![[Webinar] Learn How Hackers Steal Your Credentials](https://filedb.experts-exchange.com/files/public/2017/5/21/e0b7778f-e79e-4b5d-9ec6-5496e40be42e.png)
Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT
Course Of The Month
Become a Premium Member and unlock a new, free course in leading technologies each month.
DNS
25K
Solutions
25K
Contributors
The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.
Share tech news, updates, or what's on your mind.
-we recently migrated dhcp from 2008r2 to 2012r2
-we have 3 dc's each: one is the dhcp (with dns and gc) and the other 2 have dns + gc
-we are a one domain site, but have quite a few computers that are non-domain joined (Workgroup with the domain suffix though)
-before the migration, dhcp would update the dns on the non-domain joined computers
-after the migration, our domain pc's dns gets dynamically updated but the non-domain pc's aren't being updated
-created dedicated user account and put in "dnsproxygroup" for our dhcp server
-set OpenACLOnProxyUpdates 1" (on all dns server)
-zones set to "allow secure and not secure"
I have seen lots of answers but nothing seems to work
-we have 3 dc's each: one is the dhcp (with dns and gc) and the other 2 have dns + gc
-we are a one domain site, but have quite a few computers that are non-domain joined (Workgroup with the domain suffix though)
-before the migration, dhcp would update the dns on the non-domain joined computers
-after the migration, our domain pc's dns gets dynamically updated but the non-domain pc's aren't being updated
-created dedicated user account and put in "dnsproxygroup" for our dhcp server
-set OpenACLOnProxyUpdates 1" (on all dns server)
-zones set to "allow secure and not secure"
I have seen lots of answers but nothing seems to work
1 Comment
I'm having issues with active directory. I first noticed that I was unable to use gpupdate. Then I attempted to remove a machine from the domain and re-add it and was unable to do so. I also get a permission denied error on my shared printers.
I do not think the problem lies in DNS. When I try to add machines to the domain the resulting error shows the SRV record was queried and the domain controller was identified. but could not be contacted. I've checked the Host (A) records in DNS and they are fine, I've also tried adding a manual entry to the hosts file on the client machine.
I do not think the problem lies in DNS. When I try to add machines to the domain the resulting error shows the SRV record was queried and the domain controller was identified. but could not be contacted. I've checked the Host (A) records in DNS and they are fine, I've also tried adding a manual entry to the hosts file on the client machine.
Hi Experts,
I have run Best Practice Analyser on all 4 of my DNS servers. 3 of the DNS are compliant.
But one of the DNS servers is having issues with eight different IPv6 addresses. The warning message that is stated is: "DNS: Root Hint 2001:500:9f::42 must respond to NS queries for the root zone".
On each DNS server there are no IPv6 addresses in the Root Hints and IPv6 is not enabled in the server's TCP/IPv6 properties.
How can I get rid of these errors so that the DNS server becomes Compliant for Best Practices?
warning1.jpg
warning2.jpg
roothints.jpg
I have run Best Practice Analyser on all 4 of my DNS servers. 3 of the DNS are compliant.
But one of the DNS servers is having issues with eight different IPv6 addresses. The warning message that is stated is: "DNS: Root Hint 2001:500:9f::42 must respond to NS queries for the root zone".
On each DNS server there are no IPv6 addresses in the Root Hints and IPv6 is not enabled in the server's TCP/IPv6 properties.
How can I get rid of these errors so that the DNS server becomes Compliant for Best Practices?
warning1.jpg
warning2.jpg
roothints.jpg
sir,
Recently in my organization migrated server 2008 to 2012,but in all systems primary dns ip is 192.*.*.14,now my server migrated ip address is 192.*.*.13,so how did i change in all clients sys ip primary is 192.*..*.13.and another doubt at a time all actieve directory users password are need to change at a time and set Unique password.
Recently in my organization migrated server 2008 to 2012,but in all systems primary dns ip is 192.*.*.14,now my server migrated ip address is 192.*.*.13,so how did i change in all clients sys ip primary is 192.*..*.13.and another doubt at a time all actieve directory users password are need to change at a time and set Unique password.
Hi All,
I have found myself to be very lacking in memory when it comes to Cisco IOS and after far too many hours of trying and reading website and documents I have decided to ask an expert!
I need help with the following setup:
Cisco 897VA router
WAN on G8:
Direct Connection to fibre Media Converter. (no vLan tagging required)
CE of Router needs to be 203.197.207.126/30
Gateway or PE is 203.197.207.125, DMZ from ISP is 203.197.217.136
I have Static IP Addresses assigned by the provider pointing at 203.197.207.126 (203.167.245.224/29) only using 2 at the moment .225/.226.
