Odd DNS Message

[leeym]

We have one Win2003 STD acting as a DC/DNS server with 6 client XP Pro workstations. Running netdiag on all clients is okay with no warnings.

Separately we have Exchange 2003 SP2 on another Win2003 box, but running netdiag has one error (though it doesn't impact Exchange). Here's what is says:

DNS....assed
[WARNING] Cannot find a primary authoritative DNS server for the name 'exchange.domain.com.' [ERROR_TIMEOUT]
The name 'exchange.domain.com.' may not be registered in DNS.

Any thoughts on why this error is appearing? Thanks

 

[adminbydefault]

leeym,

Are you running static or dynamic IP on the exchange box?

 

[leeym]

static

 

[adminbydefault]

leeym,

Forgive me for the basic questions but sometimes it is something simple that is overlooked.

If you run ipconfig /all on the exchange server does the DC show up correctly in:
Primary Dns Suffix.........?
DNS Suffix Search List.....?
and
DNS Servers................(IP Address)

 

[leeym]

simple questions are all good.

when I run that command, all boxes, including the Exchange box are ok. It's just that one line after running netdiag even tho Exhcnage runs fine. Still, the error worries me

 

[adminbydefault]

leeym,

Have you tried setting the zone on the DNS server to allow Dynamic updates and running netdiag /fix?

 

[leeym]

where would that setting be made within DNS

also, should I run netdiag /fix on the exchange server? thanks

 

[adminbydefault]

leeym,

Couple more questions?

How many DNS zones do you have?
Do you have a Host record established for the static IP of exchange.domain.com?

 

[adminbydefault]

leeym,

Assuming you only have one DNS zone you will need to edit the primary zone file on the DNS server. You should be able to get to this by selecting Manage DNS Server from the Manage Your Server option or by selecting DNS under Administrative Tools.

You should fine your primary zone under the Forward Lookup Zones. You can right mouse click and select properties. Select the General Tab and you will find Dynamic updates. Your options are None, Nonsecure and Secure or Secure Only. Select Nonsecure and Secure for now. This setting should propigate to the SOA and NS records for the Forward Lookup Zones.

Then try running netdiag /fix from the exchange server

 

[adminbydefault]

leeym,

I left one thing out in the previous post and want to suggest changing one item.

When you modify the zone file for DNS set it to allow Only Secure updates opposed to Nonsecure and Secure.

Also after making this change to the zone file, you want to restart the NetLogon Service.

then run the netdiag /fix

 

[leeym]

Yes, we do have a host record for the static IP of exchange.domain.com.

We have a single forward lookup zone for domain.com. We don't have a reverse lookup zone setup. never had a need. thoughts on this sub-topic?

I checked the primary zone and it's aleady set to Secure updates, restarted netlogon anyways, and ran netdiag /fix on the Exhcange server.

After I ran netdiag and the warning still exists. Thoughts?

 

[adminbydefault]

leeym,

Try running the netdiag /fix on the DC.

Run it a second time to see if it cleans anything up.

If it not able to fix the problem, something is not quite right somewhere in the DNS.

 

[leeym]

I ran netdiag /fix on the DC/DNS server and got this warning:

DNS test...assed

DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server '192.168.1.44
'.
[WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '204.60.203.179'. Please wait for 30 minutes for DNS server replication.
[WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '66.73.20.40'. Please wait for 30 minutes for DNS server replication.

As you can see, there are some issues with the external DNS entries in DNS. Thoughts? Thx

 

[adminbydefault]

leeym,

Based on the information you provided above it appears your DNS is resolving internally okay. Have you run netdiag again on the exchange server since running the fix on the DC. As for the external IP's I belive those are related to the root hints in DNS. I am not positive but if that is the case I would not spend anytime worring about them unless you are needed external DNS resolution.