by me (does
not
route
thru corporate). Incoming mail is forwarded from 2003 Exchange
to
5.5
exchange after going thru spam filter.
The DNS structure has a zone configured for the parent domain and
a
child
zone for the child domain, with the appropriate host, NS, and SOA's
in
the
parent and host records in the child. Reverse lookup zones are also
configured.
I hope this help. If you need more specifics let me know.
Thanks for the help.
--
DLove
Post by Jorge Silva
Hi
-Did you monitored the exchange (Memory,CPU,DISK,SMTP Queues,virtual
memory,etc)?
-Exchange configuration (NIC Properties).
-Existent DNS servers and its configuration.
-How the mail is being delivered to Exchange.
-DNS structure.
-Etc.
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
I suspect that DNS issues are causing me to have email messages
arrive
hours
or even a day late. It does not happen all the time, but does
I
have
confirmed the problem. I ran dcdiag /test:dns and received the
output
below.
I am able to successfully query other domains, and everything
appears
to
be
functioning fine. I'm not sure why the test is failing or what
caused
it.
Without the sometimes slow mail delivery, I would not even
know
there
was
a
problem. Any help in troubleshooting the problem would be greatly
appreciated.
DNS is running on a DC in the Parent container; Exchange 2003
server
is
located in child domain.
Thanks.
Domain Controller Diagnosis
Done gathering initial info.
Jorge Silva
2006-08-08 20:33:07 UTC
Permalink
also might help
http://technet2.microsoft.com/WindowsServer/en/library/949f3a45-84e2-487f-80d7-bce184b28a061033.mspx?mfr=true
http://technet2.microsoft.com/WindowsServer/en/library/756414dd-ec37-4111-b4d1-52c2eae5ed4e1033.mspx?mfr=true
--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by Jorge Silva
Ok
- can you post here the results for ipconfig /all of your DNS server.
- also can you check if the DNS server is responding to all its IPAddress
(DNS Console->right click->interfaces tab.
also describe (can be other different names) your actual reverse lookup
zone and forward zones.
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Inline
Post by dlove106
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa
- these are loopback related, don't worry.
Post by dlove106
So, with advance view I have 4 forward lookup zones and 10 reverse lookup
zones. Without advance view I have 4 forward lookup zones and 7 reverse
lookup zones.
- are you hosting 4 different domains?
domain01.com, domain02.com,etc?
did you created MX records for the exchange domains that you're hosting?
The domains are valid. I have created an MX record for the exchange domain.
Post by Jorge Silva
- 7 reverse lookup zones?
do you need all these reverse zones or your DNS server is multihomed
(multiple NICs)
My DNS server is not multihomed. Everything certainly worked better after
the reverse zones were created. They are all valid reverse zones.
Post by Jorge Silva
-Your exchange server that is giving you problems, can it send Mail outside,
or the problem is only to receive Mails?
if the problem is only to receive mails, check that your FW/ROUTER have the
correct ports (SMTP 25TCP) pointing to the exchange server, also make sure
that the FW/ROUTER for your domain has the correct public address.
The router has the correct info. The problem is mainly slow delivery, not
so much non-delivery of incoming mail.
Post by Jorge Silva
-If the problem is between the Exchange 5.5 and 2003 you should check the
connectors between them, goto exchange ng they can help you out better.
I am in mixed mode right now with both ek55 and ek2003. I will post in the
exchange group, although I would like to correct the DNS error found in
dcdiag.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Ok, disable the advance view on DNS console, what do you see now?
No zones?
If yes then you can configure one zone, make AD integrated (If the
server
is
a DC), run ipconfig /registerdns
I still see zones after disabling the advance view (Expected?). The only
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa
So, with advance view I have 4 forward lookup zones and 10 reverse lookup
zones. Without advance view I have 4 forward lookup zones and 7 reverse
lookup zones.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
Jorge,
I have looked at most of the articles you sited and I have
configured
DNS
accordingly sometime ago. My clients are pointing to my internal
DNS
server
only. The DNS server lists only itself as the preferred server with no
alternate. I am not certain about the reverse lookup zone setup as I
have
3
entries that seem to refer to the loopback address. I'm not sure
which
one
0.0.127.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)
0.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)
127.in-addr.arpa (Has NS & SOA records pointing the lone DNS
server)
This
0 (Yellow folder with 1 record listed below)
0 (NS record)
I hope this sheds a little more light on what I am seeing and can
