DNS

26K

Solutions

26K

Contributors

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Share tech news, updates, or what's on your mind.

Sign up to Post

Keep getting the following error on one of our domain client's pc's:  The name "my domain' :1d could not be registered on the interface with IP Address: 10.1.1.43. The computer with the IP address 10.0.0.46 did not allow the name to be claimed by this computer."  
Log Name: System
Source: NetBT
Event ID: 4321 Level Error

The computer with this problem can access the domain (all mapped drives) and can ping everything on the network.  
This computer cannot be pinged (IP or DNS name) by any other pc on the domain.  
Here is what I have done so far:
  1. gave this pc a static IP address (was dhcp before)
  2. Flushed the DNS
  3. Un-joined it from our domain and then rejoined it back to the domain.

I am still getting the same error and cannot ping or access from any other computer or server.

Anyone have any suggestions?
0
Introduction to Web Design
LVL 13
Introduction to Web Design

Develop a strong foundation and understanding of web design by learning HTML, CSS, and additional tools to help you develop your own website.

I'm needing to add a WINS server entry to a bunch of servers(please don't ask why).
I modified a DNS script I used recently and although it runs, it does not actually add the WINS entry.
$computer = get-content .\systems.txt
$NICs = Get-WMIObject Win32_NetworkAdapterConfiguration -computername $computer |where{$_.IPEnabled -eq “TRUE”}
  Foreach($NIC in $NICs) {
#$WINSServers = “1.2.2.2",”1.2.2.3"
$NIC.SETWINSSERVER (“1.2.2.2",”1.2.2.3")
}

Open in new window


I tried it with and without $winsservers, same result, the IP is not added to wins entry on the server.

I actually only need one entry, not 2, but when it failed initially, I added the second entry to rule out that being the issue somehow.
0
sonicwall NSA 4500       SonicOS Enhanced 5.9.1.8-1 need help getting  wan traffic to pass through to local private 10/24 dns servers (suddenly getting ip sppof issues
0
Internet explorer and Edge does not open webpages giving the following error: There was a temporary DNS error. Try refreshing the page.
Error Code: INET_E_RESOURCE_NOT_FOUND. When accessing the internet with Chrome, it works without any problems and you can access any website. I have reset network settings and also flushed the dns and cleared everything in the browsers. Nothing made a difference. Any idea what is causing this? Windows 10 pro is the operating system and this problem started about 2 weeks ago.
0
I want to document DFS within an organisation, whats best way to do this?

I have good notes on AD, DHCP, DNS etc just looking for DFS

Environment is 2012 r2 environment

Found this

https://gallery.technet.microsoft.com/List-Distributed-File-3f399d9d

Any other ways appreciated
0
Hello All,

I am trying to remove an old SBS DC that is no longer online.  I was able to remove it from ADSS and ADUC but when I run the ntdsutil and clean the metadata I get the error in the attached file.  The new server is 2016 and it is the DC and holds all the operations masters and is the GC.  I can't remember if 2016 cleans up all metadata once the DC is removed from ADSS or not - I thought it did hence the reason I am getting the error???  I have also already manually removed everything from DNS for the old server.

Any suggestions if the metadata is still there.

Regards,

Rob
0
I am currently migrating from exchange 2010 to 2013 I have all the servers set up 2 mailbox and 2 CAS along with my 2010 2 mailbox and 2 CAS.  There is a load balancer in-front of the 2013 server but when I switch the autodiscover DNS entry to the load balancer when a user opens outlook I am getting a cert warning the server is coming up servername.domain.local instead of mail.domain.com which is the certs primary domain.  All the 2013 virtual directories as well as the load balancer is in the mail.domain.com form what am I missing I understood you didnt need to and shouldnt have the local servers name on the SSL cert.  Any Ideas?

Also the only thing I can find different all the 2013 components OWA, OAB, ECP etc point to mail.domain.com but the autodiscover  there seems to be two for the 2010 server and for the 2013.  I have been changing the autodiscover.domain.com to point to the load balancer which outlook then throws the error.  It the below correct?EX2013
0
I'm still having issues getting my new server fully online. I created my new domain on Windows Server Essentials 2016, and migrated all the computers from the Windows Server 2012 domain onto the new domain.