External DNS 203.47.152.43/44
External Nat
LAN 2 Ports to be used G1 & G2
G1 is the port facing the main network and servers and will be the gateway for all PC's inside.
IP is to be 192.168.1.254
Internal DNS 192.168.1.3/4
Internal NAT
G2 is to be the Wifi. Original Setup before router replacement was on Private WIFI on vLan100 and Public WIFI was on vLan101)
Internal NAT
vLan101 had internet access only no internal access with ip of 192.168.101.x for the WIFI and external DNS
vLan100 had access to internal systems and internet with IP of 192.168.100.1 for interface and 192.168.100.254 for the WIFI. The WIFI, accessed 192.168.1.254 and the 2 internal DNS for internet and internal access.
Both WIFI used the router for DHCP, no DHCP for internal computers. IP Range was 192.168.{100/101}.100-125 for each
Internal network was vLan1
Access was allowed for 80/443/25/3389 …
I have found myself to be very lacking in memory when it comes to Cisco IOS and after far too many hours of trying and reading website and documents I have decided to ask an expert!
I need help with the following setup:
Cisco 897VA router
WAN on G8:
Direct Connection to fibre Media Converter. (no vLan tagging required)
CE of Router needs to be 203.197.207.126/30
Gateway or PE is 203.197.207.125, DMZ from ISP is 203.197.217.136
I have Static IP Addresses assigned by the provider pointing at 203.197.207.126 (203.167.245.224/29) only using 2 at the moment .225/.226.
External DNS 203.47.152.43/44
External Nat
LAN 2 Ports to be used G1 & G2
G1 is the port facing the main network and servers and will be the gateway for all PC's inside.
IP is to be 192.168.1.254
Internal DNS 192.168.1.3/4
Internal NAT
G2 is to be the Wifi. Original Setup before router replacement was on Private WIFI on vLan100 and Public WIFI was on vLan101)
Internal NAT
vLan101 had internet access only no internal access with ip of 192.168.101.x for the WIFI and external DNS
vLan100 had access to internal systems and internet with IP of 192.168.100.1 for interface and 192.168.100.254 for the WIFI. The WIFI, accessed 192.168.1.254 and the 2 internal DNS for internet and internal access.
Both WIFI used the router for DHCP, no DHCP for internal computers. IP Range was 192.168.{100/101}.100-125 for each
Internal network was vLan1
Access was allowed for 80/443/25/3389 …
In case you did not see it, below is the apology statement from Marketo regarding their outage yesterday.
Dear Marketo Customers and Partners:
Today, for a number of hours, our main web site, Marketo.com along with a small number of other Marketo domain properties were rendered inaccessible, preventing log in to our application. While the issue is now largely resolved, and I can assure you that the core Marketo application continued to operate in the background and your data was never at risk. I want to sincerely apologize to you and on behalf of the entire Marketo team as we take any disruption to your service very seriously.
I also want to be completely transparent with you on what happened and assure you that it won't happen again.
We renew thousands of domain name properties we own every year with precision, yet the auto renew process for registering our main domain, Marketo.com, failed. This catalyzed a cascading series of issues, but ultimately human and process error are to blame and again, we take full responsibility.
While our global support team in Ireland was working with our DNS registrar in the very early morning hours, members of our customer and partner community helped pinpoint specific issues that aided us significantly. While this does not absolve Marketo of responsibility for this serious situation, I would like to thank the individuals who assisted us. We greatly appreciate your support during a trying time.
For our global customers, please…
Dear Marketo Customers and Partners:
Today, for a number of hours, our main web site, Marketo.com along with a small number of other Marketo domain properties were rendered inaccessible, preventing log in to our application. While the issue is now largely resolved, and I can assure you that the core Marketo application continued to operate in the background and your data was never at risk. I want to sincerely apologize to you and on behalf of the entire Marketo team as we take any disruption to your service very seriously.
I also want to be completely transparent with you on what happened and assure you that it won't happen again.
We renew thousands of domain name properties we own every year with precision, yet the auto renew process for registering our main domain, Marketo.com, failed. This catalyzed a cascading series of issues, but ultimately human and process error are to blame and again, we take full responsibility.
While our global support team in Ireland was working with our DNS registrar in the very early morning hours, members of our customer and partner community helped pinpoint specific issues that aided us significantly. While this does not absolve Marketo of responsibility for this serious situation, I would like to thank the individuals who assisted us. We greatly appreciate your support during a trying time.
