The Domain Name Service
Common FAQs, Help, Guidance and Education about DNS
The solution is DNS, what is the problem?
This page contains links to resources containing content related to DNS. It's aimed at both helping MCTs and DNS users alike. Comments are most welcome!
Domain Name System (DNS) is the name resolution protocol used in TCP/IP
networks. TCP/IP networks, including Windows Servers and clients, use IP addresses to communicate, DNS resolves host names into IP addresses, and can resolve IP addresses to a host name..
What is DNS? - A Technet article that describes DNS in more detail. This paper is aimed at DNS in Windows Server 2003/R2, but it still broadly accurate.
Introduction to DNS
- this is a chapter from the Windows 2000 Server Resource Kit and
describes the basics of RFC compliant DNS.
Windows 2000 DNS - this is a chapter from the Windows 2000 Server Resource Kit and describes the specifics of DNS in Windows 2000.
Windows 2000 DNS and Active Directory Information and Technical Resources - http://support.microsoft.com/default.aspx?scid=kb;en-us;298448
DNS Is uses as the locator service used by Active Directory to find domain controllers and global catalog servers. DNS clients (which include AD domain controllers) use DNS to locate local/remote DCs.
DNS Requirements for Deploying Active Directory - this TechNet article provides checklists to help you verify that you have DNS setup to support Active Directory.
To Configure a DNS Server for use with Active Directory. This advice is in the Windows 2000 help file, but also here on the web:
Setting up DNS for Active Directory - a partial reprint from the Windows 2000 Server Resource Kit describing how to configure DNS for AD. http://support.microsoft.com/default.aspx?scid=kb;en-us;298448
Checklist: Deploying DNS for Active Directory - a check list of things to do and some more links.
Information About Configuring Windows 2000 for Domains with Single-Label DNS Names - you can do this, but it's probably not a good idea.
DNS Best Practices - These are some Microsoft best practice
recommendations on how to use DNS. These come from the Windows 2000
Server Help file.
1. Can I run DNS on a Windows Client OS?
can not run the Microsoft DNS server on any Windows client OS. You must use the Server OS to run Microsoft's DNS server or use a 3rd party DNS server that will run on the Client OS. One fundamental constraint of running a DNS server on the Windows client is limited to only 10 open ports which would rule out use of the Client OS for most enterprise scenairos.
2. Do I have to use Microsoft DNS?
While it's a default server - and probably the best choice if you are
supporting Active Directory, it's not your only choice. See the DNS Alternative versions page for some alternatives.
3. How can I backup and restore DNS settings on a server?
Wells has written an awesome script: dnsdump.cmd. Note: the ulr is to a
cm_ file. Save this locally then rename it with the proper extension
(i.e. .CMD). This script rocks!
4. How do I setup DNS to host my own domain?
This is a very frequently asked question. I've written this up as a separate page.
troubleshooting is usually straightforward. Most errors that are seen
tend to be simple configuration or setup errors. In order to
troubleshoot DNS, you must have details of the configuration of any DNS
resolvers and/or DNS servers and be able to use common DNS
troubleshooting tools. See below for details on links to tools you can
use to troubleshoot DNS, and how to overcome common DNS errors.
tips and tools linked here do not help, and you are using any version
of Microsoft Windows (or DOS for that matter), consider posting a query
to the microsoft.public.win2000.dns newsgroup. This newsgroup can be
obtained from news://news.microsoft.com. If you do post, you will need to provide some details of your particular issue including most of all of the following:
- Is the problem a client problem or a DNS Server problem?
- What Operating System are you running and with which service packs or other fixes?
- What is the client configuration? (ipconfig /all provides this!)
- What specific error, if any, are you seeing?
- What zones are configured on your DNS Server, and what properties are set for those zones?
- Are your DNS zones configured to be dynamically updated?
sort of Internet connection do you have? Does your ISP allow you to
runs servers on your connection and what does your provided IP address
vary or is it fixed?
- this is a site that will check the DNS settings for an Internet zone
and provide prescriptive guidance on optimising the settings.
- http://www.dnsstuff.com - this site has a number of DNS tools that you can use to diagnose DNS issues.
- has some good tools for DNS troubleshooting. The site promotes it
tools (and expertise) as anti-spam as opposed to just DNS
troubleshooting. At this site is http://www.samspade.org/t/ which provides tools similar to the dnsstuff site. The Sam Spade For Windows tool is one I have on my desktop and use a great deal.
- this page provides an on-line version of DIG - a very useful tool
from the Unix world that is used to troubleshoot DNS issues. WHY can't
Microsoft provide a port of DIG in Windows or the resource kit?
- http://www.squish.net/dnscheck - Given a record name, and a record type, this page will return a report detailing all possible answers.
- DNS Dump - a truly awesome script by Dean Wells. Read carefully before using - and make sure you change the extension before you run!
