Cant change the preferred dns settings on Edge Transport

I have an Exchange 2010 Edge Transport server in my DMZ that is configured to use the 'Network Card settings' with ‘All available ipv4’ on External and Internal DNS Lookup Settings.  Everything is running fine, however, I have added a new External DNS server in my environment and I want to change the Edge Server’s Preferred DNS Server settings to reflect the new DNS server, and move the old DNS server as an Alternate.

My Problem:  After I make the DNS change on the Adaptor settings, the server forces me to re-boot and afterwards reverts it back to the original IP settings.  What is causing this and how can I get around it?  All I am trying to do is point the NIC IP address on the Edge Server to the new External DNS server and it is not letting me.
sagdocAsked:
Who is Participating?
 
sagdocConnect With a Mentor Author Commented:
Finally I found the issue.  Our security person had decided to turn on Sonar in Symantec and set the DNS change detection setting to block.  Of course he neglected to tell anyone about it.  So even disabling Symantec temporarily would not fix my problem until he put in an exception policy.  

So it is true....blame the security person first.
0
 
MaheshArchitectCommented:
Please try disabling UAC on edge server through gpedit.msc computer configuration\security settings
If above do not worked, then
Please try netsh command line to change DNS server IP from elevated command prompt on Edge Server
Check below articles for commands and detailed instructions
http://helpdeskgeek.com/networking/change-ip-address-and-dns-servers-using-the-command-prompt/
http://www.practicallynetworked.com/networking/manage_windows_network_settings_with_netsh.htm

This will work hopefully

Mahesh
0
 
sagdocAuthor Commented:
I don't think it is the UAC because it is already disabled.  I will try the netsh command.  I am still curious why the change does not occur via the GUI.  Does the Edge Transport installation\process have a specific hook into the NIC DNS settings that would prevent modification from the GUI?
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
sagdocAuthor Commented:
I guess no one has seen this problem before?
0
 
MaheshArchitectCommented:
Have you got success with netsh
0
 
sagdocAuthor Commented:
Well, not really.  I am running the netsh commands from the command prompt and it comes back with an access denied response.  I am access the command window with 'run as administrator'.  This is really strange, all I am trying to do is change the preferred DNS server to a different DNS server but it just wont let me.
0
 
MaheshArchitectCommented:
Not sure what is exact issue

have you done any kind of hardening on Edge server ?

Try to add one more network card on Edge server and check if it works

If worked, then remove original network card and restore original ip settings

Mahesh
0
 
sagdocAuthor Commented:
Nothing specific on hardening the server.  I think the problem centers around the Exchange Services.  I will stop the services, modify the preferred dns server and reboot.  Hopefully this will work.
0
 
MaheshArchitectCommented:
may be that is simplest fix i hope, good luck
0
 
sagdocAuthor Commented:
Well...that did not work.  Even with all of the Exchange services stopped the preferred and alternate dns server settings reverted back to the original settings.  I am at a loss.  At this point I just would like to know why this is occurring.
0
 
MaheshArchitectCommented:
Really very weired issue
0
 
sagdocAuthor Commented:
That was the fix
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.