The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Share tech news, updates, or what's on your mind.

Sign up to Post

New Exchange 2013 installation. Want to confirm that my internal DNS server has the correct Autodiscover, mail, webmail entries. I have just entered the entries on my SANS cert into our internal DNS server but I have doubts whether this is working correctly 100%. This DNS server and email server sit in our .local domain.
Learn SQL Server Core 2016
LVL 12
Learn SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

I need some help in understanding what is the "DNS"? What is it exactly? Do I need to have it? If so which one do you recommend?

Thank you,

Basem Khawaja
I am having replication issues with one of my DC's (Windows 2012 R2), that also serves as DHCP. Sites & Services, it is set to auto replicate but it doesn't and force replication errors out with RPC not running even though it says it is in services. It will ping all servers except the gateway (all other servers can ping the gateway. I have checked DNS and can't find any 'obvious' issues. Is there somewhere else that I should be looking?
Hi Guys,

Got an issue in a small network.
all the websites working, except anz banking site login.
the anz website works, i can browse through the site. its just the anz internet banking login page. when users enter their credentials,
it keeps loading and comes as page not available. after spending some time, i found out its dns issues. but could not fix it properly.

if i do ipconfig/flushdns - its working good. again if i restart computer. it does not work.
so my temporary fix is - after restarting/turnon computer i need to run ipconfig/flushdns to make anz site works.  
and it happens in all computers.

and i tried changing dns settings in router and also giving static ip in computers. nothing works. only flushdns command make it work.  
how do i fix it ? any solution.

thank you guys
After exchange 2010 to 2013 upgrade none of my Outlook clients can connect to the new exchange server. AutoSync and OWA connections are OK.

When creating a new client profile I receive the message "The name can' be resolved". NSlookup is good. Inspection of DNS server shows A record good for new exchange server.
we have configured a new Server 2016 DC and and new Exchange 2016 sever (on separate hardware).

We are not able to get our iPhone's to setup an Exchange account. The account on the phone will all 'green tick' but when trying to collect email is comes up 'account error' - 'unable to connect'.

This is a summary of what DOES work.
DC is working fine
Exchange is working fine
We have configured various DNS settings on our DC to reflect out external URL, Autodiscover, OWA and remote - they point to Exchange
We have a WIldcard SSL that gives us a secure SSL connection from outside our organisation to the DC's RWW and Exchange OWA
Internally Outlook clients can connect fine
Externally - NON DOMAIN joined PC's can configure a Exchange account and CAN send and receive email.
We have configured AUTODISCOVERY (URL 'A' and 'Cname' records) - and according to Microsoft's Remote Connectivity Analyser all tests pass - EXCEPT IMAP and POP which is due to the Wildcard SSL NOT being bound to those two protocols (but shouldn't be an issue- i don't think)

I have tried setting up the Exchange account on iPhone 6, 7, X iPad 2 and iPad Pro - none work and all show the same connectivity issue with Exchange.

We seem to have setup everything correctly - but clearly there is something missing.

Can anyone offer any support please
Thank you
Very rusty with this. Working on an SBS 2010 standard.  Mail is not going out.  It's the weekend.  I see 58 emails in the send connector queue.

The connector was set up years ago to use a web / email hosting company as smarthost.   it's talking about authentication errors.  If the hosting company stopped that account  set up in the send connector, what other options do we have?

What companies are out there to let us use as a smart host? Why do we need a smart host? Why not be able to just push the emails out onto the web?  And how would we set that uo?


talks of choosing use dns and MX to route mail.  Can we just use that? What's the pros / cons of doing that?  And /or how do you set up a 2nd smart host entry - if it can't send mail with first, smarthost, failover to 2nd?
Windows DNS issue.  Customer added on-premise Exchange server.  Since doing so, their is a problem accessing their public website from within the network.  The website is designed to strip the www prefix. When accessing the website www.domain.com it strips it to domain.com.  The AD domain is also domain.com so when the website tries to redirect to domain.com it goes to the internal DNS which is the Exchange server.  Need assistance in configuring DNS so it continues to route to the public website when the www is stripped and not effecting any Exchange 2016 functionality.
We currently have 2 DCs onsite and 1 DC in Azure. There are more times than not, our building has a planned power outage and we have to shut down our servers. However, our Cisco ASA is still up and we want the DC in Azure to pick up DHCP/DNS. I'm not sure how to go about this or where to look.
to vote  


I have a client who outlook 2013 emails just sit in the outbox

Recreated the profile
Unjoin from domain
Join the domain
Flushed DNS
Used static IP
Turnoff off cached mode
Update the network driver
Running wire shark now

Send Immediately” is enabled in Advanced settings.
 Windows Firewall - Turn off and try
Kicked it hard

I have enabling logging in Outlook 2013  the %temp%\outlook logging\OPMLog.log file logs no events of receiving items at all. There have been messages received, and yet no trace of them in the OPMLog.log file. This is the case for an Outlook 2013 client  using the same Exchange server 2013

OS is Windows 7 x64 (Office 2013)

It does not seem to matter if I tag or untag Online Mode or Cached Mode. As well as it does not matter if I tag or untag the "Oultook Anywhere" or RPC over HTTP.

