a182612
asked on
DNS-error in set up preventing secondaries from making zone transfers.
I am running windows 2000 server and the company DNS admin sent me a notice saying I have an error in my setup preventing secondaries from making zone transfers. They said they did not have any expertise in windows DNS but thought I should remove my alias. When the server admin set up this process he did not have the alias in the interface and no one could get to the safety site. In the DNS properties menu on this item there are some selections. It is set to Host and Aliases (A and Cname records) as below. If I
change this to just Host do you think that would work and still recognize the alias. I am afraid if I remove the alias record then no one will be able to get to the site. The System log shows Event 5782 "Dynamic registratrion or deregistration of one or more DNS records failed with the following error. No DNS server configured for the local host. The server administrator left the company and I am new to DNS with no other windows 2000 server experts available. Thanks for your help......
change this to just Host do you think that would work and still recognize the alias. I am afraid if I remove the alias record then no one will be able to get to the site. The System log shows Event 5782 "Dynamic registratrion or deregistration of one or more DNS records failed with the following error. No DNS server configured for the local host. The server administrator left the company and I am new to DNS with no other windows 2000 server experts available. Thanks for your help......
ASKER
I checked the TCP/IP settings and teh DNS server IP addresses are in place already. I am verifying with the DSN folks that these are the correct addresses.
For part 2 here is what they are saying:
> We do not support Microsoft's DNS server. We recommend using BIND (from
> http://www.isc.org). But from the snapshot you sent, we think the problem
> is with the line:
>
> (same as parent folder) Alias corpsafety.safety.fedex.co
>
> In BIND terms, this is called a CNAME record. safety.fedex.com is called
> the zone, and you cannot create a CNAME record for your zone. Well, you
> can create it, but your results will vary with different nameservers. So
> you need to remove this record. Under the forward zone in the DSN interface it does say safety.fedex.com my server name. Should I remove that and put the IP addresses of the DSN server there and remove the the safety.fedex.com? Sorry but I have very little knowledge about DSN.
>
For part 2 here is what they are saying:
> We do not support Microsoft's DNS server. We recommend using BIND (from
> http://www.isc.org). But from the snapshot you sent, we think the problem
> is with the line:
>
> (same as parent folder) Alias corpsafety.safety.fedex.co
>
> In BIND terms, this is called a CNAME record. safety.fedex.com is called
> the zone, and you cannot create a CNAME record for your zone. Well, you
> can create it, but your results will vary with different nameservers. So
> you need to remove this record. Under the forward zone in the DSN interface it does say safety.fedex.com my server name. Should I remove that and put the IP addresses of the DSN server there and remove the the safety.fedex.com? Sorry but I have very little knowledge about DSN.
>
Do you know why you require the downlevel domain corpsafety?
Or is corpsafety the name of a server?
Or is corpsafety the name of a server?
ASKER
corpsafety is the name of the web server.
you are redirecting safety.fedex.com to corpsafety.safety.fedex.co
I am off to a meeting, back in a about an hour.
ASKER
According to the guy who left he said that safety management wanted to use safety.fedex.com as the web site home page and the server is named corpsafety. safety.fedex.com so I think he has this set up as an alias so that even though the server was named corpsafety.safety.fedex.co
That is exactly what he did, but by doing that he created an alias of the domain itself to a downlevel domain. I would suggest removing the alias completely. Then you will either have to have the users go to corpsafety.safety.fedex.co
P.S. I used to be Director of IT for kinkos.com, until we sold the company to Kinkos Corporation. I spent a lot of time developing Print to Kinko's and integrating the website with Fedex and Kinko's.
P.S. I used to be Director of IT for kinkos.com, until we sold the company to Kinkos Corporation. I spent a lot of time developing Print to Kinko's and integrating the website with Fedex and Kinko's.
ASKER
Wow, what a small world. I am sure you know Kinko's is now a FedEx company....
Is this the problem causing the error message in the system log and the zone issue the DNS admin is seeing? It seems I remmember the server admins saying we could not have the 'safety' designation tied to our IP address for some reason. I will have to check on that.
If they do designate the 'safety' to my server's IP address would I be able to remove the alias and folks would still find the site using safety.fedex.com? I am trying to determine what is occuring in this case. Is it just creating the alias at a higher level instead of on my box? One more thing if they can't do this and I leave it are there any big consequences? I have not had anyone complaining they can't find the site and it's been that way for at least a few years. The trigger on this issue was the DSN admin sending me that notice apparently showing up in their error log. Not sure why they did not see it a long time ago either..
Thanks so much for your help.
Is this the problem causing the error message in the system log and the zone issue the DNS admin is seeing? It seems I remmember the server admins saying we could not have the 'safety' designation tied to our IP address for some reason. I will have to check on that.
If they do designate the 'safety' to my server's IP address would I be able to remove the alias and folks would still find the site using safety.fedex.com? I am trying to determine what is occuring in this case. Is it just creating the alias at a higher level instead of on my box? One more thing if they can't do this and I leave it are there any big consequences? I have not had anyone complaining they can't find the site and it's been that way for at least a few years. The trigger on this issue was the DSN admin sending me that notice apparently showing up in their error log. Not sure why they did not see it a long time ago either..
Thanks so much for your help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I guess it's safe to say that just because the DNS folks are getting that error does not mean it's impacting my server site?? I don't really care of they have the error if there is no impact n folks finding my server. My management has said they only want folks to go to safety.fedex.com and not use the 'corp' so I am going to leave it as is. I think if folks could not get to my site I would have had complaints because its' used significantly. Can you see any reason for me to change this or impact if I don't except the DNS folks getting an error is their system logs? Thanks.
I can't answer that without knowing what those DNS admins know. But, provided that everyone can get to your site, which it looks like they should and there are not any issues with clients and there DNS lookups then I am not sure you require the zone transfers.
Is your DNS admin asking you to send them Zone transfers, if so got to DNS Management, right click on the Name of the domain under the forward lookup. Goto to Zone Transfer, allow zone transfers and put in their DNS servers, if this Admin understands DNS, then reading the options to him should be sufficient to allow him to help you with the setup.
J