Jump to content

DNS server

BigDaddy

By BigDaddy
in Windows 2000/2003/NT4

 Share

Recommended Posts

BigDaddy

BigDaddy

Posted
Posted (edited)

taurus-1.siol.net ---> 193.189.160.11

Is my ISP's DNS server. And my ISP's name is SIOL.

post-8982-1134327694_thumb.png

and also nslookup does this when typing it from a client computer:

post-8982-1134327833_thumb.png

But otherwise DNS resolving works. Just look at the cache:

post-8982-1134328075_thumb.png

btw. The server machine on which DNS SERVER service is running is a Win2k3 SP1 machine. Configured as a workgroup and not as a domain.

My network diagram:

network.jpg

Edited by BigDaddy
Link to comment
Share on other sites

BigDaddy

BigDaddy

Posted
  • Author
Posted
Make sure you've configured your DNS server to allow all updates, not just secure updates. Since you do not have a domain, the "secure updates" setting will not work (and you'll see those errors).

This is how I've set it now, will this suffice?

post-8982-1134505051_thumb.png

Link to comment
Share on other sites
cluberti

cluberti

Posted
Posted

Are you certain of the following?

1. All domain controllers have the same time, and are set in their proper time zones.

2. You have NO public DNS information on any of your servers or clients - they all have only internal DNS servers in their DNS configuration (or gathered from DHCP).

3. This has worked before (those error messages are not necessarily uncommon in a non-domain environment, as these are Kerberos errors).

There is one thing you can try, as these errors can occur if other services start before the DNS service. What you may wish to try is making the NETLOGON service depend on DNS. This can be done in the registry:

Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon

Value: DependOnService

Data: DNS (add under any other values listed here)

Link to comment
Share on other sites
BigDaddy

BigDaddy

Posted
  • Author
Posted (edited)
Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon

Value: DependOnService

Data: DNS (add under any other values listed here)

Just did that. But I still recieve the error.

In the meantime I'm having another problem:

Eversince I installed DNS SERVER service on Win2k3 computer and naming the PRIMARY DNS SUFFIX to "workgroup.org" so the full computer name is "server.workgroup.org"

I've been getting this in IE and FF when I haven't type the full name of the address:

ex.: google instead of www.google.com

Welcome to your new web site.

If you are seeing this page, you will need to wait a few hours before you

are able to access the site via your browser.

However, you are able to FTP content to your IP address at this time.

Thank you for choosing Us.

the time now is: 10:12:54 AM

How to get rid of this?

Edited by BigDaddy
Link to comment
Share on other sites
nmX.Memnoch

nmX.Memnoch

Posted
Posted

"workgroup.org" is a valid domain name that someone owns. If you open that page in your browser you'll see the same message you posted. If you're connected to the internet, which you are, you should never use a domain name that is already in use by someone else (this is easy to check using sites such as register.com or doing a simple whois). It'll cause errors in your DNS and could potentially be causing errors on their DNS server(s). When doing internal DNS domains on networks connected to the internet, but that won't be seen by the outside world you should use a suffix that isn't a "valid" suffix such as workgroup.local.

Link to comment
Share on other sites
cluberti

cluberti

Posted
Posted

Good catch - that is likely the root cause of all of the problems. I made the silly assumption that the poster did own workgroup.org.

To the original poster: if someone else owns the domain, you will have problems. Either use a domain name you own, or make the domain name <whateveryou'dlikehere>.local.

Link to comment
Share on other sites
nmX.Memnoch

nmX.Memnoch

Posted
Posted

I'm willing to bet that taurus-1.siol.net is the DNS server for workgroup.org. You're getting the error because workgroup.org is probably still referenced in your DNS server somewhere...and the actual DNS server for that domain is telling your DNS server that it doesn't have access to update records.

There's a proper way to clean up all of the DNS records when you change the domain name...but I'm not exactly sure what that is. I had problems with my AD when I changed the domain name; promoted first server with dcpromo and setup domain...changed my mind and demoted via dcpromo...then did it all over again. I would periodically get DNS errors in my Event Logs for the original domain name that I wasn't using anymore. That was several machines/installs ago though (my home network changes too frequently to worry that much about it).

Link to comment
Share on other sites
  • 2 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...