 Synch operation completed
 2018.09.14 12:46:12 Sending done, Error code = 0x00000000
 2018.09.14 12:46:12 Sending done, Error code = 0x8004010f
 2018.09.14 12:46:12 MAPI Status: (IN -- ---/OUT -- ---)
 2018.09.14 12:46:12 Finishing the Spooling Cycle, Error code = 0x00000000
 2018.09.14 12:55:12 email address : Synch operation started (flags = 00000001)
 2018.09.14 12:55:12 email address : UploadItems: 1 messages to send
 2018.09.14 12:55:12 EXECUTING Put MAPI TASK
 2018.09.14 12:55:13 Starting the Spooling Cycle
 2018.09.14 12:55:13 MAPI Status: (IN -- ---/OUT fl ---)
 2018.09.14 12:55:13 MAPI XP Call: …
Redefine Your Security with AI & Machine Learning
Redefine Your Security with AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Check out our on-demand webinar to learn more about how AI can help your organization!

We have 2 domains within our forest, Domain 1 and Domain2.  Both domains are part of a secure private network. Some of the hosts in Domain2 are public facing and and have both public/private IP addresses. eg host1.domain2.com has private address and public address Domain1 has a conditional forwarder to an internal DNS server within domain2; dns.domain2.com.
If there is a network problem between the 2 domains or dns.domain2.com is rebooted, clients in Domain1 are resolving address for host1.domain2.com. This address is not valid on the private network (I can exlain this further if need be), clients can't connect to it and they also cache it for serveral hours.

Is there a way to prevent DNS requests for domain2.com being routed to the internet if dns.domain2.com is unavailable?

hi all ,

we have exchange server 2013 running DAG , we have issue with cluster services due to the Cluster name is not being online and checking the event log of the cluster we see the below error
" Cluster network name resource 'Cluster Name' cannot be brought online. Ensure that the network adapters for dependent IP address resources have access to at least one DNS server. Alternatively, enable NetBIOS for dependent IP addresses "

what we have tried is  remove the A record of the cluster from the DNS and create again with all permission and  set the option allow any authenticated user to update DNS .

the ComputerName CNO for the Cluster is now online .

any suggestion people .
I have 2 servers 2016:
-A is the hyper-v host and also a DC
-B is virtual and is the DC, file server etc.

A frooze because of lack of memory but B continued working fine.

I shutdowned B today and then I closed A.

I rebooted A  and B started fine.

But when I try to do from A \\B\ it tells me \\B is not accessible. You might not have permission to use this network resource. Contact the administrator.....have access permissions. The target account name is incorrect.
I see in the A Events  id 4 error Microsoft-Windows-Security-Kerberos :
"The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server ppdc16b$. The target name used was DNS/ppdc16b.pp.local. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Ensure that the target SPN is only registered on the account used by the server. This error can also happen if the target service account password is different than what is configured on the Kerberos Key Distribution Center for that target service. Ensure that the service on the server and the KDC are both configured to use the same password. If the server name is not fully qualified, and the target domain (PP.LOCAL) is different from the client domain (PP.LOCAL), check if there are identically named server accounts in these two domains, or use the fully-qualified name …
can anyone help in providing detail step by step instructions on how to setup dmarc and or spf for our domain?

we have never done this before and don’t really know where to start? and advice much appreciated.

many thanks
I recently transferred a domain to my Registrar using the domain key.

After the transfer, I checked the whois database. All the information has been updated except Registrant and Registrant ID

I have contacted my registrar(Godaddy), they said these records will be updated in a couple of days automatically . I am not sure they are right. my understanding is the domain still belongs to previous company, we only have control of it. I need to transfer the ownership as well.

Does anyone have know to update these records to my company details?
Regarding the issue is that PTR record is not updating properly and if we can go ahead and untick and then tick again the option called "update assiocated ptr record" in A record it is working.

We are using DHCP in our environment to recieve the ip address from client systems, In DHCP we have the enabled option called Dynamically update the A record and PTR record for your referecne.

In DNS we have properly have the reverse zone and configured the dynamic updates to "secure only"

reverse zone like we have 10.30.

if we ping the ipaddress such ping -a then it is not resolving with hostname and if do nslookup we are getting the same hostname not resolving..

Please help us to fix. Please do the needful.
Windows 2012r2 , I followed this thread to rename domain name :http://www.rebeladmin.com/2015/05/step-by-step-guide-to-rename-active-directory-domain-name/

However, after the domain renamed. my DNS appears to a problem.

 All my AD dns record changed to just hostname. but it should be FQDN: hostname.domainname. including the name server also been changed to just host name.

Even I manual changed to FQDN, it will create another record with just hostname automatic.  

Can anyone tell me why?

Single Windows 2012 Server R2 as a DC with DHCP and DNS running - no other servers on the network. NSLOOKUP works perfectly resolving to correct client IP addresses and reverse works as well, but no entries are populating in the DNS Manager GUI.  Event viewer mentions event ID 800 stating the A record for the primary server in the zone's SOA record is not available on this DNS server.
Adding SPF record for external bulk mailer on 1&1 DNS

We use a database that emails our subscribers. The emails are generated and sent from their servers. These are all subscribed emails that people opt into, this is not spam or junk.

