The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Share tech news, updates, or what's on your mind.

Sign up to Post

We have a client who can not get an email, I have sent test emails and they throw codes below.

They are using Network Solutions for DNS, and Google Email hosting - not the paid version 10 users, the user can send me emails and I receive them but when I reply I get this message. I have also checked to see if the IP is blacklisted - seems fine.

The response from the remote server was:
550 5.0.0 <user@email.com>... User unknown

Final-Recipient: rfc822; user@email.com
Action: failed
Status: 5.0.0
Remote-MTA: dns; inbound.email.com.anotherdns.net. (,
 the server for the domain email.com.)
Diagnostic-Code: smtp; 550 5.0.0 <user@email.com>... User unknown
Last-Attempt-Date: Fri, 04 Aug 2017 18:45:44 -0700 (PDT)
Say, No-IP is no longer allowing users to use the No-IP.org domain. Is there a way to get access to this domain? I have several modems created with this domain and have lost connectivity to their DDNSes.
Hello, my only domain controller's DNS database is corrupt and active directory status says expired. I cannot add a computer or another DC to the domain because I get an error that active directory is unavailable. What are my options to fix this issue?
I have a RRA server (2008 r2) and it's handling my VPN connections.  My users are on Win10 and when they set up a VPN connection, they connect just fine and they get a correct IP address, BUT, they can't resolve DNS.  They can't map drives using \\mapping and they can't ping anything.

I'm not sure where to look to resolve this.

Can someone assist?



PS:  The machines connecting DO get an IP address from the internal DHCP server and when I do an ifconfig /all, I see the DNS servers listed in the VPN NIC properties.

Also, I just saw that I can ping the domain controller, at least one of them, but not the other one.
Dear Guys, we are deploying Exchange mail server. We knew that the Mail server must be published with an public IP address (and registered with A, MX, TXT records) but is it mandatory for an Active Directory (of mail users) Server to also have an public IP address and to be registered (by A record) in domain control panel?

Many thanks in advance,
Hello Experts!

I have a 2008 R2 domain running with 2 domain controllers, a virtual 2012 R2 instance (named DC1) and a physical 2008 R2 server (named FS1).  DC1 is also part of a DHCP server team.

Lately, I've seen a number of my workstations (most Win7 Pro) begin to exhibit long delays during the logon process, in addition to long delays in response from our ERP system clients.  Looking in the event logs showed NETLOGON Event ID 5719 (no logon servers available to service the request) and Group Policy processing failures with Event ID 1055 (Name Resolution failed or there is an Active Directory Replication issue).  The computers eventually become responsive, although users report numerous hang conditions during the day.

Troubleshooting the two domain controllers led me to notice that the DNS BPA was failing on both DCs with the following error:

'This domain controller must register a DNS SRV resource record, which is required for replication to function correctly.'

To try to better understand what is happening, I ran DCDIAG /test:DNS on each DC, and both returned the same errors:

 TEST: Records registration (RReg)
                  Network Adapter [00000010] vmxnet3 Ethernet Adapter:
                     Missing SRV record at DNS server

                     Missing SRV record at DNS server…
Dear All,

Strange thing happened to me, Some mails are bouncing back with different Ip Address
For Exp

I have a Domain Treeadd.com and its mail server FQDN should be mail.treeadd.com
Treeadd.com have no ip address but Mail PTR record have

ASA 5510 Is Configure for port forwarding and its having address

When sending email, its should go with address but its going with and bouncing back

Remote Server returned 'Server #5.0.0 smtp; 550 The email sent from by usman@treeadd.com was rejected by the receiving server as the sending server did not pass the required reverse DNS lookup.

Please Advice
We have existing  exchange 2007 and never published our CAS services to internet ,now we are migrating to office365 we want at least autodiscover to be available on internet  for that I just created external DNS A record pointing to a public IP and reverse proxied using ARR server further pointing to load balancer VIP configured towards our exchange 2013 hybrid server
Please let me know anything here missing ?
One of my small business clients, who I haven't worked with in years just had a major problem today.

They are a Comcast business class customer.  Today, Comcast came in an replaced their cable modem without warning.  The currently have this environment:

Windows Server 2003 R2
Exchange Server 2007

There are only three people working there.  

