Solved

DNS server

Posted on 2014-04-24
6
457 Views
Last Modified: 2014-04-25
I am looking to set up a windows 2008 DNS server in our environment to resolve approx. ten or fifteen static host records for hosts in our domain. For example, Host1.fargo.k12.ok.us For all other host query’s, regardless of FQDN, I would like to have this DNS server forward them to our AD integrated DNS.

I have attempted this by bringing up a DNS server, creating a fargo.k12.ok.us zone and creating a few records but can’t seem to get it to forward DNS query’s for other hosts in the fargo.k12.ok.us domain. Instead nslookup returns a DNS request time out. Timeout was 2 seconds. However, I am able to resolve hosts NOT in my domain, google.com or even hosts in my parent domain.

I have confirmed that I have fowardes set on the server and have attempted adding aditional Nname servers in that zone.

What’s the best way to accomplish this? I’ve never set up a rouge DNS server, so this is a learning experience!

The reasoning behind this has to do with the fact that if a Windows 7 laptop can resolve a fileserver’s IP, it will not allow you to access offline files that are synchronized from that sever. Our VPN cannot communicate with their local file server, but because it uses our internal DNS to resolve the hostname of the file server….the VPN user cannot access there offline files. We limit that communication because of slow air card connections our folks use. It worked great in XP, guess they “improved” this feature.

brent
0
Comment
Question by:Realpoet02
  • 3
  • 2
6 Comments
 
LVL 14

Expert Comment

by:Justin Yeung
ID: 40020970
since you have the zone on your dns server, it will only look for what ever is in your zone from that server, it will not lookup via forwarder, since it thinks it has the zone and the return value is null.

at this point, I believe you better use DNS zone transfer or AD stub zone.

use the DNS server as a standalone DNS server.
0
 

Author Comment

by:Realpoet02
ID: 40021126
Unfortunately when I make it a secondary zone or stub zone and transfer the zone from another DNS server, the new DNS server won’t let me make changes to the zone. The DNS snap in doesn’t give me the option to create a new host record or edit one that already exists.
0
 
LVL 14

Expert Comment

by:Justin Yeung
ID: 40021151
Yes since these are sub zone

If you want a full editable zone, you have to run it as adds zone
0
The New “Normal” in Modern Enterprise Operations

DevOps for the modern enterprise offers many benefits — increased agility, productivity, and more, but digital transformation isn’t easy, especially if you’re not addressing the right issues. Register for the webinar to dive into the “new normal” for enterprise modern ops.

 

Author Comment

by:Realpoet02
ID: 40021355
I assume that's short for AD Intergrated? If so, is there a different DNS product other than windows that will work for me?
0
 
LVL 40

Accepted Solution

by:
footech earned 500 total points
ID: 40021529
The best you can do is as follows:
You can configure a zone for something like "Host1.fargo.k12.ok.us".  Then inside of that zone, create an A record and leave the name blank.  It will show the name as "same as parent" after it's created.  This zone will not have any effect on resolution for any records within the "fargo.k12.ok.us" domain.  Requests for other hosts in that domain would still be forwarded on, unless you have a zone for "fargo.k12.ok.us".  However, if you had any requests for something like "XXX.Host1.fargo.k12.ok.us" (hopefully you don't need to forward requests like these) then it would be resolved by the info in the "Host1.fargo.k12.ok.us" zone - just so you're aware.

You would have to create a new zone and associated A record (with blank name) for each of the records that you want resolved by this DNS server.
0
 

Author Closing Comment

by:Realpoet02
ID: 40022939
Worked great! Thanks for your assistance!
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how a domain name may be inadvertently appended to all DNS queries. This exhibits as described below. (CODE)And / Or: (CODE) Cause This issue can occur in either of these two scenarios. EITHER 1. A Primary DNS S…
Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question