[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More







The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hello Experts

Within about 24 hours after a reboot of my edge server, mail stops flowing from the edge server to the mailbox server.

I have one edge server and one mailbox server.  The mailbox is Exchange 2016 on Server 2012 R2 and the edge is Exchange 2016 on Server 2016.  The edge server is in a public-IP-addressed DMZ.  This edge server is a new deployment.  The old edge server was was on the same subnet as the mailbox server and did not have this problem.

This has been going on for a week.  I restore mail flow by rebooting the edge server with its windows firewall turned off.  Then mail flows to the mailbox server for about a day.  When I reboot the edge server with the windows firewall still up, mail does not start flowing.  I turn the windows firewall back on immediately after rebooting.  

The Application event log on the edge server shows events 1022, 12025, and 8019 after reboot regardless whether the firewall was up or down.

Nslookup on edge shows that it obtains DNS for the Active Directory DNS server and for the mailbox server.

Telnet port 25 from edge to mailbox, and mailbox to edge, is successful.

A port query tool on the mailbox server indicates port 50636 on edge is listening.

Test-EdgeSynchronization is always "Normal".

The edge firewall has an inbound rule allowing traffic on all ports from the mailbox server.

I believe this all shows that DNS and edge synchronization are working correctly.

As time goes by, after a reboot of …
Redefine Your Security with AI & Machine Learning
Redefine Your Security with AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Check out our on-demand webinar to learn more about how AI can help your organization!

We are frequently receiving Netlogon 5774 error on our windows 2012 r2. Due to this we are loosing Internet connectivity and also speed is drastically come down from 20mbps to 5mbps.
We donot have any AD server. Its a plain static IP server with leased line and configured via Juniper Firewall.
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ABCSERVER.COM.' failed.  These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).  

Possible causes of failure include:  
- TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers
- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration  

Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt on the domain controller or by restarting Net Logon service on the domain controller.
We have a 2008 server in AWS and we need to remove and re-add it back to the DNS/Domain.
Is it as simple as if it were sitting in my local computer room or is it a really evolved process?
Meaning that I need to alter or deal with the Instances.
Thanks in advance to all experts for your time and insights.
Issue: We had two 2008R2 Domain Controllers (AD FFL/DFL is 2008R2) that both acted as GC, DNS... I replaced one of them (DC2 - secondary DNS) with a new 2016 DC (using same name and IP, but DNS was cleaned properly and demotion of old one and promotion of new one worked flawlessly). All DNS records replicated between the remaining DC1 2008R2 and the new DC2 2016 and I do not see any replication or DNS issues in the Event logs. I now started the process of testing to replace the last 2008R2 DC (DC1) and part of the test was to turn off the existing 2008R2 DC1 and run the entire domain off the new 2016 DC2 which has all the FSMO roles on it. Everything seemed to work fine, but we experienced issues with Outlook seeing the Exchange servers as well as several application servers having issues with client application software (on W7 workstations) connecting to them. Pinging servers by name and IP worked fine, but nslookup kept insisting that it queries the DC1 which was off. So I removed the DC1 from the static network card DNS settings on the Exchange servers and Outlook managed to connect right away. I changed the priority of the DNS servers on the DNS list network card) on the application servers and as soon as I did that everything worked. I realize this was a DNS issue and know that it might take 15 min + before the workstations try for the secondary DNS server, but I am also wondering how to overcome the problem …
I am in the process of upgrading all DCs from 2008R2 to Server 2016.
On my 2nd DC (let's call it DC2) I have run into a problem - one Service Location record for the decommisioned DC will not go away.
DC2 was demoted, had its roles and features removed and was then taken out of the domain.

After removal I manually deleted the server object in Sites and Services, and cleaned up in DNS as well (the DNS is AD integrated with all DCs being DNS servers and Global Catalogs).

All DNS records stayed deleted, shot of one:
The Service Location _kerberos record representing DC2 keeps coming back - not matter how many times I delete it :-(
The record is located under "Forward Lookup Zones -> _msdcs.mydomain.name -> dc -> _sites -> Default-First-Site-Name -> _tcp -> _kerberos Service Location (SRV) [0][100][88] DC2.mydomain.name 26.10.2018 07:00:00

I did find a remnant of DC2 in the reverse lookup zone for its subnet using ADSI Edit - I deleted that record from in ADSI Edit.

