| Author | Messages | |
Ravi.Sabharanjak@barclaysglobal.com
Posts:0
 | | 09/29/2009 4:27 PM |
|
I have a 2008 standard full DC at a friend's home that is behaving
erratically for DNS name resolution.
- The DC is answering fine for the zones it hosts.
- No forwarders are configured on the DC.
- It will not resolve and Internet names.
- If queried for the name server records for the root servers, it does
not reply with a list of the root servers.
- No errors in the DNS server log.
Have tried a few things including re-installing DNS, deleting and
re-adding the root hints, but no luck.
Is this a known bug, and does anyone have a solution other than
replacing the DC?
thanks and regards,
-Ravi
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
| | | |
| andrew
Posts:77
| | 09/29/2009 4:37 PM |
| Hi Ravi,
Have you got a root zone on the DNS server? If so, see below from
http://support.microsoft.com/kb/323380How to Remove the Root DNS ZoneA DNS
server running Windows Server 2003 follows specific steps in its
name-resolution process. A DNS server first queries its cache, it checks its
zone records, it sends requests to forwarders, and then it tries resolution
by using root servers.
By default, a Microsoft DNS server connects to the Internet to process DNS
requests more with root hints. When you use the Dcpromo tool to promote a
server to a domain controller, the domain controller requires DNS. If you
install DNS during the promotion process, a root zone is created. This root
zone indicates to your DNS server that it is a root Internet server.
Therefore, your DNS server does not use forwarders or root hints in the
name-resolution process.
1. Click *Start*, point to *Administrative Tools*, and then click *DNS*.
2. Expand *ServerName*, where ServerName is the name of the server,
click *Properties*and then expand *Forward Lookup Zones*.
3. Right-click the *"."* zone, and then click *Delete*.
I hope this helps.
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com>
>
> I have a 2008 standard full DC at a friend's home that is behaving
> erratically for DNS name resolution.
>
> - The DC is answering fine for the zones it hosts.
> - No forwarders are configured on the DC.
> - It will not resolve and Internet names.
> - If queried for the name server records for the root servers, it does not
> reply with a list of the root servers.
> - No errors in the DNS server log.
>
> Have tried a few things including re-installing DNS, deleting and re-adding
> the root hints, but no luck.
>
> Is this a known bug, and does anyone have a solution other than replacing
> the DC?
>
> thanks and regards,
> -Ravi
>
> --
>
>
> This message and any attachments are confidential, proprietary, and may be
> privileged. If this message was misdirected, Barclays Global Investors
> (BGI) does not waive any confidentiality or privilege. If you are not the
> intended recipient, please notify us immediately and destroy the message
> without disclosing its contents to anyone. Any distribution, use or
> copying of this e-mail or the information it contains by other than an
> intended recipient is unauthorized. The views and opinions expressed in
> this e-mail message are the author's own and may not reflect the views and
> opinions of BGI, unless the author is authorized by BGI to express such
> views or opinions on its behalf. All email sent to or from this address
> is subject to electronic storage and review by BGI. Although BGI operates
> anti-virus programs, it does not accept responsibility for any damage
> whatsoever caused by viruses being passed.
>
| | | |
| RickSheikh
Posts:373
| | 09/29/2009 4:49 PM |
| Though I have not witnessed this issues when building 08 (gold/R2) and
adding DNS *on the go* with the dcpromo process, if you do have the (.root)
zone created, as you delete it, you will see this warning (see attached) as
the server will now create the root hints for you, and you should then be
able to resolve the internet queries.
On Tue, Sep 29, 2009 at 10:36 AM, Andrew Levicki <andrew@levicki.me.uk>wrote:
> Hi Ravi,
> Have you got a root zone on the DNS server? If so, see below from
> http://support.microsoft.com/kb/323380 How to Remove the Root DNS ZoneA
> DNS server running Windows Server 2003 follows specific steps in its
> name-resolution process. A DNS server first queries its cache, it checks its
> zone records, it sends requests to forwarders, and then it tries resolution
> by using root servers.
>
> By default, a Microsoft DNS server connects to the Internet to process DNS
> requests more with root hints. When you use the Dcpromo tool to promote a
> server to a domain controller, the domain controller requires DNS. If you
> install DNS during the promotion process, a root zone is created. This root
> zone indicates to your DNS server that it is a root Internet server.
> Therefore, your DNS server does not use forwarders or root hints in the
> name-resolution process.
>
>
> 1. Click *Start*, point to *Administrative Tools*, and then click *DNS*
> .
> 2. Expand *ServerName*, where ServerName is the name of the server,
> click *Properties*and then expand *Forward Lookup Zones*.
> 3. Right-click the *"."* zone, and then click *Delete*.
>
> I hope this helps.
>
> Andrew
>
> 2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com>
>
>
>> I have a 2008 standard full DC at a friend's home that is behaving
>> erratically for DNS name resolution.
>>
>> - The DC is answering fine for the zones it hosts.
>> - No forwarders are configured on the DC.
>> - It will not resolve and Internet names.
>> - If queried for the name server records for the root servers, it does not
>> reply with a list of the root servers.
>> - No errors in the DNS server log.
>>
>> Have tried a few things including re-installing DNS, deleting and
>> re-adding the root hints, but no luck.
>>
>> Is this a known bug, and does anyone have a solution other than replacing
>> the DC?
>>
>> thanks and regards,
>> -Ravi
>>
>> --
>>
>>
>> This message and any attachments are confidential, proprietary, and may be
>> privileged. If this message was misdirected, Barclays Global Investors
>> (BGI) does not waive any confidentiality or privilege. If you are not
>> the intended recipient, please notify us immediately and destroy the message
>> without disclosing its contents to anyone. Any distribution, use or
>> copying of this e-mail or the information it contains by other than an
>> intended recipient is unauthorized. The views and opinions expressed in
>> this e-mail message are the author's own and may not reflect the views and
>> opinions of BGI, unless the author is authorized by BGI to express such
>> views or opinions on its behalf. All email sent to or from this address
>> is subject to electronic storage and review by BGI. Although BGI
>> operates anti-virus programs, it does not accept responsibility for any
>> damage whatsoever caused by viruses being passed.
>>
>
>
| | | |
| Ravi.Sabharanjak@barclaysglobal.com
Posts:0
| | 09/29/2009 4:51 PM |
|
Nope - no root zone, just the out of the box forwarders that come with
2008.
________________________________
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Andrew Levicki
Sent: Tuesday, September 29, 2009 8:36 AM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
Hi Ravi,
Have you got a root zone on the DNS server? If so, see below from
http://support.microsoft.com/kb/323380
How to Remove the Root DNS Zone
A DNS server running Windows Server 2003 follows specific steps in its
name-resolution process. A DNS server first queries its cache, it checks
its zone records, it sends requests to forwarders, and then it tries
resolution by using root servers.
By default, a Microsoft DNS server connects to the Internet to process
DNS requests more with root hints. When you use the Dcpromo tool to
promote a server to a domain controller, the domain controller requires
DNS. If you install DNS during the promotion process, a root zone is
created. This root zone indicates to your DNS server that it is a root
Internet server. Therefore, your DNS server does not use forwarders or
root hints in the name-resolution process.
1. Click Start, point to Administrative Tools, and then click DNS.
2. Expand ServerName, where ServerName is the name of the server,
click Propertiesand then expand Forward Lookup Zones.
3. Right-click the "." zone, and then click Delete.
I hope this helps.
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com>
I have a 2008 standard full DC at a friend's home that is
behaving erratically for DNS name resolution.
- The DC is answering fine for the zones it hosts.
- No forwarders are configured on the DC.
- It will not resolve and Internet names.
- If queried for the name server records for the root servers,
it does not reply with a list of the root servers.
- No errors in the DNS server log.
Have tried a few things including re-installing DNS, deleting
and re-adding the root hints, but no luck.
Is this a known bug, and does anyone have a solution other than
replacing the DC?
thanks and regards,
-Ravi
--
This message and any attachments are confidential, proprietary,
and may be privileged. If this message was misdirected, Barclays Global
Investors (BGI) does not waive any confidentiality or privilege. If you
are not the intended recipient, please notify us immediately and destroy
the message without disclosing its contents to anyone. Any
distribution, use or copying of this e-mail or the information it
contains by other than an intended recipient is unauthorized. The views
and opinions expressed in this e-mail message are the author's own and
may not reflect the views and opinions of BGI, unless the author is
authorized by BGI to express such views or opinions on its behalf. All
email sent to or from this address is subject to electronic storage and
review by BGI. Although BGI operates anti-virus programs, it does not
accept responsibility for any damage whatsoever caused by viruses being
passed.
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
| | | |
| andrew
Posts:77
| | 09/29/2009 5:24 PM |
| I am not aware of "out of the box forwarders" with 2008. What are they, just
for clarification?
Thanks,
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com>
>
> Nope - no root zone, just the out of the box forwarders that come with
> 2008.
>
> ------------------------------
> *From:* activedir-owner@mail.activedir.org [mailto:
> activedir-owner@mail.activedir.org] *On Behalf Of *Andrew Levicki
> *Sent:* Tuesday, September 29, 2009 8:36 AM
> *To:* activedir@mail.activedir.org
> *Subject:* Re: [ActiveDir] Weird 2008 DNS behavior
>
> Hi Ravi,
> Have you got a root zone on the DNS server? If so, see below from
> http://support.microsoft.com/kb/323380 How to Remove the Root DNS ZoneA
> DNS server running Windows Server 2003 follows specific steps in its
> name-resolution process. A DNS server first queries its cache, it checks its
> zone records, it sends requests to forwarders, and then it tries resolution
> by using root servers.
>
> By default, a Microsoft DNS server connects to the Internet to process DNS
> requests more with root hints. When you use the Dcpromo tool to promote a
> server to a domain controller, the domain controller requires DNS. If you
> install DNS during the promotion process, a root zone is created. This root
> zone indicates to your DNS server that it is a root Internet server.
> Therefore, your DNS server does not use forwarders or root hints in the
> name-resolution process.
>
>
> 1. Click *Start*, point to *Administrative Tools*, and then click *DNS*.
>
> 2. Expand *ServerName*, where ServerName is the name of the server,
> click *Properties*and then expand *Forward Lookup Zones*.
> 3. Right-click the *"."* zone, and then click *Delete*.
>
> I hope this helps.
>
> Andrew
>
> 2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com>
>
>>
>> I have a 2008 standard full DC at a friend's home that is behaving
>> erratically for DNS name resolution.
>>
>> - The DC is answering fine for the zones it hosts.
>> - No forwarders are configured on the DC.
>> - It will not resolve and Internet names.
>> - If queried for the name server records for the root servers, it does not
>> reply with a list of the root servers.
>> - No errors in the DNS server log.
>>
>> Have tried a few things including re-installing DNS, deleting and
>> re-adding the root hints, but no luck.
>>
>> Is this a known bug, and does anyone have a solution other than replacing
>> the DC?
>>
>> thanks and regards,
>> -Ravi
>>
>> --
>>
>>
>> This message and any attachments are confidential, proprietary, and may be
>> privileged. If this message was misdirected, Barclays Global Investors
>> (BGI) does not waive any confidentiality or privilege. If you are not
>> the intended recipient, please notify us immediately and destroy the message
>> without disclosing its contents to anyone. Any distribution, use or
>> copying of this e-mail or the information it contains by other than an
>> intended recipient is unauthorized. The views and opinions expressed in
>> this e-mail message are the author's own and may not reflect the views and
>> opinions of BGI, unless the author is authorized by BGI to express such
>> views or opinions on its behalf. All email sent to or from this address
>> is subject to electronic storage and review by BGI. Although BGI
>> operates anti-virus programs, it does not accept responsibility for any
>> damage whatsoever caused by viruses being passed.
>>
>
>
> --
>
>
> This message and any attachments are confidential, proprietary, and may be
> privileged. If this message was misdirected, Barclays Global Investors
> (BGI) does not waive any confidentiality or privilege. If you are not the
> intended recipient, please notify us immediately and destroy the message
> without disclosing its contents to anyone. Any distribution, use or
> copying of this e-mail or the information it contains by other than an
> intended recipient is unauthorized. The views and opinions expressed in
> this e-mail message are the author's own and may not reflect the views and
> opinions of BGI, unless the author is authorized by BGI to express such
> views or opinions on its behalf. All email sent to or from this address
> is subject to electronic storage and review by BGI. Although BGI operates
> anti-virus programs, it does not accept responsibility for any damage
> whatsoever caused by viruses being passed.
