PHWinfo - Afficher un message - Default SOA and NS records with Windows 2000 AD Integrated DNS

04/02/2008, 16h47

> Your using AD with DNS for public servers? Usually not recommended, but
> that's ok.

I can certainly switch (its something I've considered anyway) but can you
point me to any documentation which backs up your statement? That would go a
long way in convincing management that this is something we should do.

Thank You,
Brad

"Ace Fekay [MVP]" <PleaseAskMe@SomeDomain.com> wrote in message
news:u1eNWGvZIHA.2268@TK2MSFTNGP02.phx.gbl...
> In news:OV3%23CndZIHA.1188@TK2MSFTNGP04.phx.gbl,
> Brad Baker <brad@nospam.nospam> typed:
>> - We are using Active Directory integrated DNS on two windows 2000
>> domain controllers.
>> - We have approximately 500 domains/zones
>>
>> The default SOA and NS records for our servers are dc1.ourdomain.com
>> and/or dc3.ourdomain.com however we want to change them to
>> dns1.ourdomain.com and dns2.ourdomain.com.
>>
>> 1) How can I change the default SOA and NS with AD integrated DNS?
>> 2) How can I correct the SOA and NS records for all our existing DNS
>> zones?
>> Thanks
>> Brad
>>
>>
>>
>> By the way, the reason for making this change is two fold:
>>
>> 1) We're retiring dc1.ourdomain.com and dc3.ourdomain.com. They will
>> be replace with two windows 2003 servers (DC1 and DC2). (DC3 will be
>> gone)
>> 2) This results in errors when running DNS reports at DNSstuff.com:
>>
>> Missing (stealth) nameservers
>>
>> FAIL: You have one or more missing (stealth) nameservers. The
>> following nameserver(s) are listed (at your nameservers) as
>> nameservers for your domain, but are not listed at the parent
>> nameservers (therefore, they may or may not get used, depending on
>> whether your DNS servers return them in the authority section for
>> other requests, per RFC2181 5.4.1). You need to make sure that these
>> stealth nameservers are working; if they are not responding, you may
>> have serious problems! The DNSreport will not query these servers, so
>> you need to be very careful that they are working properly.
>> dc3.ourdomain.com.
>> dc1.ourdomain.com.
>>
>> This is listed as an ERROR because there are some cases where nasty
>> problems can occur (if the TTLs vary from the NS records at the root
>> servers and the NS records point to your own domain, for example).
>>
>> Missing nameservers 2
>> ERROR: One or more of the nameservers listed at the parent servers
>> are not listed as NS records at your nameservers. The problem NS
>> records are: dns1.ourdomain.com.
>> dns2.ourdomain.com.
>
> Your using AD with DNS for public servers? Usually not recommended, but
> that's ok.
>
> To change it, goto properties of the zone, nameservers tab and change them
> in there. Whatever you put in there needs to exist.
>
>
> --
> Regards,
> Ace
>
> This posting is provided "AS-IS" with no warranties or guarantees and
> confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
> MVP Microsoft MVP - Directory Services
> Microsoft Certified Trainer
>
> Infinite Diversities in Infinite Combinations
>

04/02/2008, 16h47	#3
Brad Baker Messages: n/a Hébergeur:	Re: Default SOA and NS records with Windows 2000 AD Integrated DNS > Your using AD with DNS for public servers? Usually not recommended, but > that's ok. I can certainly switch (its something I've considered anyway) but can you point me to any documentation which backs up your statement? That would go a long way in convincing management that this is something we should do. Thank You, Brad "Ace Fekay [MVP]" <PleaseAskMe@SomeDomain.com> wrote in message news:u1eNWGvZIHA.2268@TK2MSFTNGP02.phx.gbl... > In news:OV3%23CndZIHA.1188@TK2MSFTNGP04.phx.gbl, > Brad Baker <brad@nospam.nospam> typed: >> - We are using Active Directory integrated DNS on two windows 2000 >> domain controllers. >> - We have approximately 500 domains/zones >> >> The default SOA and NS records for our servers are dc1.ourdomain.com >> and/or dc3.ourdomain.com however we want to change them to >> dns1.ourdomain.com and dns2.ourdomain.com. >> >> 1) How can I change the default SOA and NS with AD integrated DNS? >> 2) How can I correct the SOA and NS records for all our existing DNS >> zones? >> Thanks >> Brad >> >> >> >> By the way, the reason for making this change is two fold: >> >> 1) We're retiring dc1.ourdomain.com and dc3.ourdomain.com. They will >> be replace with two windows 2003 servers (DC1 and DC2). (DC3 will be >> gone) >> 2) This results in errors when running DNS reports at DNSstuff.com: >> >> Missing (stealth) nameservers >> >> FAIL: You have one or more missing (stealth) nameservers. The >> following nameserver(s) are listed (at your nameservers) as >> nameservers for your domain, but are not listed at the parent >> nameservers (therefore, they may or may not get used, depending on >> whether your DNS servers return them in the authority section for >> other requests, per RFC2181 5.4.1). You need to make sure that these >> stealth nameservers are working; if they are not responding, you may >> have serious problems! The DNSreport will not query these servers, so >> you need to be very careful that they are working properly. >> dc3.ourdomain.com. >> dc1.ourdomain.com. >> >> This is listed as an ERROR because there are some cases where nasty >> problems can occur (if the TTLs vary from the NS records at the root >> servers and the NS records point to your own domain, for example). >> >> Missing nameservers 2 >> ERROR: One or more of the nameservers listed at the parent servers >> are not listed as NS records at your nameservers. The problem NS >> records are: dns1.ourdomain.com. >> dns2.ourdomain.com. > > Your using AD with DNS for public servers? Usually not recommended, but > that's ok. > > To change it, goto properties of the zone, nameservers tab and change them > in there. Whatever you put in there needs to exist. > > > -- > Regards, > Ace > > This posting is provided "AS-IS" with no warranties or guarantees and > confers no rights. > > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, > MVP Microsoft MVP - Directory Services > Microsoft Certified Trainer > > Infinite Diversities in Infinite Combinations >