It is now close to 48 hours since I deleted DC2 and I hesitate to move forward with my upgrade, because the next domain controller to be introduced into the domain will get DC2's old IP address (need to reuse the IP due to statically configured DNS server IPs on lots of hosts).

Anyone have an idea what could be causing this record the keep reappearing?
What am I missing?
Hi Expert,

I have some question on command nslookup, can I check in what kind of scenario will you use nslookup? I know it's used to check DNS but do know what kind of situation would use it.

I did nslookup and get default server: unknown, Address:, can I check how come my default server is unknown and the IP address is same as my default gateway?

Also when I nslookup on www.google.com I am getting : www.google.com can't find nslookup: No response from server

Appreciate if any expert can advise me on, sorry if the question is too noob.

I am not able to start my VM on the host ESX i 3.5
I am able to browse the host though web browser and able to log in locally but not able to connect through the Vsphere to get admin control
Need to start a VM which is our DNS and Domain Controller.

i tired to run the VM in command prompt locally by using the command line and get this message
dynamicType= <unset>,
msg = "operation is not allowed.

Please help !!!
I have an Active Directory domain with two 2012 domain controllers both running active directory integrated DNS.  There is a forward lookup zone and a reverse lookup zone.  

The issue I'm having is that the records in the zones are not updating when I rename a workstation or remove an old workstation from the domain.

As an example when I install Symantec Endpoint to a workstation and I search for a machine by IP, it finds the machine, but shows a name that does not match the IP.  If I search for the machine called workstation-1, the correct ip is listed but Symantec shows the name as old-workstation-2 in the list of workstations that it found.

How do I get DNS to update whenever a machine is renamed or removed from the domain?

In our company we have a Web application that we want to be accessible both from our LAN and the outside world. For that reason we developed two DNS servers one externally for outside world as usual and one internally for LAN clients, and things generally works well.

Unfortunatelly there are moments where some LAN machines running Windows they refuse to use the LAN address. Instead they are using the external IP. For those machines the following exists.

1. They are using DHCP server, and from this server they were provided the DNS server on local 192.168.xx.xx
2. I can confirm the previous  by issuing ipconfig /all
3. I am flushing DNS with ipconfig /flushdns and confirming that with ipconfig /displaydns
4. When i am issuing ping app.company.com i am getting the external ip.
4. When i am issuing nslookup app.company.com i am getting the internal ip.

I want to notice again that this behavior happen some time for some machines running Windows.

Does anyone knows why ping and nslookup they give different answers or how to debug  this symptom in Windows?  

Thanks in advance

Stathis Alexopoulos
First I have reviewed a few different solutions listed on Experts Exchange, but none seem to work, this is why I am posting this question.

Cannot connect to a network share across sub-domains.  History on situation:  Setup TEST AD ( My IT staff and I we looking at applying a AD for Desktop security.  
We joined about 5 computer all IT staff.  
When the AD was active we all could share data across the subnets.
Worked great but when we went to Office 365 we decided to no use local AD and demoted our Domain server after dis-joining our computers.
So we are all using work groups.  
Now as long as everyone is in the 0.X sub net they can see the shares in that sub-domain, but are unable to connect to the 30.X shares, and visa versa the 30.x users cannot see anything in the 0.x sub domain.  
I tested the same situation on the 30.X sub domain and I am able to share across 30.x subnet but the 0.x subnet cannot connect.
I am looking for any type of suggestions to help?

My router does not have any rules for sub nets.
Our work stations are connected as a workgroup.
We are not using anything in the AD except we are connected to Office 365, we have not implemented Azure.
Become a Certified Penetration Testing Engineer
LVL 12
Become a Certified Penetration Testing Engineer

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

I have hardware VPN with two draytek routers. ip on one side and on the remote side.

My dns server (windows 2012) is set on the 192.168.1.Χ network.

If i try nslookup domain.name on the remote location ( i get good results: (dns)  and i also get the domain name.

If i try nslookup domain.name in the 192.168.1. X network is get "non existent domain"!

I'm able to ping the dns server and i'm also able to ping to FQDN.