Everything seems to be working except for DNS/DHCP. I have to set a static IP as well as define an outside DNS server such as 1.1.1.1 in order to get internet on my devices.

If I power back on the old server which no devices are connected to, I can connect to the internet without settings a static IP or DNS server.

I'm thinking there's a problem with the DNS on my new server, though I'm not sure what it is. The server is brand new, on a new domain as the primary DC. I migrated the DHCP settings from the old server and adjusted them to remove references to the old server, and set references to the new server.

When I run dcdiag /fix I get the following output:

Starting test: SystemLog
         An error event occurred.  EventID: 0x0000168F
            Time Generated: 04/04/2019   22:05:16
            Event String:
            The dynamic deletion of the DNS record '_kerberos._tcp.dc._msdcs.ad.domain.com. 600 IN SRV 0 100 88 SVR-HVDC1.ad.domain.com.' failed on the following DNS server:
         An error event occurred.  EventID: 0x0000168F
            Time Generated: 04/04/2019   22:05:16
            Event String:
            The dynamic deletion of the DNS record '_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.domain.com. 600 IN SRV 0 100 88 

Open in new window

0
Windows 2016 SMTP relay server. When DNS setting on the server are external, 8.8.8.8, mail will sent. When I change them to my internal DNS server 10.0.1.11. Mail does not sent.
0
I've had Active Directory Management consoles & DNS on my workstation to manage our domain without the need to log into DC directly, my workstation runs Windows 10.  I just updated to 1809 over the weekend now Active Directory Consoles & DNS are gone.
1
Become a CompTIA Certified Healthcare IT Tech
LVL 13
Become a CompTIA Certified Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

What should the public DNS be setup as for Exchange 2007/2013 coexistence.  I may be over thinking this but, do I adjust my firewall to point the existing IP to my EXCH2013?  I'm confused at this point.  I'm not sure how the additional public IP I setup comes into play.  currently I have mail.domain.com, legacy.domain.com, autodiscover.domain.com pointing to my Exchange 2007 server.  I added an IP for newmail.domain.com pointing to Exchange 2013.  I don't plan on using the name newmail but wanted it up there so I could have a placeholder.  I just don't understand how the new IP would come into play.  I would think I just adjust my firewall to point to my 2013 server.

Example of my public DNS:
mail.domain.com - 66.67.68.1
legacy.domain.com - 66.67.68.1
autodiscover.domain.com - 66.67.68.1
newmail.domain.com - 66.67.68.2

New setup?
mail.domain.com - 66.67.68.2
legacy.domain.com - 66.67.68.1
autodiscover.domain.com - 66.67.68.2
???
0
Hello Team.
I’m hoping some DNS, DHCP masters will help to understand a bit more how Secure dynamic DNS registration works and tell me if my solution is the best approach.

Problem Description
From time to time when users are connecting to different VLAN or VPN, The DHCP Server or the Client is not creating either a A record or PTR record

Environment:

Users would use either Windows 7 or Windows 10. We don’t have any lower OS.
DHCP, DNS roles are installed on Domain Controllers. DHCP is running on 3 Windows Server 2012, and DNS is running on 3 Windows Servers 2012 and 1 Windows Server 2016.

