Link to home
Start Free TrialLog in
Avatar of juzamx3
juzamx3

asked on

How to configure win 2k3 DNS so it won't try to register it to internet dns roots?

Hi

I have a win2k3 r2 server and it has dns and ad configured to it. I'm also going to configure exchange on it later. Now I need to know how I can stop the server from trying to register itself to Internet dns root servers? I'm using .fi instead of .local because I want the users to use the same login for email and domain. This is the only server in the domain. Only the mydomain.fi MX records should point to this server.

Servers DNS configuration:
The servers dns configuration points to itself as the primary dns server. Secondary dns is a public one. The has one forward lookup zone that is mydomain.fi. I don't use forwarders. Should I use them and remove all the root servers from the config?


This is what the server tries to do:

The dynamic registration of the DNS record '_ldap._tcp.1e0caf58-17a3-4a92-8e63-6e5648b23c41.domains._msdcs.mydomain.fi. 600 IN SRV 0 100 389 CTSRV.mydomain.fi.' failed on the following DNS server:

DNS server IP address: 212.86.0.9
Returned Response Code (RCODE): 5
Returned Status Code: 9017

For computers and users to locate this domain controller, this record must be registered in DNS.

USER ACTION
Determine what might have caused this failure, resolve the problem, and initiate registration of the DNS records by the domain controller. To determine what might have caused this failure, run DCDiag.exe. You can find this program on the Windows Server 2003 installation CD in Support\Tools\support.cab. To learn more about DCDiag.exe, see Help and Support Center. To initiate registration of the DNS records by this domain controller, run 'nltest.exe /dsregdns' from the command prompt on the domain controller or restart Net Logon service. Nltest.exe is available in the Microsoft Windows Server Resource Kit CD.
Or, you can manually add this record to DNS, but it is not recommended.

ADDITIONAL DATA
Error Value: DNS bad key.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Avatar of dan_blagut
dan_blagut
Flag of France image

Hi
Better leave the server to regester in its own DNS. You need this because of AD. Then you need to host the yourdomain.fi record at the ISP. And there you will add also the MX reccord. In that scenario form internet they see what your ISP show... meaning 3 or 4 reccord, and your client in the network will see full DNS reccord including the AD reccord. Be carefoull because if you lost the DNS you lost AD also.

Dan
Avatar of juzamx3
juzamx3

ASKER

But I don't wan't to register mydomain.fi to any ISP because www.mydomain.fi website is on a different server and I'm not hosting that server. All I need is the MX records to point to this server is this possible?

Doesn't Exchange need that I have forwarding zone mydomain.fi and that my AD domain is mydomain.fi? Or could I just rename my domain to mydomain.local and still point the MX of mydomain.fi to this server? This way the server wouldn't try to register it to ISP. I'm just learning Exchange :(
ASKER CERTIFIED SOLUTION
Avatar of dan_blagut
dan_blagut
Flag of France image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of juzamx3

ASKER

The situation is that this server is on a server hotell and the clients are on the customer site. Clients will use the server as mail server and they will also use erp on the server where they need windows authentication from the domain. Clients connect via VPN. The cu doesn't have any other server so can't use internal and external dns .

The server is behind firewall.

"Add manually on the DNS zone a reccord for www with the IP from your hosted server." hmm... why should I do this? Should I point every DNS record of mydomain.fi to this server on the serverhotel and then it would be responsible for the whole zone? This zone is now hosted by ISP and the cu would like to keep it this way. So is it possible to use the server mydomain.fi just as a mail server?
ok
you need a dns for your domain that must be on that server or other windows 2k server and must be keept private. you also need a dns zone with a www record and a mx record visible from internet. that allow users and servers to see your internet site and send you e-mails. in a standard network the internal zone is internal.local and the external is external.com. this two zones can be hosted on same server or on a diferent server, but the internal.local must remain private only for your clients computers. the external.com can be hosted anywhere.
in your case you have 2 zone (which have same name, but this is not a problem) one for local use that is hosted on  your server and a zone on ISP server. that is your external zone.
your clients computer will  use your server as dns server (that is a must for loging on the domain) so they don't have any ideea that you have 2 zones with same name, for that you need www record.
also your server must point to him self for dns. the name resolution for internet will be provided by your server by forwarder so your clients and the server will be able to browse the internet.
A last question: your clients computers made a vpn connection to server; do you use dns name or IP address for vpn server?

Dan
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Forced accept.

Computer101
EE Admin