[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More







The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Share tech news, updates, or what's on your mind.

Sign up to Post

I had this question after viewing DNS not resolving for specific website.

I have a same Issue like. Our DNS server not responding to the certain address
Hi, I am trying to join my computer to our domain but I unable to do so due to issues with discovering the name server. when i run nslookup it returns with a server unknown with an IP V6 address. I have a slight inclination as to the issue is but could not know how to troubleshoot it. On the DNS server someone as crated both multiple host records with different names pointing to the same IP address in both IPV4 and IPV6. However the IPV4 records in  SBS Server 2011 can have reverse lookup records where as IPV6 do not. I know IPV6 should have the capability to do a reverse lookup. Please help.
Setup of DNS - 1 in my DMZ and I in ISP location - public DNS servers

I'm receiving feedback from some external experienced engineers that the above setup is weird. I sense there my be something wrong - but from what ive researched this is good practice.
They are both primary authoritative name servers for our public domain. - there is no zone transfer between them.

The ISP controlled DNS is frustrating to a degree as we need to ring them frequently to get unusual entries completed. EG SPF records. Then I need to place the same record in my DMZ on-prem hosted DNS server (which i can do myself easily). So there is double entry required.
The question I'm asking is is this an unusual setup for public DNS for an organization?. Whats wrong with it ? Thanks
I have a hyper V lab environment setup. I originally had it setup to a internal switch but wanted to change it to a external switch so I can get out to the internet.
 I can get out to the internet if I set that machines to automatically get a ip address but I need to be able to communicate between the machine in the lab.

At my work place they have it setup so all the machines use the DC for DNS resolution and they set forwarders on the DNS server to get out to the internet. This doesnt seem to work in my lab envir. Is there a way to get the machines to see each other and get out to the internet as well?
New Exchange 2013 installation. Want to confirm that my internal DNS server has the correct Autodiscover, mail, webmail entries. I have just entered the entries on my SANS cert into our internal DNS server but I have doubts whether this is working correctly 100%. This DNS server and email server sit in our .local domain.
After exchange 2010 to 2013 upgrade none of my Outlook clients can connect to the new exchange server. AutoSync and OWA connections are OK.

When creating a new client profile I receive the message "The name can' be resolved". NSlookup is good. Inspection of DNS server shows A record good for new exchange server.
we have configured a new Server 2016 DC and and new Exchange 2016 sever (on separate hardware).

We are not able to get our iPhone's to setup an Exchange account. The account on the phone will all 'green tick' but when trying to collect email is comes up 'account error' - 'unable to connect'.

This is a summary of what DOES work.
DC is working fine
Exchange is working fine
We have configured various DNS settings on our DC to reflect out external URL, Autodiscover, OWA and remote - they point to Exchange
We have a WIldcard SSL that gives us a secure SSL connection from outside our organisation to the DC's RWW and Exchange OWA
Internally Outlook clients can connect fine
Externally - NON DOMAIN joined PC's can configure a Exchange account and CAN send and receive email.
We have configured AUTODISCOVERY (URL 'A' and 'Cname' records) - and according to Microsoft's Remote Connectivity Analyser all tests pass - EXCEPT IMAP and POP which is due to the Wildcard SSL NOT being bound to those two protocols (but shouldn't be an issue- i don't think)

I have tried setting up the Exchange account on iPhone 6, 7, X iPad 2 and iPad Pro - none work and all show the same connectivity issue with Exchange.

We seem to have setup everything correctly - but clearly there is something missing.

Can anyone offer any support please
Thank you
Windows DNS issue.  Customer added on-premise Exchange server.  Since doing so, their is a problem accessing their public website from within the network.  The website is designed to strip the www prefix. When accessing the website www.domain.com it strips it to domain.com.  The AD domain is also domain.com so when the website tries to redirect to domain.com it goes to the internal DNS which is the Exchange server.  Need assistance in configuring DNS so it continues to route to the public website when the www is stripped and not effecting any Exchange 2016 functionality.
We currently have 2 DCs onsite and 1 DC in Azure. There are more times than not, our building has a planned power outage and we have to shut down our servers. However, our Cisco ASA is still up and we want the DC in Azure to pick up DHCP/DNS. I'm not sure how to go about this or where to look.
hi all ,

we have exchange server 2013 running DAG , we have issue with cluster services due to the Cluster name is not being online and checking the event log of the cluster we see the below error
" Cluster network name resource 'Cluster Name' cannot be brought online. Ensure that the network adapters for dependent IP address resources have access to at least one DNS server. Alternatively, enable NetBIOS for dependent IP addresses "

what we have tried is  remove the A record of the cluster from the DNS and create again with all permission and  set the option allow any authenticated user to update DNS .

the ComputerName CNO for the Cluster is now online .

any suggestion people .
I recently transferred a domain to my Registrar using the domain key.

After the transfer, I checked the whois database. All the information has been updated except Registrant and Registrant ID

I have contacted my registrar(Godaddy), they said these records will be updated in a couple of days automatically . I am not sure they are right. my understanding is the domain still belongs to previous company, we only have control of it. I need to transfer the ownership as well.