help
in
how to proceed.
Thanks.
--
DLove
Post by Jorge Silva
This sounds more like a Exchange missconfiguration.
- Make sure that you configure the Preferred DNS server in TCP/IP
properties
on each Domain Controller to use itself as Primary DNS Server (If
DC
IP
Address is 10.0.0.1 then Dns should be 10.0.0.1).When adding an additional
DC to an existent Domain, do not configure the domain controller
to
utilize
its own DNS service for name resolution until you have verified
that
both
inbound and outbound Active Directory replication is functioning and
up
to
date. During the DCPromo process, you must configure additional domain
controllers to point to another domain controller that is running
DNS
in
their domain and site, and that hosts the namespace of the domain
in
which
Best practices for DNS client settings in Windows 2000 Server and
in
Windows
Server 2003
http://support.microsoft.com/kb/825036/en-us
- Make sure that every DNS server can resolve all existent domains
in
the
forest. (You can use Forwarding, Stub Zones or Secondary Zones).
DNS Conditional Forwarding in Windows Server 2003
http://www.windowsnetworking.com/articles_tutorials/DNS_Conditional_Forwarding_in_Windows_Server_2003.html
DNS Stub Zones in Windows Server 2003
http://www.windowsnetworking.com/articles_tutorials/DNS_Stub_Zones.html
How To Create a Child Domain in Active Directory and Delegate the DNS
Namespace to the Child Domain
http://support.microsoft.com/kb/255248/
- Make sure that all clients only use their local(s) Dns Server.
Note
That
DNS client does not utilize each of the DNS servers listed in TCP/IP
configuration for each query. By default, on startup the DNS
client
will
attempt to utilize the server in the Preferred DNS server entry.
If
this
server fails to respond for any reason, the DNS client will switch
to
the
server listed in the alternate DNS server entry. The DNS client will
continue to use this alternate DNS server until: fails to respond
to a
DNS
query, or The ServerPriorityTimeLimit value is reached (15 minutes by
How To Install and Configure DNS Server in Windows Server 2003
http://support.microsoft.com/kb/814591/en-us
Best practices for DNS client settings in Windows 2000 Server and
in
Windows
Server 2003
http://support.microsoft.com/kb/825036/en-us
How to configure DNS for Internet access in Windows Server 2003
http://support.microsoft.com/kb/323380/en-us
How to configure TCP/IP to use DNS in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;305553
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
1 AD domain - Parent DC is located in Shiprepair, which is also the
sole
DNS
server, which has forwarders to our ISP. Child DC has has all
member
servers
including 2003 exchange. Exchange points to parent dc as
preferred
dns
server (no alternate). Exchange 2003 is co-existing with
Exchange5.5,
with
2003 handling both inbound and outbound traffic. Presently, 95%
of
the
mailboxes still reside in 5.5, which is located in a NT4 domain.
We actually have 2 email addresses, 1 from corporate with DNS
handled
by
them (Mail working fine), the other handled locally by me (does
not
route
thru corporate). Incoming mail is forwarded from 2003 Exchange
to
5.5
exchange after going thru spam filter.
The DNS structure has a zone configured for the parent domain
and a
child
zone for the child domain, with the appropriate host, NS, and SOA's
in
the
parent and host records in the child. Reverse lookup zones are also
configured.
I hope this help. If you need more specifics let me know.
Thanks for the help.
--
DLove
Post by Jorge Silva
Hi
-Did you monitored the exchange (Memory,CPU,DISK,SMTP Queues,virtual
memory,etc)?
-Exchange configuration (NIC Properties).
-Existent DNS servers and its configuration.
-How the mail is being delivered to Exchange.
-DNS structure.
-Etc.
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
I suspect that DNS issues are causing me to have email messages
arrive
hours
or even a day late. It does not happen all the time, but does
I
have
confirmed the problem. I ran dcdiag /test:dns and received the
output
below.
I am able to successfully query other domains, and everything
appears
to
be
functioning fine. I'm not sure why the test is failing or what
caused
it.
Without the sometimes slow mail delivery, I would not even
know
there
was
a
problem. Any help in troubleshooting the problem would be greatly
appreciated.
DNS is running on a DC in the Parent container; Exchange 2003
server
is
located in child domain.
Thanks.
Domain Controller Diagnosis
Done gathering initial info.
dlove106
2006-08-09 13:48:02 UTC
Permalink
--
DLove
Post by Jorge Silva
Ok
- can you post here the results for ipconfig /all of your DNS server.
- also can you check if the DNS server is responding to all its IPAddress
(DNS Console->right click->interfaces tab.
also describe (can be other different names) your actual reverse lookup zone
and forward zones.
DNS Server ---
Windows IP Configuration

