The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Share tech news, updates, or what's on your mind.

Sign up to Post

My openshift is sending large number of DNS requests to the DNS server which is affecting the performance of the central DNS server.

Openshift version : 3.11

We are already using seperate DNS server for the openshift cluster, but when the local DNS is not able to resolve the hostnames its being sent to other central DNS servers which is causing performance issues.
Hi Team
Can someone please help with this


DNS Replication issues
See DcDiag printout

            Event String:
            The removal of the assignment of application LabTechAD from policy D
efault Domain Policy failed.  The error was : %%2
         A warning event occurred.  EventID: 0x0000006C
            Time Generated: 11/01/2019   10:08:46
            Event String:
            Failed to apply changes to software installation settings.  The inst
allation of software deployed through Group Policy for this user has been delaye
d until the next logon because the changes must be applied before the user logon
.  The error was : %%1274
         A warning event occurred.  EventID: 0x00000458
            Time Generated: 11/01/2019   10:08:46
            Event String:
            The Group Policy Client Side Extension Software Installation was una
ble to apply one or more settings because the changes must be processed before s
ystem startup or user logon. The system will wait for Group Policy processing to
 finish completely before the next startup or logon for this user, and this may
result in slow startup and boot performance.
         An error event occurred.  EventID: 0x0000272C
            Time Generated: 11/01/2019   10:08:48
            Event String:
            DCOM was unable to communicate with the computer FHEXCHANGE.FloridaH
ouse.local using any of the configured protocols; requested by PID     10cc (C:\
Running an internal exchange server clients connected to domain have no issues accessing email via MS outlook.     When creating a profile outside the company network I first receive a certificate error that points to our domain, example company.com.   The exchange server is running a valid SSL certificate.     The current public DNS entrires are as follows
A record @  Points to website domain
A Record mail Points to internal server owa
Cname autodiscover.company.com points to owa address.  

First issue is why when configuring user@company.com is it looking at domain not autodiscover record.   We have not had an issue with this service until about a month ago.
Thanks in advance

We recently took over one company's IT system and they have two servers (SBS2011 and Terminal server)
SBS 2011 hosted their old website but we have moved the website to cloud hosting and we have updated the external and internal DNS for the website's A record.
Even SBS2011 (Internal DNS server) can browse the new website correctly, the Terminal server is still going to the old website which is sitting on the SBS2011.
When I perform a PING test to the new website via CMD on the terminal server, it resolves the correct IP address of new website, however, when I type the URL on any web browser, it is still going to the old website.

Now, I have no idea what causes the issue so please help!
Thank you.

I'm stumped on this one and am hoping someone has some ideas. I've got a DC/FileServer hosted on Hyper-V. Both server are 2012r2

Hyper-V Host is configured with a NIC TEAM w/3 NICs, The file server is connected to the virtual switch connected to that NIC team. I've checked network config including DNS on the DC and everything tests out fine but when we try to open or download files <100mb it is very very slow.
I'm on the process of migrating AD from SBS2008 to server 2016, when i create a new user in SBS it shows in ADUC in server 2016 but when i create a user in server 2016 ir doesn't show in SBS. Both servers are GC and on IP configuration the DNS of the Nic are pointing to it self and each other
Had a problem with a hosted VoIP phone system at a site today, and the hosted provider suggested that the problem was due to excessive DNS connections from domain controller.

They pointed at the listing below from the firewall log.  I am not entirely sure what to make of it. Can anyone shed light?

The server otherwise seems to be running OK. is the domain server. It is also the DHCP server. It is the primary shared network server with the all the PCs having several files open at any time. This machine is also the primary ACT database server, so this application will spawn several SQL server links. Lastly, it is running online backups with I-Drive.

ESET is loaded, updated, and scans show no threats. dst= sport=58046 dport=53 packets=3 bytes=257 src= dst= sport=53 dport=58046 packets=3 bytes=431 [ASSURED] mark=0 use=2 dst= sport=60140 dport=53 packets=13 bytes=1044 src= dst= sport=53 dport=60140 packets=13 bytes=1775 [ASSURED] mark=0 use=2 dst= sport=60164 dport=53 packets=4 bytes=374 src= dst= sport=53 dport=60164 packets=4 bytes=807 [ASSURED] mark=0 use=2 dst= sport=58752 dport=53 packets=5 bytes=408 src= dst= sport=53 dport=58752 packets=5 bytes=646 [ASSURED] mark=0 use=2 dst= sport=58745 dport=53 packets=10 bytes=864 src= …

We have a Windows 2016 server that requires migrating from our current Citrix XenServer 6.5 hypervisor setup, to a new VMware esxi 6.7 (upd1) hypervisor.

The IP, Domain, DNS, server name etc can all remain the same.

We tried to export a copy (OVF format) and spin it up but the copy machine would not boot, no bootable disk found.