For our global customers, please…
I setup a Exchange 2016 Server in-house and cannot figure out why the Outlook Test Email AutoConfiguration on all in-house network clients and from the Exchange Server Management Shell Test-Outlook WebServices keep failing. All workstations are Outlook 2016 and at first I also had a problem seeing the public folders but they are now viewable. Something is goofy and I've triple checked everything and I can't figure it out. Outlook says downloading address book for days.
Outlook had no problems when adding a profile finding the account automatically. I've flushed DNS on all computers, rebooted, and tried a new Outlook profile - no chanage.
OWA and ECP (Exchange Admin Center) work internal and external. Cell phones have no problems adding accounts. External DNS is setup.
Any assistance would be greatly appreciated. I've tried so many fixes from other web site posts, articles, and many from other posts on Experts-Exchange.
Please see attached images to see failure messages and external DNS setup.
Regards,
Torrey
HD_AutoDiscover_Fail1.png
HD_AutoDiscover_Fail2.png
HD_AutoDiscover_Fail3.png
HD_AutoDiscover_Fail4.png
Outlook had no problems when adding a profile finding the account automatically. I've flushed DNS on all computers, rebooted, and tried a new Outlook profile - no chanage.
OWA and ECP (Exchange Admin Center) work internal and external. Cell phones have no problems adding accounts. External DNS is setup.
Any assistance would be greatly appreciated. I've tried so many fixes from other web site posts, articles, and many from other posts on Experts-Exchange.
Please see attached images to see failure messages and external DNS setup.
Regards,
Torrey
HD_AutoDiscover_Fail1.png
HD_AutoDiscover_Fail2.png
HD_AutoDiscover_Fail3.png
HD_AutoDiscover_Fail4.png
I have a server 2012 R2 and have RDS installed. Its a single server that has all the roles, DC, DHCP, DNS, File, RDS, i installed a 90day cert from comodo . If i go to a windows 7 machine and go to https://rds.domain.com/RDWeb and login when i run an app i get this error
"Your computer can't connect to the remote computer because the Remote Desktop Gateway server is temporarily unavailable" Try Reconnecting later or contact experts-exchange for assistance. "
If i do this from the server itself the apps open fine.
"Your computer can't connect to the remote computer because the Remote Desktop Gateway server is temporarily unavailable" Try Reconnecting later or contact experts-exchange for assistance. "
If i do this from the server itself the apps open fine.
CURRENT CONFIGURATION:
ROUTING TABLE:
# Dest IP Mask Gateway IP Metric Device Use Edit Drop
--------------------------
1 10.188.45.91 32 10.188.45.91 1 poe0 0
2 192.168.254.0 24 192.168.254.254 1 enet0 137888
3 default 0 Node1 2 poe0 105886
WAN CONNECTION TABLE:
PVC VPI/VCI IP Address Subnet GateWay DNS Server Encapsulation Status
PVC0 0/35 10.216.230.183 255.255.255.255 10.188.45.91 112.198.126.116 PPPoE Up
*NEW* CONFIGURATION:
ROUTING TABLE:
# Dest IP Mask Gateway IP Metric Device Use Edit Drop
--------------------------
1 10.216.xxx.xxx ?? 10.188.45.91 1 poe0 0
2 192.168.254.0 24 192.168.254.254 1 enet0 137888
3 default 0 Node1 2 poe0 105886
Can anybody - please - help me with a correct Mask (??)? :)
Regards,
WWW.GULDVOG.COM.PH Jan Guldvog
CEO/OWNER
ROUTING TABLE:
# Dest IP Mask Gateway IP Metric Device Use Edit Drop
--------------------------
1 10.188.45.91 32 10.188.45.91 1 poe0 0
2 192.168.254.0 24 192.168.254.254 1 enet0 137888
3 default 0 Node1 2 poe0 105886
WAN CONNECTION TABLE:
PVC VPI/VCI IP Address Subnet GateWay DNS Server Encapsulation Status
PVC0 0/35 10.216.230.183 255.255.255.255 10.188.45.91 112.198.126.116 PPPoE Up
*NEW* CONFIGURATION:
ROUTING TABLE:
# Dest IP Mask Gateway IP Metric Device Use Edit Drop
--------------------------
1 10.216.xxx.xxx ?? 10.188.45.91 1 poe0 0
2 192.168.254.0 24 192.168.254.254 1 enet0 137888
3 default 0 Node1 2 poe0 105886
Can anybody - please - help me with a correct Mask (??)? :)
Regards,
WWW.GULDVOG.COM.PH Jan Guldvog
CEO/OWNER
Hi all,
This is our setup:
- Sonic Firewall TZ300
- Barracuda Email security
- Server 2012 r2 with Exhange 2016
Latest updates are installed.