Host Name . . . . . . . . . . . . : sddcsrv03
Primary Dns Suffix . . . . . . . : Shiprepair.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Shiprepair.com

Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 3Com 3C920 Integrated Fast Ethernet
Controller (3C905C-TX Compatible)
Physical Address. . . . . . . . . : 00-B0-D0-B2-3E-A9
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.20.100.10
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 172.20.0.2
DNS Servers . . . . . . . . . . . : 172.20.100.10
Primary WINS Server . . . . . . . : 172.20.0.30

My Forward zones are as follows:
shiprepair.com
sdsr (child)
Hawaii.com (remote site with their own dns)
Web Site (on a different subnet)

Reverse zones:
I have one for each subnet.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Inline
Post by dlove106
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa
- these are loopback related, don't worry.
Post by dlove106
So, with advance view I have 4 forward lookup zones and 10 reverse lookup
zones. Without advance view I have 4 forward lookup zones and 7 reverse
lookup zones.
- are you hosting 4 different domains?
domain01.com, domain02.com,etc?
did you created MX records for the exchange domains that you're hosting?
The domains are valid. I have created an MX record for the exchange domain.
Post by Jorge Silva
- 7 reverse lookup zones?
do you need all these reverse zones or your DNS server is multihomed
(multiple NICs)
My DNS server is not multihomed. Everything certainly worked better after
the reverse zones were created. They are all valid reverse zones.
Post by Jorge Silva
-Your exchange server that is giving you problems, can it send Mail outside,
or the problem is only to receive Mails?
if the problem is only to receive mails, check that your FW/ROUTER have the
correct ports (SMTP 25TCP) pointing to the exchange server, also make sure
that the FW/ROUTER for your domain has the correct public address.
The router has the correct info. The problem is mainly slow delivery, not
so much non-delivery of incoming mail.
Post by Jorge Silva
-If the problem is between the Exchange 5.5 and 2003 you should check the
connectors between them, goto exchange ng they can help you out better.
I am in mixed mode right now with both ek55 and ek2003. I will post in the
exchange group, although I would like to correct the DNS error found in
dcdiag.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Ok, disable the advance view on DNS console, what do you see now?
No zones?
If yes then you can configure one zone, make AD integrated (If the
server
is
a DC), run ipconfig /registerdns
I still see zones after disabling the advance view (Expected?). The only
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa
So, with advance view I have 4 forward lookup zones and 10 reverse lookup
zones. Without advance view I have 4 forward lookup zones and 7 reverse
lookup zones.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
Jorge,
I have looked at most of the articles you sited and I have
configured
DNS
accordingly sometime ago. My clients are pointing to my internal DNS server
only. The DNS server lists only itself as the preferred server with no
alternate. I am not certain about the reverse lookup zone setup as I
have
3
entries that seem to refer to the loopback address. I'm not sure
which
one
0.0.127.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)
0.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)
127.in-addr.arpa (Has NS & SOA records pointing the lone DNS server) This
0 (Yellow folder with 1 record listed below)
0 (NS record)
I hope this sheds a little more light on what I am seeing and can
help
in
how to proceed.
Thanks.
--
DLove
Post by Jorge Silva
This sounds more like a Exchange missconfiguration.
- Make sure that you configure the Preferred DNS server in TCP/IP
properties
on each Domain Controller to use itself as Primary DNS Server (If
DC
IP
Address is 10.0.0.1 then Dns should be 10.0.0.1).When adding an
additional
DC to an existent Domain, do not configure the domain controller to
utilize
its own DNS service for name resolution until you have verified
that
both
inbound and outbound Active Directory replication is functioning and
up
to
date. During the DCPromo process, you must configure additional domain
controllers to point to another domain controller that is running
DNS
in
their domain and site, and that hosts the namespace of the domain
in
which
Best practices for DNS client settings in Windows 2000 Server and
in
Windows
Server 2003
http://support.microsoft.com/kb/825036/en-us
- Make sure that every DNS server can resolve all existent domains
in
the
forest. (You can use Forwarding, Stub Zones or Secondary Zones).
DNS Conditional Forwarding in Windows Server 2003
http://www.windowsnetworking.com/articles_tutorials/DNS_Conditional_Forwarding_in_Windows_Server_2003.html
DNS Stub Zones in Windows Server 2003
http://www.windowsnetworking.com/articles_tutorials/DNS_Stub_Zones.html
How To Create a Child Domain in Active Directory and Delegate the DNS
Namespace to the Child Domain
http://support.microsoft.com/kb/255248/
- Make sure that all clients only use their local(s) Dns Server.
Note
That
DNS client does not utilize each of the DNS servers listed in TCP/IP
configuration for each query. By default, on startup the DNS client will
attempt to utilize the server in the Preferred DNS server entry. If this
server fails to respond for any reason, the DNS client will switch
to
the
server listed in the alternate DNS server entry. The DNS client will
continue to use this alternate DNS server until: fails to respond
to a
DNS
query, or The ServerPriorityTimeLimit value is reached (15 minutes by
How To Install and Configure DNS Server in Windows Server 2003
http://support.microsoft.com/kb/814591/en-us
Best practices for DNS client settings in Windows 2000 Server and
in
Windows
Server 2003
http://support.microsoft.com/kb/825036/en-us
How to configure DNS for Internet access in Windows Server 2003
http://support.microsoft.com/kb/323380/en-us
How to configure TCP/IP to use DNS in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;305553
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
1 AD domain - Parent DC is located in Shiprepair, which is also the
sole
DNS
server, which has forwarders to our ISP. Child DC has has all
member
servers
including 2003 exchange. Exchange points to parent dc as
preferred
dns
server (no alternate). Exchange 2003 is co-existing with
Exchange5.5,
with
2003 handling both inbound and outbound traffic. Presently, 95%
of
the
mailboxes still reside in 5.5, which is located in a NT4 domain.
We actually have 2 email addresses, 1 from corporate with DNS
handled
by
them (Mail working fine), the other handled locally by me (does
not
route
thru corporate). Incoming mail is forwarded from 2003 Exchange
to
5.5
exchange after going thru spam filter.
Jorge Silva
2006-08-09 15:10:48 UTC
Permalink
Ok

so the sddcsrv03 is a DC and DNS server right?
and the errors are accouring in this server correct?
the NIC properties looks ok.
Make sure that under TCP/IP properties you have the option "Register this
connection's address in DNS" selected.
check if the Shiprepair.com dns zone allows dynamic updates if the zone is
AD integrated select secure updates only.
instead of having 1 Reverse lookupzone for each subnet:
192.168.0.x,192.168.1.x, etc, create ONLY 1 reverse lookup zone only but
like: 192.168.x.x.
- rightclick the DNS server and clear the cache.
- run from cmd: ipconfig /flushdns
- run from cmd: ipconfig /registerdns
- restart the netlogon service.
- run netdiag /fix

