Solved

Exchange Server 2003 Problem with DNS entries - errors in Event Viewer

Posted on 2004-10-11
19
272 Views
Last Modified: 2011-09-20
My ISP provider (BellSouth) recently advised me that our DNS Server IP addresses were antiquated and they provided me with the IP addresses that should be on our server.  I had a technician come in and he changed the DNS entries that BellSouth provided.  Since that time I have been having several issues.  The main issue now is that I continue to get tons of error messages in the Event Viewer on my Exchange Server (Windows 2000 SP4) , i.e., “Registration of the DNS record ……failed with the following error:  DNS operation refused.”  Then many more with this same message or “Deregistration of the DNS record….failed with the following error:  DNS operation refused.”   My users e-mail seems to be working OK; however, when they launch Outlook 2000 (or in my case Outlook 2003) it takes about 30-45 seconds to connect where prior to these changes the connection would be immediate.  Our internet access seems to be working fine as well.  Any input on resolving these DNS issues would be appreciated.  Thank you!  
0
Comment
Question by:mmj1
  • 10
  • 8
19 Comments
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

I assume you are running Active Directory in there?

Your Exchange Server should be using your Networks Internal DNS Server, not the ISPs servers. It will need to register it's own entries on your Internal Server (hence the DNS registration errors).

You can then either use DNS Forwarding or Root Hints to resolve External Addresses, but that should be set-up on your Internal DNS Server - ideally no Internal Server or Client should be using External DNS Servers directly.

The delay in Outlook connecting is caused by this name resolution problem.

Hope that makes sense - please don't hesitate to ask again if it's not clear.
0
 
LVL 2

Expert Comment

by:Walzing
Comment Utility
Hi,

I agree with Chris-Dent. This is the best solution. If you don't want your internal DNS Server to query external DNS Servers you can configure your Exchange to use an external DNS:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;326992

cu
Bjoern Wolfgardt
0
 

Author Comment

by:mmj1
Comment Utility
Thanks for your quick response.  Yes, you are correct.  We are running Active Directory and you are also correct that our network is using an internal DNS entry (192.0.1.xx) not the ISPs server addresses.  The tech only changed the IP addresses on my Exchange Server -- all of my pc's still point to the internal DNS entry.  So from your comments it appears that my tech should focus on DNS forwarding to resovle this problem?  Also, how do we correct the name resolution issue?
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

Since your Internal users all have Internet access you might be able to assume that DNS is set up just fine internally. By default DNS will use Root Hints (asks the Root (TLD - Top Level Domain) Servers) for external addresses so generally you don't need to change anything there.

To test this out go to any of the workstations on your domain then:

Start
Run
cmd
nslookup
www.google.com

And make sure it comes back with an address. If you have no problems there then I would just swap the DNS servers on the Exchange back to the Local DNS Servers.

Then running:

Start
Run
cmd
ipconfig /registerdns

Should stop all those error messages appearing in the logs. Of course sending mail should still be tested following this change.

This should remove the speed issue running Outlook as well.

Regards,

Chris
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

Oops.... forgot to clarify that "ipconfig /registerdns" should be run on the Exchange Server.

If your clients are still suffering from slow initial connections then try:

ipconfig /flushdns

Again from the Command Prompt on any client PC that is having trouble.
0
 

Author Comment

by:mmj1
Comment Utility
I did go to a command prompt on my workstation and typed in "nslookup" -- this is the response I received:
**** Can't find server name for address 192.0.1.xx:  non-existent domain
**** Default severs are not available
Default Server:  Unknown
Address:  192.0.1.xx

I do get a reply if I type "ping www.google.com"
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

Okay, that's not so promising ;)

Does your DNS Server run on your Exchange Server by any chance?
0
 

Author Comment

by:mmj1
Comment Utility
Yes, I think my DNS Server does run on my Exchange Server......
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

Ahh, then it's unlikely to be able to resolve it's own name (Reverse Lookup - IP to Name).