Does anyone have know to update these records to my company details?
Regarding the issue is that PTR record is not updating properly and if we can go ahead and untick and then tick again the option called "update assiocated ptr record" in A record it is working.

We are using DHCP in our environment to recieve the ip address from client systems, In DHCP we have the enabled option called Dynamically update the A record and PTR record for your referecne.

In DNS we have properly have the reverse zone and configured the dynamic updates to "secure only"

reverse zone like we have 10.30.

if we ping the ipaddress such ping -a then it is not resolving with hostname and if do nslookup we are getting the same hostname not resolving..

Please help us to fix. Please do the needful.
Windows 2012r2 , I followed this thread to rename domain name :http://www.rebeladmin.com/2015/05/step-by-step-guide-to-rename-active-directory-domain-name/

However, after the domain renamed. my DNS appears to a problem.

 All my AD dns record changed to just hostname. but it should be FQDN: hostname.domainname. including the name server also been changed to just host name.

Even I manual changed to FQDN, it will create another record with just hostname automatic.  

Can anyone tell me why?

SBS2011 getting ready to replace the server, in the meantime DNS resolution is horrible however I'm not convinced it's the server I think it's on the ISP side. When I ping either DNS server from the ISP it has a lag well above 25ms to 35ms. This is not enough though to determine why DNS resolution is so slow and the reason for this post. How to proceed troubleshooting in this case.

SBS2011 doesn't use forwarders but I tried them anyway without any luck. I also added for testing purposes and nothing changed. SBS2011 DNS/DHCP is configure, without forwarders and is using root hints. Firewall is using DNS from the ISP.

Something strange, when I make a VPN connection my resolution is fine. I may not be fully understanding DNS through a VPN connection, my understanding is I'm routed through the server so shouldn't I see the same issues? Note, I'm not using SBS routing and remote access using L2TP on the firewall. Maybe I just answers my question and I'm routing around the SBS2011 Server.

Also upgrade the bandwidth which is nice, much faster but the DNS resolution is still extremely slow and an issue.
I have 2 test servers running 2012r2 that I am using to study for my certifications. Both machines are clean installations.

This is my setup:

Server 1
Configured as a domain controller
Roles installed:
Active directory users and computers

Configured as a member server and is connected to the domain. I have hyper v role installed and I have a virtual machine created. I have installed  exchange 2013 on the virtual machine.

After the installation was successful, I was able to connect to ECP, and I could access the administrator account. When I rebooted the domain controller, it died.(it was a used sever) I then reconfigured another machine as a domain controller with the exact same settings as before. When I try to log into exchange ecp, I get this error.

Server Error in '/ecp' Application.

An error occurred during forest discovery (photonics.org).
  Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

 Exception Details: System.ServiceModel.FaultException`1[[Microsoft.Exchange.Data.Directory.TopologyDiscovery.TopologyServiceFault, Microsoft.Exchange.Data.Directory, Version=, Culture=neutral, PublicKeyToken=31bf3856ad364e35]]: An error occurred during forest discovery (photonics.org).

Source Error:

 An unhandled exception was generated during the execution of the …
I have an environment that included both wireless and lan connections
When a users comes into the office with a laptop and connects to their docking station they get DHCP from our "wired" scope (
When they come into the office and don't dock they get DHCP from our "wireless" scope (

Our issue
If the user has a dhcp assignment from either or and then connects to the other, our DNS records DONT get updated
Laptop user was on wireless and had an IP address of
User went to her desk. Our laptops are configured to disable wireless when docked
After docking she got a "wired" IP of
DNS record was NOT updated. The only way I can connect to the user is by going into DNS and deleting the record
DHCP is configured to always dynamically update DNS

I'm not responsible for our DNS or DHCP and I'm always told there is nothing that can be done. I find it hard to believe

Hi everyone.

I am getting numerous errors in our environment with DNS.

ServerParent is the Parent DC of the environment which is in location A
ServerChild is main DC where Server1 should be replicating - SYSVOL etc and is in location B
and Server1 is a DR server on child domain and is in Location A

The two public IPs 66.X.X.X are in the forwarders list.

this is what I with DCDIAG

PS C:\Windows\system32> dcdiag

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = Server1
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: contosochild.comprus-DR\Server1
      Starting test: Connectivity
         ......................... Server1 passed test Connectivity

Doing primary tests

   Testing server: contosochild.comprus-DR\Server1
      Starting test: Advertising
         ......................... Server1 passed test Advertising
      Starting test: FrsEvent
         ......................... Server1 passed test FrsEvent
      Starting test: DFSREvent
         There are warning or error events within the last 24 hours after the SYSVOL has been shared.  Failing SYSVOL
         replication problems may cause Group Policontosochild.com problems.
         ......................... Server1 passed test DFSREvent
      Starting test: SysVolCheck
         ......................... Server1 passed test SysVolCheck
      Starting test: …
Logging seems to have stopped.  