OWA works fine, outlook anywhere works fine.
Application Symprex for email signatures has an error trying to connect locally
MigrationWiz for migrating mailboxes doesn't work either.
Checking testconnectivity.microsoft
Error is:
Attempting to test potential Autodiscover URL https://autodiscover.domain.nl:443/Autodiscover/Autodiscover.xml
Testing of this potential Autodiscover URL failed.
Additional Details
Elapsed Time: 1860 ms.
Test Steps
Attempting to resolve the host name autodiscover.domain.nl in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 123.123.123.123 (correct of course)
Elapsed Time: 730 ms.
Testing TCP port 443 on host autodiscover.domain.nl to ensure it's listening and open.
The port was opened successfully.
Additional Details
Elapsed Time: 510 ms.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Additional Details
Elapsed Time: 619 ms.
Test Steps
The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server autodiscover.domain.nl on port 443.
The Microsoft Connectivity …
This is our setup:
- Sonic Firewall TZ300
- Barracuda Email security
- Server 2012 r2 with Exhange 2016
Latest updates are installed.
OWA works fine, outlook anywhere works fine.
Application Symprex for email signatures has an error trying to connect locally
MigrationWiz for migrating mailboxes doesn't work either.
Checking testconnectivity.microsoft
Error is:
Attempting to test potential Autodiscover URL https://autodiscover.domain.nl:443/Autodiscover/Autodiscover.xml
Testing of this potential Autodiscover URL failed.
Additional Details
Elapsed Time: 1860 ms.
Test Steps
Attempting to resolve the host name autodiscover.domain.nl in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: 123.123.123.123 (correct of course)
Elapsed Time: 730 ms.
Testing TCP port 443 on host autodiscover.domain.nl to ensure it's listening and open.
The port was opened successfully.
Additional Details
Elapsed Time: 510 ms.
Testing the SSL certificate to make sure it's valid.
The SSL certificate failed one or more certificate validation checks.
Additional Details
Elapsed Time: 619 ms.
Test Steps
The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server autodiscover.domain.nl on port 443.
The Microsoft Connectivity …
Free Tool: IP Lookup
Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.
One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.
Hi Experts.
I'm trying to figure out why/where DNS traffic coming from a DNS/DC server to a now decommissioned server. I've checked the Forwarders on the properties of the DNS server and there are none, though according to network team there is a high amount of DNS traffic.
Are there any tools I could use local on the DNS server to determine this?
I'm trying to figure out why/where DNS traffic coming from a DNS/DC server to a now decommissioned server. I've checked the Forwarders on the properties of the DNS server and there are none, though according to network team there is a high amount of DNS traffic.
Are there any tools I could use local on the DNS server to determine this?
I can ping by IPaddress but not by Hostname
I have a computer that I can ping by IP address, but I cannot ping it by host name.
The computer IP address is obtained via DHCP.
if I ping IP address using -a , I can obtain Hostanme
When using NSlookup computername , I get the:
Name: computername.domainname.
when using Nslookup Ipaddress, I get the:
Name: computername.domainname.
Address: IP address
Any idea why I cannot ping by Hostname ?
Thank you
I have a computer that I can ping by IP address, but I cannot ping it by host name.
The computer IP address is obtained via DHCP.
if I ping IP address using -a , I can obtain Hostanme
When using NSlookup computername , I get the:
Name: computername.domainname.
when using Nslookup Ipaddress, I get the:
Name: computername.domainname.
Address: IP address
Any idea why I cannot ping by Hostname ?
Thank you
I am looking for some clarification on the proper configuration of my DNS amd my email server.
Here is the setup:
I am using Comcast as my ISP and have an Exchange server running in my SBS2008. I have a static IP address assigned by Comcast and have registered a domain name pointing to it ( [b]abc.net[/b)]. I also have a company domain name that is abc.com. This domain points to an outside web and email server. I am using the Windows POP3 Connector to retrieve emails from the abc.com server and putting them into the Exchange mailboxes. (I know, nobody likes the POP3 Connector...) Then I am using the in house Exchange server to send emails directly from the domain <b>name@abc.com</a>
The problem:
Lately, I have been getting the error from Gmail accounts that I try to send to saying that the Reverse DNS for IPv6 is not properly configured, and that I must fix this before Gmail will accept emails from abc.com.