Troubleshooting:
This issue seems to be since a long time as another IT departments from time to time where telling our team that DNS is not working proper. The problem is that when they were telling that their issue got already resolved, so we never got the opportunity to understand what the issue really was until recently where I finally got a incident and hands on a laptop where the Registration really wasn’t working. When I saw that I started to dig into that issue more details.
First I checked if the problem is not with some VPN connection but quickly with Networks team we were able to prove that VPN is not the issue as two laptops where having no issues at all getting a A and PTR record.
I started to look into the Configuration on the DHCP scopes and DNS Forward Lookup zones and discovered following:
The DHCP Server under the DNS setting has …
0
Active directory was corrupted by bad VM memory. I do not have full admin access only vsphere access. DNS does not have domain or forest DNS Zones. Unable to manually build.  sysvol and netlogon unfixable. Finally after a week of having fun I did a bare metal image of DC1 (FSMO).  I am able to build from scratch (after demoting to member server) the same two servers back up and they are running fine. Good replication, Net share is good. However I do not want to use DSRM and recover the corrupted SYSVOL and NetLOGON. I have a full GPO backup, but I don't know how to backup only the Active Directory. I am working this weekend to get this fixed.  I have already tried restoring just NTDS and the log, verifying it is good and dropping it in the correct folders. I verified/fixed the permissions. Active Directory does not see the NTDS. HELP!
0
how to manually fix or build forest and domain dns zones in dns
0
Hi Folks,
So a couple of my websites on my domain are getting flagged for phishing on virustotal.com. I need to go through the delisting process and cannot find where I should do that. This is happening with AegisLab WebGuard and CyRadar specifically. Can anyone point me toward the resource to do that?
0
I'm having trouble setting up autodiscover for our Exchange 2013 infrastructure. We have two domains, let's call them domain.co.uk and domain.com and both of these should be serviced by the same server, which is set up at mail.domain.co.uk.

Autodiscover on Exchange is set up correctly for domain.co.uk and the certificate that the Exchange server presents is a wildcard certificate for *.domain.co.uk. Therefore when you add email@domain.co.uk to one of our corporate mobile phones, it gets all of the user settings and correctly sets the phone up automatically.

Autodiscover for domain.com does not work under the same scenario. It reports that it cannot verify the account. If you enter the information manually, it works.

DNS is set up thus:

autodiscover.domain.co.uk 3600 IN CNAME mail.domain.co.uk
_autodiscover._tcp.domain.co.uk 300 IN SRV 0 0 443 mail.domain.co.uk

_autodiscover._tcp.domain.com 300 IN SRV 0 0 443 autodiscover.domain.co.uk

Microsoft's Remote Connectivity Analyser says that all is well. Can anyone shed any light on what I might have set up incorrectly?

Thanks in advance.

Phil
0
We recently switched from an Exchange Server 2010 (on premises) to an Exchange Server 2016 (on premises).

A co-worker (Cory) is part of a group where people post messages to it, and others respond to the "posts".
Her "sent" emails to the group, are staying in our Exchange 2016 queue for 48 hours, then not delivered.

For example,

Identity: VMEXCHANGE\3\5295694675989
Subject: RE: The client's case is ready for review.
Internet Message ID: <3107f8236ceb47e8a6c96e1e1d3@mydomain2.com>

From Address: Cory@mydomain2.com
Status: Retry
Size (KB): 16
Message Source Name: SMTP:Default VMEXCHANGE

Source IP: 192.xxx.x.xxx
SCL: -1

Date Received: 3/23/2019 4:10:24 PM
Expiration Time: 3/25/2019 4:10:24 PM

Last Error: 450 4.1.8 <Cory@mydomain2.com>: Sender address rejected: Domain not found
Queue ID: VMEXCHANGE\3

Recipients:  discuss@mainstoranges.info;3;2;
{LED=450 4.1.8 <Cory@mydomain2.com>: Sender address rejected: Domain not found};{MSG=};{FQDN=};{IP=}; LRT=}];0;CN=Default,CN=Connections,CN=Exchange Routing Group (DWBGZMFD01),CN=Routing Groups,CN=Exchange Administrative Group (FYDIBOHF23),CN=Administrative Groups,CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=TD,DC=local;0

Note:  We have 2 internet domains names that "point" to the same Exchange Server 2016 (mydomain1.com, mydomain2.com).  Most of us in the firm use mydomain1.com (as sender and reply to address).  Cory (and 4 other co-workers) use mydomain2.com (in the …
0
Our company needs to have external PCI scans done on both our website and our company firewalls.    The website is hosted by an external company and we have 3 firewalls at different sites witch are managed locally.  

We are failing our PCI scan because the certificates on the firewalls are not trusted.   We were originally using  self-signed certificates but to get rid of this message I purchased one from GoDaddy for one of our sites.    

