Should this DNS server forward queries?

choy77
choy77 used Ask the Experts™
on
hi,

I am configuring a DNS server.

It's asking me "should this DNS server forward queries"?

Which DNS server do I put in here?

There is only one domain controller - this one. and about 9 client machines.

Thanks again
Chris

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Author

Commented:
Netdiag below:

C:\Program Files\Support Tools>netdiag.exe

.......................................

    Computer Name: NEXTEP
    DNS Host Name: nextep.OFFICE.NEXTEPFP.CO.UK
    System info : Microsoft Windows Server 2003 (Build 3790)
    Processor : x86 Family 15 Model 4 Stepping 9, GenuineIntel
    List of installed hotfixes :
        KB915800-v9
        KB923561
        KB924667-v2
        KB925398_WMP64
        KB925876
        KB925902-v2
        KB927891
        KB929123
        KB930178
        KB932168
        KB933854
        KB936357
        KB938127
        KB938464-v2
        KB941569
        KB942830
        KB942831
        KB943055
        KB943460
        KB944338-v2
        KB944653
        KB945553
        KB946026
        KB948496
        KB950762
        KB950974
        KB951066
        KB951748
        KB952004
        KB952069
        KB952954
        KB953298
        KB954155
        KB954550-v5
        KB954600
        KB955069
        KB956572
        KB956744
        KB956802
        KB956803
        KB956844
        KB957097
        KB958469
        KB958644
        KB958687
        KB958869
        KB959426
        KB960225
        KB960803
        KB960859
        KB961063
        KB961118
        KB961371-v2
        KB961501
        KB967715
        KB967723
        KB968389
        KB968537
        KB968816
        KB969059
        KB969805
        KB969883
        KB970238
        KB970483
        KB970653-v3
        KB971032
        KB971486
        KB971557
        KB971633
        KB971657
        KB971961
        KB971961-IE8
        KB972260
        KB972260-IE8
        KB973346
        KB973354
        KB973507
        KB973525
        KB973540
        KB973815
        KB973825
        KB973869
        KB973874-IE8
        KB974112
        KB974455-IE8
        KB974571
        KB975025
        KB975254
        KB975467
        Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : Server Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : nextep
        IP Address . . . . . . . . : 192.168.0.1
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.0.254
        Primary WINS Server. . . . : 192.168.0.1
        Dns Servers. . . . . . . . : 192.168.0.1


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed

        WINS service test. . . . . : Failed
            The test failed.  We were unable to query the WINS servers.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{F14224D0-8DFF-4980-9A2C-F3B9AFF3F340}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '192.168.0.1'. Please wait for 30 minutes for DNS server replication.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{F14224D0-8DFF-4980-9A2C-F3B9AFF3F340}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{F14224D0-8DFF-4980-9A2C-F3B9AFF3F340}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Failed
    [WARNING] Cannot call DsBind to nextep.OFFICE.NEXTEPFP.CO.UK (192.168.0.1).
[RPC_S_SERVER_UNAVAILABLE]


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed
    [FATAL] Cannot open an LDAP session to 'nextep.OFFICE.NEXTEPFP.CO.UK' at '19
2.168.0.1'.
    [WARNING] Failed to query SPN registration on DC 'nextep.OFFICE.NEXTEPFP.CO.
UK'.


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully

C:\Program Files\Support Tools>netdiag.exe
Awarded 2009
Top Expert 2010

Commented:
Have you created a forward lookup zone in your DNS for your domain name?

Author

Commented:
yes I have done.

I also cannot authorize the server for DHCP.

and Active directory isnt working and I have tried most of the forums....
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Awarded 2009
Top Expert 2010

Commented:
Can you run dcdiag and post the results.

Also are there any event logs in the system r application logs that could help?

Author

Commented:
Hi.

error 4015 and 4521 and 6702
DCDiag

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator>dcdiag

Domain Controller Diagnosis

Performing initial setup:
   [nextep] LDAP search failed with error 58,
   Win32 Error 58.
   ***Error: The machine, nextep could not be contacted, because of a bad net
   response.  Check to make sure that this machine is a Domain Controller.