>
| | | |
| RickSheikh
Posts:373
| | 09/29/2009 5:30 PM |
| Ditto. Forwarders tab should be empty OOB.
On Tue, Sep 29, 2009 at 11:23 AM, Andrew Levicki <andrew@levicki.me.uk>wrote:
> I am not aware of "out of the box forwarders" with 2008. What are they,
> just for clarification?
> Thanks,
>
> Andrew
>
> 2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com>
>
>>
>> Nope - no root zone, just the out of the box forwarders that come with
>> 2008.
>>
>> ------------------------------
>> *From:* activedir-owner@mail.activedir.org [mailto:
>> activedir-owner@mail.activedir.org] *On Behalf Of *Andrew Levicki
>> *Sent:* Tuesday, September 29, 2009 8:36 AM
>> *To:* activedir@mail.activedir.org
>> *Subject:* Re: [ActiveDir] Weird 2008 DNS behavior
>>
>> Hi Ravi,
>> Have you got a root zone on the DNS server? If so, see below from
>> http://support.microsoft.com/kb/323380 How to Remove the Root DNS ZoneA
>> DNS server running Windows Server 2003 follows specific steps in its
>> name-resolution process. A DNS server first queries its cache, it checks its
>> zone records, it sends requests to forwarders, and then it tries resolution
>> by using root servers.
>>
>> By default, a Microsoft DNS server connects to the Internet to process DNS
>> requests more with root hints. When you use the Dcpromo tool to promote a
>> server to a domain controller, the domain controller requires DNS. If you
>> install DNS during the promotion process, a root zone is created. This root
>> zone indicates to your DNS server that it is a root Internet server.
>> Therefore, your DNS server does not use forwarders or root hints in the
>> name-resolution process.
>>
>>
>> 1. Click *Start*, point to *Administrative Tools*, and then click *DNS
>> *.
>> 2. Expand *ServerName*, where ServerName is the name of the server,
>> click *Properties*and then expand *Forward Lookup Zones*.
>> 3. Right-click the *"."* zone, and then click *Delete*.
>>
>> I hope this helps.
>>
>> Andrew
>>
>> 2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com>
>>
>>>
>>> I have a 2008 standard full DC at a friend's home that is behaving
>>> erratically for DNS name resolution.
>>>
>>> - The DC is answering fine for the zones it hosts.
>>> - No forwarders are configured on the DC.
>>> - It will not resolve and Internet names.
>>> - If queried for the name server records for the root servers, it does
>>> not reply with a list of the root servers.
>>> - No errors in the DNS server log.
>>>
>>> Have tried a few things including re-installing DNS, deleting and
>>> re-adding the root hints, but no luck.
>>>
>>> Is this a known bug, and does anyone have a solution other than replacing
>>> the DC?
>>>
>>> thanks and regards,
>>> -Ravi
>>>
>>> --
>>>
>>>
>>> This message and any attachments are confidential, proprietary, and may
>>> be privileged. If this message was misdirected, Barclays Global
>>> Investors (BGI) does not waive any confidentiality or privilege. If you
>>> are not the intended recipient, please notify us immediately and destroy the
>>> message without disclosing its contents to anyone. Any distribution,
>>> use or copying of this e-mail or the information it contains by other than
>>> an intended recipient is unauthorized. The views and opinions expressed
>>> in this e-mail message are the author's own and may not reflect the views
>>> and opinions of BGI, unless the author is authorized by BGI to express such
>>> views or opinions on its behalf. All email sent to or from this address
>>> is subject to electronic storage and review by BGI. Although BGI
>>> operates anti-virus programs, it does not accept responsibility for any
>>> damage whatsoever caused by viruses being passed.
>>>
>>
>>
>> --
>>
>>
>> This message and any attachments are confidential, proprietary, and may be
>> privileged. If this message was misdirected, Barclays Global Investors
>> (BGI) does not waive any confidentiality or privilege. If you are not
>> the intended recipient, please notify us immediately and destroy the message
>> without disclosing its contents to anyone. Any distribution, use or
>> copying of this e-mail or the information it contains by other than an
>> intended recipient is unauthorized. The views and opinions expressed in
>> this e-mail message are the author's own and may not reflect the views and
>> opinions of BGI, unless the author is authorized by BGI to express such
>> views or opinions on its behalf. All email sent to or from this address
>> is subject to electronic storage and review by BGI. Although BGI
>> operates anti-virus programs, it does not accept responsibility for any
>> damage whatsoever caused by viruses being passed.
>>
>
>
| | | |
| andrew
Posts:77
| | 09/29/2009 5:42 PM |
| When you say "out of the box" do you mean none? Sorry if I misunderstood.
Is there a firewall preventing DNS traffic from the DNS server out to the
Internet?
Also, have you disabled recursion? See
http://technet.microsoft.com/en-us/library/cc787602(WS.10).aspx for more on
that.
Let us know how you get on.
Thanks,
Andrew
2009/9/29 Rick Sheikh <ricksheikh@gmail.com>
> Ditto. Forwarders tab should be empty OOB.
>
>
> On Tue, Sep 29, 2009 at 11:23 AM, Andrew Levicki <andrew@levicki.me.uk>wrote:
>
>> I am not aware of "out of the box forwarders" with 2008. What are they,
>> just for clarification?
>> Thanks,
>>
>> Andrew
>>
>> 2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com>
>>
>>>
>>> Nope - no root zone, just the out of the box forwarders that come with
>>> 2008.
>>>
>>> ------------------------------
>>> *From:* activedir-owner@mail.activedir.org [mailto:
>>> activedir-owner@mail.activedir.org] *On Behalf Of *Andrew Levicki
>>> *Sent:* Tuesday, September 29, 2009 8:36 AM
>>> *To:* activedir@mail.activedir.org
>>> *Subject:* Re: [ActiveDir] Weird 2008 DNS behavior
>>>
>>> Hi Ravi,
>>> Have you got a root zone on the DNS server? If so, see below from
>>> http://support.microsoft.com/kb/323380 How to Remove the Root DNS ZoneA
>>> DNS server running Windows Server 2003 follows specific steps in its
>>> name-resolution process. A DNS server first queries its cache, it checks its
>>> zone records, it sends requests to forwarders, and then it tries resolution
>>> by using root servers.
>>>
>>> By default, a Microsoft DNS server connects to the Internet to process
>>> DNS requests more with root hints. When you use the Dcpromo tool to promote
>>> a server to a domain controller, the domain controller requires DNS. If you
>>> install DNS during the promotion process, a root zone is created. This root
>>> zone indicates to your DNS server that it is a root Internet server.
>>> Therefore, your DNS server does not use forwarders or root hints in the
>>> name-resolution process.
>>>
>>>
>>> 1. Click *Start*, point to *Administrative Tools*, and then click *
>>> DNS*.
>>> 2. Expand *ServerName*, where ServerName is the name of the server,
>>> click *Properties*and then expand *Forward Lookup Zones*.
>>> 3. Right-click the *"."* zone, and then click *Delete*.
>>>
>>> I hope this helps.
>>>
>>> Andrew
>>>
>>> 2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com>
>>>
>>>>
>>>> I have a 2008 standard full DC at a friend's home that is behaving
>>>> erratically for DNS name resolution.
>>>>
>>>> - The DC is answering fine for the zones it hosts.
>>>> - No forwarders are configured on the DC.
>>>> - It will not resolve and Internet names.
>>>> - If queried for the name server records for the root servers, it does
>>>> not reply with a list of the root servers.
>>>> - No errors in the DNS server log.
>>>>
>>>> Have tried a few things including re-installing DNS, deleting and
>>>> re-adding the root hints, but no luck.
>>>>
>>>> Is this a known bug, and does anyone have a solution other than
>>>> replacing the DC?
>>>>
>>>> thanks and regards,
>>>> -Ravi
>>>>
>>>> --
>>>>
>>>>
>>>> This message and any attachments are confidential, proprietary, and may
>>>> be privileged. If this message was misdirected, Barclays Global
>>>> Investors (BGI) does not waive any confidentiality or privilege. If
>>>> you are not the intended recipient, please notify us immediately and destroy
>>>> the message without disclosing its contents to anyone. Any
>>>> distribution, use or copying of this e-mail or the information it contains
>>>> by other than an intended recipient is unauthorized. The views and
>>>> opinions expressed in this e-mail message are the author's own and may not
>>>> reflect the views and opinions of BGI, unless the author is authorized by
>>>> BGI to express such views or opinions on its behalf. All email sent to
>>>> or from this address is subject to electronic storage and review by BGI.
>>>> Although BGI operates anti-virus programs, it does not accept
>>>> responsibility for any damage whatsoever caused by viruses being passed.
>>>>
>>>
>>>
>>> --
>>>
>>>
>>> This message and any attachments are confidential, proprietary, and may
>>> be privileged. If this message was misdirected, Barclays Global
>>> Investors (BGI) does not waive any confidentiality or privilege. If you
>>> are not the intended recipient, please notify us immediately and destroy the
>>> message without disclosing its contents to anyone. Any distribution,
>>> use or copying of this e-mail or the information it contains by other than
>>> an intended recipient is unauthorized. The views and opinions expressed
>>> in this e-mail message are the author's own and may not reflect the views
>>> and opinions of BGI, unless the author is authorized by BGI to express such
>>> views or opinions on its behalf. All email sent to or from this address
>>> is subject to electronic storage and review by BGI. Although BGI
>>> operates anti-virus programs, it does not accept responsibility for any
>>> damage whatsoever caused by viruses being passed.
>>>
>>
>>
>
| | | |
| deji
Posts:262
| | 09/29/2009 5:54 PM |
| Let's see the output of "ipconfig /all" from the DNS server. You can mask the REAL IPs if you want.
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
www.akomolafe.name<http://www.akomolafe.name/> - we know IT
-5.75, -3.23
Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon
________________________________
From: activedir-owner@mail.activedir.org [activedir-owner@mail.activedir.org] On Behalf Of Andrew Levicki [andrew@levicki.me.uk]
Sent: Tuesday, September 29, 2009 9:23 AM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
I am not aware of "out of the box forwarders" with 2008. What are they, just for clarification?
Thanks,
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com<mailto:Ravi.Sabharanjak@barclaysglobal.com>>
Nope - no root zone, just the out of the box forwarders that come with 2008..
________________________________
From: activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org> [mailto:activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org>] On Behalf Of Andrew Levicki
Sent: Tuesday, September 29, 2009 8:36 AM
To: activedir@mail.activedir.org<mailto:activedir@mail.activedir.org>
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
Hi Ravi,
Have you got a root zone on the DNS server? If so, see below from http://support.microsoft.com/kb/323380
How to Remove the Root DNS Zone
A DNS server running Windows Server 2003 follows specific steps in its name-resolution process. A DNS server first queries its cache, it checks its zone records, it sends requests to forwarders, and then it tries resolution by using root servers.
By default, a Microsoft DNS server connects to the Internet to process DNS requests more with root hints. When you use the Dcpromo tool to promote a server to a domain controller, the domain controller requires DNS. If you install DNS during the promotion process, a root zone is created. This root zone indicates to your DNS server that it is a root Internet server. Therefore, your DNS server does not use forwarders or root hints in the name-resolution process.
1. Click Start, point to Administrative Tools, and then click DNS.
2. Expand ServerName, where ServerName is the name of the server, click Propertiesand then expand Forward Lookup Zones.
3. Right-click the "." zone, and then click Delete.
I hope this helps.
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com<mailto:Ravi.Sabharanjak@barclaysglobal.com>>
I have a 2008 standard full DC at a friend's home that is behaving erratically for DNS name resolution.
- The DC is answering fine for the zones it hosts.
- No forwarders are configured on the DC.
- It will not resolve and Internet names.
- If queried for the name server records for the root servers, it does not reply with a list of the root servers.
- No errors in the DNS server log.
Have tried a few things including re-installing DNS, deleting and re-adding the root hints, but no luck.