We are now receiving warnings that our mail record is not setup correctly due to the external email servers not having an SPF record setup.

We use Office 365 so our DNS record SPF is pointed to that. I cannot add a second SPF and all attempts at adding an entry specifying two entries also fail for example

v=spf1 include:spf.protection.outlook.com ip4 include:server.externalmai.net -all

Anyone know how I can add this correctly?
Webinar: What were the top threats in Q2 2018?
Webinar: What were the top threats in Q2 2018?

Every quarter, the WatchGuard Threat Lab releases an Internet Security Report that describes and analyzes the top threat trends impacting companies around the world. Are you ready to learn more about the top threats of Q2 2018? Register for our Sept. 26th webinar to learn more!

SBS2011 getting ready to replace the server, in the meantime DNS resolution is horrible however I'm not convinced it's the server I think it's on the ISP side. When I ping either DNS server from the ISP it has a lag well above 25ms to 35ms. This is not enough though to determine why DNS resolution is so slow and the reason for this post. How to proceed troubleshooting in this case.

SBS2011 doesn't use forwarders but I tried them anyway without any luck. I also added for testing purposes and nothing changed. SBS2011 DNS/DHCP is configure, without forwarders and is using root hints. Firewall is using DNS from the ISP.

Something strange, when I make a VPN connection my resolution is fine. I may not be fully understanding DNS through a VPN connection, my understanding is I'm routed through the server so shouldn't I see the same issues? Note, I'm not using SBS routing and remote access using L2TP on the firewall. Maybe I just answers my question and I'm routing around the SBS2011 Server.

Also upgrade the bandwidth which is nice, much faster but the DNS resolution is still extremely slow and an issue.
i want to set up my DNS in office 365 exchange online migration setup. I want external emails to be routed through my on Premise exchange server before going to office 365. Please advice, Do i need to change my MX records as it was directed during the migration assistant. I attached the  picture below of my confusion. Please advice on what best option to choose.
I have 2 test servers running 2012r2 that I am using to study for my certifications. Both machines are clean installations.

This is my setup:

Server 1
Configured as a domain controller
Roles installed:
Active directory users and computers

Configured as a member server and is connected to the domain. I have hyper v role installed and I have a virtual machine created. I have installed  exchange 2013 on the virtual machine.

After the installation was successful, I was able to connect to ECP, and I could access the administrator account. When I rebooted the domain controller, it died.(it was a used sever) I then reconfigured another machine as a domain controller with the exact same settings as before. When I try to log into exchange ecp, I get this error.

Server Error in '/ecp' Application.

An error occurred during forest discovery (photonics.org).
  Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

 Exception Details: System.ServiceModel.FaultException`1[[Microsoft.Exchange.Data.Directory.TopologyDiscovery.TopologyServiceFault, Microsoft.Exchange.Data.Directory, Version=, Culture=neutral, PublicKeyToken=31bf3856ad364e35]]: An error occurred during forest discovery (photonics.org).

Source Error:

 An unhandled exception was generated during the execution of the …
I have an environment that included both wireless and lan connections
When a users comes into the office with a laptop and connects to their docking station they get DHCP from our "wired" scope (
When they come into the office and don't dock they get DHCP from our "wireless" scope (

Our issue
If the user has a dhcp assignment from either or and then connects to the other, our DNS records DONT get updated
Laptop user was on wireless and had an IP address of
User went to her desk. Our laptops are configured to disable wireless when docked
After docking she got a "wired" IP of
DNS record was NOT updated. The only way I can connect to the user is by going into DNS and deleting the record
DHCP is configured to always dynamically update DNS

I'm not responsible for our DNS or DHCP and I'm always told there is nothing that can be done. I find it hard to believe

Hi everyone.

I am getting numerous errors in our environment with DNS.

ServerParent is the Parent DC of the environment which is in location A
ServerChild is main DC where Server1 should be replicating - SYSVOL etc and is in location B
and Server1 is a DR server on child domain and is in Location A

The two public IPs 66.X.X.X are in the forwarders list.

this is what I with DCDIAG

PS C:\Windows\system32> dcdiag

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = Server1
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: contosochild.comprus-DR\Server1
      Starting test: Connectivity
         ......................... Server1 passed test Connectivity

Doing primary tests

   Testing server: contosochild.comprus-DR\Server1
      Starting test: Advertising
         ......................... Server1 passed test Advertising
      Starting test: FrsEvent
         ......................... Server1 passed test FrsEvent
      Starting test: DFSREvent
         There are warning or error events within the last 24 hours after the SYSVOL has been shared.  Failing SYSVOL
         replication problems may cause Group Policontosochild.com problems.
         ......................... Server1 passed test DFSREvent
      Starting test: SysVolCheck
         ......................... Server1 passed test SysVolCheck
      Starting test: …
MX Tools says my Reverse DNS does not match SMTP Banner.  I attached a screenshot showing my PTR and my banner, and they do match, unless I am missing something.
rDNS ScreenshotrDNS.docx






The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.