|
| PORTAIL | ANNUAIRE | ARTICLES | COMPARATEUR HÉBERGEURS | DEVIS | FORUMS | RÉDUCTEUR D'URL |
|
|
|
|
||||||
 |
|
|
LinkBack | Outils de la discussion |
11/06/2007, 14h25
|
#1 |
Messages: n/a
Hébergeur: |
Problems with DNS after installing a certificate
Hi all.
I run a server 2003 sp1 network with 1 primary dc and 1 secondary dc. All seemed to be fine untill i had to install a certificate for our new client system that is on an external server. I am now unable to access this secured site unless i change my internal dns to point to our external dns on our router. I have ran netdiag and have been given an error that the test "cannot find a primary authorative DNS server for the name 'myserver.domainname.local' (Error Timeout) - No DNS servers have the dns recoreds for this dc registered" As i'm completeley new to server2003 i am a huge part lost and am unsure where to start. If someone could please advise me where to begin it'd be much appreciated. Regards Frustrated Mark |
|
|
11/06/2007, 14h54
|
#2 |
|
Messages: n/a
Hébergeur: |
Re: Problems with DNS after installing a certificate
Read inline please.
In news:1181568357.214380.292490@k79g2000hse.googlegr oups.com, gingaboy <mrocks@1-solution.co.uk> typed: > Hi all. > > I run a server 2003 sp1 network with 1 primary dc and 1 secondary dc. > All seemed to be fine untill i had to install a certificate for our > new client system that is on an external server. > > I am now unable to access this secured site unless i change my > internal dns to point to our external dns on our router. Does the internal DNS not resolve the cerificate name to the correct IP of the web site? Is there a zone on the local DNS that has the same domain name as the external domain? What zone names do you have in DNS? > I have ran netdiag and have been given an error that the test "cannot > find a primary authorative DNS server for the name > 'myserver.domainname.local' (Error Timeout) - No DNS servers have the > dns recoreds for this dc registered" All members of an AD domain must use only DNS servers that can resolve the AD domain. No external DNS servers should be used if they cannot meet this requirement. -- Best regards, Kevin D. Goodknecht Sr. [MVP] Hope This s =================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue, to respond directly to me remove the nospam. from my email address. =================================== http://www.lonestaramerica.com/ http://support.wftx.us/ http://message.wftx.us/ =================================== Use Outlook Express?... Get OE_Quotefix: It will strip signature out and more http://home.in.tum.de/~jain/software/oe-quotefix/ =================================== Keep a back up of your OE settings and folders with OEBackup: http://www.oe.com/OEBackup/Default.aspx =================================== |
|
|
|
11/06/2007, 15h23
|
#3 |
|
Messages: n/a
Hébergeur: |
Re: Problems with DNS after installing a certificate
On 11 Jun, 14:54, "Kevin D. Goodknecht Sr. [MVP]"
<a...@nospam.WFTX.US> wrote: > Read inline please. > > Innews:1181568357.214380.292490@k79g2000hse.google groups.com, > gingaboy <mro...@1-solution.co.uk> typed:> Hi all. > > > I run a server 2003 sp1 network with 1 primary dc and 1 secondary dc. > > All seemed to be fine untill i had to install a certificate for our > > new client system that is on an external server. > > > I am now unable to access this secured site unless i change my > > internal dns to point to our external dns on our router. > > Does the internal DNS not resolve the cerificate name to the correct IP of > the web site? > Is there a zone on the local DNS that has the same domain name as the > external domain? > What zone names do you have in DNS? > > > I have ran netdiag and have been given an error that the test "cannot > > find a primary authorative DNS server for the name > > 'myserver.domainname.local' (Error Timeout) - No DNS servers have the > > dns recoreds for this dc registered" > > All members of an AD domain must use only DNS servers that can resolve the > AD domain. No external DNS servers should be used if they cannot meet this > requirement. > > -- > Best regards, > Kevin D. Goodknecht Sr. [MVP] > Hope This s > > =================================== > When responding to posts, please "Reply to Group" > via your newsreader so that others may learn and > benefit from your issue, to respond directly to > me remove the nospam. from my email address. > ===================================http://www.lonestaramerica.com/http://support.wftx.us/http://message.wftx.us/ > =================================== > Use Outlook Express?... Get OE_Quotefix: > It will strip signature out and morehttp://home.in.tum.de/~jain/software/oe-quotefix/ > =================================== > Keep a back up of your OE settings and folders > with OEBackup:http://www.oe.com/OEBackup/Default.aspx > =================================== Does the internal DNS not resolve the cerificate name to the correct IP of > the web site? The internal DNS does resolve the certificate name to the correct address, it just will not allow IR to connect to it > Is there a zone on the local DNS that has the same domain name as the > external domain? I have checked and there are no zone conflicts between the internal and external > What zone names do you have in DNS? I have 3 forward zone names: _msdcs.ois.local 1-solution.co.uk ois.local All members of an AD domain must use only DNS servers that can resolve the AD domain. No external DNS servers should be used if they cannot meet this requirement. UNfortuantely without me bypassing my internal dns the staff are unable to access the website. As soon as the internal is resolved i will put back. Thanks |
|
|
|
11/06/2007, 17h28
|
#4 |
|
Messages: n/a
Hébergeur: |
Re: Problems with DNS after installing a certificate
Read inline please.
In news:1181571814.660417.249560@p47g2000hsd.googlegr oups.com, gingaboy <mrocks@1-solution.co.uk> typed: > Does the internal DNS not resolve the cerificate name to the correct > IP of >> the web site? > The internal DNS does resolve the certificate name to the correct > address, it just will not allow IR to connect to it The problem is not your DNS server, DNS servers resolve names to IP addresses, if that is happening, and it is resolving to the correct IP address, as you say it is, that is all DNS has control over. > >> Is there a zone on the local DNS that has the same domain name as the >> external domain? > I have checked and there are no zone conflicts between the internal > and external > >> What zone names do you have in DNS? > I have 3 forward zone names: > _msdcs.ois.local > 1-solution.co.uk > ois.local > > All members of an AD domain must use only DNS servers that can resolve > the > AD domain. No external DNS servers should be used if they cannot meet > this > requirement. > > UNfortuantely without me bypassing my internal dns the staff are > unable to access the website. > As soon as the internal is resolved i will put back. What is the site name on the certificate? What is the 1-solution.co.uk zone for? -- Best regards, Kevin D. Goodknecht Sr. [MVP] Hope This s =================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue, to respond directly to me remove the nospam. from my email address. =================================== http://www.lonestaramerica.com/ http://support.wftx.us/ http://message.wftx.us/ =================================== Use Outlook Express?... Get OE_Quotefix: It will strip signature out and more http://home.in.tum.de/~jain/software/oe-quotefix/ =================================== Keep a back up of your OE settings and folders with OEBackup: http://www.oe.com/OEBackup/Default.aspx =================================== |
|
|
|
| Outils de la discussion | |
|
|