C:\Documents and Settings\Administrator>

I just cannot contact the AD or get DHCP to work.

updated nic drivers tried various things dnsflush, stopping services, starting them, reinstalled DNS and just still the same.

Cheers for your help!!
Awarded 2009
Top Expert 2010

Commented:
Has it ever worked?
Do you have a system state backup?

What else is on the server?
Awarded 2009
Top Expert 2010

Commented:
Sorry 1 more question is this the only Domain Controller?

Looking at the logs now.

Author

Commented:
Hi,

Thinking about it I don't thiink it has ever worked properly.

There have been 4 users using this domain with exchange server and it all works fine.

obviously cannot add new users or anything at the moment.

so - there is exchange server - 4 mail boxes.

no system state backup as i have only just took this job on and there was no antivirus either though I have done a virus check and malware/spyware check and nothing found.

My thoughts are to rebuild the server but I really don't want to go down that route if I can help it.

Cheers




Author

Commented:
Hi

yeh this is this is the only domain controller...
Awarded 2009
Top Expert 2010

Commented:
First thing you need to do is a bricklevel backup of exchange: http://www.petri.co.il/brick_level_backup_of_mailboxes_by_using_exmerge.htm

this is worst case scenario, also take a system state backup so of it he's worse we can go back.

Next uninstall the network card using device manager then reboot and allow windows to detect it.

If you have another network card in the machine that is not being used disable it.  Do you have another network card you could put in? If so disable all cards currently in the server and put a new card in.  Configure it with the required settings.

After you have done one of the above run dcdiag again

Author

Commented:
Hi I have a new card I can put in.

should I disable the current card on the motherboard then shut down then install new card?

Author

Commented:
hi, it wont let me back up the exchange - says its not accessible yet there are 4 users with mail boxes and all emails are working on exchange!!

Author

Commented:
When I  try to go in exchange system manager it says -

The sever is not operational
facility: win32

ID no : 8007203e

exchange system manager...

Awarded 2009
Top Expert 2010

Commented:
Yes shutdown and put a new card in after disabling the others.
Awarded 2009
Top Expert 2010

Commented:
Yes shutdown and put a new card in after disabling the others.
Awarded 2009
Top Expert 2010

Commented:
Forgot make sure you set the current NIC to obtain IP address automatically before you disable it.

Author

Commented:
Hi,

k now i have installed new GB network card...

server has come back on fine.

currently set to automatic dhcp

getting it from the router at the moment...

Author

Commented:
Should I assign this new card to the network?  192.168.0.1?

cheers

Author

Commented:
hi,
I am also gettin the error randomly - can't read ServerLisr from ServerView database.
the Service stopped
please check whether the svdb server is running

Cheers
Awarded 2009
Top Expert 2010

Commented:
Give it a different address to the one that you had originally just make sure it's not one that is set fr something else.

Then restart the netlogon service and run dcdiag

Author

Commented:
do you mean on the same range though?
Awarded 2009
Top Expert 2010

Commented:
Yes just give it 192.168.0.200 or something similar

Author

Commented:
Now that I have changed the nic I cannot access resources.

ahould I run the change IP address of server?

Author

Commented:
sorry I can access it via IP address 192.168.0.50 but not by name

Author

Commented:
DC Diag

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\Administrator>dcdiag

Domain Controller Diagnosis

Performing initial setup:
   [nextep] LDAP search failed with error 58,
   Win32 Error 58.
   ***Error: The machine, nextep could not be contacted, because of a bad net
   response.  Check to make sure that this machine is a Domain Controller.

C:\Documents and Settings\Administrator>



Author

Commented:
netdiag

C:\Program Files\Support Tools>netdiag

.......................................

