DNS

25K

Solutions

12

Articles & Videos

25K

Contributors

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Share tech news, updates, or what's on your mind.

Sign up to Post

is this posibble

www.domainexample.ext cname domainexample.ext

domainexample.ext aaaa 2001:::: etc
domainexample.ext A x.x.x.x

I had troubles that the ipv6 couldn't be found this way.

Now I have seperate A and AAAA for the domain name and the sub www
0
Increase Agility with Enabled Toolchains
Increase Agility with Enabled Toolchains

Connect your existing build, deployment, management, monitoring, and collaboration platforms. From Puppet to Chef, HipChat to Slack, ServiceNow to JIRA, Splunk to New Relic and beyond, hand off data between systems to engage the right people.

Connect with xMatters.

Hello,

I am able to log in to a PC with the Admin account.  The PC name on the PC dropdown list is WS-19.  But when I log in, I check the PC name and it is WS-3.  How can I correct this?  Both PCs have different IP addresses,  the DNS Host record match the PC names to the correct IP address.

I have no Idea what could be causing this, should I un-join WS-19 and add it back to the domain?

Thanks!
0
I have 300 Ubuntu 14 PC's that I block all internet except a whitelist - I do this by disabling dns, and have the central server do dns lookups for everything on whitelist and put it in a hosts file and have all the hosts use that. Obviously, this is a bit hacky but it worked.

The problem now - I have a need to whitelist *.slack.com. Slack says subdomains change too much, they cant provide a static list, or even a current list and then let me update it.

So I guess I need to enable DNS - what might be easy ways to still restrict to a whitelist of domains? I can easily run shell scripts on all 300 machines. (they check in with central server and grab a script and run it regularly). So anything I can install/configure via script is a viable option...

If it's not too hard I could set up an ubuntu machine to be a dns server.

Basically what I want is whatever is easiest so that I can just provide a whiltelist, that is allowed to have wild cards like *.slack.com and block everything else. I suppose it doesn't actually have to be a DNS based block if there is some client app.

Whatever it is, I am OK to set up a server myself - but the clients, it needs to be scriptable install/config.

I want to be able to update the whitelist easily/quickly.

Any ideas/suggestions?
0
I'm trying to add a server (Server B) as a child domain to an existing forest.  The server was originally setup as a domain controller to replace the on prem domain controller, but was later decided to make is a child of the forest since the NAS on site can communicate with multiple domains of the same forest. I have removed the ADDS role and demoted the server. The old domain controller has a functional level of Windows Server 2012 R2 and the domain is called XYZ.com. This server was originally setup on a 192.168.60.0/24 network. IT Management has setup the new server (Server B) on a 10.10.16.0/22 network and want to make it a child so that it's domain would be abc.xyz.com. Management has also added a 10.10.16.x IP address on XYZ. On XYZ, I have setup a new site in AD Sites and Services with the 10 subnet and have renamed the original Site for clarity and have set it up with it's 192 subnet. Both servers are manually configured with IP/Subnet Mask/Default Gateway/DNS. Both servers have 2 IPs, one on the 10 network and one on the 192 network. From Server B, I can ping xyz.com by IP but not by name. When I try by name, the replys come from the hosted website. Each network has it's own default gateway. I then go to server B and add the AD DS role and then proceed to Promote the server. I choose the option to "Add a new domain to an existing forest". The "Select domain type" is set to Child Domain. I click on the Select button next to parent domain name where it asks me for …
0
Hello
i have installed windows server 2008 R2 with two network adapter each o adapter has different ip address
i have 4 domain on this server
3 domain has pint to second adapter ip address but on of them has point to first adapter ip address
i did the dns forward records changing, reset ipconfig with flushdns and regenerate the dns with /registerdns
but the domain has point to old address yet
i also removed that domain from dns server and added it again, but the problem is still there
0
We have a domain controller running Windows 2012 Server and it's also our DNS/DHCP server.  Non Windows devices acquire a DHCP lease, but fail to register in DNS.  Yesterday I added a non Windows device to the network, which immediately showed up in DHCP, but not in DNS.  This morning it finally did show up in DNS.  I added another device today and change the scavenge setting to 1 hour, but it still does not register with DNS.  I do have it checked to dynamically update DNS.