Then check if the records were created for the reverse and Forwarding zones.
Run the tests again and check if the problem remains, if yes you might try
to recreate the zone for Shiprepair, check these articles that migh help you
to acomplish these tasks:
How to enable or disable DNS updates in Windows 2000 and in Windows Server
2003

http://support.microsoft.com/default.aspx?scid=kb;EN-US;246804&sd=RMVP

How to Verify the Creation of SRV Records for a Domain Controller

http://support.microsoft.com/?id=241515

Verify DNS registration for domain controllers using the nslookup command

http://technet2.microsoft.com/WindowsServer/en/library/b6879c0b-cff7-438d-a7f3-0715456dcefb1033.mspx?mfr=true

Verify DNS server responsiveness using the nslookup command

http://technet2.microsoft.com/WindowsServer/en/Library/f8761f04-d665-4507-9509-ebb92bbb66ef1033.mspx

How to reinstall a dynamic DNS Active Directory-integrated zone

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q294328&sd=RMVP
--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Ok
- can you post here the results for ipconfig /all of your DNS server.
- also can you check if the DNS server is responding to all its IPAddress
(DNS Console->right click->interfaces tab.
also describe (can be other different names) your actual reverse lookup zone
and forward zones.
DNS Server ---
Windows IP Configuration
Host Name . . . . . . . . . . . . : sddcsrv03
Primary Dns Suffix . . . . . . . : Shiprepair.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Shiprepair.com
Description . . . . . . . . . . . : 3Com 3C920 Integrated Fast Ethernet
Controller (3C905C-TX Compatible)
Physical Address. . . . . . . . . : 00-B0-D0-B2-3E-A9
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.20.100.10
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 172.20.0.2
DNS Servers . . . . . . . . . . . : 172.20.100.10
Primary WINS Server . . . . . . . : 172.20.0.30
shiprepair.com
sdsr (child)
Hawaii.com (remote site with their own dns)
Web Site (on a different subnet)
I have one for each subnet.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Inline
Post by dlove106
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa
- these are loopback related, don't worry.
Post by dlove106
So, with advance view I have 4 forward lookup zones and 10 reverse lookup
zones. Without advance view I have 4 forward lookup zones and 7 reverse
lookup zones.
- are you hosting 4 different domains?
domain01.com, domain02.com,etc?
did you created MX records for the exchange domains that you're hosting?
The domains are valid. I have created an MX record for the exchange domain.
Post by Jorge Silva
- 7 reverse lookup zones?
do you need all these reverse zones or your DNS server is multihomed
(multiple NICs)
My DNS server is not multihomed. Everything certainly worked better after
the reverse zones were created. They are all valid reverse zones.
Post by Jorge Silva
-Your exchange server that is giving you problems, can it send Mail outside,
or the problem is only to receive Mails?
if the problem is only to receive mails, check that your FW/ROUTER
have
the
correct ports (SMTP 25TCP) pointing to the exchange server, also make sure
that the FW/ROUTER for your domain has the correct public address.
The router has the correct info. The problem is mainly slow delivery, not
so much non-delivery of incoming mail.
Post by Jorge Silva
-If the problem is between the Exchange 5.5 and 2003 you should check the
connectors between them, goto exchange ng they can help you out better.
I am in mixed mode right now with both ek55 and ek2003. I will post in the
exchange group, although I would like to correct the DNS error found in
dcdiag.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Ok, disable the advance view on DNS console, what do you see now?
No zones?
If yes then you can configure one zone, make AD integrated (If the
server
is
a DC), run ipconfig /registerdns
I still see zones after disabling the advance view (Expected?). The only
change is I no longer see 3 of the reverse lookup zones. They are
as
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa
So, with advance view I have 4 forward lookup zones and 10 reverse lookup
zones. Without advance view I have 4 forward lookup zones and 7 reverse
lookup zones.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
Jorge,
I have looked at most of the articles you sited and I have
configured
DNS
accordingly sometime ago. My clients are pointing to my internal
DNS
server
only. The DNS server lists only itself as the preferred server
with
no
alternate. I am not certain about the reverse lookup zone setup