Is this a known bug, and does anyone have a solution other than replacing the DC?
thanks and regards,
-Ravi
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
| | | |
| Ravi.Sabharanjak@barclaysglobal.com
Posts:0
| | 09/29/2009 6:07 PM |
|
Sorry, my mistake - meant to say out of the box root hints (not
forwarders). There are no forwarders setup.
________________________________
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Andrew Levicki
Sent: Tuesday, September 29, 2009 9:41 AM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
When you say "out of the box" do you mean none? Sorry if I
misunderstood.
Is there a firewall preventing DNS traffic from the DNS server out to
the Internet?
Also, have you disabled recursion? See
http://technet.microsoft.com/en-us/library/cc787602(WS.10).aspx for more
on that.
Let us know how you get on.
Thanks,
Andrew
2009/9/29 Rick Sheikh <ricksheikh@gmail.com
<mailto:ricksheikh@gmail..com> >
Ditto. Forwarders tab should be empty OOB.
On Tue, Sep 29, 2009 at 11:23 AM, Andrew Levicki
<andrew@levicki.me.uk> wrote:
I am not aware of "out of the box forwarders" with 2008.
What are they, just for clarification?
Thanks,
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF
<Ravi.Sabharanjak@barclaysglobal.com>
Nope - no root zone, just the out of the box
forwarders that come with 2008.
________________________________
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Andrew Levicki
Sent: Tuesday, September 29, 2009 8:36 AM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
Hi Ravi,
Have you got a root zone on the DNS server? If
so, see below from http://support.microsoft.com/kb/323380
How to Remove the Root DNS Zone
A DNS server running Windows Server 2003 follows
specific steps in its name-resolution process. A DNS server first
queries its cache, it checks its zone records, it sends requests to
forwarders, and then it tries resolution by using root servers.
By default, a Microsoft DNS server connects to
the Internet to process DNS requests more with root hints. When you use
the Dcpromo tool to promote a server to a domain controller, the domain
controller requires DNS. If you install DNS during the promotion
process, a root zone is created. This root zone indicates to your DNS
server that it is a root Internet server. Therefore, your DNS server
does not use forwarders or root hints in the name-resolution process.
1. Click Start, point to Administrative
Tools, and then click DNS.
2. Expand ServerName, where ServerName is
the name of the server, click Propertiesand then expand Forward Lookup
Zones.
3. Right-click the "." zone, and then click
Delete.
I hope this helps.
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF
<Ravi.Sabharanjak@barclaysglobal.com>
I have a 2008 standard full DC at a
friend's home that is behaving erratically for DNS name resolution.
- The DC is answering fine for the zones
it hosts.
- No forwarders are configured on the
DC.
- It will not resolve and Internet
names.
- If queried for the name server records
for the root servers, it does not reply with a list of the root servers.
- No errors in the DNS server log.
Have tried a few things including
re-installing DNS, deleting and re-adding the root hints, but no luck.
Is this a known bug, and does anyone
have a solution other than replacing the DC?
thanks and regards,
-Ravi
--
This message and any attachments are
confidential, proprietary, and may be privileged. If this message was
misdirected, Barclays Global Investors (BGI) does not waive any
confidentiality or privilege. If you are not the intended recipient,
please notify us immediately and destroy the message without disclosing
its contents to anyone. Any distribution, use or copying of this e-mail
or the information it contains by other than an intended recipient is
unauthorized. The views and opinions expressed in this e-mail message
are the author's own and may not reflect the views and opinions of BGI,
unless the author is authorized by BGI to express such views or opinions
on its behalf. All email sent to or from this address is subject to
electronic storage and review by BGI. Although BGI operates anti-virus
programs, it does not accept responsibility for any damage whatsoever
caused by viruses being passed.
--
This message and any attachments are
confidential, proprietary, and may be privileged. If this message was
misdirected, Barclays Global Investors (BGI) does not waive any
confidentiality or privilege. If you are not the intended recipient,
please notify us immediately and destroy the message without disclosing
its contents to anyone. Any distribution, use or copying of this e-mail
or the information it contains by other than an intended recipient is
unauthorized. The views and opinions expressed in this e-mail message
are the author's own and may not reflect the views and opinions of BGI,
unless the author is authorized by BGI to express such views or opinions
on its behalf. All email sent to or from this address is subject to
electronic storage and review by BGI. Although BGI operates anti-virus
programs, it does not accept responsibility for any damage whatsoever
caused by viruses being passed.
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
| | | |
| RickSheikh
Posts:373
| | 09/29/2009 6:11 PM |
| FW rules verification for port 53 tcp/udp would be my next step.
On Tue, Sep 29, 2009 at 12:05 PM, Sabharanjak, Ravi BGI SF <
Ravi.Sabharanjak@barclaysglobal.com> wrote:
>
> Sorry, my mistake - meant to say out of the box root hints (not
> forwarders). There are no forwarders setup.
>
> ------------------------------
> *From:* activedir-owner@mail.activedir.org [mailto:
> activedir-owner@mail.activedir.org] *On Behalf Of *Andrew Levicki
> *Sent:* Tuesday, September 29, 2009 9:41 AM
>
> *To:* activedir@mail.activedir.org
> *Subject:* Re: [ActiveDir] Weird 2008 DNS behavior
>
> When you say "out of the box" do you mean none? Sorry if I misunderstood.
> Is there a firewall preventing DNS traffic from the DNS server out to the
> Internet?
>
> Also, have you disabled recursion? See
> http://technet.microsoft.com/en-us/library/cc787602(WS.10).aspx<http://technet.microsoft.com/en-us/library/cc787602%28WS.10%29.aspx> for
> more on that.
>
> Let us know how you get on.
>
> Thanks,
>
> Andrew
>
> 2009/9/29 Rick Sheikh <ricksheikh@gmail.com <ricksheikh@gmail..com>>
>
>> Ditto. Forwarders tab should be empty OOB.
>>
>>
>> On Tue, Sep 29, 2009 at 11:23 AM, Andrew Levicki <andrew@levicki.me.uk>wrote:
>>
>>> I am not aware of "out of the box forwarders" with 2008. What are they,
>>> just for clarification?
>>> Thanks,
>>>
>>> Andrew
>>>
>>> 2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com>
>>>
>>>>
>>>> Nope - no root zone, just the out of the box forwarders that come with
>>>> 2008.
>>>>
>>>> ------------------------------
>>>> *From:* activedir-owner@mail.activedir.org [mailto:
>>>> activedir-owner@mail.activedir.org] *On Behalf Of *Andrew Levicki
>>>> *Sent:* Tuesday, September 29, 2009 8:36 AM
>>>> *To:* activedir@mail.activedir.org
>>>> *Subject:* Re: [ActiveDir] Weird 2008 DNS behavior
>>>>
>>>> Hi Ravi,
>>>> Have you got a root zone on the DNS server? If so, see below from
>>>> http://support.microsoft.com/kb/323380 How to Remove the Root DNS ZoneA
>>>> DNS server running Windows Server 2003 follows specific steps in its
>>>> name-resolution process. A DNS server first queries its cache, it checks its
>>>> zone records, it sends requests to forwarders, and then it tries resolution
>>>> by using root servers.
>>>>
>>>> By default, a Microsoft DNS server connects to the Internet to process
>>>> DNS requests more with root hints. When you use the Dcpromo tool to promote
>>>> a server to a domain controller, the domain controller requires DNS. If you
>>>> install DNS during the promotion process, a root zone is created. This root
>>>> zone indicates to your DNS server that it is a root Internet server.
>>>> Therefore, your DNS server does not use forwarders or root hints in the
>>>> name-resolution process.
>>>>
>>>>
>>>> 1. Click *Start*, point to *Administrative Tools*, and then click *
>>>> DNS*.
>>>> 2. Expand *ServerName*, where ServerName is the name of the server,
>>>> click *Properties*and then expand *Forward Lookup Zones*.
>>>> 3. Right-click the *"."* zone, and then click *Delete*.
>>>>
>>>> I hope this helps.
>>>>
>>>> Andrew
>>>>
>>>> 2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com
>>>> >
>>>>
>>>>>
>>>>> I have a 2008 standard full DC at a friend's home that is behaving
>>>>> erratically for DNS name resolution.
>>>>>
>>>>> - The DC is answering fine for the zones it hosts.
>>>>> - No forwarders are configured on the DC.
>>>>> - It will not resolve and Internet names.
>>>>> - If queried for the name server records for the root servers, it does
>>>>> not reply with a list of the root servers.
>>>>> - No errors in the DNS server log.
>>>>>
>>>>> Have tried a few things including re-installing DNS, deleting and
>>>>> re-adding the root hints, but no luck.
>>>>>
>>>>> Is this a known bug, and does anyone have a solution other than
>>>>> replacing the DC?
>>>>>
>>>>> thanks and regards,
>>>>> -Ravi
>>>>>
>>>>> --
>>>>>
>>>>>
>>>>> This message and any attachments are confidential, proprietary, and may
>>>>> be privileged. If this message was misdirected, Barclays Global
>>>>> Investors (BGI) does not waive any confidentiality or privilege. If
>>>>> you are not the intended recipient, please notify us immediately and destroy
>>>>> the message without disclosing its contents to anyone. Any
>>>>> distribution, use or copying of this e-mail or the information it contains
>>>>> by other than an intended recipient is unauthorized. The views and
>>>>> opinions expressed in this e-mail message are the author's own and may not
>>>>> reflect the views and opinions of BGI, unless the author is authorized by
>>>>> BGI to express such views or opinions on its behalf. All email sent
>>>>> to or from this address is subject to electronic storage and review by BGI.
>>>>> Although BGI operates anti-virus programs, it does not accept
>>>>> responsibility for any damage whatsoever caused by viruses being passed.
>>>>>
>>>>
>>>>
>>>> --
>>>>
>>>>
>>>> This message and any attachments are confidential, proprietary, and may
>>>> be privileged. If this message was misdirected, Barclays Global
>>>> Investors (BGI) does not waive any confidentiality or privilege. If
>>>> you are not the intended recipient, please notify us immediately and destroy
>>>> the message without disclosing its contents to anyone. Any
>>>> distribution, use or copying of this e-mail or the information it contains
>>>> by other than an intended recipient is unauthorized. The views and
>>>> opinions expressed in this e-mail message are the author's own and may not
>>>> reflect the views and opinions of BGI, unless the author is authorized by
>>>> BGI to express such views or opinions on its behalf. All email sent to
>>>> or from this address is subject to electronic storage and review by BGI.
>>>> Although BGI operates anti-virus programs, it does not accept
>>>> responsibility for any damage whatsoever caused by viruses being passed.
>>>>
>>>
>>>
>>
>
> --
>
>
> This message and any attachments are confidential, proprietary, and may be
> privileged. If this message was misdirected, Barclays Global Investors
> (BGI) does not waive any confidentiality or privilege. If you are not the
> intended recipient, please notify us immediately and destroy the message
> without disclosing its contents to anyone. Any distribution, use or
> copying of this e-mail or the information it contains by other than an
> intended recipient is unauthorized. The views and opinions expressed in
> this e-mail message are the author's own and may not reflect the views and
> opinions of BGI, unless the author is authorized by BGI to express such
> views or opinions on its behalf. All email sent to or from this address
> is subject to electronic storage and review by BGI. Although BGI operates
> anti-virus programs, it does not accept responsibility for any damage
> whatsoever caused by viruses being passed.
>
| | | |
| andrew
Posts:77
| | 09/29/2009 6:13 PM |
| I'm thinking it's that or recursion has been disabled.
2009/9/29 Rick Sheikh <ricksheikh@gmail.com>
> FW rules verification for port 53 tcp/udp would be my next step.
>
>
> On Tue, Sep 29, 2009 at 12:05 PM, Sabharanjak, Ravi BGI SF <
> Ravi.Sabharanjak@barclaysglobal.com> wrote:
>
>>
>> Sorry, my mistake - meant to say out of the box root hints (not
>> forwarders). There are no forwarders setup.
>>
>> ------------------------------
>> *From:* activedir-owner@mail.activedir.org [mailto:
>> activedir-owner@mail.activedir.org] *On Behalf Of *Andrew Levicki
>> *Sent:* Tuesday, September 29, 2009 9:41 AM
>>
>> *To:* activedir@mail.activedir.org
>> *Subject:* Re: [ActiveDir] Weird 2008 DNS behavior
>>
>> When you say "out of the box" do you mean none? Sorry if I misunderstood.