    Computer Name: NEXTEP
    DNS Host Name: nextep.OFFICE.NEXTEPFP.CO.UK
    System info : Microsoft Windows Server 2003 (Build 3790)
    Processor : x86 Family 15 Model 4 Stepping 9, GenuineIntel
    List of installed hotfixes :
        KB915800-v9
        KB923561
        KB924667-v2
        KB925398_WMP64
        KB925876
        KB925902-v2
        KB927891
        KB929123
        KB930178
        KB932168
        KB933854
        KB936357
        KB938127
        KB938464-v2
        KB941569
        KB942830
        KB942831
        KB943055
        KB943460
        KB944338-v2
        KB944653
        KB945553
        KB946026
        KB948496
        KB950762
        KB950974
        KB951066
        KB951748
        KB952004
        KB952069
        KB952954
        KB953298
        KB954155
        KB954550-v5
        KB954600
        KB955069
        KB956572
        KB956744
        KB956802
        KB956803
        KB956844
        KB957097
        KB958469
        KB958644
        KB958687
        KB958869
        KB959426
        KB960225
        KB960803
        KB960859
        KB961063
        KB961118
        KB961371-v2
        KB961501
        KB967715
        KB967723
        KB968389
        KB968537
        KB968816
        KB969059
        KB969805
        KB969883
        KB970238
        KB970483
        KB970653-v3
        KB971032
        KB971486
        KB971557
        KB971633
        KB971657
        KB971961
        KB971961-IE8
        KB972260
        KB972260-IE8
        KB973346
        KB973354
        KB973507
        KB973525
        KB973540
        KB973815
        KB973825
        KB973869
        KB973874-IE8
        KB974112
        KB974455-IE8
        KB974571
        KB975025
        KB975254
        KB975467
        Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : Local Area Connection 3

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : nextep
        IP Address . . . . . . . . : 192.168.0.50
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.0.254
        Primary WINS Server. . . . : 192.168.0.1
        Dns Servers. . . . . . . . : 192.168.0.50

        IpConfig results . . . . . : Failed
            Pinging the Primary WINS server 192.168.0.1 - not reachable

        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Failed
            No gateway reachable for this adapter.

        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenge
r Service', <20> 'WINS' names is missing.
            No remote names have been found.

        WINS service test. . . . . : Failed
            The test failed.  We were unable to query the WINS servers.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{F0900255-D188-42AF-BC48-C41C3773FAB0}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Failed

    [FATAL] NO GATEWAYS ARE REACHABLE.
    You have no connectivity to other network segments.
    If you configured the IP protocol manually then
    you need to add at least one valid gateway.


NetBT name test. . . . . . . . . . : Passed
    [WARNING] You don't have a single interface with the <00> 'WorkStation Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
       [WARNING] The DNS entries for this DC cannot be verified right now on DNS
 server 192.168.0.50, ERROR_TIMEOUT.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{F0900255-D188-42AF-BC48-C41C3773FAB0}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{F0900255-D188-42AF-BC48-C41C3773FAB0}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Failed
    [WARNING] Cannot call DsBind to nextep.OFFICE.NEXTEPFP.CO.UK (192.168.0.50).
 [RPC_S_SERVER_UNAVAILABLE]


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed
    [FATAL] Cannot open an LDAP session to 'nextep.OFFICE.NEXTEPFP.CO.UK' at '19
2.168.0.50'.
    [WARNING] Failed to query SPN registration on DC 'nextep.OFFICE.NEXTEPFP.CO.
UK'.


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully

C:\Program Files\Support Tools>
Awarded 2009
Top Expert 2010

Commented:
Ahh I am sorry I didn't read the question properly is this Small Business Server?

Author

Commented:
Hi,

yeh its small business server R2. 2003
Awarded 2009
Top Expert 2010

Commented:
So in that cast in Server Manager under Internet and E-Mail run the Change Server IP address wizard.

You are then going to need to run the connect to the internet wizard.
Awarded 2009
Top Expert 2010

Commented:
Also unless WINS is installed on your SBS server which I doubt it is remove the entry in IP settings for the WINS server.