I had a port forwarding table set up in their old Comcast router that forwarded these ports:
25 - Email
80 - Web (for OWA)
3389 - for Remote Desktop

When the installer switched out their modem, I had to set up the same ports to be opened.  That seemed to work fine, however DNS seems to be a problem.

The local users require the Windows Integrated AD DNS for Exchange to work from Outlook, but their web browsing is painfully slow.

The Windows Server is the DHCP and DNS server.

Prior to this, I had DNS forwarding working just fine.

The server is and the router is  The new Cable Modem / Router has the same IP address as the old one.

IT seems that the forwarding through Windows DNS isn't working.  If I use the Modem's DNS as the DNS for each user, they can open web pages on the Internet very quickly, but they cannot log onto Exchange.  If I make the Windows Server as the primary DNS, the Exchange works, but surfing the web crawls to a halt.

Any hints on what I may have missed?


Here's the situation:

Had a small 2 server network (one being a DC, other server being a web server), and decided to stand up a backup domain controller in the event the primary ever went down. For a time everything was working correctly as shown in the windows logs. At some point, replication broke between the primary and the secondary DC. The primary is server 2008 and the secondary is server 2016

I demoted the secondary to just a regular server, and tried to re-join it to the domain/promote it again and I am unable to and receive "the following error occurred attempting to join the domain "123.local":

The network path was not found.

here's what I see on the primary:

- GPupdate user policy succeeds, but the computer policy fails and I see this in the event logs:

The processing of Group Policy failed. Windows could not apply the registry-based policy settings for the Group Policy object LDAP://CN=Machine,CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=123,DC=local. Group Policy settings will not be resolved until this event is resolved. View the event details for more information on the file name and path that caused the failure.

Security policy cannot be propagated. Cannot access the template. Error code = 3.
      \\123.local\sysvol\123.local\Policies\{6AC1786C-016F-11D2-945F-00C04fB984F9}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.

Security policy cannot be propagated. Cannot access the template. Error code = 3.
I had a spam problem about a month ago, which I fixed on my end.  I notice now that email I send to recipients at gmail are automatically being marked as spam.

My mail server is Unix - Communigate Pro running on an old PowerMac. Outbound mail goes to my SMTP server, which is a Dell SonicWall ES-3300    I changed the IP address after the spam got past the SonicWall, and put the new address into my DNS, which is hosted by DYN.com

I looked at the header of a message I sent to my gmail account.  I see something wrong with the SPF record  

X-Mlf-Uniqueid: o201708020314430029673
Arc-Seal: i=1; a=rsa-sha256; t=1501643684; cv=none; d=google.com; s=arc-20160816; b=fxKfyh5i6PzjoNNZkIMPSigH31cy4YQ3IwPn/XLlJekZPjdgLTVrCmwlzwGh2orLVN GAg7JYp8zmTIKmoj2fOo5/v5m9m+aMH16VJDa7PKxY2H5qYRt9OHehY+o6UqP95Il9lz 3/cqc1G6Fo+j3t0oCCa8H/JW4+03+o3X9nlX+ioY6gOoFGy7GtWzW4OJpxiJZUjxhtxp FgenvR03ekg/ZHQv7j3P/FIoDPhoQK/EzgofSx6a7qKwl0D4jY8YzBVvcQjfHYaJV96j porICVs9nghyv8bE7Oy34UxkqG3ZLJznTB4WqAmYzkC8Nw3duZRcC8G0B+ZXQXz1s7mi Jz0A==
X-Received: by with SMTP id p85mr27288566qki.281.1501643684625; Tue, 01 Aug 2017 20:14:44 -0700 (PDT)
Return-Path: <prvs=138714c1e1=larry@computerlarry.com>
Arc-Authentication-Results: i=1; mx.google.com; spf=softfail (google.com: domain of transitioning prvs=138714c1e1=larry@computerlarry.com does not designate as permitted sender) smtp.mailfrom=prvs=138714c1e1=larry@computerlarry.com
I would like to implement a Firewall Rule and NAT Policy (if needed) to only allow DNS queries to be resolved from the Domain Controller (YTEDC1) to our provider OpenDNS. All other DNS traffic to external sources from clients should be blocked.

Would I start with a LAN to WAN firewall rule allowing DNS (port53) and then another deny for 'Any' clients?

If the Allow rule for the Domain Controller has a higher priority then it should take precedence and work whilst all others a blocked?