Any possible solutions? Any recommendation on what to look?
I have a Windows Active Directory domain that has Server 2016 domain controllers and one Server 2008 r2 domain controller.  I want to implement DNSSEC but I am concerned that it would cause issues due to the Server 2008 r2.  My question is if having the Server 2008 r2 on the domain will cause issues if I implement DNSSEC

Thank you
Can't browse their own Internal website as their local domain name is the same address. I have a client with a Windows 2016 server that provides the DNS and their domain name is abc.com but when they try to access their external website abc.com they get a certificate error as the dns for www.abc.com points to their own internal server. I have changed the DNS so that it points to the external ip of the website but they now receive a security certificate error. I presume I need to add a dns entry for https://www.abc.com but can't see where to add this?
Hello Exports. I am trying to build a PS script to resolve DNS names for a few domains. I have the following script:

$domain1 = "test.com"
$notfound = "`tDNS Entry Not Found"
ForEach ($domain in $domain1)      {
      $lyncdiscoverresult = Resolve-DnsName lyncdiscover.$domain1 -Server -ErrorAction SilentlyContinue
if ($lyncdiscoverresult) {
    Write-Host "`tlyncdiscover.$domain1 $(@(foreach ($result in $lyncdiscoverresult.namehost){ '-> '+$result }))" -ForegroundColor Yellow
} else {
    Write-Host $notfound -ForegroundColor Red
select-object Name | Export-Csv "C:\Users\mohsan.chaudhary\Desktop\domain5.csv"

I get the desired output in powershell just fine, but the exported csv file is empty. How can i populate the csv file with the results. Also, I would like to import a csv file with a list of domains, that i am placing into the first variable like this: $domain1 = import-csv "c\location\domain.csv". The PS output displays 'DNS Entry Not found' for all domains, even when i know some of the domains should be resolvable (when i run separately each domain like above, then it resolves fine, but when i import a csv file that includes the domain, then all domains are unresolvable). How can run the above script against a import-csv and export the results to a csv file?
I get the following error when trying to access a server by Remote Desktop Connection from DomainE with an account from DomainH: "The specified domain does not exist or could not be contacted"
I want to specify that there is an outgoing trust relationship between DomainE and DomainH, so that every user from DomainH to have access to resources in DomainE.
The user has admin rights on the server from DomainE and this is happening for all the users in DomanH and all the servers in DomainE.
I don't get this error if I try to connect with a user from the same domain.
The trust is in place in both domains and DNS works properly in DomainE. Also I am able to resolve any host name from one domain to the other.
The DNS servers from the other domain are set as conditional forwarders on each of the mentioned domains and I've checked the DNS servers that are set to the NICs of the servers from DomainE.
The domain functional level is Windows Server 2008R2 and all the servers are using the same version of Windows. The users from the DomainH use Windows 10 to establish the RDP connection to the other domain.
I get no errors when I try to add users from DomainH to security groups in DomainE.

So could you please give me a solution to this problem?
I'm wondering about best practice for configuring local DNS server setting on a Win2012r2 DNS server (ie the settings on the local machine IP stack). Should 1st DNS server entry point to the alternate DNS server in the domain and 2nd points to local IP address?

Also a similar question, what is the appropriate DNS forwarder addresses order within the DNS service when more than one DNS server is on the domain? Should 1st forwarder be the alternate DNS server on the domain and second DNS address is public DNS server?

Domain will consist of 2 DC's (2008rs and 2012r2) with the 2012 about to be added.

I have windows server 2012R2 and I installed DNS service on it." I do not have active directory its just DNS server".  I created new zone with name "ta.com" to refer to ip address "" then I tried to ping on it using "ta.com" from server. I got reply from "" and when I tried to ping from any computer connected to this server using "ta.com" I got "ping request can not find host ta.com"

any suggestion will be very appreciated
Set up a new server 2016 yesterday.
Server 2016 Clients cannot open websites when DHCP assigned.
The server is assigning the right IP's.
The only way a client get to open web pages is if i put in a public DNS IP.
I can remote control clients using teamviewer, regardless the DNS settings,

Im quite sure, that there is a problem with the setup of the server, but I cannot find out where.
I have tried running the Routing and remote access wizard.