The reason for a copy was to remove the Xen tools and install the VMware tools before importing into vmware. sadly, being unable to boot the machine the whole process has stopped. The machine is still in production so we didn't want to remove the xen tools from the original in case of an issue, which we now have.

Any ideas on how to properly do this migration from xen 6.5 to vmware 6.7? Are there any useful tools to help or am I just missing the obvious?

Thanks for reading.
Help with SPF Record for our domain.

We have an internal Exchange 2010 for our email and our domain is hosted with Heart Internet.

Our MX record has an IP address, eg:
Our main gateway is, eg:
Our domain eg: corporate.com

On heart Internet (heartinternet.uk) I have created a new TXT Record and entered:

v=spf1 a: corporate.com ip4: ~all

mxtoolbox now finds the spf record >> v=spf1 a: corporate.com ip4: ~all

Is that all I need to do? Is there anything I need to do on our internal exchange or DNS servers?

We still have a company rejecting our emails saying we don’t have an SPF record. No one else has reported this.
Hi, I have built a new Windows Server 2016 and the domain name is the same as the companies website i.e. mycomany.com therefore when they try to browse to www.mycompany.com it redirects to their Windows Server instead of going to their external website. I have added an A Record for www.mycompany.com in the DNS pointing to the external website but receive access to my company.com as denied, it also removes the www. I have it working on PCs by changing the hosts file but need it working from the Server for iPhones etc.

Help !
My Setup: All Virtual

Server1 - WS2019 - Fileserver on .local domain with work folders and IIS setup with wildcard cert.
Server2 - WS2016 - Domain Controller .local private domain with zone created for our external domain .com
Server3 - WS2019 - not domain joined server

I have Work Folders working internally, however I am limited on the amount of virtual cores so my questions are...

If I setup WAP & ADFS

1: Can I install ADFS on the domain controller. I dont have enough specs to create a new server for just ADFS. I want to be able to install ADFS on the DC.

2: WAP instructions state the server must have 2 NIC cards, external and internal. Can I just use one NIC with DNS entries for external and internal?
I've got two RDS installations, one with 2012 R2 and the other with 2016. I'm setting up a test environment so I can understand how to do a cluster of RDS Connection Brokers.

I setup two servers and installed the 2012 SQL native client (there isn't a 2016 native client).on each CB. I verified the cluster is working by taking one server down at a time and the cluster IP remains pingable..

In the setup wizard for RD Connection Broker for HA, it asks for the DNS of the RD Connection Broker cluster, so I put that in.

But there is no RD CB service for the cluster, just on each CB server, so the wizard fails.

I found this video (https://www.youtube.com/watch?v=kQufizuFTkk), but it is for 2008 R2. It appears I need to create the services for the cluster?

My DNS zone broker.mydomain.com points to the IP of the cluster.

Not sure what the next steps are so the HA wizard will complete successfully.
Hi Expert

We have a new Win10 PC cannot join server 2012 domain. Previously, other PC can be solved by adding "AllowSingleLabelDnsDomain" in registry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

But this time it cannot. Below is the error message:

I have hard coded the DNS for the two domain controller and can ping. What I guess that the domain is setup many years ago (2003 version), and on that time there ".com" adding to the end. (i..e it is called abc domain, not abc.com domain). We have upgraded to the 2012 domain last year.

After the upgrade, sometimes we find the PC cannot find the domain.

Regards, Ivan

@@@@@@ Error Message @@@@

An Active Directory Domain Controller (AD DC) for the domain "XXXX" could not be contacted.

Note: This information is intended for a network administrator.  If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\WINDOWS\debug\dcdiag.txt.

The domain name "XXXX" might be a NetBIOS domain name.  If this is the case, verify that the domain name is properly registered with WINS.

If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.

DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain "XXXX":

The query was for the SRV record for …
We recently configured a forest trust between two domains and we have been able to cross authenticate.  However, it only works if the user puts in domain.com\username.  It isn't enough to just put in domain\username.

The scenario looks like this.

User at company.b.com is logging into a server at company.a.com.  To use the username and password for their compay.b.com account they need to log into the server as company.b.com\username.

Is that typical or is there anything we can do to make the login domain not require the .com?

Is there something else we can do in DNS to allow this to work?

In the DNS manager (RSAT) in my workstation W10 1903 I do not see the Global Logs \ DNS events section.

Thanks in advance
I have this error in all DC's on my company:

Error DNS-Server-Service Event ID 4015

The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "0000051B: AtrErr: DSID-030F2312, #1:
      0: 0000051B: DSID-030F2312, problem 1005 (CONSTRAINT_ATT_TYPE), data 0, Att 20119 (nTSecurityDescriptor)". The event data contains the error.

Could you help me, please?

Regards, David.
This is using MS Windows 2012 R2 AD. There is only one DC with all the 5 FSMO roles, DNS, DHCP roles. Recently, found that the domain logging in were getting slow. Users have to wait some time before they were shown they are logged in. Another issue is, they seem they can't access to the file servers, look like the permissions issue.