Hi all, i am hoping for advise on what to look for regarding our slow network, i understand there are alot of issues that can cause slow connections so i will let you know our full setup and what i have tried so far.

2 Physical servers, 2 hyper v on each server
1st server
   Windows Server 2008, not running any software except hyper v, not on the domain.
   Hyper V 1, Primary Domain Controller, Server 2003, DHCP, DNS settings are
        Reverse Lookup, 2 Name servers, (same as parent), first one is pointing to the second domain controller and has the IP address
        The second one in the list is point to the primary domain controller, but has IP address unknown,
        Forward Lookup Zone has 2 "same as parent" Host A, one each point to IP address of domain controller, then underneath that has
        all the workstations connected with computer name and IP address
        Under DHCP "Scope Options" 006 DNS servers we have 3 listed, IP address of main domain controller, Public Telstra IP Address, and
        3rd Public Bigpond IP address

   Hyper V 2 is our file server, running server 2012, accessing files on server seems to be okay, browsing through directories is not slow.
        No other software or settings are on this server, just files, it use to do a shadow copy of all files twice a day, one at 7am and one at
       12pm, since the issue of slow speeds the 12pm one drops off all access to mapped drives for 5 minutes on …
I have a Linux bind server hosting a

the rzone  file in /var/named/data/51-168-192.zone

the SOA line says this is    "IN SOA  netsvc.int.alconi.com.   root.netsvc.int.alconi.com. 203 3h 1h 1w 5m

I want to create a windows DNS in the another namespace that would be       "win2016.int.alconi.com" or maybe "win.alconi.com"  with its own DNS servers, can I do this ?

should I create another subnet for the win.alconi.com?

if so how ,

I am very ignorant on this , and really really could use some help
Hello im migrating server 2008 SBS to Server 2016 having issues adding DNS forwarders
I am wondering if it's possible to run SQL Server 2016 Standard on a DC Server (with Windows Server 2016 Standard).
I know that it's not recommended and not supported by Microsoft. The SQL Server consumes a lot of Memory which could impact the performance of ADDS, DNS, DHCP Services etc.

Does anyone have more information about it or any experiences, specially in small environments with 10 – 20 Users?

Many thanks
I'm having issues with active directory. I first noticed that I was unable to use gpupdate. Then I attempted to remove a machine from the domain and re-add it and was unable to do so. I also get a permission denied error on my shared printers.

I do not think the problem lies in DNS. When I try to add machines to the domain the resulting error shows the SRV record was queried and the domain controller was identified. but could not be contacted. I've checked the Host (A) records in DNS and they are fine, I've also tried adding a manual entry to the hosts file on the client machine.
Hi Experts,

I have run Best Practice Analyser on all 4 of my DNS servers. 3 of the DNS are compliant.
But one of the DNS servers is having issues with eight different IPv6 addresses. The warning message that is stated is: "DNS: Root Hint 2001:500:9f::42 must respond to NS queries for the root zone".  

On each DNS server there are no IPv6 addresses in the Root Hints and IPv6 is not enabled in the server's TCP/IPv6 properties.

How can I get rid of these errors so that the DNS server becomes Compliant for Best Practices?
Recently in my organization migrated server 2008 to 2012,but in all systems primary dns ip is 192.*.*.14,now my server migrated ip address is 192.*.*.13,so how did i change in all clients sys ip primary is 192.*..*.13.and another doubt at a time all actieve directory users password are need to change at a time and set Unique password.
I have a server 2012 R2 and have RDS installed. Its a single server that has all the roles, DC, DHCP, DNS, File, RDS,  i installed a 90day cert from comodo . If i go to a windows 7 machine and go to https://rds.domain.com/RDWeb and login when i run an app i get this error
"Your computer can't connect to the remote computer because the Remote Desktop Gateway server is temporarily unavailable" Try Reconnecting later or contact experts-exchange for assistance. "

If i do this from the server itself the apps open fine.
Hi all,

This is our setup:
- Sonic Firewall TZ300
- Barracuda Email security
- Server 2012 r2 with Exhange 2016
Latest updates are installed.

OWA works fine, outlook anywhere works fine.
Application Symprex for email signatures has an error trying to connect locally
MigrationWiz for migrating mailboxes doesn't work either.

Checking testconnectivity.microsoft.com results in error. Contacted above application providers: could be the problem with autodiscover.

