johnnyb10
asked on
How can I fix DNS configuration on Server 2008
I'm doing a technical review on a book about Server 2008 administration and I've run into a problem where DNS no longer works. I'm only using two computers, both on a virtual network (using Virtual Server), one running Server 2008 Enterprise, and the other running Server Core 2008 Enterprise. One is the DC, the other a member server. In this chapter so far, I've delegated DNS zones to the member server, made configuration changes to DNS at the server level and zone level (via the DNS node in Server Manager), modified DNS records, set up round-robin DNS, and created DNS records. Everything has worked so far. Now, I've come to an activity that involves creating a conditional forwarder. Here's where the problem is. I did the following steps as directed in the book:
1) I typed nslookup -type=NS <xyzdomainname>.com to find the NS records for <xyzdomainname>.com. This worked fine.
2) I entered the following commands to remove all forwarders and clear the DNS cache on the DC:
dnscmd <domaincontroller> /resetforwarders
dnscmd <domaincontroller> /clearcache.
This also worked fine.
3) I deleted all the root hints servers on the Root Hints tab of the server's Properties box in the DNS console. So far so good.
4) I added a new Conditional Forwarder. In the Conditional Forwarder dialog box, I entered the <xyzdomainname>.com name and then tried to add one of the name servers that I found in Step 1 above. This FAILED. It wasn't able to resolve the DNS name. I then went back I tried the nslookup command in Step 1 again and it no longer works. DNS doesn't seem to be working anymore.
I'm guessing something I did in Steps 2-4 broke DNS, but I don't know how to get it back to the way it was. Can someone tell me what the problem is and how I can "reverse" what I've done in the above steps? Since I'm reviewing the steps in this book, I need to fix it in a way that will put the machine in the same state as it was before I did the steps (in other words, I can't just start all over again from scratch). Any help would me much appreciated!
1) I typed nslookup -type=NS <xyzdomainname>.com to find the NS records for <xyzdomainname>.com. This worked fine.
2) I entered the following commands to remove all forwarders and clear the DNS cache on the DC:
dnscmd <domaincontroller> /resetforwarders
dnscmd <domaincontroller> /clearcache.
This also worked fine.
3) I deleted all the root hints servers on the Root Hints tab of the server's Properties box in the DNS console. So far so good.
4) I added a new Conditional Forwarder. In the Conditional Forwarder dialog box, I entered the <xyzdomainname>.com name and then tried to add one of the name servers that I found in Step 1 above. This FAILED. It wasn't able to resolve the DNS name. I then went back I tried the nslookup command in Step 1 again and it no longer works. DNS doesn't seem to be working anymore.
I'm guessing something I did in Steps 2-4 broke DNS, but I don't know how to get it back to the way it was. Can someone tell me what the problem is and how I can "reverse" what I've done in the above steps? Since I'm reviewing the steps in this book, I need to fix it in a way that will put the machine in the same state as it was before I did the steps (in other words, I can't just start all over again from scratch). Any help would me much appreciated!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Try with this step by step Win2008 DNS server configuration:-
http://www.trainsignaltraining.com/windows-server-2008-dns-server/2008-07-16/
From commandline:-
http://www.windowsreference.com/dns/how-to-setup-and-configure-dns-from-command-line-in-windows-server-2008-core/
Regards,
VK
http://www.trainsignaltraining.com/windows-server-2008-dns-server/2008-07-16/
From commandline:-
http://www.windowsreference.com/dns/how-to-setup-and-configure-dns-from-command-line-in-windows-server-2008-core/
Regards,
VK
ASKER
Thanks very much Chris, that definitely helped. Once I did that, I was able to successfully run the nslookup command from Step 1 again. Also, it's definitely able to resolve the name server now in the New Conditional Forwarder dialog box because it's showing the correct IP address in the IP Address column, which it wasn't before. However, in the Validated column, instead of "OK" with a green check mark, it says "An unknown error occurred". Any idea what that might be?
It does that for all servers you've just added?
I wonder if it attempts to check for recursion support against those. If it did that's likely to fail for any sensible public domain configuration. I'll try and find details of the tests it performs.
Can you try adding a forwarder (either global or conditional) to 4.2.2.4 and see if that validates? That one belongs to Verizon and is a public resolver so should work perfectly.
Chris
ASKER
Thank you again! I tried it with the Verizon forwarder as you suggested and that validated correctly. So I don't know what's wrong with the other name servers I tried, but I don't need to worry about it as it doesn't affect my work on the rest of this chapter. I appreciate your help!
Curious about it now :)
I have a few 2008 test servers at home I'll test on in the next few days and post back here if I do manage to figure it out.
Just as an incidental point, it would have probably worked if you'd added the name servers for the forwarder as IP addresses instead of host names.
Chris
Wanted to add a little.
2 would have broken it as well if you'd had Forwarders configured.
2008 server is keen on that verify step, if it can't resolve the name because all it's ways to do that were removed it will fail as you've found.
Chris