What is your router address? Enter this in the gateway address and make sure the server can ping it.
Awarded 2009
Top Expert 2010

Commented:
once your done run netdiag /fix followed by dcdiag /fix and post the results.

Author

Commented:
router address - 192.168.0.254 I have just tried to run the change sever IP and the error attached comes up...

Also this is the log


23/10/2009 18:25
Current User:  Administrator
Old IP Address:  192.168.0.1
Old 'intended' IP Address:  192.168.0.1
Old Subnet Mask:  255.255.255.0
New IP Address:  10.0.1.1
New Subnet Mask:  255.255.255.0
ModifyPrivateNicProperties returned OK
ConfigureDns returned OK
*** ConfigureDHCP returned ERROR 80074e66
"Generic Error"; hr is 0x80074e66.
Error message box (msg id 10): An error occurred while changing the IP address. Your server might be partially configured. We recommend that you run the Change IP Address Tool again and enter the original IP address of the server.

If this error message appears again, ensure that the local network adapter is enabled in Network Connections and that it is connected to a switch or hub that has power. Also, open Services, and ensure that any services having a startup type of Automatic are running.

If the error message still occurs, see the log file at C:\Program Files\Microsoft Windows Small Business Server\Support\Changeiplog.txt.

24/10/2009 07:53
Current User:  Administrator
Old IP Address:  10.0.1.1
Old 'intended' IP Address:  10.0.1.1
Old Subnet Mask:  255.255.255.0
New IP Address:  192.168.0.1
New Subnet Mask:  255.255.255.0
ModifyPrivateNicProperties returned OK
ConfigureDns returned OK
*** ConfigureDHCP returned ERROR 80074e66
"Generic Error"; hr is 0x80074e66.
Error message box (msg id 10): An error occurred while changing the IP address. Your server might be partially configured. We recommend that you run the Change IP Address Tool again and enter the original IP address of the server.

If this error message appears again, ensure that the local network adapter is enabled in Network Connections and that it is connected to a switch or hub that has power. Also, open Services, and ensure that any services having a startup type of Automatic are running.

If the error message still occurs, see the log file at C:\Program Files\Microsoft Windows Small Business Server\Support\Changeiplog.txt.

24/10/2009 07:55
*** _NetCfgGetIPAddres returned ERROR 8000ffff

24/10/2009 13:59
Current User:  administrator
Old IP Address:  192.168.0.50
Old 'intended' IP Address:  192.168.0.50
Old Subnet Mask:  255.255.255.0
New IP Address:  192.168.0.50
New Subnet Mask:  255.255.255.0
ModifyPrivateNicProperties returned OK
ConfigureDns returned OK
*** ConfigureDHCP returned ERROR 80074e66
"Generic Error"; hr is 0x80074e66.
Error message box (msg id 10): An error occurred while changing the IP address. Your server might be partially configured. We recommend that you run the Change IP Address Tool again and enter the original IP address of the server.

If this error message appears again, ensure that the local network adapter is enabled in Network Connections and that it is connected to a switch or hub that has power. Also, open Services, and ensure that any services having a startup type of Automatic are running.

If the error message still occurs, see the log file at C:\Program Files\Microsoft Windows Small Business Server\Support\Changeiplog.txt.

24/10/2009 14:03
Current User:  administrator
Old IP Address:  192.168.0.50
Old 'intended' IP Address:  192.168.0.50
Old Subnet Mask:  255.255.255.0
New IP Address:  192.168.0.50
New Subnet Mask:  255.255.255.0
ModifyPrivateNicProperties returned OK
ConfigureDns returned OK
*** ConfigureDHCP returned ERROR 80074e66
"Generic Error"; hr is 0x80074e66.
Error message box (msg id 10): An error occurred while changing the IP address. Your server might be partially configured. We recommend that you run the Change IP Address Tool again and enter the original IP address of the server.

If this error message appears again, ensure that the local network adapter is enabled in Network Connections and that it is connected to a switch or hub that has power. Also, open Services, and ensure that any services having a startup type of Automatic are running.