The question:
This is where it becomes a bit confusing for me. What is the proper way to set up the DNS configuration, and where. Currently, I have asked Comcast to set up the Reverse DNS for abc.net back to my IPv4 and IPv6 addresses, but Gmail is still blocking me. Should I also, or in place of, asked them to set the Reverse DNS for abc.com to my server, instead? Or is this something I should be doing on my SBS2008 DNS?
Here is the setup:
I am using Comcast as my ISP and have an Exchange server running in my SBS2008. I have a static IP address assigned by Comcast and have registered a domain name pointing to it ( [b]abc.net[/b)]. I also have a company domain name that is abc.com. This domain points to an outside web and email server. I am using the Windows POP3 Connector to retrieve emails from the abc.com server and putting them into the Exchange mailboxes. (I know, nobody likes the POP3 Connector...) Then I am using the in house Exchange server to send emails directly from the domain <b>name@abc.com</a>
The problem:
Lately, I have been getting the error from Gmail accounts that I try to send to saying that the Reverse DNS for IPv6 is not properly configured, and that I must fix this before Gmail will accept emails from abc.com.
The question:
This is where it becomes a bit confusing for me. What is the proper way to set up the DNS configuration, and where. Currently, I have asked Comcast to set up the Reverse DNS for abc.net back to my IPv4 and IPv6 addresses, but Gmail is still blocking me. Should I also, or in place of, asked them to set the Reverse DNS for abc.com to my server, instead? Or is this something I should be doing on my SBS2008 DNS?
Hello Lync / SfB experts.
I have a problem trying to fix a Skype for Business deployment.
Everything work fine internally. But internal users can't receive any message from external users.
External users will not see the internal users status (online/busy/offline).
For example if an internal user try to add a normal external Skype user, the external user accept the request, but the request will never be forwarded to the internal user. The external user will never be able to see the internal user status.
So I have checked basically all I could.
The external DNS record :
[Pointing to the EDGE server]
SIP.company.com / Public IP : OK / Port : 443-444-5061 / Protocol : TCP-TLS / Internal IP : OK (EDGE Server)
_SIP._TLS.company.com / CNAME to SIP.mycompany.com
[Pointing to the REVERSE PROXY server]
WEBEXT.company.com / Public IP : OK / Port : 80-443 / Protocol : HTTP(S) / Internal IP : OK (Reverse Proxy Server)
LYNCDISCOVER.company.com / Public IP : OK / Port : 80-443 / Protocol : HTTP(S) / Internal IP : OK (Reverse Proxy Server)
MEET.company.com / Public IP : OK / Port : 80-443 / Protocol : HTTP(S) / Internal IP : OK (Reverse Proxy Server)
DIALIN.company.com / Public IP : OK / Port : 80-443 / Protocol : HTTP(S) / Internal IP : OK (Reverse Proxy Server)
The Autodiscover test from the Microsoft Connectivity Analyzer is good :
The manual SIP connectivity test (by entering manually the SIP address and port) is also good.…
I have a problem trying to fix a Skype for Business deployment.
Everything work fine internally. But internal users can't receive any message from external users.
External users will not see the internal users status (online/busy/offline).
For example if an internal user try to add a normal external Skype user, the external user accept the request, but the request will never be forwarded to the internal user. The external user will never be able to see the internal user status.
So I have checked basically all I could.
The external DNS record :
[Pointing to the EDGE server]
SIP.company.com / Public IP : OK / Port : 443-444-5061 / Protocol : TCP-TLS / Internal IP : OK (EDGE Server)
_SIP._TLS.company.com / CNAME to SIP.mycompany.com
[Pointing to the REVERSE PROXY server]
WEBEXT.company.com / Public IP : OK / Port : 80-443 / Protocol : HTTP(S) / Internal IP : OK (Reverse Proxy Server)
LYNCDISCOVER.company.com / Public IP : OK / Port : 80-443 / Protocol : HTTP(S) / Internal IP : OK (Reverse Proxy Server)
MEET.company.com / Public IP : OK / Port : 80-443 / Protocol : HTTP(S) / Internal IP : OK (Reverse Proxy Server)
DIALIN.company.com / Public IP : OK / Port : 80-443 / Protocol : HTTP(S) / Internal IP : OK (Reverse Proxy Server)
The Autodiscover test from the Microsoft Connectivity Analyzer is good :
The manual SIP connectivity test (by entering manually the SIP address and port) is also good.…
Dear All,
Outlook 2013 Clients are getting following message after starting their outlook,
The name of the security certificate is invalid or does not match the name of the site error?