Error is:
Attempting to test potential Autodiscover URL https://autodiscover.domain.nl:443/Autodiscover/Autodiscover.xml
       Testing of this potential Autodiscover URL failed.
      Additional Details
Elapsed Time: 1860 ms.
      Test Steps
      Attempting to resolve the host name autodiscover.domain.nl in DNS.
       The host name resolved successfully.
      Additional Details
IP addresses returned: (correct of course)
Elapsed Time: 730 ms.
      Testing TCP port 443 on host autodiscover.domain.nl to ensure it's listening and open.
       The port was opened successfully.
      Additional Details
Elapsed Time: 510 ms.
      Testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
      Additional Details
Elapsed Time: 619 ms.
      Test Steps
      The Microsoft Connectivity Analyzer is attempting to obtain the SSL certificate from remote server autodiscover.domain.nl on port 443.
       The Microsoft Connectivity …
I can ping by IPaddress but not by Hostname

I have a computer that I can ping by IP address, but I cannot ping it by host name.

The computer IP address is obtained via DHCP.
 if I ping IP address using -a , I can obtain Hostanme

When using NSlookup computername , I get the:
Name: computername.domainname.

when using Nslookup Ipaddress, I get the:

Name: computername.domainname.
Address: IP address

Any idea why I cannot ping by Hostname ?

Thank you
Hello Lync / SfB experts.

I have a problem trying to fix a Skype for Business deployment.
Everything work fine internally. But internal users can't receive any message from external users.
External users will not see the internal users status (online/busy/offline).
For example if an internal user try to add a normal external Skype user, the external user accept the request, but the request will never be forwarded to the internal user. The external user will never be able to see the internal user status.

So I have checked basically all I could.

The external DNS record :

[Pointing to the EDGE server]
SIP.company.com / Public IP : OK / Port : 443-444-5061 / Protocol : TCP-TLS / Internal IP : OK (EDGE Server)
_SIP._TLS.company.com / CNAME to SIP.mycompany.com

[Pointing to the REVERSE PROXY server]
WEBEXT.company.com / Public IP : OK / Port : 80-443 / Protocol : HTTP(S) / Internal IP : OK  (Reverse Proxy Server)
LYNCDISCOVER.company.com / Public IP : OK / Port : 80-443 / Protocol : HTTP(S) / Internal IP : OK  (Reverse Proxy Server)
MEET.company.com / Public IP : OK / Port : 80-443 / Protocol : HTTP(S) / Internal IP : OK  (Reverse Proxy Server)
DIALIN.company.com / Public IP : OK / Port : 80-443 / Protocol : HTTP(S) / Internal IP : OK  (Reverse Proxy Server)

The Autodiscover test from the Microsoft Connectivity Analyzer is good :

The manual SIP connectivity test (by entering manually the SIP address and port) is also good.…
Dear All,

Outlook 2013 Clients are getting following message after starting their outlook,

The name of the security certificate is invalid or does not match the name of the site error?

I have check my internal URL and external URL, both are fine and properly configured.
i have check DNS records its correct.
i have checked serviceBindingInformation and found  correct

when opening XML file, getting following message

<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Error Time="10:14:11.2991610" Id="25892145">
<Message>Invalid Request</Message>

Please advice, is there is problem with redirection or any thing else is missing

I just installed a new server with Server 2012 r2 Essentials, at first all seemed to be going well and I was able to additionally install Exchange 2013 SP1 on an additional server, joined that to the domain on the r2 Essential box and was able to link the two together in the Dashboard.

I additionally added the DHCP role to the 2012 r2 as I wanted to use a fixed IP address on the server to allow users to connect remotely and I got that set up and a scope defined and DHCP was up and running.

Not long after that the server started to have issues users would report that they could not connect to websites and occasionally to server shares.  After a lot of faffing about I decided the issue must be the Server's NIC was faulty. So I switched to the 2nd network socket (Dell PowerEdge 330 server) and after that things seemed to be running a lot better but after a while the issues came back and I now think the issue is that when DNS was configured when the original NIC was faulty even though we are now using the non-faulty NIC the DNS settings are still not configured correctly.

Can someone advise what the best way is to get the DNS settings back to a workable state.  I did a dcdiag on the 2012 Essentials box and get this:


Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = ServerName
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests







The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.