>> Is there a firewall preventing DNS traffic from the DNS server out to the
>> Internet?
>>
>> Also, have you disabled recursion? See
>> http://technet.microsoft.com/en-us/library/cc787602(WS.10).aspx<http://technet.microsoft.com/en-us/library/cc787602%28WS.10%29.aspx> for
>> more on that.
>>
>> Let us know how you get on.
>>
>> Thanks,
>>
>> Andrew
>>
>> 2009/9/29 Rick Sheikh <ricksheikh@gmail.com <ricksheikh@gmail..com>>
>>
>>> Ditto. Forwarders tab should be empty OOB.
>>>
>>>
>>> On Tue, Sep 29, 2009 at 11:23 AM, Andrew Levicki <andrew@levicki.me.uk>wrote:
>>>
>>>> I am not aware of "out of the box forwarders" with 2008. What are they,
>>>> just for clarification?
>>>> Thanks,
>>>>
>>>> Andrew
>>>>
>>>> 2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com
>>>> >
>>>>
>>>>>
>>>>> Nope - no root zone, just the out of the box forwarders that come
>>>>> with 2008.
>>>>>
>>>>> ------------------------------
>>>>> *From:* activedir-owner@mail.activedir.org [mailto:
>>>>> activedir-owner@mail.activedir.org] *On Behalf Of *Andrew Levicki
>>>>> *Sent:* Tuesday, September 29, 2009 8:36 AM
>>>>> *To:* activedir@mail.activedir.org
>>>>> *Subject:* Re: [ActiveDir] Weird 2008 DNS behavior
>>>>>
>>>>> Hi Ravi,
>>>>> Have you got a root zone on the DNS server? If so, see below from
>>>>> http://support.microsoft.com/kb/323380 How to Remove the Root DNS ZoneA
>>>>> DNS server running Windows Server 2003 follows specific steps in its
>>>>> name-resolution process. A DNS server first queries its cache, it checks its
>>>>> zone records, it sends requests to forwarders, and then it tries resolution
>>>>> by using root servers.
>>>>>
>>>>> By default, a Microsoft DNS server connects to the Internet to process
>>>>> DNS requests more with root hints. When you use the Dcpromo tool to promote
>>>>> a server to a domain controller, the domain controller requires DNS. If you
>>>>> install DNS during the promotion process, a root zone is created. This root
>>>>> zone indicates to your DNS server that it is a root Internet server.
>>>>> Therefore, your DNS server does not use forwarders or root hints in the
>>>>> name-resolution process.
>>>>>
>>>>>
>>>>> 1. Click *Start*, point to *Administrative Tools*, and then click *
>>>>> DNS*.
>>>>> 2. Expand *ServerName*, where ServerName is the name of the server,
>>>>> click *Properties*and then expand *Forward Lookup Zones*.
>>>>> 3. Right-click the *"."* zone, and then click *Delete*.
>>>>>
>>>>> I hope this helps.
>>>>>
>>>>> Andrew
>>>>>
>>>>> 2009/9/29 Sabharanjak, Ravi BGI SF <
>>>>> Ravi.Sabharanjak@barclaysglobal.com>
>>>>>
>>>>>>
>>>>>> I have a 2008 standard full DC at a friend's home that is behaving
>>>>>> erratically for DNS name resolution.
>>>>>>
>>>>>> - The DC is answering fine for the zones it hosts.
>>>>>> - No forwarders are configured on the DC.
>>>>>> - It will not resolve and Internet names.
>>>>>> - If queried for the name server records for the root servers, it does
>>>>>> not reply with a list of the root servers.
>>>>>> - No errors in the DNS server log.
>>>>>>
>>>>>> Have tried a few things including re-installing DNS, deleting and
>>>>>> re-adding the root hints, but no luck.
>>>>>>
>>>>>> Is this a known bug, and does anyone have a solution other than
>>>>>> replacing the DC?
>>>>>>
>>>>>> thanks and regards,
>>>>>> -Ravi
>>>>>>
>>>>>> --
>>>>>>
>>>>>>
>>>>>> This message and any attachments are confidential, proprietary, and
>>>>>> may be privileged. If this message was misdirected, Barclays Global
>>>>>> Investors (BGI) does not waive any confidentiality or privilege. If
>>>>>> you are not the intended recipient, please notify us immediately and destroy
>>>>>> the message without disclosing its contents to anyone. Any
>>>>>> distribution, use or copying of this e-mail or the information it contains
>>>>>> by other than an intended recipient is unauthorized. The views and
>>>>>> opinions expressed in this e-mail message are the author's own and may not
>>>>>> reflect the views and opinions of BGI, unless the author is authorized by
>>>>>> BGI to express such views or opinions on its behalf. All email sent
>>>>>> to or from this address is subject to electronic storage and review by BGI.
>>>>>> Although BGI operates anti-virus programs, it does not accept
>>>>>> responsibility for any damage whatsoever caused by viruses being passed.
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>>
>>>>>
>>>>> This message and any attachments are confidential, proprietary, and may
>>>>> be privileged. If this message was misdirected, Barclays Global
>>>>> Investors (BGI) does not waive any confidentiality or privilege. If
>>>>> you are not the intended recipient, please notify us immediately and destroy
>>>>> the message without disclosing its contents to anyone. Any
>>>>> distribution, use or copying of this e-mail or the information it contains
>>>>> by other than an intended recipient is unauthorized. The views and
>>>>> opinions expressed in this e-mail message are the author's own and may not
>>>>> reflect the views and opinions of BGI, unless the author is authorized by
>>>>> BGI to express such views or opinions on its behalf. All email sent
>>>>> to or from this address is subject to electronic storage and review by BGI.
>>>>> Although BGI operates anti-virus programs, it does not accept
>>>>> responsibility for any damage whatsoever caused by viruses being passed.
>>>>>
>>>>
>>>>
>>>
>>
>> --
>>
>>
>> This message and any attachments are confidential, proprietary, and may be
>> privileged. If this message was misdirected, Barclays Global Investors
>> (BGI) does not waive any confidentiality or privilege. If you are not
>> the intended recipient, please notify us immediately and destroy the message
>> without disclosing its contents to anyone. Any distribution, use or
>> copying of this e-mail or the information it contains by other than an
>> intended recipient is unauthorized. The views and opinions expressed in
>> this e-mail message are the author's own and may not reflect the views and
>> opinions of BGI, unless the author is authorized by BGI to express such
>> views or opinions on its behalf. All email sent to or from this address
>> is subject to electronic storage and review by BGI. Although BGI
>> operates anti-virus programs, it does not accept responsibility for any
>> damage whatsoever caused by viruses being passed.
>>
>
>
| | | |
| Ravi.Sabharanjak@barclaysglobal.com
Posts:0
| | 09/29/2009 6:17 PM |
|
Checked and open. Also running the tests locally from the box, dunno if
the firewall would come into the pic, but that is open.
________________________________
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Rick Sheikh
Sent: Tuesday, September 29, 2009 10:10 AM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
FW rules verification for port 53 tcp/udp would be my next step.
On Tue, Sep 29, 2009 at 12:05 PM, Sabharanjak, Ravi BGI SF
<Ravi.Sabharanjak@barclaysglobal.com> wrote:
Sorry, my mistake - meant to say out of the box root hints (not
forwarders). There are no forwarders setup.
________________________________
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Andrew Levicki
Sent: Tuesday, September 29, 2009 9:41 AM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
When you say "out of the box" do you mean none? Sorry if I
misunderstood.
Is there a firewall preventing DNS traffic from the DNS server
out to the Internet?
Also, have you disabled recursion? See
http://technet.microsoft.com/en-us/library/cc787602(WS.10).aspx
<http://technet.microsoft.com/en-us/library/cc787602%28WS.10%29.aspx>
for more on that.
Let us know how you get on.
Thanks,
Andrew
2009/9/29 Rick Sheikh <ricksheikh@gmail.com
<mailto:ricksheikh@gmail..com> >
Ditto. Forwarders tab should be empty OOB.
On Tue, Sep 29, 2009 at 11:23 AM, Andrew Levicki
<andrew@levicki.me.uk> wrote:
I am not aware of "out of the box forwarders"
with 2008. What are they, just for clarification?
Thanks,
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF
<Ravi.Sabharanjak@barclaysglobal.com>
Nope - no root zone, just the out of the
box forwarders that come with 2008.
________________________________
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Andrew Levicki
Sent: Tuesday, September 29, 2009 8:36
AM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Weird 2008 DNS
behavior
Hi Ravi,
Have you got a root zone on the DNS
server? If so, see below from http://support.microsoft.com/kb/323380
How to Remove the Root DNS Zone
A DNS server running Windows Server 2003
follows specific steps in its name-resolution process. A DNS server
first queries its cache, it checks its zone records, it sends requests
to forwarders, and then it tries resolution by using root servers.
By default, a Microsoft DNS server
connects to the Internet to process DNS requests more with root hints.
When you use the Dcpromo tool to promote a server to a domain
controller, the domain controller requires DNS. If you install DNS
during the promotion process, a root zone is created. This root zone
indicates to your DNS server that it is a root Internet server.
Therefore, your DNS server does not use forwarders or root hints in the
name-resolution process.
1. Click Start, point to
Administrative Tools, and then click DNS.
2. Expand ServerName, where
ServerName is the name of the server, click Propertiesand then expand
Forward Lookup Zones.
3. Right-click the "." zone, and
then click Delete.
I hope this helps.
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF
<Ravi.Sabharanjak@barclaysglobal.com>
I have a 2008 standard full DC at a
friend's home that is behaving erratically for DNS name resolution.
- The DC is answering fine for the zones
it hosts.
- No forwarders are configured on the
DC.
- It will not resolve and Internet
names.
- If queried for the name server records
for the root servers, it does not reply with a list of the root servers.
- No errors in the DNS server log.
Have tried a few things including
re-installing DNS, deleting and re-adding the root hints, but no luck.
Is this a known bug, and does anyone
have a solution other than replacing the DC?
thanks and regards,
-Ravi
--
This message and any attachments are
confidential, proprietary, and may be privileged. If this message was
misdirected, Barclays Global Investors (BGI) does not waive any
confidentiality or privilege. If you are not the intended recipient,
please notify us immediately and destroy the message without disclosing
its contents to anyone. Any distribution, use or copying of this e-mail
or the information it contains by other than an intended recipient is
unauthorized. The views and opinions expressed in this e-mail message
are the author's own and may not reflect the views and opinions of BGI,
unless the author is authorized by BGI to express such views or opinions
on its behalf. All email sent to or from this address is subject to
electronic storage and review by BGI. Although BGI operates anti-virus
programs, it does not accept responsibility for any damage whatsoever
caused by viruses being passed.
--
This message and any attachments are
confidential, proprietary, and may be privileged. If this message was
misdirected, Barclays Global Investors (BGI) does not waive any
confidentiality or privilege. If you are not the intended recipient,
please notify us immediately and destroy the message without disclosing
its contents to anyone. Any distribution, use or copying of this e-mail
or the information it contains by other than an intended recipient is
unauthorized. The views and opinions expressed in this e-mail message
are the author's own and may not reflect the views and opinions of BGI,
unless the author is authorized by BGI to express such views or opinions
on its behalf. All email sent to or from this address is subject to
electronic storage and review by BGI. Although BGI operates anti-virus
programs, it does not accept responsibility for any damage whatsoever
caused by viruses being passed.
--
This message and any attachments are confidential, proprietary,
and may be privileged. If this message was misdirected, Barclays Global
Investors (BGI) does not waive any confidentiality or privilege. If you
are not the intended recipient, please notify us immediately and destroy
the message without disclosing its contents to anyone. Any
distribution, use or copying of this e-mail or the information it
contains by other than an intended recipient is unauthorized. The views
and opinions expressed in this e-mail message are the author's own and
may not reflect the views and opinions of BGI, unless the author is
authorized by BGI to express such views or opinions on its behalf. All
email sent to or from this address is subject to electronic storage and
review by BGI. Although BGI operates anti-virus programs, it does not
accept responsibility for any damage whatsoever caused by viruses being
passed.