This is a list of common problems seen in the newsgroups plus a pointer to a solution
1. Running NSLookup returns Non-existent domain
If you run nslookup you might see an error something like this:
*** Can't find server name for address 192.168.1.1: Non-existent domain
*** Default servers are not available
Default Server: UnKnown
is due to Nslookup being unable to perform a reverse lookup on the IP
address of the DNS server. When NSLookup starts, it attempts do a
reverse lookup of the IP address of the DNS server. If this fails,
NSlookup gives the message noted above, which is somewhat misleading.
The solution is to either install a reverse lookup zone for your
workstations or to ignore the message.
2. Netlogon Error 5774 - DNS Operation Refused
error is typically caused by the use of a DNS server that does not
allow dynamic update, or is set to refuse operations from your
computer. Sometimes this is due to a workstation that points to the
ISP's DNS server, instead of an internal DNS server. In general, all
internal servers and workstations should point to one or more internal
DNS servers which in turn point to a DNS server that forwards to the
3. DNS Error 414 - The specified domain either does not exist or could not be contacted
error is usually caused by the computer being configured with no DNS
domain name. If the computer is a DNS server which has only a single
label name (e.g. kona2 vs. kona2.reskit.net), any zone created will have
the default SOA and NS records created using just a single label. This
in turn will lead to invalid or failed referrals when used to provide
lookups for this zone.
4. DNS Error 5504 = The DNS Server encountered an invalid domain name in a packet from X.X.X.X
error indicates that the DNS server has received a packet with an
invalid domain name - and the packet has been rejected. The most common
cause of this is DNS cache pollution, as described in KB article 241352
5. Troubleshooting Dynamic Update Problems.
update is a DNS feature that enables hosts to update their DNS details
at the DNS server. Although easy to setup, there are some ways in which
DNS dynamic update can fail. See the KB article 287156 for more details on how dynamic
6. Windows Server 2003 can not resolve addresses that Windows 2000 can.
some cases, it appears that Windows 2003 server is just not functioning
and not resolving some names. The cause is that EDNS0 requests from the
2003 DNS server not recognized by all other DNS servers.
To resolve this, you should disable EDNS0 requests, using the DNScmd program from the Windows 2003 Support tools:
dnscmd /config /enableednsprobes
DNS and BIND - by Cricket Liu and Paul Ablitz. Possibly the best introduction to DNS in existance. It'sjUnix based, but still a good book.
Windows 2000 DNS - by Herman Knief, Roger Abell, Jeffery Graham, and Andrew Daniels. An OK Windows 2000 DNS book.
following 3 KB articles list the DNS registry settings. These settings,
as noted in the KB articles, are for Windows NT 4.0, however most of
them are still used in Windows 2000 and Windows .NET Server. Updates
have been requested, but knowing Microsoft, will probably not come very
part 1 - http://support.microsoft.com/default.aspx?scid=KB;en-us;198408
part 2 - http://support.microsoft.com/default.aspx?scid=KB;en-us;198409
part 3 - http://support.microsoft.com/default.aspx?scid=KB;en-us;198410
HOW TO: Integrate Windows 2000 DNS with an Existing DNS Infrastructure in Windows 2000
HOW TO: Configure DNS Dynamic Update in Windows 2000
HOW TO: Configure DNS for Internet Access in Windows 2000
TO: Migrate an Existing Domain Name System Infrastructure from a
BIND-Based Server to a Windows 2000-Based Domain Name System Server in
HOW TO: Integrate DNS with Existing DNS Infrastructure If Active Directory Is Enabled in Windows 2000
HOW TO: Configure DNS for Internet Access in Windows 2000:
HOW TO: Reinstall a Dynamic DNS Active Directory- Integrated Zone
DNS Namespace Planning
Setting Up the Domain Name System for Active Directory:
Integrating Windows 2000 DNS into an Existing BIND or Windows NT 4.0-Based DNS Namespace
How to Prevent Windows 2000 from Assigning WINS and DNS Addresses to RAS Clients
Windows 2000 May Send Unexpected DNS Request
Cannot Start Windows 2000 with a Large Number of DNS Zones
The Structure of a Domain Name System Boot File
DNS Records Registered by Windows 2000 Domain Controllers
How to Enable/Disable Windows 2000 Dynamic DNS Registrations
Setting Up the Domain Name System for Active Directory
Net Logon Dynamic DNS Registration Functionality Changes After Installing Windows 2000 SP1
DNS Server Becomes an Island When a Domain Controller Points to Itself for the _Msdcs.ForestDnsName Domain - http://support.microsoft.com/default.aspx?scid=KB;en-us;275278
Troubleshooting Windows 2000 DNS Dynamic Update Problems - http://support.microsoft.com/default.aspx?scid=kb;en-us;287156
Is this section missing any relevant KB Articles? If so, mail me!
The Ask Mr DNS Podcast. Mr DNS, aka Cricket Liu, has a regular podcast. Great DNS Stuff there.
This page was developed by Thomas Lee
- it's his fault if there are mistakes here!
This page was last modified on Wednesday, February 06, 2013 12:29:42 PM