as
I
have
3
entries that seem to refer to the loopback address. I'm not sure
which
one
0.0.127.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)
0.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)
127.in-addr.arpa (Has NS & SOA records pointing the lone DNS
server)
This
0 (Yellow folder with 1 record listed below)
0 (NS record)
I hope this sheds a little more light on what I am seeing and can
help
in
how to proceed.
Thanks.
--
DLove
Post by Jorge Silva
This sounds more like a Exchange missconfiguration.
- Make sure that you configure the Preferred DNS server in TCP/IP
properties
on each Domain Controller to use itself as Primary DNS Server (If
DC
IP
Address is 10.0.0.1 then Dns should be 10.0.0.1).When adding an
additional
DC to an existent Domain, do not configure the domain controller to
utilize
its own DNS service for name resolution until you have verified
that
both
inbound and outbound Active Directory replication is functioning and
up
to
date. During the DCPromo process, you must configure additional domain
controllers to point to another domain controller that is running
DNS
in
their domain and site, and that hosts the namespace of the domain
in
which
Best practices for DNS client settings in Windows 2000 Server and
in
Windows
Server 2003
http://support.microsoft.com/kb/825036/en-us
- Make sure that every DNS server can resolve all existent domains
in
the
forest. (You can use Forwarding, Stub Zones or Secondary Zones).
DNS Conditional Forwarding in Windows Server 2003
http://www.windowsnetworking.com/articles_tutorials/DNS_Conditional_Forwarding_in_Windows_Server_2003.html
DNS Stub Zones in Windows Server 2003
http://www.windowsnetworking.com/articles_tutorials/DNS_Stub_Zones.html
How To Create a Child Domain in Active Directory and Delegate
the
DNS
Namespace to the Child Domain
http://support.microsoft.com/kb/255248/
- Make sure that all clients only use their local(s) Dns Server.
Note
That
DNS client does not utilize each of the DNS servers listed in TCP/IP
configuration for each query. By default, on startup the DNS
client
will
attempt to utilize the server in the Preferred DNS server entry.
If
this
server fails to respond for any reason, the DNS client will switch
to
the
server listed in the alternate DNS server entry. The DNS client will
continue to use this alternate DNS server until: fails to respond
to a
DNS
query, or The ServerPriorityTimeLimit value is reached (15
minutes
by
How To Install and Configure DNS Server in Windows Server 2003
http://support.microsoft.com/kb/814591/en-us
Best practices for DNS client settings in Windows 2000 Server and
in
Windows
Server 2003
http://support.microsoft.com/kb/825036/en-us
How to configure DNS for Internet access in Windows Server 2003
http://support.microsoft.com/kb/323380/en-us
How to configure TCP/IP to use DNS in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;305553
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
1 AD domain - Parent DC is located in Shiprepair, which is also the
sole
DNS
server, which has forwarders to our ISP. Child DC has has all
member
servers
including 2003 exchange. Exchange points to parent dc as
preferred
dns
server (no alternate). Exchange 2003 is co-existing with
Exchange5.5,
with
2003 handling both inbound and outbound traffic. Presently, 95%
of
the
mailboxes still reside in 5.5, which is located in a NT4 domain.
We actually have 2 email addresses, 1 from corporate with DNS
handled
by
them (Mail working fine), the other handled locally by me (does
not
route
thru corporate). Incoming mail is forwarded from 2003 Exchange
to
5.5
exchange after going thru spam filter.
dlove106
2006-08-09 16:29:01 UTC
Permalink
--
DLove
Post by Jorge Silva
Ok
so the sddcsrv03 is a DC and DNS server right?
Correct
Post by Jorge Silva
and the errors are accouring in this server correct?
That is correct, although I receive the same error when dcdiag is run
against the child dc.
Post by Jorge Silva
the NIC properties looks ok.
Make sure that under TCP/IP properties you have the option "Register this
connection's address in DNS" selected.
It is selected.
Post by Jorge Silva
check if the Shiprepair.com dns zone allows dynamic updates if the zone is
AD integrated select secure updates only.
It is.
Post by Jorge Silva
192.168.0.x,192.168.1.x, etc, create ONLY 1 reverse lookup zone only but
like: 192.168.x.x.
- rightclick the DNS server and clear the cache.
- run from cmd: ipconfig /flushdns
- run from cmd: ipconfig /registerdns
- restart the netlogon service.
- run netdiag /fix
I will perform this later today and look over the articles you listed below.