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
| | | |
| RickSheikh
Posts:373
| | 09/29/2009 6:21 PM |
| Disabled Recursion is possible but not an OOB behavior. Ravi, can you verify
that from the Advanced tab ?
On Tue, Sep 29, 2009 at 12:11 PM, Andrew Levicki <andrew@levicki.me.uk>wrote:
> I'm thinking it's that or recursion has been disabled.
>
>
> 2009/9/29 Rick Sheikh <ricksheikh@gmail.com>
>
>> FW rules verification for port 53 tcp/udp would be my next step.
>>
>>
>> On Tue, Sep 29, 2009 at 12:05 PM, Sabharanjak, Ravi BGI SF <
>> Ravi.Sabharanjak@barclaysglobal.com> wrote:
>>
>>>
>>> Sorry, my mistake - meant to say out of the box root hints (not
>>> forwarders). There are no forwarders setup.
>>>
>>> ------------------------------
>>> *From:* activedir-owner@mail.activedir.org [mailto:
>>> activedir-owner@mail.activedir.org] *On Behalf Of *Andrew Levicki
>>> *Sent:* Tuesday, September 29, 2009 9:41 AM
>>>
>>> *To:* activedir@mail.activedir.org
>>> *Subject:* Re: [ActiveDir] Weird 2008 DNS behavior
>>>
>>> When you say "out of the box" do you mean none? Sorry if I misunderstood.
>>>
>>> Is there a firewall preventing DNS traffic from the DNS server out to the
>>> Internet?
>>>
>>> Also, have you disabled recursion? See
>>> http://technet.microsoft.com/en-us/library/cc787602(WS.10).aspx<http://technet.microsoft.com/en-us/library/cc787602%28WS.10%29.aspx> for
>>> more on that.
>>>
>>> Let us know how you get on.
>>>
>>> Thanks,
>>>
>>> Andrew
>>>
>>> 2009/9/29 Rick Sheikh <ricksheikh@gmail.com <ricksheikh@gmail..com>>
>>>
>>>> Ditto. Forwarders tab should be empty OOB.
>>>>
>>>>
>>>> On Tue, Sep 29, 2009 at 11:23 AM, Andrew Levicki <andrew@levicki.me.uk>wrote:
>>>>
>>>>> I am not aware of "out of the box forwarders" with 2008. What are they,
>>>>> just for clarification?
>>>>> Thanks,
>>>>>
>>>>> Andrew
>>>>>
>>>>> 2009/9/29 Sabharanjak, Ravi BGI SF <
>>>>> Ravi.Sabharanjak@barclaysglobal.com>
>>>>>
>>>>>>
>>>>>> Nope - no root zone, just the out of the box forwarders that come
>>>>>> with 2008.
>>>>>>
>>>>>> ------------------------------
>>>>>> *From:* activedir-owner@mail.activedir.org [mailto:
>>>>>> activedir-owner@mail.activedir.org] *On Behalf Of *Andrew Levicki
>>>>>> *Sent:* Tuesday, September 29, 2009 8:36 AM
>>>>>> *To:* activedir@mail.activedir.org
>>>>>> *Subject:* Re: [ActiveDir] Weird 2008 DNS behavior
>>>>>>
>>>>>> Hi Ravi,
>>>>>> Have you got a root zone on the DNS server? If so, see below from
>>>>>> http://support.microsoft.com/kb/323380 How to Remove the Root DNS
>>>>>> ZoneA DNS server running Windows Server 2003 follows specific steps
>>>>>> in its name-resolution process. A DNS server first queries its cache, it
>>>>>> checks its zone records, it sends requests to forwarders, and then it tries
>>>>>> resolution by using root servers.
>>>>>>
>>>>>> By default, a Microsoft DNS server connects to the Internet to process
>>>>>> DNS requests more with root hints. When you use the Dcpromo tool to promote
>>>>>> a server to a domain controller, the domain controller requires DNS. If you
>>>>>> install DNS during the promotion process, a root zone is created. This root
>>>>>> zone indicates to your DNS server that it is a root Internet server.
>>>>>> Therefore, your DNS server does not use forwarders or root hints in the
>>>>>> name-resolution process.
>>>>>>
>>>>>>
>>>>>> 1. Click *Start*, point to *Administrative Tools*, and then click
>>>>>> *DNS*.
>>>>>> 2. Expand *ServerName*, where ServerName is the name of the
>>>>>> server, click *Properties*and then expand *Forward Lookup Zones*.
>>>>>> 3. Right-click the *"."* zone, and then click *Delete*.
>>>>>>
>>>>>> I hope this helps.
>>>>>>
>>>>>> Andrew
>>>>>>
>>>>>> 2009/9/29 Sabharanjak, Ravi BGI SF <
>>>>>> Ravi.Sabharanjak@barclaysglobal.com>
>>>>>>
>>>>>>>
>>>>>>> I have a 2008 standard full DC at a friend's home that is behaving
>>>>>>> erratically for DNS name resolution.
>>>>>>>
>>>>>>> - The DC is answering fine for the zones it hosts.
>>>>>>> - No forwarders are configured on the DC.
>>>>>>> - It will not resolve and Internet names.
>>>>>>> - If queried for the name server records for the root servers, it
>>>>>>> does not reply with a list of the root servers.
>>>>>>> - No errors in the DNS server log.
>>>>>>>
>>>>>>> Have tried a few things including re-installing DNS, deleting and
>>>>>>> re-adding the root hints, but no luck.
>>>>>>>
>>>>>>> Is this a known bug, and does anyone have a solution other than
>>>>>>> replacing the DC?
>>>>>>>
>>>>>>> thanks and regards,
>>>>>>> -Ravi
>>>>>>>
>>>>>>> --
>>>>>>>
>>>>>>>
>>>>>>> This message and any attachments are confidential, proprietary, and
>>>>>>> may be privileged. If this message was misdirected, Barclays Global
>>>>>>> Investors (BGI) does not waive any confidentiality or privilege. If
>>>>>>> you are not the intended recipient, please notify us immediately and destroy
>>>>>>> the message without disclosing its contents to anyone. Any
>>>>>>> distribution, use or copying of this e-mail or the information it contains
>>>>>>> by other than an intended recipient is unauthorized. The views and
>>>>>>> opinions expressed in this e-mail message are the author's own and may not
>>>>>>> reflect the views and opinions of BGI, unless the author is authorized by
>>>>>>> BGI to express such views or opinions on its behalf. All email sent
>>>>>>> to or from this address is subject to electronic storage and review by BGI.
>>>>>>> Although BGI operates anti-virus programs, it does not accept
>>>>>>> responsibility for any damage whatsoever caused by viruses being passed.
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>>
>>>>>> This message and any attachments are confidential, proprietary, and
>>>>>> may be privileged. If this message was misdirected, Barclays Global
>>>>>> Investors (BGI) does not waive any confidentiality or privilege. If
>>>>>> you are not the intended recipient, please notify us immediately and destroy
>>>>>> the message without disclosing its contents to anyone. Any
>>>>>> distribution, use or copying of this e-mail or the information it contains
>>>>>> by other than an intended recipient is unauthorized. The views and
>>>>>> opinions expressed in this e-mail message are the author's own and may not
>>>>>> reflect the views and opinions of BGI, unless the author is authorized by
>>>>>> BGI to express such views or opinions on its behalf. All email sent
>>>>>> to or from this address is subject to electronic storage and review by BGI.
>>>>>> Although BGI operates anti-virus programs, it does not accept
>>>>>> responsibility for any damage whatsoever caused by viruses being passed.
>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>> --
>>>
>>>
>>> This message and any attachments are confidential, proprietary, and may
>>> be privileged. If this message was misdirected, Barclays Global
>>> Investors (BGI) does not waive any confidentiality or privilege. If you
>>> are not the intended recipient, please notify us immediately and destroy the
>>> message without disclosing its contents to anyone. Any distribution,
>>> use or copying of this e-mail or the information it contains by other than
>>> an intended recipient is unauthorized. The views and opinions expressed
>>> in this e-mail message are the author's own and may not reflect the views
>>> and opinions of BGI, unless the author is authorized by BGI to express such
>>> views or opinions on its behalf. All email sent to or from this address
>>> is subject to electronic storage and review by BGI. Although BGI
>>> operates anti-virus programs, it does not accept responsibility for any
>>> damage whatsoever caused by viruses being passed.
>>>
>>
>>
>
| | | |
| kennedyjim
Posts:89
| | 09/29/2009 6:21 PM |
| Wonder if your ISP is involved here blocking DNS lookups to other than their servers. That would surprise me but worth looking at. Fire up NSLOOKUP and set it to look up at a dns server from outside your ISP and test it.
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Sabharanjak, Ravi BGI SF
Sent: Tuesday, September 29, 2009 1:16 PM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Weird 2008 DNS behavior
Checked and open. Also running the tests locally from the box, dunno if the firewall would come into the pic, but that is open.
________________________________
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Rick Sheikh
Sent: Tuesday, September 29, 2009 10:10 AM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
FW rules verification for port 53 tcp/udp would be my next step.
On Tue, Sep 29, 2009 at 12:05 PM, Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com<mailto:Ravi.Sabharanjak@barclaysglobal.com>> wrote:
Sorry, my mistake - meant to say out of the box root hints (not forwarders). There are no forwarders setup.
________________________________
From: activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org> [mailto:activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org>] On Behalf Of Andrew Levicki
Sent: Tuesday, September 29, 2009 9:41 AM
To: activedir@mail.activedir.org<mailto:activedir@mail.activedir.org>
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
When you say "out of the box" do you mean none? Sorry if I misunderstood.
Is there a firewall preventing DNS traffic from the DNS server out to the Internet?
Also, have you disabled recursion? See http://technet.microsoft.com/en-us/library/cc787602(WS.10).aspx<http://technet.microsoft.com/en-us/library/cc787602%28WS.10%29.aspx> for more on that.
Let us know how you get on.
Thanks,
Andrew
2009/9/29 Rick Sheikh <ricksheikh@gmail.com<mailto:ricksheikh@gmail..com>>
Ditto. Forwarders tab should be empty OOB.
On Tue, Sep 29, 2009 at 11:23 AM, Andrew Levicki <andrew@levicki.me.uk<mailto:andrew@levicki.me.uk>> wrote:
I am not aware of "out of the box forwarders" with 2008. What are they, just for clarification?
Thanks,
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com<mailto:Ravi.Sabharanjak@barclaysglobal.com>>
Nope - no root zone, just the out of the box forwarders that come with 2008.
________________________________
From: activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org> [mailto:activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org>] On Behalf Of Andrew Levicki
Sent: Tuesday, September 29, 2009 8:36 AM
To: activedir@mail.activedir.org<mailto:activedir@mail.activedir.org>
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
Hi Ravi,
Have you got a root zone on the DNS server? If so, see below from http://support.microsoft.com/kb/323380
How to Remove the Root DNS Zone
A DNS server running Windows Server 2003 follows specific steps in its name-resolution process. A DNS server first queries its cache, it checks its zone records, it sends requests to forwarders, and then it tries resolution by using root servers.
By default, a Microsoft DNS server connects to the Internet to process DNS requests more with root hints. When you use the Dcpromo tool to promote a server to a domain controller, the domain controller requires DNS. If you install DNS during the promotion process, a root zone is created. This root zone indicates to your DNS server that it is a root Internet server. Therefore, your DNS server does not use forwarders or root hints in the name-resolution process.
1. Click Start, point to Administrative Tools, and then click DNS.
2. Expand ServerName, where ServerName is the name of the server, click Propertiesand then expand Forward Lookup Zones.
3. Right-click the "." zone, and then click Delete.
I hope this helps.
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com<mailto:Ravi.Sabharanjak@barclaysglobal.com>>
I have a 2008 standard full DC at a friend's home that is behaving erratically for DNS name resolution.
- The DC is answering fine for the zones it hosts.
- No forwarders are configured on the DC.
- It will not resolve and Internet names.
- If queried for the name server records for the root servers, it does not reply with a list of the root servers.
- No errors in the DNS server log.
Have tried a few things including re-installing DNS, deleting and re-adding the root hints, but no luck.
Is this a known bug, and does anyone have a solution other than replacing the DC?
thanks and regards,
-Ravi
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
| | | |
| Ravi.Sabharanjak@barclaysglobal.com
Posts:0
| | 09/29/2009 6:27 PM |
|
Here you go. It's a home environment, so IP's / names are a non-issue
 . Recursion is enabled.
