can't use forwarder in Active Directory DNS (extra 500 for a correct answer )

Hi there

i configured my active directory and my dns , but i can't use forwareds , it says :
" forwarders are not availbe becasue this is a root server "

all my computers are pointed to the Active Directory DNS and if i can't use forwarders so i can't
have resolving to external sites

what should i do to solve this issue ?


LVL 4
victorbxAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

axel-foxCommented:
looks like you configured your dns to be a root-dns server
you prolly want to remove the root-domain (eg .com, .de, .at, .*) after that it should work fine.
see following quoting starting at point 6.

quoting from http://support.microsoft.com/?kbid=237675 :

--
These steps guide you through configuring DNS by using the DNS Manager snap-in in Microsoft Management Console (MMC).

   1. Click Start, point to Programs, point to Administrative Tools, and then click DNS Manager. You see two zones under your computer name: Forward Lookup Zone and Reverse Lookup Zone.
   2. The DNS Server Configuration Wizard starts. Click Next.
   3. Right-click Forward Lookup Zone, and then click Properties.
   4. Choose your DNS server to be a root server. Click Next.
   5. Choose to add a forward lookup zone. Click Next.
   6. The new forward lookup zone must be a primary zone so that it can accept dynamic updates. Click Primary, and then click Next.
   7. The new zone contains the locator records for this Active Directory domain. The name of the zone must be the same as the name of the Active Directory domain, or be a logical DNS container for that name.

      For example, if the Active Directory domain is named "support.microsoft.com", legal zone names are "support.microsoft.com", "microsoft.com", or "com". Type the name of the zone, and then click Next.

      NOTE: If you name the zone "com" we will believe that we are authoritative for the "com" domain and never forward any requests that we can not answer out to the real "com" domain servers. The same would be true if you named it "microsoft.com", you would never use your forwarder to resolve requests from the real "microsoft.com" servers.
   8. Accept the default name for the new zone file. Click Next.
   9. Choose not to add a reverse lookup zone now. Click Next.

      NOTE: Experienced DNS administrators may want to create a reverse lookup zone, and are encouraged to explore this branch of the wizard.
  10. Click Finish to complete the Server Configuration Wizard.
  11. After the Server Configuration Wizard is finished, DNS Manager starts. Proceed to the next step to enable dynamic update on the zone you just added.
--

have a nice day,

patric schmitz
0
oBdACommented:
For external lookups to work, you'll have to delete the "." zone in your forward lookup zone.

====8<----[Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS]----
Question: What is the "." zone in my forward lookup zone?
Answer: This setting designates the Windows 2000 or Windows Server 2003 DNS server to be a root hint server and is usually deleted. If you do not delete this setting, you may not be able to perform external name resolution to the root hint servers on the Internet.

Question: Do I need to configure forwarders in DNS?
Answer: No. By default, Windows 2000 and Windows Server 2003 DNS use the root hint servers on the Internet; however, you can configure forwarders to send DNS queries directly to your ISP's DNS server or other DNS servers. In most cases, when you configure forwarders, DNS performance and efficiency increases, but this configuration can also introduce a point of failure if the forwarding DNS server is experiencing problems. The root hint server can provide a level of redundancy in exchange for slightly increased DNS traffic on your Internet connection.
====8<----[Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS]----

Here's the complete document including some other usefule information:
Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
xqzme_plzCommented:
hi!
i had the same problem too then i searched out for the solution. the result i concluded is whenever you set-up ur DNS server through the AD wizard it just mess-up the things. it however configure ur DNS server but it makes it as a Root server as well. once it will be Root server it dont need Forwarders anymore so it just disable the Forwarders check box and also notice there aint anything in the "Root Hints" it should be empty.
so 1st we should configure DNS and then we should install AD.
anyways the work-around for your problem is also available.
Go to the DNS snap-in
Click on the DNS server
you'll get the zones
the very 1st one will be "." zone and then after the forward zone for ur domain name.
all you need to Remove the "." zone from the DNS server.
just delete the Root zone u dont need to be the Root DNS server so therez no sense having "." on the top of your Zones.
so thats it. .. close ur DNS snap-in
re-open ur DNS snap-in and now try to put the Forwarders it should be enabled now .
hope this will work for you.
Faysal.
0
abuzzuzCommented:
0
dhoustonieCommented:
I tried what has been mentioned above but the method that has worked for me is to delete all forward and reverse lookup zones. Then stop the service. Then delete the database files in the Windows \ System32\Dns folder.
Then restart the service and recreate the zones.
Works fine for me now.
Dave
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 2000

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.