I have check my internal URL and external URL, both are fine and properly configured.
i have check DNS records its correct.
i have checked serviceBindingInformation and found correct
when opening XML file, getting following message
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response>
<Error Time="10:14:11.2991610" Id="25892145">
<ErrorCode>600</ErrorCode>
<Message>Invalid Request</Message>
<DebugData/>
</Error>
</Response>
</Autodiscover>
Please advice, is there is problem with redirection or any thing else is missing
Thanks
Outlook 2013 Clients are getting following message after starting their outlook,
The name of the security certificate is invalid or does not match the name of the site error?
I have check my internal URL and external URL, both are fine and properly configured.
i have check DNS records its correct.
i have checked serviceBindingInformation and found correct
when opening XML file, getting following message
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response>
<Error Time="10:14:11.2991610" Id="25892145">
<ErrorCode>600</ErrorCode>
<Message>Invalid Request</Message>
<DebugData/>
</Error>
</Response>
</Autodiscover>
Please advice, is there is problem with redirection or any thing else is missing
Thanks
Hi,
I just installed a new server with Server 2012 r2 Essentials, at first all seemed to be going well and I was able to additionally install Exchange 2013 SP1 on an additional server, joined that to the domain on the r2 Essential box and was able to link the two together in the Dashboard.
I additionally added the DHCP role to the 2012 r2 as I wanted to use a fixed IP address on the server to allow users to connect remotely and I got that set up and a scope defined and DHCP was up and running.
Not long after that the server started to have issues users would report that they could not connect to websites and occasionally to server shares. After a lot of faffing about I decided the issue must be the Server's NIC was faulty. So I switched to the 2nd network socket (Dell PowerEdge 330 server) and after that things seemed to be running a lot better but after a while the issues came back and I now think the issue is that when DNS was configured when the original NIC was faulty even though we are now using the non-faulty NIC the DNS settings are still not configured correctly.
Can someone advise what the best way is to get the DNS settings back to a workable state. I did a dcdiag on the 2012 Essentials box and get this:
C:\Windows\system32>dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = ServerName
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
…
I just installed a new server with Server 2012 r2 Essentials, at first all seemed to be going well and I was able to additionally install Exchange 2013 SP1 on an additional server, joined that to the domain on the r2 Essential box and was able to link the two together in the Dashboard.
I additionally added the DHCP role to the 2012 r2 as I wanted to use a fixed IP address on the server to allow users to connect remotely and I got that set up and a scope defined and DHCP was up and running.
Not long after that the server started to have issues users would report that they could not connect to websites and occasionally to server shares. After a lot of faffing about I decided the issue must be the Server's NIC was faulty. So I switched to the 2nd network socket (Dell PowerEdge 330 server) and after that things seemed to be running a lot better but after a while the issues came back and I now think the issue is that when DNS was configured when the original NIC was faulty even though we are now using the non-faulty NIC the DNS settings are still not configured correctly.
Can someone advise what the best way is to get the DNS settings back to a workable state. I did a dcdiag on the 2012 Essentials box and get this:
C:\Windows\system32>dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = ServerName
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
…
Hi All,
Can anyone here please assist me in troubleshooting as to why my Outlook Web Access is randomly signing me off while reading or typing email ?
I also cannot access the below OWA option with HTTP ERROR 500:
Change OWA Account settings: https://owa.domain.com/ecp/?rfr=owa&owaparam=modurl%3D0&p=account
Change AD Password: https://owa.domain.com/ecp/?rfr=owa&owaparam=modurl%3D0&p=PersonalSettings/Password.aspx
Enable OWA Add On: https://owa.domain.com/ecp/?rfr=owa&owaparam=modurl%3D0&p=installed
However, when I manually type in the Public IP address or the server name instead of owa.domain.com, I can access the server with no problem.
This is my current deployment of the Exchange Server 2013 Standard Edition in my domain:
AD Site: Default-First-Site-Name
PRODMAIL14.domain.com [old CAS & MBX server]
PRODMAIL20-VM.domain.com [new CAS & MBX server]
AD Site: Head_Office
PRODMAIL42-VM.domain.com [CAS & MBX server]
PRODMAIL30-VM.domain.com [MBX server]
I have just created multiple A Record for OWA.domain.com and Autodiscover.domain.com pointing to my existing 3x CAS-MBX Exchange 2013 server roles.