Maybe it tomorrow it will magically show up in DNS, but shouldn't it immediately be added to DNS when a DHCP lease is created?  How can I get this to happen without manually add it?
0
When my site are in development I have always gotten the IP address from AWS, then accessed them from my browser. But here's an article I would read if there is a secret exposure...

https://www.imore.com/how-edit-your-macs-hosts-file-and-why-you-would-want

I do not take lightly to changing my Hosts file because I do not want to put myself into an unstable condition, if I missed something in the directions.

Is there risk to using an IP address to directly access my PC? I assume the biggest benefit is that the site can be kept private from public view, but is there any way in the world that someone cold guess that address?

Are the scrapers out there pinging billions of IP addresses?

As far as keeping it private, it is mainly that I can use my real domain name and keep that private? That's nt important to me since I can buy the SSL cert and do that before launch. AT the moment, I just need to look at the sire and test it, so by adding my IP into the browser, does that expose my IP to scrapers?

Thanks.
0
Hello,

I'm getting the message listed in the title when trying to access a DFS share from a new subnet we created which happens to be a different subnet the one the nearest DFS server is.

So, the workstation on Subnet B is trying to access the DFS server on Subnet A.  Subnet B is a new subnet we just created.  Networking and DNS seem to be working fine to Subnet B and the workstation can access the DFS server by name using \\Servername with no issues.  It's only when using \\DFSsharedomain the issue occurs.  

I've set up a reverse DNS zone for the new subnet, ensured the workstation on the new subnet is listed in DNS and that servers and workstations can access the workstation on Subnet B both by IP and by host name.



I'm not sure what DFS needs for the workstation to access it which is what I'm stumped on.   Because the workstation is on a subnet without a DFS server and has to travel across subnets, it's not associated with a "site" and therefore all the DFS servers are showing up as referral targets whereas other workstations in the overall network only get referrals from DFS servers in their "site".  I wonder if this is the issue?

 Can any one assist?

Thank you!
0
Exchange 2016 on Server 2012 R2.

Exchange is working fine.

Mobile users, all on iPhone, can connect to the Exchange Server for mail when they are off site, but not while on site & connected to the LAN Wi-Fi.

If they turn Wi-Fi off, they connect (obviously via cellular)

Why can they not connet through the LAN Wi-Fi?
0
Hi,
This question is getting asked a lot from me lately and I am using my common sense to answer it, but need other opinions please.
Basically a company might have a large company name like:
http://averylargecompanynamethatisverylong.com
They may also have registered
http://asmallname.com
http://asmallnametoo.com

Now my question is more targeting to SEO.  Which domain should have their website hosted at?  Where should their emails be (as you don't want people to have to remember a really long email)

So my question is, if you have many domains for your company, which is the best one for hosting the website, and obviously the site with the smaller domain name would be best for email promoting so should you host the site at the best keyword, long domain, the have a web forwarder for all other domains, and then simply set up email hosting for the smaller domain.

I am asking from a SEO and marketing point of view.  

I think I know the answer, but I need a discussion to be sure.
0
Raise the IQ of Your IT Alerts
Raise the IQ of Your IT Alerts

From IT major incidents to manufacturing line slowdowns, every business process generates insights that need to reach the people required to take action. You need a platform that integrates with your business tools to create fully enabled DevOps toolchains.

You need xMatters.

Hi,

I am migrating Ex2010 to Ex2016. They are running in co-existance mode right now.
This morning I changed the DNS settings to send my mail to the Ex2016 server.
Outlook and OWA are working fine, but users on phones/tablets are telling me that their devices keep asking for passwords and then don't accept them.
Any ideas?
Thanks,
Nacht
0
Anybody have info about hosted DNS and the Magic Quadrant? We're looking to host our public DNS.
0
Getting 404 error logs //autodiscover/autodiscover.xml/ in word press for our site. We are using Office 365 for email. I have done some research but I am not sure what the best way to resolve this is.