Can anyone help?
We have a brand new Win2016 Server standard and a new Sonicwall NSA2650.  DHCP and DNS seems to be working correctly.  Our computers were able to obtain IP addresses, such as local ip, default gateway and DNS servers.  However, none of our computers can get onto the internet.  Found out that  the computers were not able to ping the default gateway which is the Sonicwall appliance, and vice versa, the Sonicwall wasn't able to ping the workstations.   The windows servers were able to access the internet.
When we tried to ping from the Sonicwall appliance, there were a couple of PCs we were able to ping and then those PCs were able to get onto the internet.  According to Sonicwall techsupport, it has something to do with our Dlink enterprise switch cam table.   However, our client don't think it is because this switch is relatively new.
Any ideas why the PCs cannot access the default gateway?  These PCs are both on wifi and wired ethernet.
Make Network Traffic Fast and Furious with SD-WAN
Make Network Traffic Fast and Furious with SD-WAN

Software-defined WAN (SD-WAN) is a technology that determines the most effective way to route traffic to and from datacenter sites. Register for the webinar today to learn how your business can benefit from SD-WAN!

Hi guys

I've just recently installed a new SSL certificate for our Exchange 2010 server. People can access the site. However, nobody is able to open attachments. When they try, they are getting what I have attached. Have a look and see. All of the browsers that are trying to open are using IE8 (sadly) as they are our stores and are locked down, but they were able to do all of this before.

Is this DNS related? Is it SSL related?

Thank you for helping
Hello everyone,

I am moving a client to Office 365, only for email use, and their domain and name servers are at GoDaddy (and they are staying there).

On GoDaddy, I need to setup the DNS records (MX, TXT, etc.) with the specific details of my domain from O365.

To get those specific DNS records (MX, TXT, etc.) I am following this guide:


Steps 1 and 2 are exactly what I need to do, but when I click on the specific domain I need the info for, it simply opens another window and says "Domain managed outside Office 365".

Earlier on in the prep for this, I setup the domain on Office 365 and have created about a dozen mailboxes.

Any helpful instruction would be much appreciated.


Hello! I am trying to get some help adjusting my SPF record. I am trying to understand how I can go about identifying which items in my record constitute "void lookups". I am getting a notice saying I am exceeding 2 when checking my domain health. I see what they are from searching, but I cannot find any help in deciphering which items are actually causing the void count I have. Anyone have any suggestions to go about doing this?
I have some clients with Outlook 2016 that will not connect to my Exchange 2010 server anymore. For some reason Outlook has started grabbing autodiscover info from outlook.com instead of what the DNS autodiscover record is. Older versions of Outlook work fine and not all clients have this issue. I believe it has something to do with the user having a Microsoft account for their office 365 subscription but the e-mail option was not purchased or setup. How can I get Outlook to quit this BS.
we have a tmg 2010 in our branch office. it has direct connection to the internet with a single network card. company wants to route the traffic through the HQ and we installed a new tmg 2010. configured web chaining by defining the upstream server in our branch procy. we get dns error. wen chaining does not work.

any help is appreciated
Hello Everyone and thanks in advance for any/all insights.
I have two 2008R2 DC and DCDIAG identified a DCOM (10009) DCOM errorissue on the secondary DC (see screenshots) that occurs every few months and seems to coincide frequently with patching cycles when the two DC's are briefly off (not at the same time lol)
We are about to replace that DC with a 2016 DC and I want to be sure we have no issues before we do that.
I suspect it is DNS because the error only ever occurs on the secondary DC and is "The description for Event ID ( 10009 ) in Source ( DCOM ) could not be found. It contains the following insertion string(s):  xxx.xxx.xxx.5" and "The description for Event ID ( 10009 ) in Source ( DCOM ) could not be found. It contains the following insertion string(s):  xxx.xxx.xxx.4". FRWDNow here is where it gets interesting, because those 2 IP addresses are the external address of our ISP and when I check DNS forwarders on the main DC they point to those IP's, but on the secondary they forwarder points to the primary DC address. We do use scavenging on both DC and it is setup to scavenge one forward lookup zone that contains all the desktops, etc. Both DC's point (network adapter card) their IPv4 DNS at each other first and then at themselves, i.e. DC2 point to DC1 and then itself (IP not loopback) and DC1 points at DC2 and then itself (IP). I did not set this up...






The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.