Thanks,
-Ravi
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : SONALI
Primary Dns Suffix . . . . . . . : home.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
Connection
Physical Address. . . . . . . . . : 00-0C-29-9C-34-4A
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.168.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.168.1
DNS Servers . . . . . . . . . . . : 192.168.168.100
192.168.168.1
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{3CC7B781-BB3E-4A06-BD71-B550989554EC}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
C:\>
-----Original Message-----
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Akomolafe, Deji
Sent: Tuesday, September 29, 2009 9:53 AM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Weird 2008 DNS behavior
Let's see the output of "ipconfig /all" from the DNS server. You can
mask the REAL IPs if you want.
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
www.akomolafe.name<http://www.akomolafe.name/> - we know IT -5.75, -3.23
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon ________________________________
From: activedir-owner@mail.activedir.org
[activedir-owner@mail.activedir.org] On Behalf Of Andrew Levicki
[andrew@levicki.me.uk]
Sent: Tuesday, September 29, 2009 9:23 AM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
I am not aware of "out of the box forwarders" with 2008. What are they,
just for clarification?
Thanks,
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF
<Ravi.Sabharanjak@barclaysglobal.com<mailto:Ravi.Sabharanjak@barclaysglo
bal.com>>
Nope - no root zone, just the out of the box forwarders that come with
2008..
________________________________
From:
activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir
..org>
[mailto:activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.a
ctivedir.org>] On Behalf Of Andrew Levicki
Sent: Tuesday, September 29, 2009 8:36 AM
To: activedir@mail.activedir.org<mailto:activedir@mail.activedir.org>
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
Hi Ravi,
Have you got a root zone on the DNS server? If so, see below from
http://support.microsoft.com/kb/323380
How to Remove the Root DNS Zone
A DNS server running Windows Server 2003 follows specific steps in its
name-resolution process. A DNS server first queries its cache, it checks
its zone records, it sends requests to forwarders, and then it tries
resolution by using root servers.
By default, a Microsoft DNS server connects to the Internet to process
DNS requests more with root hints. When you use the Dcpromo tool to
promote a server to a domain controller, the domain controller requires
DNS. If you install DNS during the promotion process, a root zone is
created. This root zone indicates to your DNS server that it is a root
Internet server. Therefore, your DNS server does not use forwarders or
root hints in the name-resolution process.
1. Click Start, point to Administrative Tools, and then click DNS.
2. Expand ServerName, where ServerName is the name of the server,
click Propertiesand then expand Forward Lookup Zones.
3. Right-click the "." zone, and then click Delete.
I hope this helps.
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF
<Ravi.Sabharanjak@barclaysglobal.com<mailto:Ravi.Sabharanjak@barclaysglo
bal.com>>
I have a 2008 standard full DC at a friend's home that is behaving
erratically for DNS name resolution.
- The DC is answering fine for the zones it hosts.
- No forwarders are configured on the DC.
- It will not resolve and Internet names.
- If queried for the name server records for the root servers, it does
not reply with a list of the root servers.
- No errors in the DNS server log.
Have tried a few things including re-installing DNS, deleting and
re-adding the root hints, but no luck.
Is this a known bug, and does anyone have a solution other than
replacing the DC?
thanks and regards,
-Ravi
--
This message and any attachments are confidential, proprietary, and may
be privileged. If this message was misdirected, Barclays Global
Investors (BGI) does not waive any confidentiality or privilege. If you
are not the intended recipient, please notify us immediately and destroy
the message without disclosing its contents to anyone. Any
distribution, use or copying of this e-mail or the information it
contains by other than an intended recipient is unauthorized. The views
and opinions expressed in this e-mail message are the author's own and
may not reflect the views and opinions of BGI, unless the author is
authorized by BGI to express such views or opinions on its behalf. All
email sent to or from this address is subject to electronic storage and
review by BGI. Although BGI operates anti-virus programs, it does not
accept responsibility for any damage whatsoever caused by viruses being
passed.
--
This message and any attachments are confidential, proprietary, and may
be privileged. If this message was misdirected, Barclays Global
Investors (BGI) does not waive any confidentiality or privilege. If you
are not the intended recipient, please notify us immediately and destroy
the message without disclosing its contents to anyone. Any
distribution, use or copying of this e-mail or the information it
contains by other than an intended recipient is unauthorized. The views
and opinions expressed in this e-mail message are the author's own and
may not reflect the views and opinions of BGI, unless the author is
authorized by BGI to express such views or opinions on its behalf. All
email sent to or from this address is subject to electronic storage and
review by BGI. Although BGI operates anti-virus programs, it does not
accept responsibility for any damage whatsoever caused by viruses being
passed.
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
| | | |
| Ravi.Sabharanjak@barclaysglobal.com
Posts:0
| | 09/29/2009 6:37 PM |
|
that works fine. As well as queries from the linksys router and direct
queries to the Internet. The server is behaving as if it does not know
about the root servers. But the root servers do show up in the
interface, and in adsiedit. They also got re-created from the file in
the samples directory following the KB on this after deleting them.
-Ravi
________________________________
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Kennedy, Jim
Sent: Tuesday, September 29, 2009 10:20 AM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Weird 2008 DNS behavior
Wonder if your ISP is involved here blocking DNS lookups to other than
their servers. That would surprise me but worth looking at. Fire up
NSLOOKUP and set it to look up at a dns server from outside your ISP and
test it.
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Sabharanjak,
Ravi BGI SF
Sent: Tuesday, September 29, 2009 1:16 PM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Weird 2008 DNS behavior
Checked and open. Also running the tests locally from the box, dunno if
the firewall would come into the pic, but that is open.
________________________________
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Rick Sheikh
Sent: Tuesday, September 29, 2009 10:10 AM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
FW rules verification for port 53 tcp/udp would be my next step.
On Tue, Sep 29, 2009 at 12:05 PM, Sabharanjak, Ravi BGI SF
<Ravi.Sabharanjak@barclaysglobal.com> wrote:
Sorry, my mistake - meant to say out of the box root hints (not
forwarders). There are no forwarders setup.
________________________________
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Andrew Levicki
Sent: Tuesday, September 29, 2009 9:41 AM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
When you say "out of the box" do you mean none? Sorry if I
misunderstood.
Is there a firewall preventing DNS traffic from the DNS server out to
the Internet?
Also, have you disabled recursion? See
http://technet.microsoft.com/en-us/library/cc787602(WS.10).aspx
<http://technet.microsoft.com/en-us/library/cc787602%28WS.10%29.aspx>
for more on that.
Let us know how you get on.
Thanks,
Andrew
2009/9/29 Rick Sheikh <ricksheikh@gmail.com
<mailto:ricksheikh@gmail..com> >
Ditto. Forwarders tab should be empty OOB.
On Tue, Sep 29, 2009 at 11:23 AM, Andrew Levicki <andrew@levicki.me.uk>
wrote:
I am not aware of "out of the box forwarders" with 2008. What are they,
just for clarification?
Thanks,
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com>
Nope - no root zone, just the out of the box forwarders that come with
2008.
________________________________
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Andrew Levicki
Sent: Tuesday, September 29, 2009 8:36 AM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
Hi Ravi,
Have you got a root zone on the DNS server? If so, see below from
http://support.microsoft.com/kb/323380
How to Remove the Root DNS Zone
A DNS server running Windows Server 2003 follows specific steps in its
name-resolution process. A DNS server first queries its cache, it checks
its zone records, it sends requests to forwarders, and then it tries
resolution by using root servers.
By default, a Microsoft DNS server connects to the Internet to process
DNS requests more with root hints. When you use the Dcpromo tool to
promote a server to a domain controller, the domain controller requires
DNS. If you install DNS during the promotion process, a root zone is
created. This root zone indicates to your DNS server that it is a root
Internet server. Therefore, your DNS server does not use forwarders or
root hints in the name-resolution process.
1. Click Start, point to Administrative Tools, and then click DNS.
2. Expand ServerName, where ServerName is the name of the server,
click Propertiesand then expand Forward Lookup Zones.
3. Right-click the "." zone, and then click Delete.
I hope this helps.
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com>
I have a 2008 standard full DC at a friend's home that is behaving
erratically for DNS name resolution.
- The DC is answering fine for the zones it hosts.
- No forwarders are configured on the DC.
- It will not resolve and Internet names.
- If queried for the name server records for the root servers, it does
not reply with a list of the root servers.
- No errors in the DNS server log.
Have tried a few things including re-installing DNS, deleting and
re-adding the root hints, but no luck.
Is this a known bug, and does anyone have a solution other than
replacing the DC?
thanks and regards,
-Ravi
--
This message and any attachments are confidential, proprietary, and may
be privileged. If this message was misdirected, Barclays Global
Investors (BGI) does not waive any confidentiality or privilege. If you
are not the intended recipient, please notify us immediately and destroy
the message without disclosing its contents to anyone. Any
distribution, use or copying of this e-mail or the information it
contains by other than an intended recipient is unauthorized. The views
and opinions expressed in this e-mail message are the author's own and
may not reflect the views and opinions of BGI, unless the author is
authorized by BGI to express such views or opinions on its behalf. All
email sent to or from this address is subject to electronic storage and
review by BGI. Although BGI operates anti-virus programs, it does not
accept responsibility for any damage whatsoever caused by viruses being
passed.
--
This message and any attachments are confidential, proprietary, and may
be privileged. If this message was misdirected, Barclays Global
Investors (BGI) does not waive any confidentiality or privilege. If you
are not the intended recipient, please notify us immediately and destroy
the message without disclosing its contents to anyone. Any
distribution, use or copying of this e-mail or the information it
contains by other than an intended recipient is unauthorized. The views
and opinions expressed in this e-mail message are the author's own and
may not reflect the views and opinions of BGI, unless the author is
authorized by BGI to express such views or opinions on its behalf. All
email sent to or from this address is subject to electronic storage and
review by BGI. Although BGI operates anti-virus programs, it does not
accept responsibility for any damage whatsoever caused by viruses being
passed.
--
This message and any attachments are confidential, proprietary, and may
be privileged. If this message was misdirected, Barclays Global
Investors (BGI) does not waive any confidentiality or privilege. If you
are not the intended recipient, please notify us immediately and destroy
the message without disclosing its contents to anyone. Any
distribution, use or copying of this e-mail or the information it
contains by other than an intended recipient is unauthorized. The views
and opinions expressed in this e-mail message are the author's own and
may not reflect the views and opinions of BGI, unless the author is
authorized by BGI to express such views or opinions on its behalf. All
email sent to or from this address is subject to electronic storage and
review by BGI. Although BGI operates anti-virus programs, it does not
accept responsibility for any damage whatsoever caused by viruses being
passed.
--
This message and any attachments are confidential, proprietary, and may
be privileged. If this message was misdirected, Barclays Global
Investors (BGI) does not waive any confidentiality or privilege. If you
are not the intended recipient, please notify us immediately and destroy
the message without disclosing its contents to anyone. Any
distribution, use or copying of this e-mail or the information it
contains by other than an intended recipient is unauthorized. The views
and opinions expressed in this e-mail message are the author's own and
may not reflect the views and opinions of BGI, unless the author is
authorized by BGI to express such views or opinions on its behalf. All
email sent to or from this address is subject to electronic storage and
review by BGI. Although BGI operates anti-virus programs, it does not
accept responsibility for any damage whatsoever caused by viruses being
passed.
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
| | | |
| hcoleman
Posts:129
| | 09/29/2009 6:47 PM |
| Flush the DNS client and DNS server caches, then take a network trace. Is anything leaving the server?
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Sabharanjak, Ravi BGI SF
Sent: Tuesday, September 29, 2009 11:37 AM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Weird 2008 DNS behavior
that works fine. As well as queries from the linksys router and direct queries to the Internet. The server is behaving as if it does not know about the root servers. But the root servers do show up in the interface, and in adsiedit. They also got re-created from the file in the samples directory following the KB on this after deleting them.
-Ravi
________________________________
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Kennedy, Jim
Sent: Tuesday, September 29, 2009 10:20 AM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Weird 2008 DNS behavior
Wonder if your ISP is involved here blocking DNS lookups to other than their servers. That would surprise me but worth looking at. Fire up NSLOOKUP and set it to look up at a dns server from outside your ISP and test it.