Public DNS (A) records Round Robin:
OWA.domain.com – Public IP address of PRODMAIL14, PRODMAIL20-VM and PRODMAIL42-VM
Autodiscover.domain.com – Public IP address of PRODMAIL14, PRODMAIL20-VM and PRODMAIL42-VM
Internal DNS (A) records Round Robin:
OWA.domain.com – Public IP address of PRODMAIL14, PRODMAIL20-VM and PRODMAIL42-VM
Autodiscover…
Can anyone here please assist me in troubleshooting as to why my Outlook Web Access is randomly signing me off while reading or typing email ?
I also cannot access the below OWA option with HTTP ERROR 500:
Change OWA Account settings: https://owa.domain.com/ecp/?rfr=owa&owaparam=modurl%3D0&p=account
Change AD Password: https://owa.domain.com/ecp/?rfr=owa&owaparam=modurl%3D0&p=PersonalSettings/Password.aspx
Enable OWA Add On: https://owa.domain.com/ecp/?rfr=owa&owaparam=modurl%3D0&p=installed
However, when I manually type in the Public IP address or the server name instead of owa.domain.com, I can access the server with no problem.
This is my current deployment of the Exchange Server 2013 Standard Edition in my domain:
AD Site: Default-First-Site-Name
PRODMAIL14.domain.com [old CAS & MBX server]
PRODMAIL20-VM.domain.com [new CAS & MBX server]
AD Site: Head_Office
PRODMAIL42-VM.domain.com [CAS & MBX server]
PRODMAIL30-VM.domain.com [MBX server]
I have just created multiple A Record for OWA.domain.com and Autodiscover.domain.com pointing to my existing 3x CAS-MBX Exchange 2013 server roles.
Public DNS (A) records Round Robin:
OWA.domain.com – Public IP address of PRODMAIL14, PRODMAIL20-VM and PRODMAIL42-VM
Autodiscover.domain.com – Public IP address of PRODMAIL14, PRODMAIL20-VM and PRODMAIL42-VM
Internal DNS (A) records Round Robin:
OWA.domain.com – Public IP address of PRODMAIL14, PRODMAIL20-VM and PRODMAIL42-VM
Autodiscover…
We use a DNS DName entry to force YouTube Moderate Search settings for our users. the DName translates "youtube.com" to "restrictmoderate.youtube.
The YouTube site suggests that I create a CName entry for the Domain, but Microsoft will not support a CName entry in a DNS zone of the same name - that's why we used a DName entry. An "A" record will not work either. Using the IP returned from an NSLookup request (against my 2012 R2 servers) in my browser returns a Google search page, not a YouTube page. So an IP mapping doesn't help.
Using the NSlookup tool, I can successfully resolve my DName entries against my remaining 2012 R2 Domain Controllers, but not against any of my 6, 2016 DC's.
I found a KB article that addresses this behavior in 2012 R2, but says nothing about server 2016. The KB is KB3133954.
Please help. How do I configure a DName Alias on a 2016 server running AD integrated DNS and make it work?
The YouTube site suggests that I create a CName entry for the Domain, but Microsoft will not support a CName entry in a DNS zone of the same name - that's why we used a DName entry. An "A" record will not work either. Using the IP returned from an NSLookup request (against my 2012 R2 servers) in my browser returns a Google search page, not a YouTube page. So an IP mapping doesn't help.
Using the NSlookup tool, I can successfully resolve my DName entries against my remaining 2012 R2 Domain Controllers, but not against any of my 6, 2016 DC's.
I found a KB article that addresses this behavior in 2012 R2, but says nothing about server 2016. The KB is KB3133954.
Please help. How do I configure a DName Alias on a 2016 server running AD integrated DNS and make it work?
We have two dns servers on our domain, they worked fine until recently. Not sure what has happened, but some clients either can't go to sites at all or it is very slow getting there. Often a symptom is "resolving host" message when they go to internet. We've found that manually making them go through google dns server 8.8.4.4 solves the problem. Questions: (1) what kind of problems are we likely to run into by making everyone go through google dns? (2) what could be causing our dns servers to be so inconsistent?
What, When and Where - Security Threats from Q1
Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.
Where within the Gmail admin console can the external DNS mail exchange (MX) records be changed for an organization using Gmail for its email?
What is the process to determine which company hosts an organization's external DNS MX records?
Hi,
I have recently installed a HP Server 2012 server and all has been running okay till one day it would not access the internet. The internal network is working okay and all the other workstations are connecting to the internet fine. I can rdp to the Server with no issues, updates are all installed, all setting are still as they were.
What I have noticed is that there seem to be two network connections (see attached file) there is only one network card in this Server.