I created the CSR on the firewall for fw1.MySite.org and installed in on the firewall.  Since the scan is done by IP, I added an A record with our DNS provider so it would resolve correctly.   However we are still failing our scan with "SSL Certificate Common Name Does Not Validate (External Scan)"  and "Untrusted Certificate".  

I have made sure that if I do a nslookup for fw1.MySite.org it resolves to 456.4457.458.459 which is the IP address of the firewall.  However since the scan is done by IP and it is still failing.   I tried doing a nslookup 456.4457.458.459 and it returns MySite.org and not fw1.MySite.org.

How is it resolving by IP address to the website and not the fw1.MySite.org?   How do I get it to resolve to fw1.MySite.org?  


A Records (IP Address)
Host      TTL      Numeric IP
www      3600      123.124.125.126
@ (None)      3600      123.124.125.126
* (All Others)      3600      234.235.236.237
ecommerce.MySite.org      7200      234.235.236.237
ftp.MySite.org      7200      345.346.347.348
mail.MySite.org      7200      345.346.347.349
pottery.MySite.org      7200      …
0
I am trying to whitelist youtube on OpenDNS.  I whitelisted the youtube and the site shows up, but unfortunately the videos don't play.  What URLs do I need to whitelist in order to fully open up youtube?
0
Become a Certified Penetration Testing Engineer
LVL 13
Become a Certified Penetration Testing Engineer

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

I have a computer at work that belonged to a different domain and when I try to join it to our domain the option is grayed out and a message says, "The identification of the computer cannot change because the workstation servise is not running. Open the services snap-in to insure it is running ans set its startup type as "automatic". When I try to do this I get a message that "Windows could not start the workstation service. The system cannot find the file specified."

Do you know how to proceed?

Thanks,
Claude
Domain-change.JPG
0
I have an SBS2011 server that it did a scheduled reboot this morning and when it did so, DNS will not start and Exchange services would start.

I have done some research and it seems that the DC/DNS server has lost its Secure channel with itself or PDC.

I have disabled IPV6 and also stopped the KDC service and ran the "netdom resetpwd /server:192.168.1.2 /userd:<Domain\domain_admin> /passwordd:*"

I get this error:
The command failed to complete successfully.

I cannot get the command to complete!  I need help.

Here are dcdiag results and ipconfig /all

nltest/sc_query:SBSDomainC.local
I_NetLogonControl failed: Status = 1355 0x54b ERROR_NO_SUCH_DOMAIN

Since this an SBS Server I don't know where to turn beside restoring the OS drive with last nights backup using a BareMetalRestore.  Any suggestions??
DCDiag.txt
IPConfigAll.txt
0
Can I install Exchange 2013 in a Exchange 2007 SP3 (2008 DFL/FFL) environment, if I set the virtual directories properly?  I'd like that to be the first step and then install Exchange 2013 and configure mail to flow through there the next day.  I understand the DNS and Cert (legacy, mail, autodiscover) requirements.  Plan is to set the DNS up, all pointing to 07, then the next day install and setup 13.  Then setup the virtual directories and DNS to allow for 13 to proxy to 07.  Would that work out smoothly with no impact to my users (local/remote)?
0
I have domains already added to office 365 and I scarified ownership. Why hybrid configuration wizard gives new txt records to add to dns to a rift the domains again?
0
With my little powershell command i try to get CNAME record from domain.
When i execute this command <Get-DnsServerResourceRecord -ZoneName "ccsmtl.lab" -RRType CName -ComputerName S-ADS001> i have all information. But when it comes to filter to have specific result there is no information for this command <Get-DnsServerResourceRecord -ZoneName "ccsmtl.lab" -RRType CName -ComputerName S-ADS001 | Where {$_.RecordData -like "S-SUBCA001*"}>
In the attached file I put the screenshot of the results of the console powershell
CNameOutPut.txt
1
I'm about linux dns (bind9).

In the corresponding configuration file for bind I have configured dynamic DNS forwarder (namebench).

My question is: how can I find out which forwarder bind9 actually uses?
0

DNS

26K

Solutions

26K

Contributors

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.