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Sabharanjak, Ravi BGI SF
Sent: Tuesday, September 29, 2009 1:16 PM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Weird 2008 DNS behavior
Checked and open. Also running the tests locally from the box, dunno if the firewall would come into the pic, but that is open.
________________________________
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Rick Sheikh
Sent: Tuesday, September 29, 2009 10:10 AM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
FW rules verification for port 53 tcp/udp would be my next step.
On Tue, Sep 29, 2009 at 12:05 PM, Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com<mailto:Ravi.Sabharanjak@barclaysglobal.com>> wrote:
Sorry, my mistake - meant to say out of the box root hints (not forwarders). There are no forwarders setup.
________________________________
From: activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org> [mailto:activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org>] On Behalf Of Andrew Levicki
Sent: Tuesday, September 29, 2009 9:41 AM
To: activedir@mail.activedir.org<mailto:activedir@mail.activedir.org>
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
When you say "out of the box" do you mean none? Sorry if I misunderstood.
Is there a firewall preventing DNS traffic from the DNS server out to the Internet?
Also, have you disabled recursion? See http://technet.microsoft.com/en-us/library/cc787602(WS.10).aspx<http://technet.microsoft.com/en-us/library/cc787602%28WS.10%29.aspx> for more on that.
Let us know how you get on.
Thanks,
Andrew
2009/9/29 Rick Sheikh <ricksheikh@gmail.com<mailto:ricksheikh@gmail..com>>
Ditto. Forwarders tab should be empty OOB.
On Tue, Sep 29, 2009 at 11:23 AM, Andrew Levicki <andrew@levicki.me.uk<mailto:andrew@levicki.me.uk>> wrote:
I am not aware of "out of the box forwarders" with 2008. What are they, just for clarification?
Thanks,
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com<mailto:Ravi.Sabharanjak@barclaysglobal.com>>
Nope - no root zone, just the out of the box forwarders that come with 2008.
________________________________
From: activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org> [mailto:activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org>] On Behalf Of Andrew Levicki
Sent: Tuesday, September 29, 2009 8:36 AM
To: activedir@mail.activedir.org<mailto:activedir@mail.activedir.org>
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
Hi Ravi,
Have you got a root zone on the DNS server? If so, see below from http://support.microsoft.com/kb/323380
How to Remove the Root DNS Zone
A DNS server running Windows Server 2003 follows specific steps in its name-resolution process. A DNS server first queries its cache, it checks its zone records, it sends requests to forwarders, and then it tries resolution by using root servers.
By default, a Microsoft DNS server connects to the Internet to process DNS requests more with root hints. When you use the Dcpromo tool to promote a server to a domain controller, the domain controller requires DNS. If you install DNS during the promotion process, a root zone is created. This root zone indicates to your DNS server that it is a root Internet server. Therefore, your DNS server does not use forwarders or root hints in the name-resolution process.
1. Click Start, point to Administrative Tools, and then click DNS.
2. Expand ServerName, where ServerName is the name of the server, click Propertiesand then expand Forward Lookup Zones.
3. Right-click the "." zone, and then click Delete.
I hope this helps.
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF <Ravi.Sabharanjak@barclaysglobal.com<mailto:Ravi.Sabharanjak@barclaysglobal.com>>
I have a 2008 standard full DC at a friend's home that is behaving erratically for DNS name resolution.
- The DC is answering fine for the zones it hosts.
- No forwarders are configured on the DC.
- It will not resolve and Internet names.
- If queried for the name server records for the root servers, it does not reply with a list of the root servers.
- No errors in the DNS server log.
Have tried a few things including re-installing DNS, deleting and re-adding the root hints, but no luck.
Is this a known bug, and does anyone have a solution other than replacing the DC?
thanks and regards,
-Ravi
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
| | | |
| deji
Posts:262
| | 09/29/2009 7:18 PM |
| Did you, perhaps, disable and enable IPv6 after installing DNS on this server?
If you look in your hosts file, is the IPv6 entry commented out?
In DNS GUI, what interface is DNS listening on? All interfaces, or specific interface? What happens if you toggle the settings, restart DNS and test again?
What happens IF you configure this server to use ONLY an EXTERNAL DNS server in TCP/IP. Does EXTERNAL name resolution work then?
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
www.akomolafe.name - we know IT
-5.75, -3.23
Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon
________________________________________
From: activedir-owner@mail.activedir.org [activedir-owner@mail.activedir.org] On Behalf Of Sabharanjak, Ravi BGI SF [Ravi.Sabharanjak@barclaysglobal.com]
Sent: Tuesday, September 29, 2009 10:23 AM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Weird 2008 DNS behavior
Here you go. It's a home environment, so IP's / names are a non-issue
. Recursion is enabled.
Thanks,
-Ravi
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : SONALI
Primary Dns Suffix . . . . . . . : home.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
Connection
Physical Address. . . . . . . . . : 00-0C-29-9C-34-4A
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.168.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.168.1
DNS Servers . . . . . . . . . . . : 192.168.168.100
192.168.168.1
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{3CC7B781-BB3E-4A06-BD71-B550989554EC}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
C:\>
-----Original Message-----
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Akomolafe, Deji
Sent: Tuesday, September 29, 2009 9:53 AM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Weird 2008 DNS behavior
Let's see the output of "ipconfig /all" from the DNS server. You can
mask the REAL IPs if you want.
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
www.akomolafe.name<http://www.akomolafe.name/> - we know IT -5.75, -3.23
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon ________________________________
From: activedir-owner@mail.activedir.org
[activedir-owner@mail.activedir.org] On Behalf Of Andrew Levicki
[andrew@levicki.me.uk]
Sent: Tuesday, September 29, 2009 9:23 AM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
I am not aware of "out of the box forwarders" with 2008. What are they,
just for clarification?
Thanks,
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF
<Ravi.Sabharanjak@barclaysglobal.com<mailto:Ravi.Sabharanjak@barclaysglo
bal.com>>
Nope - no root zone, just the out of the box forwarders that come with
2008..
________________________________
From:
activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir
...org>
[mailto:activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.a
ctivedir.org>] On Behalf Of Andrew Levicki
Sent: Tuesday, September 29, 2009 8:36 AM
To: activedir@mail.activedir.org<mailto:activedir@mail.activedir.org>
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
Hi Ravi,
Have you got a root zone on the DNS server? If so, see below from
http://support.microsoft.com/kb/323380
How to Remove the Root DNS Zone
A DNS server running Windows Server 2003 follows specific steps in its
name-resolution process. A DNS server first queries its cache, it checks
its zone records, it sends requests to forwarders, and then it tries
resolution by using root servers.
By default, a Microsoft DNS server connects to the Internet to process
DNS requests more with root hints. When you use the Dcpromo tool to
promote a server to a domain controller, the domain controller requires
DNS. If you install DNS during the promotion process, a root zone is
created. This root zone indicates to your DNS server that it is a root
Internet server. Therefore, your DNS server does not use forwarders or
root hints in the name-resolution process.
1. Click Start, point to Administrative Tools, and then click DNS.
2. Expand ServerName, where ServerName is the name of the server,
click Propertiesand then expand Forward Lookup Zones.
3. Right-click the "." zone, and then click Delete.
I hope this helps.
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF
<Ravi.Sabharanjak@barclaysglobal.com<mailto:Ravi.Sabharanjak@barclaysglo
bal.com>>
I have a 2008 standard full DC at a friend's home that is behaving
erratically for DNS name resolution.
- The DC is answering fine for the zones it hosts.
- No forwarders are configured on the DC.
- It will not resolve and Internet names.
- If queried for the name server records for the root servers, it does
not reply with a list of the root servers.
- No errors in the DNS server log.
Have tried a few things including re-installing DNS, deleting and
re-adding the root hints, but no luck.
Is this a known bug, and does anyone have a solution other than
replacing the DC?
thanks and regards,
-Ravi
--
This message and any attachments are confidential, proprietary, and may
be privileged. If this message was misdirected, Barclays Global
Investors (BGI) does not waive any confidentiality or privilege. If you
are not the intended recipient, please notify us immediately and destroy
the message without disclosing its contents to anyone. Any
distribution, use or copying of this e-mail or the information it
contains by other than an intended recipient is unauthorized. The views
and opinions expressed in this e-mail message are the author's own and
may not reflect the views and opinions of BGI, unless the author is
authorized by BGI to express such views or opinions on its behalf. All
email sent to or from this address is subject to electronic storage and
review by BGI. Although BGI operates anti-virus programs, it does not
accept responsibility for any damage whatsoever caused by viruses being
passed.
--
This message and any attachments are confidential, proprietary, and may
be privileged. If this message was misdirected, Barclays Global
Investors (BGI) does not waive any confidentiality or privilege. If you
are not the intended recipient, please notify us immediately and destroy
the message without disclosing its contents to anyone. Any
distribution, use or copying of this e-mail or the information it
contains by other than an intended recipient is unauthorized. The views
and opinions expressed in this e-mail message are the author's own and
may not reflect the views and opinions of BGI, unless the author is
authorized by BGI to express such views or opinions on its behalf. All
email sent to or from this address is subject to electronic storage and
review by BGI. Although BGI operates anti-virus programs, it does not
accept responsibility for any damage whatsoever caused by viruses being
passed.
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
| | | |
| Ravi.Sabharanjak@barclaysglobal.com
Posts:0
| | 09/29/2009 8:07 PM |
|
You hit it right on the head - Looks like my friend had unbound the IPv6
protocol from the adapter. Cant be sure yet, as my connection to it
dropped after I checked the box, but will confirm and let you know.
Thanks !
-Ravi
-----Original Message-----
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Akomolafe, Deji
Sent: Tuesday, September 29, 2009 11:12 AM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Weird 2008 DNS behavior
Did you, perhaps, disable and enable IPv6 after installing DNS on this
server?
If you look in your hosts file, is the IPv6 entry commented out?
In DNS GUI, what interface is DNS listening on? All interfaces, or
specific interface? What happens if you toggle the settings, restart DNS
and test again?
What happens IF you configure this server to use ONLY an EXTERNAL DNS
server in TCP/IP. Does EXTERNAL name resolution work then?
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
www.akomolafe.name - we know IT
-5.75, -3.23
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon ________________________________________
From: activedir-owner@mail.activedir.org
[activedir-owner@mail.activedir.org] On Behalf Of Sabharanjak, Ravi BGI
SF [Ravi.Sabharanjak@barclaysglobal.com]
Sent: Tuesday, September 29, 2009 10:23 AM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Weird 2008 DNS behavior
Here you go. It's a home environment, so IP's / names are a non-issue
. Recursion is enabled.
Thanks,
-Ravi
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : SONALI
Primary Dns Suffix . . . . . . . : home.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
Connection
Physical Address. . . . . . . . . : 00-0C-29-9C-34-4A
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.168.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.168.1
DNS Servers . . . . . . . . . . . : 192.168.168.100
192.168.168.1
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{3CC7B781-BB3E-4A06-BD71-B550989554EC}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
C:\>
-----Original Message-----
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Akomolafe, Deji
Sent: Tuesday, September 29, 2009 9:53 AM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Weird 2008 DNS behavior
Let's see the output of "ipconfig /all" from the DNS server. You can
mask the REAL IPs if you want.
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
www.akomolafe.name<http://www.akomolafe.name/> - we know IT -5.75, -3.23
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon ________________________________
From: activedir-owner@mail.activedir.org
[activedir-owner@mail.activedir.org] On Behalf Of Andrew Levicki
[andrew@levicki.me.uk]
Sent: Tuesday, September 29, 2009 9:23 AM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
I am not aware of "out of the box forwarders" with 2008. What are they,
just for clarification?
Thanks,
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF
<Ravi.Sabharanjak@barclaysglobal.com<mailto:Ravi.Sabharanjak@barclaysglo
bal.com>>
Nope - no root zone, just the out of the box forwarders that come with
2008..