Thanks in advance.
0
Hi ,

I am just scrolling in the DNS server and i come across _MSDCS.comany.com , When expanding the folder domain i  see a SID number.
is this safe to be left ? anybody knows why this could be happening?
Records are still there under the SID only i dont see any name ?
See attached screenshot.
Thanks.
SID-DNS.jpg
0
Hi,

      We have a customer that someone put there internal domain the same as there external website domain. So there windows domian is for example abc.co.uk but there website is also abc.co.uk

I have put in a www a record on DNS pointing to the IP that i get back from pinging abc.co.uk.

However the issue is now if i try and navigate to the website in the internal network i get www.www.abc.co.uk come back.

And by the way it does work outside of the network :).

Thanks
0
Hi guys

We have a Windows 2008 R2 AD environment. There are 'Computer' OU's that I am looking at which probably consist of machines that are no longer on the domain. Ideally I would like those cleaned up.

How do you go about such a thing? Do you use any tools or can recommend any? I was using the Solarwinds Inactive Computer Removal tool. Is that something you have tried?

Cheers
Yashy
0
Hi,
I just did file server migration from 2003 to 2016 using the following guide

https://community.spiceworks.com/how_to/75097-replace-an-old-file-server-with-a-new-file-server-using-the-same-ip-same-name-same-shares

All is working well as i am able to access the shares from computer with appropriate permission, however some of the shares had an alias for example \\servername\files\123 was called \\filestore\files\123. I am not able to accesss those shares,whenever i click on it i get a prompt that says you were not connected because duplicate name exist on the network.

I have renamed the old server, re IP'd it and even turned it off. Nothing in DNS records pointing to the old server. Any suggestions?
0
I migrated my DC from 2003 to 2012 R2 recently, and have been having a real bear of a time with workstation connectivity. 2003 had a clean demotion(so it seemed), I exported/imported DHCP, synced DNS, and seized FSMO properly. I have looked through ADSIEDIT to see if there were any stale records of the old DC. There seems to be something funky with DNS and/or DHCP, as I am receiving event ID's 5781 NETLOGON, and 4013 DNS-Server-service, 1054 Group-Policy, and 10020 DHCP-Server warnings/errors.
These events are occuring when reboots are not even happening. Just all day long.
On Event ID 10020 DHCP-Server warning, I do not have iipv6 enabled on my NIC. All other NIC's disabled. ipconfig /all shows no ipv6 IP address.
Workstations are consistently and intermittently loosing connection to internet with Event ID 1014. This does not occur at the same time for workstations.
What I have done so far...

I have disabled all Windows software firewalls.
My DC points to itself as the DNS server.
DCDIAG reports no errors. (also with /test:DNS)
Have disabled slow link detection on workstation GPO and DC GPO.
Disabled autotuning.
Disabled task offload on DC
Created a _msdcs zone in the root of Forward lookup zones.

This is a solo DC. Solo DNS (active-directory integrated)
Forwarders point to my ISP which is Google. (8.8.8.8, 8.8.4.4)
I have not tried disabling recursion, as I don't really see that as a troubleshooting resolution for this problem.

After migrating the …
0
At some point within the last week, we have been getting the following message on our file server (this server has been in place on our network now for about two months):

"The server did not finish checking the license compliance.  If the server is joined to a domain, make sure that the server can connect to a domain controller.  If the license compliance cannot be completed, the server will automatically shut down in 2 days 22 hours."

I am able to ping and contact our domain controller, have made sure updates are in place, and have poked around other places online but can't seem to find a good way to check this and fix the issue.  Any and all help apprecaited!