Thanks for your help.
Post by Jorge Silva
Then check if the records were created for the reverse and Forwarding zones.
Run the tests again and check if the problem remains, if yes you might try
to recreate the zone for Shiprepair, check these articles that migh help you
How to enable or disable DNS updates in Windows 2000 and in Windows Server
2003
http://support.microsoft.com/default.aspx?scid=kb;EN-US;246804&sd=RMVP
How to Verify the Creation of SRV Records for a Domain Controller
http://support.microsoft.com/?id=241515
Verify DNS registration for domain controllers using the nslookup command
http://technet2.microsoft.com/WindowsServer/en/library/b6879c0b-cff7-438d-a7f3-0715456dcefb1033.mspx?mfr=true
Verify DNS server responsiveness using the nslookup command
http://technet2.microsoft.com/WindowsServer/en/Library/f8761f04-d665-4507-9509-ebb92bbb66ef1033.mspx
How to reinstall a dynamic DNS Active Directory-integrated zone
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q294328&sd=RMVP
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Ok
- can you post here the results for ipconfig /all of your DNS server.
- also can you check if the DNS server is responding to all its IPAddress
(DNS Console->right click->interfaces tab.
also describe (can be other different names) your actual reverse lookup zone
and forward zones.
DNS Server ---
Windows IP Configuration
Host Name . . . . . . . . . . . . : sddcsrv03
Primary Dns Suffix . . . . . . . : Shiprepair.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Shiprepair.com
Description . . . . . . . . . . . : 3Com 3C920 Integrated Fast Ethernet
Controller (3C905C-TX Compatible)
Physical Address. . . . . . . . . : 00-B0-D0-B2-3E-A9
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.20.100.10
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 172.20.0.2
DNS Servers . . . . . . . . . . . : 172.20.100.10
Primary WINS Server . . . . . . . : 172.20.0.30
shiprepair.com
sdsr (child)
Hawaii.com (remote site with their own dns)
Web Site (on a different subnet)
I have one for each subnet.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Inline
Post by dlove106
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa
- these are loopback related, don't worry.
Post by dlove106
So, with advance view I have 4 forward lookup zones and 10 reverse lookup
zones. Without advance view I have 4 forward lookup zones and 7 reverse
lookup zones.
- are you hosting 4 different domains?
domain01.com, domain02.com,etc?
did you created MX records for the exchange domains that you're hosting?
The domains are valid. I have created an MX record for the exchange domain.
Post by Jorge Silva
- 7 reverse lookup zones?
do you need all these reverse zones or your DNS server is multihomed
(multiple NICs)
My DNS server is not multihomed. Everything certainly worked better after
the reverse zones were created. They are all valid reverse zones.
Post by Jorge Silva
-Your exchange server that is giving you problems, can it send Mail outside,
or the problem is only to receive Mails?
if the problem is only to receive mails, check that your FW/ROUTER
have
the
correct ports (SMTP 25TCP) pointing to the exchange server, also make sure
that the FW/ROUTER for your domain has the correct public address.
The router has the correct info. The problem is mainly slow delivery, not
so much non-delivery of incoming mail.
Post by Jorge Silva
-If the problem is between the Exchange 5.5 and 2003 you should check the
connectors between them, goto exchange ng they can help you out better.
I am in mixed mode right now with both ek55 and ek2003. I will post in the
exchange group, although I would like to correct the DNS error found in
dcdiag.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Ok, disable the advance view on DNS console, what do you see now?
No zones?
If yes then you can configure one zone, make AD integrated (If the
server
is
a DC), run ipconfig /registerdns
I still see zones after disabling the advance view (Expected?). The only
change is I no longer see 3 of the reverse lookup zones. They are
as
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa
So, with advance view I have 4 forward lookup zones and 10 reverse lookup
zones. Without advance view I have 4 forward lookup zones and 7 reverse
lookup zones.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
Jorge,
I have looked at most of the articles you sited and I have
configured
DNS
accordingly sometime ago. My clients are pointing to my internal
DNS
server
only. The DNS server lists only itself as the preferred server
with
no
alternate. I am not certain about the reverse lookup zone setup
as
I
have
3
entries that seem to refer to the loopback address. I'm not sure
which
one
0.0.127.in-addr.arpa (Has NS & SOA records pointing the lone DNS
server)
0.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)
127.in-addr.arpa (Has NS & SOA records pointing the lone DNS
server)
This
0 (Yellow folder with 1 record listed below)
0 (NS record)
I hope this sheds a little more light on what I am seeing and can
help
in
how to proceed.
Thanks.
--
DLove
Post by Jorge Silva
This sounds more like a Exchange missconfiguration.
- Make sure that you configure the Preferred DNS server in TCP/IP
properties
on each Domain Controller to use itself as Primary DNS Server (If
DC
IP
Address is 10.0.0.1 then Dns should be 10.0.0.1).When adding an
additional
DC to an existent Domain, do not configure the domain controller to
utilize
its own DNS service for name resolution until you have verified
that
both
inbound and outbound Active Directory replication is functioning
and
up
to
date. During the DCPromo process, you must configure additional
domain
controllers to point to another domain controller that is running
DNS
in
their domain and site, and that hosts the namespace of the
Jorge Silva
2006-08-09 17:04:08 UTC
Permalink
ok let me know the results
--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Ok
so the sddcsrv03 is a DC and DNS server right?
Correct
Post by Jorge Silva
and the errors are accouring in this server correct?
That is correct, although I receive the same error when dcdiag is run
against the child dc.
Post by Jorge Silva
the NIC properties looks ok.
Make sure that under TCP/IP properties you have the option "Register this
connection's address in DNS" selected.
It is selected.
Post by Jorge Silva
check if the Shiprepair.com dns zone allows dynamic updates if the zone is