________________________________
From:
activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir
....org>
[mailto:activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.a
ctivedir.org>] On Behalf Of Andrew Levicki
Sent: Tuesday, September 29, 2009 8:36 AM
To: activedir@mail.activedir.org<mailto:activedir@mail.activedir.org>
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
Hi Ravi,
Have you got a root zone on the DNS server? If so, see below from
http://support.microsoft.com/kb/323380
How to Remove the Root DNS Zone
A DNS server running Windows Server 2003 follows specific steps in its
name-resolution process. A DNS server first queries its cache, it checks
its zone records, it sends requests to forwarders, and then it tries
resolution by using root servers.
By default, a Microsoft DNS server connects to the Internet to process
DNS requests more with root hints. When you use the Dcpromo tool to
promote a server to a domain controller, the domain controller requires
DNS. If you install DNS during the promotion process, a root zone is
created. This root zone indicates to your DNS server that it is a root
Internet server. Therefore, your DNS server does not use forwarders or
root hints in the name-resolution process.
1. Click Start, point to Administrative Tools, and then click DNS.
2. Expand ServerName, where ServerName is the name of the server,
click Propertiesand then expand Forward Lookup Zones.
3. Right-click the "." zone, and then click Delete.
I hope this helps.
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF
<Ravi.Sabharanjak@barclaysglobal.com<mailto:Ravi.Sabharanjak@barclaysglo
bal.com>>
I have a 2008 standard full DC at a friend's home that is behaving
erratically for DNS name resolution.
- The DC is answering fine for the zones it hosts.
- No forwarders are configured on the DC.
- It will not resolve and Internet names.
- If queried for the name server records for the root servers, it does
not reply with a list of the root servers.
- No errors in the DNS server log.
Have tried a few things including re-installing DNS, deleting and
re-adding the root hints, but no luck.
Is this a known bug, and does anyone have a solution other than
replacing the DC?
thanks and regards,
-Ravi
--
This message and any attachments are confidential, proprietary, and may
be privileged. If this message was misdirected, Barclays Global
Investors (BGI) does not waive any confidentiality or privilege. If you
are not the intended recipient, please notify us immediately and destroy
the message without disclosing its contents to anyone. Any
distribution, use or copying of this e-mail or the information it
contains by other than an intended recipient is unauthorized. The views
and opinions expressed in this e-mail message are the author's own and
may not reflect the views and opinions of BGI, unless the author is
authorized by BGI to express such views or opinions on its behalf. All
email sent to or from this address is subject to electronic storage and
review by BGI. Although BGI operates anti-virus programs, it does not
accept responsibility for any damage whatsoever caused by viruses being
passed.
--
This message and any attachments are confidential, proprietary, and may
be privileged. If this message was misdirected, Barclays Global
Investors (BGI) does not waive any confidentiality or privilege. If you
are not the intended recipient, please notify us immediately and destroy
the message without disclosing its contents to anyone. Any
distribution, use or copying of this e-mail or the information it
contains by other than an intended recipient is unauthorized. The views
and opinions expressed in this e-mail message are the author's own and
may not reflect the views and opinions of BGI, unless the author is
authorized by BGI to express such views or opinions on its behalf. All
email sent to or from this address is subject to electronic storage and
review by BGI. Although BGI operates anti-virus programs, it does not
accept responsibility for any damage whatsoever caused by viruses being
passed.
--
This message and any attachments are confidential, proprietary, and may
be privileged. If this message was misdirected, Barclays Global
Investors (BGI) does not waive any confidentiality or privilege. If you
are not the intended recipient, please notify us immediately and destroy
the message without disclosing its contents to anyone. Any distribution,
use or copying of this e-mail or the information it contains by other
than an intended recipient is unauthorized. The views and opinions
expressed in this e-mail message are the author's own and may not
reflect the views and opinions of BGI, unless the author is authorized
by BGI to express such views or opinions on its behalf. All email sent
to or from this address is subject to electronic storage and review by
BGI. Although BGI operates anti-virus programs, it does not accept
responsibility for any damage whatsoever caused by viruses being passed.
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
| | | |
| Ravi.Sabharanjak@barclaysglobal.com
Posts:0
| | 09/30/2009 1:04 AM |
|
Nope - didn't change the DNS service behaviour - still broken. However,
the RDP connection to the server now drops every 3-4 mins after binding
IPv6 to the network connection. The external resolution works if the
server is set to use an external name server.
-----Original Message-----
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Sabharanjak,
Ravi BGI SF
Sent: Tuesday, September 29, 2009 12:06 PM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Weird 2008 DNS behavior
You hit it right on the head - Looks like my friend had unbound the IPv6
protocol from the adapter. Cant be sure yet, as my connection to it
dropped after I checked the box, but will confirm and let you know.
Thanks !
-Ravi
-----Original Message-----
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Akomolafe, Deji
Sent: Tuesday, September 29, 2009 11:12 AM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Weird 2008 DNS behavior
Did you, perhaps, disable and enable IPv6 after installing DNS on this
server?
If you look in your hosts file, is the IPv6 entry commented out?
In DNS GUI, what interface is DNS listening on? All interfaces, or
specific interface? What happens if you toggle the settings, restart DNS
and test again?
What happens IF you configure this server to use ONLY an EXTERNAL DNS
server in TCP/IP. Does EXTERNAL name resolution work then?
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
www.akomolafe.name - we know IT
-5.75, -3.23
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon ________________________________________
From: activedir-owner@mail.activedir.org
[activedir-owner@mail.activedir.org] On Behalf Of Sabharanjak, Ravi BGI
SF [Ravi.Sabharanjak@barclaysglobal.com]
Sent: Tuesday, September 29, 2009 10:23 AM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Weird 2008 DNS behavior
Here you go. It's a home environment, so IP's / names are a non-issue
. Recursion is enabled.
Thanks,
-Ravi
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : SONALI
Primary Dns Suffix . . . . . . . : home.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
Connection
Physical Address. . . . . . . . . : 00-0C-29-9C-34-4A
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.168.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.168.1
DNS Servers . . . . . . . . . . . : 192.168.168.100
192.168.168.1
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{3CC7B781-BB3E-4A06-BD71-B550989554EC}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
C:\>
-----Original Message-----
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Akomolafe, Deji
Sent: Tuesday, September 29, 2009 9:53 AM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Weird 2008 DNS behavior
Let's see the output of "ipconfig /all" from the DNS server. You can
mask the REAL IPs if you want.
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
www.akomolafe.name<http://www.akomolafe.name/> - we know IT -5.75, -3.23
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon ________________________________
From: activedir-owner@mail.activedir.org
[activedir-owner@mail.activedir.org] On Behalf Of Andrew Levicki
[andrew@levicki.me.uk]
Sent: Tuesday, September 29, 2009 9:23 AM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
I am not aware of "out of the box forwarders" with 2008. What are they,
just for clarification?
Thanks,
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF
<Ravi.Sabharanjak@barclaysglobal.com<mailto:Ravi.Sabharanjak@barclaysglo
bal.com>>
Nope - no root zone, just the out of the box forwarders that come with
2008..
________________________________
From:
activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir
.....org>
[mailto:activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.a
ctivedir.org>] On Behalf Of Andrew Levicki
Sent: Tuesday, September 29, 2009 8:36 AM
To: activedir@mail.activedir.org<mailto:activedir@mail.activedir.org>
Subject: Re: [ActiveDir] Weird 2008 DNS behavior
Hi Ravi,
Have you got a root zone on the DNS server? If so, see below from
http://support.microsoft.com/kb/323380
How to Remove the Root DNS Zone
A DNS server running Windows Server 2003 follows specific steps in its
name-resolution process. A DNS server first queries its cache, it checks
its zone records, it sends requests to forwarders, and then it tries
resolution by using root servers.
By default, a Microsoft DNS server connects to the Internet to process
DNS requests more with root hints. When you use the Dcpromo tool to
promote a server to a domain controller, the domain controller requires
DNS. If you install DNS during the promotion process, a root zone is
created. This root zone indicates to your DNS server that it is a root
Internet server. Therefore, your DNS server does not use forwarders or
root hints in the name-resolution process.
1. Click Start, point to Administrative Tools, and then click DNS.
2. Expand ServerName, where ServerName is the name of the server,
click Propertiesand then expand Forward Lookup Zones.
3. Right-click the "." zone, and then click Delete.
I hope this helps.
Andrew
2009/9/29 Sabharanjak, Ravi BGI SF
<Ravi.Sabharanjak@barclaysglobal.com<mailto:Ravi.Sabharanjak@barclaysglo
bal.com>>
I have a 2008 standard full DC at a friend's home that is behaving
erratically for DNS name resolution.
- The DC is answering fine for the zones it hosts.
- No forwarders are configured on the DC.
- It will not resolve and Internet names.
- If queried for the name server records for the root servers, it does
not reply with a list of the root servers.
- No errors in the DNS server log.
Have tried a few things including re-installing DNS, deleting and
re-adding the root hints, but no luck.
Is this a known bug, and does anyone have a solution other than
replacing the DC?
thanks and regards,
-Ravi
--
This message and any attachments are confidential, proprietary, and may
be privileged. If this message was misdirected, Barclays Global
Investors (BGI) does not waive any confidentiality or privilege. If you
are not the intended recipient, please notify us immediately and destroy
the message without disclosing its contents to anyone. Any
distribution, use or copying of this e-mail or the information it
contains by other than an intended recipient is unauthorized. The views
and opinions expressed in this e-mail message are the author's own and
may not reflect the views and opinions of BGI, unless the author is
authorized by BGI to express such views or opinions on its behalf. All
email sent to or from this address is subject to electronic storage and
review by BGI. Although BGI operates anti-virus programs, it does not
accept responsibility for any damage whatsoever caused by viruses being
passed.
--
This message and any attachments are confidential, proprietary, and may
be privileged. If this message was misdirected, Barclays Global
Investors (BGI) does not waive any confidentiality or privilege. If you
are not the intended recipient, please notify us immediately and destroy
the message without disclosing its contents to anyone. Any
distribution, use or copying of this e-mail or the information it
contains by other than an intended recipient is unauthorized. The views
and opinions expressed in this e-mail message are the author's own and
may not reflect the views and opinions of BGI, unless the author is
authorized by BGI to express such views or opinions on its behalf. All
email sent to or from this address is subject to electronic storage and
review by BGI. Although BGI operates anti-virus programs, it does not
accept responsibility for any damage whatsoever caused by viruses being
passed.
--
This message and any attachments are confidential, proprietary, and may
be privileged. If this message was misdirected, Barclays Global
Investors (BGI) does not waive any confidentiality or privilege. If you
are not the intended recipient, please notify us immediately and destroy
the message without disclosing its contents to anyone. Any distribution,
use or copying of this e-mail or the information it contains by other
than an intended recipient is unauthorized. The views and opinions
expressed in this e-mail message are the author's own and may not
reflect the views and opinions of BGI, unless the author is authorized
by BGI to express such views or opinions on its behalf. All email sent
to or from this address is subject to electronic storage and review by
BGI. Although BGI operates anti-virus programs, it does not accept
responsibility for any damage whatsoever caused by viruses being passed.
--
This message and any attachments are confidential, proprietary, and may
be privileged. If this message was misdirected, Barclays Global
Investors (BGI) does not waive any confidentiality or privilege. If you
are not the intended recipient, please notify us immediately and destroy
the message without disclosing its contents to anyone. Any distribution,
use or copying of this e-mail or the information it contains by other
than an intended recipient is unauthorized. The views and opinions
expressed in this e-mail message are the author's own and may not
reflect the views and opinions of BGI, unless the author is authorized
by BGI to express such views or opinions on its behalf. All email sent
to or from this address is subject to electronic storage and review by
BGI. Although BGI operates anti-virus programs, it does not accept
responsibility for any damage whatsoever caused by viruses being passed.
--
This message and any attachments are confidential, proprietary, and may be privileged. If this message was misdirected, Barclays Global Investors (BGI) does not waive any confidentiality or privilege. If you are not the intended recipient, please notify us immediately and destroy the message without disclosing its contents to anyone. Any distribution, use or copying of this e-mail or the information it contains by other than an intended recipient is unauthorized. The views and opinions expressed in this e-mail message are the author's own and may not reflect the views and opinions of BGI, unless the author is authorized by BGI to express such views or opinions on its behalf. All email sent to or from this address is subject to electronic storage and review by BGI. Although BGI operates anti-virus programs, it does not accept responsibility for any damage whatsoever caused by viruses being passed.
| | | |
|
|