The temporary workaround is in the morning, we have to system reboot the DC, and all these above issues are gone (for a time being). What could be the issue? How to troubleshoot?
I did checked through the DNS, sites and services, domain, and user & computers; all looks working fine.

Thanks in advance.
We have a Windows 2003 Small Business server R2. Friday Oct. 4 2019, we were unable to connect to one of our clearing house sites that had been working previously with no problems. The Friday mentioned above, users were getting the following error message:


Calling the clearing house tech support, I was told the problem was not on their end & they had no problems or complaints from anyone else. I cleared the cache on one of the computers, released and renewed the IP config, but nothing worked.

I then went to the server and did an nslookup on both a known working site and the one that gave us the error and I came up with the following:


To get us working again, I went to each of the user's computers and manually entered the address of our ISP's DNS server instead of the IP address of our in-house server. Everything is working as it should. This was the only site we had a problem with - all other websites loaded correctly and we were able to access files on the server.

I also noticed that our tape backup failed twice while using new tapes. The previous 5 new tapes worked properly on the previous 5 days. The message I got from Symantec Backup Exec 12.0 was to put in Tape Number 000000016, even though these are new tapes and we have never had to use a full tape for the daily backups. I'm not sure if the 2 problems are related, but I figure I'd better post this in case there could be some correlation.

I have …
I posted a question earlier, about replacing a 2008 DC at client site.  They originally had a DC, but since all users are logging in local, they are using dns and dhcp from their router.  Client does not want another domain controller, they want a stand alone server to act as their file server.  The server will be a Windows Server 2019 Essential.  I would like to know what needs to be done to replace the dc with a stand alone server.   How will this affect users and other devices on the network.  Thank you in advance for your help!
I get an ssl error when. I visit Facebook when I am in work network.  DNS by opendns via unify router.  It only happens there.  Same computer, if I try to connect using my hotspot, no error.  Connect back to work WiFi, same error.   Also all workstations get the same error, wifi or hardline.
Just wondering if anyone knows how Linux and MAC update their hostname or PTR record to the DNS and secondly, we have a Linux based (don't look like bind however) with host entries and mac addresses (used for dot1x also) and how to get those hostnames migrated over to the Windows based DNS server and if the DNS PTR works with dynamic registration, guess there is no need to migrated the hostnames over.

Thank you in advance,
I'm in the process of migrating one of my domains from my SBS2011 to Exchange online plan 2. I made the changes to the DNS, MX records and disabled the SBS exchange mailboxes for the users involved and all seemed ok.

I setup two of the three users and I could receive and send email, though not from the rest of the SBS users, which I believe was an issue with the Global Distribution list not getting updated.

The main problem, which caused me to revert back to the SBS, is that one of the users had a free Microsoft account with the same email as the one that I was using for Exchange Online. This caused the email to be delivered to that account and not the correct one, as well as him not being able to see the other users of the Exchange online.

I changed the primary login of the free account but I couldn't get the account to work in Outlook and the webmail couldn't load either. Please see all my steps below and tell me if I am missing something. I already wasted a day on this simple process.

1) export emails from current SBS account
2) validate domain on Exchange online and make as primary
3) disable mailboxes on SBS so as to not have any conflicts
4) force update of Global distribution list (How?)
5) setup new accounts in new Outlook profiles and mobile devices
6) ensure internal and external mail flow

Can you think of anything that needs to be changed in the process above or can you elaborate with more details on certain steps?
Are there any limitations or rextrictions to using a trial version of Windows Server 2016/2019 Standard X64.  I have to stand up a couple servers for Active Directory, NPS, DNS, DHCP, File Services, Print etc.very soon, but the approval for the purchase takes some bureaucratic time.  I'm wanting to know if I can install it, and then in a week or so when the purchase is approved, buy the full license and apply it to the trial version.

Any gotcha's with this that I'm not thinking of?

I'm unable to search for this link & and i confused how to fix it can anyone help out please?
We have a weird issue while trying to restore a domain controler on a offline Server with Exec Backup. Recently we moved / migrated Windows Server from 2008 to 2016. DC1 has all the master rolles and its a VM, DC 2 is physical, both have DNS rolles installed. Life Servers,run great so far:netdom query fsmo, AD Sites show all FSMO roles on DC1 (Domain master. Dcdiag, Repadmin all ok, DNS is resolved correctly: DC1 Points to DC2 and DC2 Points to DC1 as primary DNS

But when im trying to restore DC1 on a offline Server, AD works only to the point its trying to replicate,then Active Directory stops working. and i dont get it DC1 has the master roles it should / must work alone. Offline Server is a 2016 machine with Hyperv on internal vm nic. Myfirst assumtion was ipv6 Setting sinceit did have  a DNS ::1 entry but no change.






The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.