If you do NSLookup does a query for www.google.com work?
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:mmj1
Comment Utility
On my workstation I typed in "nslookup" at a command prompt and this is the response I received:
**** Can't find server name for address 192.0.1.xx:  non-existent domain
**** Default severs are not available
Default Server:  Unknown
Address:  192.0.1.xx


0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

Okay... on the Exchange Server / DNS is the service running?

That you can still resolve external addresses at all (with ping) implies that it is, but it needs to reference itself really to fill in its missing information.

You don't use a secondary DNS on any of the workstations do you?

If not try:

ipconfig /flushdns

Then try ping www.google.com (or any other address really) again. If it responds I'd say you don't have a problem with DNS and should swap the DNS addresses on the Exchange Server back to the Local ones.

If it refuses to send after that you can still swap back (no mail will be lost - just queued).
0
 

Author Comment

by:mmj1
Comment Utility
I did check the services on the Exchange Server and it is started.  As far as I know, I do not use a secondary DNS on any of my workstations.  I then did "ipconfig /flushdns" on my workstation and then I tried to ping www.google.com and it did give me a reply.  So, if I understadn you correctly, you are saying I should swap the DNS addresses on the Exchange Server back to the Local ones.  I'm not sure I understand what the "Local Ones" means.  Would I be changing the DNS addresses back to the original IP addresses from Bellsouth (the ones they say are antiquated)?
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
Comment Utility

Sorry,

Change the DNS Server Addresses on the Exchange Server back to the regular Internal ones - in this case the Exchange Server IP itself. Not the Addresses from Bell South - those you shouldn't need to use at all.

If you have any problems resolving addresses on either Clients or on the Server then a few things will need checking on the Internal DNS Server:

1. Check for a Forward Lookup Zone called . (just a dot)

Then either that:

2. Root Hints is Enabled
3. DNS Forwarders are set to the ISPs DNS Addresses

Sorry for the confusion.
0
 

Author Comment

by:mmj1
Comment Utility
Thanks for the explanation.  I may have the tech come back out to make these changes as I am reluctant to make changes to my Exchange Server without him around.  I will definitely show him your postings so that he can do exactly what you recommend.  I have one other question for you (even though this may sound like a stupid question) but if the Bellsouth addresses are not on the Exchange Server which is my DNS server where are these addresses put it?  If you don't mind, I will leave this question open until my tech can come to my office so that if he needs to ask any other questions we could enter in this same post.
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

No problem at all.

The Bell South Addresses are optional. You can use them as Forwarders inside the DNS Configuration if you wish.

Forwarders means that if your local DNS doesn't know the answer to a question (like What is the IP Address for www.google.com?) then it will forward the question onto those Bell South Servers and wait for a response from them.

The other option is to use Root Hints - this is a list of the TLD (Top Level Domain) Servers, like .com, .net, .org etc etc.

Instead of asking the Bell South servers it would head back to whoever is in charge of the TLD (like .com) and ask it about a domain underneath - like google.com.

Forwarders are generally faster than performing a Full Lookup (via the Root Servers) - but I still prefer only to use Forwarders in larger organisations where you might have multiple DNS Servers. The use Root Hits removes a reliance on an ISPs DNS.

The difference in query speed is generally negligible.

Hope that helps.
0
 

Author Comment

by:mmj1
Comment Utility
Thanks for the explanation and all of your help.  Hopefully we can resolve this problem when my tech comes to the office.  I will let you know what happens and also I will award you the points once I confirm my tech doesn't need to ask anything else.  Thanks again and have a nice day!
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

Pleasure, hope it all works out.
0
 

Author Comment

by:mmj1
Comment Utility
I did finally get my tech in here and everything seems to be working fine.  I still have several warning messages in my Event Viewer but I will probably log a new posting to ask about those messages.  Your information was very valuable to me and my tech.  I think he had to add some info to the forward dns entries and that seemed to fix my problem.  Our Outlook now connects immediately as it did before and all seems well.  Thanks again for all of your help!
0
 
LVL 70

Expert Comment

by:Chris Dent
Comment Utility

Brilliant news, glad it's all working now.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Easy CSR creation in Exchange 2007,2010 and 2013
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now