I have recently installed a HP Server 2012 server and all has been running okay till one day it would not access the internet. The internal network is working okay and all the other workstations are connecting to the internet fine. I can rdp to the Server with no issues, updates are all installed, all setting are still as they were.
What I have noticed is that there seem to be two network connections (see attached file) there is only one network card in this Server.
hello dears,
this is my first question so I beleive everyone will guide me on solving the issue.
Subdomains (child domains) objects Missing from Active Directory Users and Computers in the parent domain.
I have one parent domain ( name it domain_parent) with 2 DCs (DC1 and DC2)
and two child domains, each child domain has one DC (DC3 and DC4)
all are windows 2012 R2 servers
and all DCs in all domains are global catalog servers
the replication is OK, I can search all objects from all domains by using Active Directory administrative center, repadmin result stating that the replication was successful
I beleive that the issue is related to DNS, but i do not know where exactly, the DC1 has a primary DNS and child domains are active directory integrated.
from network properties, the DNS servers are set as follow:
DC1:
DNS Server : the IP of itself
DC3:
DNS Server1: the IP of DC3
DNS Server2: IP of DC1
DC4:
DNS Server1: the IP of DC4
DNS Server2: IP of DC1
can anyone please guide me on what is the issue and how I can resolve it?
thank you
this is my first question so I beleive everyone will guide me on solving the issue.
Subdomains (child domains) objects Missing from Active Directory Users and Computers in the parent domain.
I have one parent domain ( name it domain_parent) with 2 DCs (DC1 and DC2)
and two child domains, each child domain has one DC (DC3 and DC4)
all are windows 2012 R2 servers
and all DCs in all domains are global catalog servers
the replication is OK, I can search all objects from all domains by using Active Directory administrative center, repadmin result stating that the replication was successful
I beleive that the issue is related to DNS, but i do not know where exactly, the DC1 has a primary DNS and child domains are active directory integrated.
from network properties, the DNS servers are set as follow:
DC1:
DNS Server : the IP of itself
DC3:
DNS Server1: the IP of DC3
DNS Server2: IP of DC1
DC4:
DNS Server1: the IP of DC4
DNS Server2: IP of DC1
can anyone please guide me on what is the issue and how I can resolve it?
thank you
is it possible to get 100% fail over 100 % availablity using f5 to two IIS servers configured for load balancing in round robbin.
Each request to check if a server is active and route the call to the other server if one is down, without any downtime.
Also is it possible to queue a call if both servers are down and wait a certain period of time and make the call to the first available server?
Each request to check if a server is active and route the call to the other server if one is down, without any downtime.
Also is it possible to queue a call if both servers are down and wait a certain period of time and make the call to the first available server?
Hi,
We have an internal windows active directory domain called Catfood.com. We also have an external website called the same Catfood.com but it is hosted on an external cloud provider.
We have created a website on the cloud called gifts.catfood.com. This uses dynamic DNS.
I want to forward all DNS queries for gifts.catfood.com to an external DNS server.
How do I do this?
We are using windows server 2008 (but the domain functional level is windows 2003)
Thanks,
We have an internal windows active directory domain called Catfood.com. We also have an external website called the same Catfood.com but it is hosted on an external cloud provider.
We have created a website on the cloud called gifts.catfood.com. This uses dynamic DNS.
I want to forward all DNS queries for gifts.catfood.com to an external DNS server.
How do I do this?
We are using windows server 2008 (but the domain functional level is windows 2003)
Thanks,
DNS
25K
Solutions
25K
Contributors
The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.
Top Experts In
DNS
-
1
DrDave2427,600 points -
2
arnold6,800 points -
3
Alan32856,000 points -
4
David Favor6,000 points -
5
Satish Auti5,000 points -
6
footech4,600 points -
7
Ben Personick (Previously QCubed)4,400 points -
8
Blue Street Tech4,000 points -
9
Cliff Galiher4,000 points -
10
Radhakrishnan R4,000 points -
11
Adam Brown4,000 points -
12
Amit3,000 points -
13
Shaun Hardneck3,000 points -
14
Jakob Digranes2,800 points -
15
David Johnson, CD, MVP2,800 points -
16
John Gates, CISSP2,000 points -
17
Dave Baldwin2,000 points -
18
Toni Uranjek2,000 points -
19
Mal Osborne2,000 points -
20
Learnctx2,000 points -
21
oldlefty2,000 points -
22
mbkitmgr2,000 points -
23
Jim Riddles2,000 points -
24
Emmanuel Adebayo2,000 points
-
25
Amit Kumar2,000 points -
26
Shaun Vermaak2,000 points -
27
PRADIIP SINGH2,000 points