TIA.
Screen-Shot-2017-06-14-at-12.15.34-P.png
0
Free learning courses: Active Directory Deep Dive
LVL 1
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Hi,
We have built a new ADFS 3.0 server to replace an ADFS 2.0 server.
I have configured ADFS and purchased a wildcard certificate and imported it into the server. According to forums i should then be able to test that it works by going to the following URL: https://............/adfs/ls/IdpInitiatedSignon.aspx
However when i go to this page it says this page can not be displayed. I tried going to the following to see if it brings different results:
https://adfs.domain.org/adfs/ls/IdpInitiatedSignon.aspx - normal page can not be displayed page
https://servername/adfs/ls/IdpInitiatedSignon.aspx - This displays the following error:
Error in IE11https://fqdn/adfs/ls/IdpInitiatedSignon.aspx - Same as above

Our logon domain has x2 domains: @domain.org and @domain.local. We use @domain.org for emails and websites etc and the SSL wildcard certificate was created as *.domain.org with the SAM *.domain.org.

I created an internal DNS A record for adfs to point to the new ADFS server. added a new public DNS A record to point to the new server as adfs.domain.org. I add the token-signing certificate to the bluejeans portal to authenticate with this server, yet it still all fails.

I'm scratching my head at this point, but think it may be something to do with the certificate and missing some configuration for it, as this is near enough the only difference other than the ADFS version between the new and old ADFS servers.

Thanks.
0
Server is domain controller in cloud, connected via VPN
Server is recently migrated - 2008 on premise to 2012 in cloud.

DHCP is running on local Cyberoam router
0
Im removed a DC\DNS server off our network. I am at the "remove DNS delegation" step. This is only the delegation to this specific server, correct? I am refreshing our servers to 2012 and this is our old 2008 server. We have the 2012 currently online as the production server.


Its been awhile since I have demoted a server to remove off our domain so I wanted to make sure.
1
I would like a Powershell script to export a list of computers from active directory to a CSV file. We manage one of the divisions at our organization so I only want to export the computers from our OU. Our computers are contained in several subfolders in our OU so I need the script to walk that entire structure automatically. I would like the following columns in the csv file:
Computer NetBIOS name (not DNS name)
AD path with \ separators, not ou=Engineering, ou=Contoso, ou=com, etc. If possible
Computer description
Object creation date
Object modified date
Bitlocker key if present

Save location for file should be
H:\Documents\Reports\AD Computers.csv
0
I suspect this is all about DNS. I have two sites linked by a VPN. VPN is formed by two Netgear ProSafe routers over NBN connections and works fine.

Site A LAN is 192.168.3.0 / 255.255.255.0

Site B LAN is 192.168.2.0 / 255.255.255.0

Site A has a Windows Server 2012 R2 box running AD for the domain

Site B also has a Windows Server 2012 R2 box running AD for the domain

Here's where the problem started:

Site A was up & running and everything was peachy. I should note that I have lots of experience with single site, multiple servers, but this is my first branch office interconnect job.

Weekend job was to set up the network at the branch office, Site B. I had the server ready to go as a standalone and connected it on Site B, then went to join it to the domain over the VPN. I established that I could ping the server on Site A by IP address. I set the DNS server on Site B's server NIC to point to the DC on Site A and put theirdomain.local as the DNS Suffix in Advanced TCP/IP Settings.

Went to join the domain via the usual method (Computer | Properties | Change Settings | Change etc..) and it could not find the domain cotroller. Stuffed around with LMHOSTS but I was eating time, so I decided, as the two sites were less than an hour apart, to take Site B server to Site A and join it on the LAN.

This I did, AD Users & Computers got all populated, then I took Site B server back to its home and I could join clients to the domain. All seemed fine, until I …
0
We are moving a block away and it will take 2 weeks.

Separate servers for Exchange, ADS, 2 File Servers.  (one of them runs WINS and DHCP).

I need to move email services to the new place tonight, and I think it should be fine without an ADS on the network until this weekend when I move the other servers.

My email guru (who does my DNS and routing) is on vacation in 2 days and I have to move the Exchange while he is still available for any DNS changes, etc.

Question is - will I have a problem running my Exchange without ADS for a few days?  Will it just remember its password like laptops do when they are off network?

Thank you for any help!
0

DNS

25K

Solutions

12

Articles & Videos

25K

Contributors

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.