If the error message still occurs, see the log file at C:\Program Files\Microsoft Windows Small Business Server\Support\Changeiplog.txt.

change-IP-address-tool-error.JPG
Awarded 2009
Top Expert 2010

Commented:
OK if you open Regedit and navigate to:

HKEY_LOCAL_MACHINE\Software\Microsoft\SmallBusinessServer\Win2KCfg\values

whatg does the value listed under IP say?  Is the domainname value valid also? (worth checking whilst we are here)

If you try using the wizard to change the IP back to the original what happens?

Can you post an ipconfig /all
Awarded 2009
Top Expert 2010

Commented:
how's it going?

Author

Commented:
one sec.

just got back

will do now.

Cheers

Author

Commented:
Hi,

I print screened that value is this the right one?

got kicked off I am just going to change the IP back am remoting in at the moment had to come off site
reg.JPG
Awarded 2009
Top Expert 2010

Commented:
there should be 6 values there.
It doesn't look to me as if SBS has ever been setup properly.

Can you post ipconfig /all from the server?

Author

Commented:
get same error when try to change it back but it does change back...

IPconfig


Windows IP Configuration

   Host Name . . . . . . . . . . . . : nextep
   Primary Dns Suffix  . . . . . . . : OFFICE.NEXTEPFP.CO.UK
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : OFFICE.NEXTEPFP.CO.UK
                                       NEXTEPFP.CO.UK
                                       CO.UK

Ethernet adapter Local Area Connection 3:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Allied Telesis AT-2916T
   Physical Address. . . . . . . . . : 00-15-77-AE-76-07
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.0.1
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.254
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   Primary WINS Server . . . . . . . : 192.168.0.1

C:\Documents and Settings\Administrator>
Awarded 2009
Top Expert 2010

Commented:
are you able to check your DNS management, can you post a screenshot of DNS?
Commented:
Hi,

could not fix this problem at all even with the expert advice given but thanks!

I contacted Microsoft had a very long weekend last weekend and they sorted it out..

Solutions below:

Hello  Chris,
 
It was my pleasure to assist you during your " DHCP and DNS not working" issue.  I hope that you were delighted with the service provided to you.  I am providing you with a summary of the key points of the case for your records. If you have any questions please feel free to call me. You can reach me using the contact information below and referencing your case SRQ091024600032.
 
PROBLEM: DHCP and DNS not working
CAUSE: Active Directory  not functioning.
RESOLUTION: Following are the troubleshooting steps we followed.
1.      We checked the network settings on the server.
2.      We found that TCP/IP filtering was enabled on the NIC card disabled it.
3.      We found that the Dc diag was giving an error LDAP search failed with error 58.
4.      We made registry changes related to winsock but that did not fix the problem.
5.      We reset the TCP?IP stack and winsock but still no go.
6.      We booted the server in safe mode with networking and everything was working fine in safe mode.
7.      We uninstalled the antivirus esat on the server.
 
RELATED KNOWLEDGE BASE ARTICLES:
How to Troubleshoot Missing SYSVOL and NETLOGON Shares on Windows Server 2003 Domain Controllers
http://support.microsoft.com/?id=327781 

Troubleshooting Missing SYSVOL and NETLOGON Shares on Windows 2000
http://support.microsoft.com/?id=257338 

Using the BurFlags registry key to reinitialize File Replication Service replica sets
http://support.microsoft.com/kb/290762 

You cannot open file shares or Group Policy snap-ins when you disable SMB signing for the Workstation or Server service on a domain controller
http://support.microsoft.com/?id=839499 

Please do visit the SBS site at
http://www.microsoft.com/windowsserver2003/sbs/default.mspx 
http://blogs.technet.com/sbs 
http://support.microsoft.com/oas 
Again thank you for your time and patience in this matter.
 
Based on our last conversation, I am closing your case SRQ091024600032. If your issue has recurred or you are not happy with any aspect of this case, please let me know as soon as possible.
Thank you for choosing Microsoft, and specifically Microsoft Small Business Server.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial