Question

I want to set up a DNS server on our network to handle ALL internet lookups

Asked by: rhawk

Hello. At some point in the past I had set up a windows 2000 server to be a DNS server for us. I had set it so that if it did not know the ip address of the site it went to another DNS server to get it and it updated its own information. I did this because we had several employees surfing to specific sites that they were not allowed to go to, and I was able to see the DNS records on the 2000 server and know what sites the employees were going to, and if I desired I could update the record on the server to point that URL to a different site hosted on our server.

We now have 2003 servers here and I was trying to set one up to DNS like the old 2000 server had, but the setup looks totally different to me, or I am just not remembering what I did originally since it has been many years.

Could someone please walk me through the DNS setup on 2003 to do this?

Thank you.

David

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2009-08-17 at 08:28:24ID24658490
Topics

Domain Name Service (DNS)

,

Windows 2003 Server

Participating Experts
3
Points
250
Comments
32

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. A DNS, Linux Box and a Router walk into a bar...
    And nothing happens... Okay - we have a Linux server connected to the Net via a router/cable modem. We've got a DNS with ZoneEdit. The DNS should be pointing our rabid fans to the website we're hosting on our Linux box - but Linux is just cryptic enough so that we're not sur...
  2. DNS issue - Cannot surf certain website using private IP
    We have a Windows 2000 domain in the datacenter. The data center does not belongs to us. We just lease some rack space from the vendor. The domain in the data center is 123.abc.com. It has an internal DNS server and the hostname is DB01. There is a web server in the domain an...
  3. reverse DNS lookup
    We're using now gethostbyaddr for reverse DNS lookup to process site logs. It fails for quite a lot of them, though. Is there any other way to find out the domain names? And is there a way to find out a country of origin for a .com domain?
  4. NT workstation will not surf
    Hi, I recently moved my company's network from NT Small Business Server to a Windows Server 2003 AD Domain. The client workstations are a mix of NT workstation and 2000 Pro. One of the NT workstations has been unable to surf since the move. From it, I can surf via the IE bro...
  5. DNS LOOKUPS
    we've recently got our website moved from 1 ISP to another. We've updated our A-records, etc with the revelant bodies. The problem is now at the moment if we try to access the URL from outside of our company we get directed to the new correct site, if we try the same within...

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: aerapsPosted on 2009-08-17 at 08:30:20ID: 25115411

http://support.microsoft.com/kb/814591

above is the complete document which will guide you in setting up a DNS server on your 2003 box.

http://support.microsoft.com/kb/324753 (Setting up Active Directory and DNS on 2003)

 

by: Chris-DentPosted on 2009-08-17 at 08:39:43ID: 25115521


Hmm did you have it configured to with Forwarders to whatever other DNS server?

If you select View / Advanced you'll be able to see the Cache which will contain everything people have been asking to go to.

Chris

 

by: rhawkPosted on 2009-08-17 at 08:47:24ID: 25115603

aeraps,
I do not fully follow the stuff on the MS site. Once I run the wizard I have no idea what choices to make. The help on the wizard is not explaning it to me in a way I follow.

 

by: rhawkPosted on 2009-08-17 at 08:50:19ID: 25115632

Chris,
I did not leave it on the machine. I could not figure out what a forward is exactly. I do not want to allow the user to forward off to another DNS is our DNS does not have the information. Is that what a forward does?

Also, we are on a larger network here, an active directory network. I just want this DNS to run on the server in this department and I will manually set the computers here to use it as the DNS server and not the one assigned in the DHCP of the big network. Can that be done?

 

by: rhawkPosted on 2009-08-17 at 08:51:59ID: 25115652

CHris, So I should just set up the DNS with forwarding? ALso on the early part of the wizard it wanted to know what kind of DNS I wanted and had 3 choices. SOmething like a small network, big network and something else. What do I want there? We are a small department (about 35 ppl), so I assume small?

 

by: Chris-DentPosted on 2009-08-17 at 08:52:38ID: 25115658


Configuring a Forwarder allows the DNS server to send unresolved queries to another DNS server. The user won't be able to do anything with a Forwarder.

And you can set DNS independently from the rest of TCP/IP configuration, that's not a problem (even if it requires effort :)).

Chris

 

by: Chris-DentPosted on 2009-08-17 at 08:53:50ID: 25115674


There's a wizard? :) Is it Small Business Server? Otherwise it's a wizard that I never bothered looking at...

Chris

 

by: rhawkPosted on 2009-08-17 at 08:56:57ID: 25115699

Hi Chris, I believe it is the standard version. Let me go to the server room and post from there so I can see the server screen.

 

by: rhawkPosted on 2009-08-17 at 09:02:07ID: 25115758

Chris,
It is 2003 standard. I use the "Manage your server" wizard to tell it to add the DNS to the server. I am doing it right now so I can tell you what it is asking me.

It wants to know if I want to:
"Create a forward lookup zone " or "Create forward and reverse lookup zones " or "Configure root hints only".

Should I make a forward lookup zone only?

 

by: peralesaPosted on 2009-08-17 at 09:05:04ID: 25115782

Inject your ISP DNS Servers into your forwarder tab.  If you are looking for a web filter of sorts, OpenDNS is a decent solution for free.

http://www.opendns.com

 

by: Chris-DentPosted on 2009-08-17 at 09:06:48ID: 25115802


Forward and Reverse, but only if they don't already exist. To be honest, I'd do it from the DNS console rather than with the wizard there.

Chris

 

by: rhawkPosted on 2009-08-17 at 09:10:36ID: 25115829

Chris, Well, I took option 1 annd then set the forwarding to the 2 DNS's addresses we use now. I opened the consol. Will I see the sites that people are going to under "cached lookups", "forward lookups" or "reverse lookups"?

 

by: Chris-DentPosted on 2009-08-17 at 09:12:38ID: 25115849


Cached Lookups. Is this what you had before? It's not the easiest format to browse...

Forward Lookup Zones contains all the DNS zones you've configured, typically your AD Domain Name.

Reverse Lookup Zones contains zones used to map IP addresses back to names. So I'd expect something like "1.168.192.in-addr.arpa" in there (which will change to "192.168.1.x Subnet" if you de-select View / Advanced.

Chris

 

by: rhawkPosted on 2009-08-17 at 09:26:03ID: 25115977

Chris,
Okay, it sort of works... I set a new Vista machine here to use the new DNS. When I try to surf anywhere it hangs for a hong time and then timesout. If I refresh it does that again. The next refresh will bring up the site and then I see it in the cached lookups on the server (plus others). Why does it time out like that so many times? What can I do to stop that?

 

by: Chris-DentPosted on 2009-08-17 at 09:27:15ID: 25115987


Check the servers you're forwarding to? That's DNS Server Properties, Forwarders.

If the forwarders aren't responding quickly then your own DNS server will take a while to reply to the client again.

Chris

 

by: rhawkPosted on 2009-08-17 at 09:29:49ID: 25116015

Chris, Hmm. I am removing the dns and reinstalling it as you said to. In case it hass something to do with it all.

 

by: rhawkPosted on 2009-08-17 at 09:39:19ID: 25116094

Chris,
Okay, I have a DNS installed now with nothing in it. I then highligght the "forward loookup zones" folder and go to the action menu and click "new zone". I hit next and then have to say if this is a "Primary zone", "Secondary zone" or "stub zone". I assume primary? I pick that and now must pick a zone name. I do not want the server to be authoritative to any part of this place, so I make up a name "DNSWatcher" and hit next. I tell it to not allow dynamic updates and hit next then finish. But I still see no please to tell the server the ip address of the 2 forwarding ddnss servers to use. Where do I put that?

 

by: Chris-DentPosted on 2009-08-17 at 10:55:40ID: 25116679


What other DNS servers do you have? Which ones host the zone for Active Directory? We must ensure that clients can resolve names there otherwise you'll run into lots of problems.

Forwarders, if you need to set them can be found by opening the DNS Console, right clicking on the server and selecting Properties. There's a tab for Forwarders, it'll have a box in there with "all other dns domains" in it (or something like that). Are there any IP addresses listed if you select that?

Chris

 

by: rhawkPosted on 2009-08-17 at 11:33:12ID: 25116963

Chris,
We are a pretty big organization (ijn all) and I am doing this for but a small department. I do not manage anything in Active directory. The main DNS servers here for the centralized IT is all I want to forward to if our server does not know the ip address. Our departmetn actually has servers in the DNS of the main business and I do not want to have this DNS server handle them. I only want it to give people the IP of where to go in this department. Does this make sense?

 

by: Chris-DentPosted on 2009-08-17 at 12:56:31ID: 25117825


Yep, it does. So you want to add the IP address of the central DNS server(s) to the Forwarders list on your own server (while the all other dns domains option is selected under the Forwarders tab).

Add them in, then make sure you can run this from your own DNS server:

nslookup yourdomain.com 1.2.3.4

Where you should replace yourdomain.com with the proper domain name and 1.2.3.4 with the IP address of the central server.

Chris

 

by: rhawkPosted on 2009-08-17 at 13:27:01ID: 25118048

Chris, by the central server do you mean the DNS server we usually use? Otherise we are quite a large setup and there is not one central sever. It is a bunch of servers that wil pick up the requests, you just never know which you will get. (it is a gov domain and it handles a LOT of people).

 

by: Chris-DentPosted on 2009-08-17 at 14:45:04ID: 25118685


Yep, that one will do nicely :)

Chris

 

by: rhawkPosted on 2009-08-17 at 14:52:28ID: 25118745

Chris,
I am at a a loss on what that will do. It gives me a server name, ip address (the same one I entered) and a non-authoritative answer with a name (the one I entered) and an IP address. What do I do with this?

 

by: Chris-DentPosted on 2009-08-18 at 00:56:27ID: 25120832


It just checks that you are able to execute DNS queries against that system, nothing more. I just wanted to be sure that it was a suitable forwarder.

Chris

 

by: rhawkPosted on 2009-08-18 at 09:02:35ID: 25124644

Hi Chris,
This is just not working.
Say the domain here is state.gov (for the whole state). Our domain is xyz.state.gov. We have a website that the dns run by state.gov points to for the world. It would be at xyz.state.gov. We also have an intranet site for our employees. It is at intranet.xyz.state.gov. The main state intranet is simply "intranet" (that is what we enter in a browser to get to it).

My setup works for all non-state.gov domains. It fails on xyz.state.gov, intranet.xyz.state.gov and just intranet.

What should my zone be?

Thanks,

David

 

by: Chris-DentPosted on 2009-08-18 at 09:06:28ID: 25124681


From the way you've described it you shouldn't have a zone at all, I had expected the other DNS servers you mentioned to be able to take care of those other queries.

Chris

 

by: rhawkPosted on 2009-08-18 at 09:20:52ID: 25124866

Chris,
Okay, I removed the zone. That gets me into most of the domains on the network I know of. But I still cannot get to intranet.xyz.state.gov or intranet.

However, if I change "intranet" to intranet.state.gov I get to the top level intranet site.

How can I now just make a DNS entry to "intranet" and "intranet.xyz.state.gov" in the DNS server? This will route me to the 2 sites that do not seem to work and are about the most important.

 

by: rhawkPosted on 2009-08-18 at 10:46:05ID: 25125688

Chris,
Okay, I put the zone xyz.state.gov in and added the lookup for intranet.xyz.state.gov. That works for OUR intranet now. The only site I am unable to get working is the main state intranet called "intranet" or "intranet.state.gov"


I get that I get this done. Any ideas?

 

by: Chris-DentPosted on 2009-08-18 at 13:02:11ID: 25127007


I'm a bit confused why that one won't resolve via the previous DNS servers. Does it if you use the regular DNS servers handed out by DHCP? If you find it does, you could always add a conditional forwarder, but I thought the server you normally get was the one you added into Forwarders anyway.

Chris

 

by: rhawkPosted on 2009-08-18 at 13:36:42ID: 25127404

Yes, it works with the client using the DNS server the network gives it with DHCP, which is the same one I use in the forwarding.

 

by: Chris-DentPosted on 2009-08-19 at 00:58:05ID: 25130394


Very strange. If that's able to provide an answer it should be able to when set as a forwarder. Normally the only way to prevent that would be if you had a Forward Lookup Zone for state.gov.

Chris

 

by: rhawkPosted on 2009-08-19 at 06:37:31ID: 31616612

Hi Chris,
Okay, I am giving up. It is not worth the time I am putting in to this right now. Really a time issue not frustration. I have 30 new machines waitint to roll out and I cnanot keep them on this any longer. :( For all your time and help I'll award the points. Thanks.

I will get back to this though and continue to try after I have the machines given to the employees. I'll get it if it kills me. :)

David

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...