DNS re-config

I am a new admin at a small company with just one server, Win Server 2003R2.  This server does everything, DHCP, DNS, File and print, and Exchange.

I notices a number of DNS errors in the event logs: The dynamic registration of the DNS record '_ldap._tcp.h2o-law.com. 600 IN SRV 0 100 389 server.h2o-law.com.' failed on the following DNS server:  

DNS server IP address: 89.187.67.184
Returned Response Code (RCODE): 5
Returned Status Code: 9017

Looking at the DNS I was horrified with what I saw - see attched image file.
Given that this server is absolutely mission critical and that there is no other dns server in the business, and it is running IIS and Exchange,  I just want confirmation that my thoughts on how to get the DNS into a more sensible config is right.

Only missing piece of information is that nobody seems to know the IP addresses of the ISP DNS servers.

Please tell me how you would change the config of the DNS and TC/IP of the NIC.

Thanks

Apt-it
dns1.jpg
apt-itAsked:
Who is Participating?
 
Chris DentPowerShell DeveloperCommented:

Regarding 10.0.0.254. It could have been a Firewall or other internal device capable of handling DNS requests. I'd be hesitant to say incompetence, but that is a possibility if nothing else comes to light :)

That sounds like an excellent plan. And it should resolve the errors provided that an authoritative zone exists for the name it's trying to register.

Chris
0
 
Matt1705Commented:
There are a couple of things I would do...

1. Document the existing configuration! THis photo is nice...
2. Attempt to determine if the forwarders have a purpose.  They may have been added for a good reason.
3. If the forwarders have no purpose, delete them.
4. Change the dns entries on your server so that it points to itself.  There should be no other DNS entries except the one pointing to itself.

You may also want to look at dhcp to determine what DNS servers are configured.
0
 
Matt1705Commented:
A second note, you shouldn't need the IP addresses of the ISP DNS servers.  This server should work fine without them.
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
apt-itAuthor Commented:
Matt1705,  many thanks for your input.  

Regarding the purpose of the forwarders, I can't imaging any point to an address like 10.0.0.254 since this won't route.  Can you suggest any possible reasons for the others and/or how I could go about findinig out their purpose?

Cheera
0
 
Chris DentPowerShell DeveloperCommented:

The servers listed are:

Address:  80.248.178.131
Server:  henry.therocketshop.co.uk

Address:  91.186.3.142
Server:  ns1.therackhouse.net

Do the names mean anything to you at all? They do both respond to recursive queries (meaning they are or should be valid forwarders). It's up to you if you want to keep those.

If you don't have Forwarders configured the server will use Root Hints to resolve public requests.

> you shouldn't need the IP addresses of the ISP DNS servers

I would probably be a bit stronger with that :) You should not have DNS servers listed in TCP/IP configuration if they cannot provide an authoritative answer for the AD domain.

If the organisation can afford it an additional Domain Controller would be a real benefit.

Chris
0
 
apt-itAuthor Commented:
Chris,

Once again, many thanks for your input which is much appreciated.  I also had checked the nslookup for the two IP addresses you mention.  They are dns forwarders for a local co-location service provider who have had dealings with the business, so they could be valid fowarders though, as you say, it may be just as good to use the Root Hint servers, though I  believe this may cause a small performance hit on DNS resolution.

Can you think of any reason why someone would put 10.0.0.254 in the forwarders, or does this just point to incompetence on the part of whoever set up the DNS?

My inclination is, then, (A)  to take out the alternate DNS server in the TCP/ip properties as the server should only point to itself; (B) to remove 10.0.0.254 as this is meaningless, (C), to keep 91.186.3.142 and add 89.187.67.184 to the forwarders as these are the primary and secondary DNS servers belonging to therackhouse.

Does this sound like a good plan to you??

My last question is - do you think that these changes will remedy the Event Log error I reported in my first posting, ID 5774 source, NETLOGON?

Really appreciate you help as I am working alone and need to get this right.
0
 
apt-itAuthor Commented:
Gents, many thanks for your help - much appreciated!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.