I have a DNS server (Slave)...usually go to /var/log/named.log and view the following files:
general.log  lame-servers.log  named.log  named.run  query.log  query.log.0  query.log.1  security.log  transfer.log  update.log

to do a real-time view   i use:

tail -f query.log    to view my current queries.      

Seems to have just stopped....any idea how to get it running again?

We're getting really slow log on performance with GPOs - 15 servers, 100+ users, each taking upwards of 3,500 seconds to process GPOs!

Testing I have done:

- Moved a user & a computer object to a test OU & no GPOs applied, works fine
- Added GPOs 1 by 1.  Issues manifest when a GPO references our DFS Share

For example, we have a GPO to copy a .ico file (<1KB) from the DFS share to the users desktop, this causes "Applying Shortcut Policies" to hang for more than 500seconds every time.  Changing the path of that file to point locally on the server means the entire log on process takes <8seconds.  

DFS has no issues in event viewer, the BPA shows a couple of replication issues, but nothing major.
AD & DNS both pass their BPA
Premissions on user directories are all fine (i.e. recreated & inherited)
User roaming & local profiles have been completely blown away
AV disabled on DFS, DCs & these RDS servers

Really struggling where to turn to next at the minute, and this is totally killing us with users waiting 1hr + to get logged into our VDI (RDS) estate..

Anyone got any ideas :S

Thanks very much

Essentials Server 2012r2 - DNS errors - under health monitoring getting the dynamic dns info cannot be update -
- server manager error - 4013 the dns server is waiting for AD DS to signal the initail sync of directory has been completed
- last week had the same problem and turning firewall off and on cleared it but now its back
- have yellow explanation across network icon
Good day

I work for a company that has a SBS  2011 server

Dynamic IP with ADSL
Server has 12GB RAM core i3

SMTP Smart host points to our domain provides SMTP

Now from time to time that error will occur in the queue non existent domain and that will block all mail going out and that delays the email to the client

Tried NSlookup to SMTP.myserver.co,.za and it does not resolve properly but through the router its fine

The DNS is has follows on the IP ((SBS IP) (Router) (DNS)

I have a Sever 2012 DC also setup but that did not affect mail flow as such. If I restart the SBS its fine for a while

Please advise as I cannot continue like this I do have exchange knowledge but never encountered anything like this.

I want to migrate to Exchange 2013 but that does not seem to play nice either

They use the pop 3 connector to download mail from hetzner. Must I go and reinstall Exchange? After a while the mail queue will connect and mails be released. Is it the router? Router is a Mikrotik connected to a DSL modem
We have 3 public DNS serveres running PowerDNS (really old version). I am preparing to upgrade, or change out the servers but can not get it to work.

We have the servers working as authorative and recursor but most of my setting are deprecated in the newer version of PowerDNS. I was hoping someone could help me with what I could to set them up working the same way we have today, but with newer config.

This is my current setting on the old version:
allow-recursion=xx.xx.xx.xx/xx, ...[+multiple subnets and ip adresses]
allow-axfr-ips=xx.xx.xx.xx, xx.xx.xx.xx, xx.xx.xx.xx
version-string=Not available

Open in new window


Open in new window

We are using this DNS as forwarding servers in Active Directory ant they are holding a lot of Public Domains aswell. We use MariaDB as backend.

Someone could help me with this? Im reading the release notes and in the newest version recursion is not there anymore. I need to solve this another way for domains not i my database.
We has 3 domain controllers and one domain, one forrest, one site, functional level is Windows server 2012 and no Windows server 2000. I found that replication scope of AD-integrated zone (for example company.local) is set to "All domain controllers in this domain (for Windows 2000 compatibility)" Since we has no w2k server for looong time - all DCs are 2k16 i try to change replication scope. But always I got general "Server failure" message and I'm unable to sucessfully perform change.

At event viewer this is logged:
Event ID 4015
  <Data Name="param1">000004DC: LdapErr: DSID-0C0909AF, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v3839</Data> 

Open in new window

Please, what should I do to fix this?
Have a weird issue where we are not receiving emails from a foreign client (client is based in South Korea, we are US based) to our main DOMIAN.COM email accounts which are an Office 365 setup. We, however, are receiving emails from this client to our backup, DOMAIN.NET, account which is Google setup. Our client will send an email to the .COM address and copy the .NET address. We will receive the email in the .NET account. Checking the spam filters and log files there is no indication that the email ever reaches the O365 server meaning we would never know it was sent without the .NET backup.

I have checked the MX records on my name server, moved to a new name server, tested my domain and cannot find a reason as to why these inbound emails will not reach the server.
I am trying to do a Bare metal recovery of our AD server. All seems to be ok but it cannot load the local zone in DNS. When I look in windows\system32\dns\backup there is no localzone.dns file present. The original server does not have this file either but has no trouble loading the zone. I can copy the AD vhdx file to the test server and run the AD VM and the zone loads.

How can I get the zone to load on the recovered VM. This is important to us as a few weeks ago the server failed and we tried to do a BMR to get back on line. Luckily we eventually managed to repair the hardware on the old server.

 I assume I need to repair the problem on the main AD Server.






The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.