AD integrated select secure updates only.
It is.
Post by Jorge Silva
192.168.0.x,192.168.1.x, etc, create ONLY 1 reverse lookup zone only but
like: 192.168.x.x.
- rightclick the DNS server and clear the cache.
- run from cmd: ipconfig /flushdns
- run from cmd: ipconfig /registerdns
- restart the netlogon service.
- run netdiag /fix
I will perform this later today and look over the articles you listed below.
Thanks for your help.
Post by Jorge Silva
Then check if the records were created for the reverse and Forwarding zones.
Run the tests again and check if the problem remains, if yes you might try
to recreate the zone for Shiprepair, check these articles that migh help you
How to enable or disable DNS updates in Windows 2000 and in Windows Server
2003
http://support.microsoft.com/default.aspx?scid=kb;EN-US;246804&sd=RMVP
How to Verify the Creation of SRV Records for a Domain Controller
http://support.microsoft.com/?id=241515
Verify DNS registration for domain controllers using the nslookup command
http://technet2.microsoft.com/WindowsServer/en/library/b6879c0b-cff7-438d-a7f3-0715456dcefb1033.mspx?mfr=true
Verify DNS server responsiveness using the nslookup command
http://technet2.microsoft.com/WindowsServer/en/Library/f8761f04-d665-4507-9509-ebb92bbb66ef1033.mspx
How to reinstall a dynamic DNS Active Directory-integrated zone
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q294328&sd=RMVP
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Ok
- can you post here the results for ipconfig /all of your DNS server.
- also can you check if the DNS server is responding to all its IPAddress
(DNS Console->right click->interfaces tab.
also describe (can be other different names) your actual reverse
lookup
zone
and forward zones.
DNS Server ---
Windows IP Configuration
Host Name . . . . . . . . . . . . : sddcsrv03
Primary Dns Suffix . . . . . . . : Shiprepair.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Shiprepair.com
Description . . . . . . . . . . . : 3Com 3C920 Integrated Fast Ethernet
Controller (3C905C-TX Compatible)
Physical Address. . . . . . . . . : 00-B0-D0-B2-3E-A9
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.20.100.10
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 172.20.0.2
DNS Servers . . . . . . . . . . . : 172.20.100.10
Primary WINS Server . . . . . . . : 172.20.0.30
shiprepair.com
sdsr (child)
Hawaii.com (remote site with their own dns)
Web Site (on a different subnet)
I have one for each subnet.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Inline
Post by dlove106
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa
- these are loopback related, don't worry.
Post by dlove106
So, with advance view I have 4 forward lookup zones and 10
reverse
lookup
zones. Without advance view I have 4 forward lookup zones and 7 reverse
lookup zones.
- are you hosting 4 different domains?
domain01.com, domain02.com,etc?
did you created MX records for the exchange domains that you're hosting?
The domains are valid. I have created an MX record for the exchange domain.
Post by Jorge Silva
- 7 reverse lookup zones?
do you need all these reverse zones or your DNS server is multihomed
(multiple NICs)
My DNS server is not multihomed. Everything certainly worked better after
the reverse zones were created. They are all valid reverse zones.
Post by Jorge Silva
-Your exchange server that is giving you problems, can it send Mail outside,
or the problem is only to receive Mails?
if the problem is only to receive mails, check that your FW/ROUTER
have
the
correct ports (SMTP 25TCP) pointing to the exchange server, also
make
sure
that the FW/ROUTER for your domain has the correct public address.
The router has the correct info. The problem is mainly slow
delivery,
not
so much non-delivery of incoming mail.
Post by Jorge Silva
-If the problem is between the Exchange 5.5 and 2003 you should
check
the
connectors between them, goto exchange ng they can help you out better.
I am in mixed mode right now with both ek55 and ek2003. I will post
in
the
exchange group, although I would like to correct the DNS error found in
dcdiag.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Ok, disable the advance view on DNS console, what do you see now?
No zones?
If yes then you can configure one zone, make AD integrated (If the
server
is
a DC), run ipconfig /registerdns
I still see zones after disabling the advance view (Expected?).
The
only
change is I no longer see 3 of the reverse lookup zones. They are
as
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa
So, with advance view I have 4 forward lookup zones and 10
reverse
lookup
zones. Without advance view I have 4 forward lookup zones and 7 reverse
lookup zones.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
Jorge,
I have looked at most of the articles you sited and I have
configured
DNS
accordingly sometime ago. My clients are pointing to my internal
DNS
server
only. The DNS server lists only itself as the preferred server
with
no
alternate. I am not certain about the reverse lookup zone setup
as
I
have
3
entries that seem to refer to the loopback address. I'm not sure
which
one
0.0.127.in-addr.arpa (Has NS & SOA records pointing the lone DNS
server)
0.in-addr.arpa (Has NS & SOA records pointing the lone DNS server)
127.in-addr.arpa (Has NS & SOA records pointing the lone DNS
server)
This
0 (Yellow folder with 1 record listed below)
0 (NS record)
I hope this sheds a little more light on what I am seeing and can
help
in
how to proceed.
Thanks.
--
DLove
Post by Jorge Silva
This sounds more like a Exchange missconfiguration.
- Make sure that you configure the Preferred DNS server in TCP/IP
properties
on each Domain Controller to use itself as Primary DNS Server (If
DC
IP
Address is 10.0.0.1 then Dns should be 10.0.0.1).When adding an
additional
DC to an existent Domain, do not configure the domain
controller
to
utilize
its own DNS service for name resolution until you have verified
that
both
inbound and outbound Active Directory replication is functioning
and
up
to
date. During the DCPromo process, you must configure additional
domain
controllers to point to another domain controller that is running
DNS
in
their domain and site, and that hosts the namespace of the
dlove106
2006-08-15 15:18:01 UTC
Permalink
Sorry for not posting sooner, but was under the weather for a few days. I
seem to have solved the error by doing the following:

1. Adding a ptr record for the loopback address in the reverse lookup zone.
2. Having the DNS server point to the loopback address instead of hard
coding its own ip address for the preferred dns server. (Clients still point
to server ip address)
3. I cleaned up the extra zones referring to the loopback address

Thank you again for your response and help.
--
DLove
Post by Jorge Silva
ok let me know the results
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Ok
so the sddcsrv03 is a DC and DNS server right?
Correct
Post by Jorge Silva
and the errors are accouring in this server correct?
That is correct, although I receive the same error when dcdiag is run
against the child dc.
Post by Jorge Silva
the NIC properties looks ok.
Make sure that under TCP/IP properties you have the option "Register this
connection's address in DNS" selected.
It is selected.
Post by Jorge Silva
check if the Shiprepair.com dns zone allows dynamic updates if the zone is
AD integrated select secure updates only.
It is.
Post by Jorge Silva
192.168.0.x,192.168.1.x, etc, create ONLY 1 reverse lookup zone only but
like: 192.168.x.x.
- rightclick the DNS server and clear the cache.
- run from cmd: ipconfig /flushdns
- run from cmd: ipconfig /registerdns
- restart the netlogon service.
- run netdiag /fix
I will perform this later today and look over the articles you listed below.
Thanks for your help.
Post by Jorge Silva
Then check if the records were created for the reverse and Forwarding zones.
Run the tests again and check if the problem remains, if yes you might try
to recreate the zone for Shiprepair, check these articles that migh help you
How to enable or disable DNS updates in Windows 2000 and in Windows Server
2003
http://support.microsoft.com/default.aspx?scid=kb;EN-US;246804&sd=RMVP
How to Verify the Creation of SRV Records for a Domain Controller
http://support.microsoft.com/?id=241515
Verify DNS registration for domain controllers using the nslookup command
http://technet2.microsoft.com/WindowsServer/en/library/b6879c0b-cff7-438d-a7f3-0715456dcefb1033.mspx?mfr=true
Verify DNS server responsiveness using the nslookup command
http://technet2.microsoft.com/WindowsServer/en/Library/f8761f04-d665-4507-9509-ebb92bbb66ef1033.mspx
How to reinstall a dynamic DNS Active Directory-integrated zone
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q294328&sd=RMVP
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Ok
- can you post here the results for ipconfig /all of your DNS server.
- also can you check if the DNS server is responding to all its IPAddress
(DNS Console->right click->interfaces tab.
also describe (can be other different names) your actual reverse
lookup
zone
and forward zones.
DNS Server ---
Windows IP Configuration
Host Name . . . . . . . . . . . . : sddcsrv03
Primary Dns Suffix . . . . . . . : Shiprepair.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Shiprepair.com
Description . . . . . . . . . . . : 3Com 3C920 Integrated Fast Ethernet
Controller (3C905C-TX Compatible)
Physical Address. . . . . . . . . : 00-B0-D0-B2-3E-A9
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.20.100.10
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 172.20.0.2
DNS Servers . . . . . . . . . . . : 172.20.100.10
Primary WINS Server . . . . . . . : 172.20.0.30
shiprepair.com
sdsr (child)
Hawaii.com (remote site with their own dns)
Web Site (on a different subnet)
I have one for each subnet.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Inline
Post by dlove106
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa
- these are loopback related, don't worry.
Post by dlove106
So, with advance view I have 4 forward lookup zones and 10
reverse
lookup
zones. Without advance view I have 4 forward lookup zones and 7
reverse
lookup zones.
- are you hosting 4 different domains?
domain01.com, domain02.com,etc?
did you created MX records for the exchange domains that you're hosting?
The domains are valid. I have created an MX record for the exchange
domain.
Post by Jorge Silva
- 7 reverse lookup zones?
do you need all these reverse zones or your DNS server is multihomed
(multiple NICs)
My DNS server is not multihomed. Everything certainly worked better after
the reverse zones were created. They are all valid reverse zones.
Post by Jorge Silva
-Your exchange server that is giving you problems, can it send Mail
outside,
or the problem is only to receive Mails?
if the problem is only to receive mails, check that your FW/ROUTER
have
the
correct ports (SMTP 25TCP) pointing to the exchange server, also
make
sure
that the FW/ROUTER for your domain has the correct public address.
The router has the correct info. The problem is mainly slow
delivery,
not
so much non-delivery of incoming mail.
Post by Jorge Silva
-If the problem is between the Exchange 5.5 and 2003 you should
check
the
connectors between them, goto exchange ng they can help you out better.
I am in mixed mode right now with both ek55 and ek2003. I will post
in
the
exchange group, although I would like to correct the DNS error found in
dcdiag.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
--
DLove
Post by Jorge Silva
Ok, disable the advance view on DNS console, what do you see now?
No zones?
If yes then you can configure one zone, make AD integrated (If the
server
is
a DC), run ipconfig /registerdns
I still see zones after disabling the advance view (Expected?).
The
only
change is I no longer see 3 of the reverse lookup zones. They are
as
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa
So, with advance view I have 4 forward lookup zones and 10
reverse
lookup
zones. Without advance view I have 4 forward lookup zones and 7
reverse
lookup zones.
Post by Jorge Silva
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
Post by dlove106
Jorge,
I have looked at most of the articles you sited and I have
configured
DNS
accordingly sometime ago. My clients are pointing to my
internal
DNS
server
only. The DNS server lists only itself as the preferred server
with
no
alternate. I am not certain about the reverse lookup zone
setup
as
I
have
3
entries that seem to refer to the loopback address. I'm not
Continue reading on narkive:
Loading...