DNS GUI and MX Records

Similar Messages

• Dynamic DNS issues and/or confusion

  I work for a small university.  We have two domain controllers running on Windows 2008 (not R2).  On dc2 we have a DHCP server running serving several VLANs across campus.  We've been having issues where the dynamic DNS entries contain an
  incorrect IP address for several machines.  In some cases there are even several entries for a single machine.  I've notice two main issues by looking at the DNS server.  First, old entries aren't being cleaned up.  Second, after re-imaging
  a workstation the DNS entry for that machine is not being updated.  After doing some research I came across the blog entry from Ace Fekay on how to go about setting up dynamic DNS.  I immediately determined from reading that scavenging was not setup
  properly on our server.  I think I've corrected that problem, but I'll have to be patient and see what happens over time.  This brings me to the issue of machines not adding themselves or updating their records in DNS.
  After reading Ace's blog I decided to follow his recommendations for configuring dynamic DNS.  I created a normal active directory user to use for configuring the DHCP credentials (it appears our server was set to use domain administrator previously).
   I added the DHCP computer object (this is also one of our domain controllers) to the DnsUpdateProxy group. On the DHCP server I have checked "Enable DNS dynamic updates according to the settings below" along with the "Always A and PTR
  records when lease is deleted".  I also checked "Dynamically update DNS A and PTR records for DHCP clients that do not request updates...".  After doing all of this I rebooted the dc2 server.  I then manually deleted all of the
  existing dynamic entries on the DNS server, so they could properly be recreated.  Now, here is the problem after setting all of this up.  I'm now seeing student's personal machines, phones, tablets, etc. being populated in our DNS.  Before making
  these changes only domain joined machines existed in DNS.  Our DNS is configured to allow only secure updates.  Why is it that now non domain trusted devices are being allowed to create DNS entries?  I was under the assumption that secure updates
  meant domain only.  Am I not understanding something properly here?  Can someone please provide me some insight to what's going on and what I might be able to do to prevent non-domain joined devices from having entries created in DNS?

  Hi,
  According to your description, my understanding is that non domain trusted devices have been registered their DNS entries in DNS which is configured to allow only secure updates.
  If a DHCP server that is running on a domain controller is configured to perform dynamic updates on behalf of its clients, that DHCP server is able to take ownership of any record, even in the zones that are configured to allow only secure dynamic update.
  This is because a DHCP server runs under the computer account, so if it is installed on a domain controller it has full control over DNS objects stored in the Active Directory.
  DHCP server will perform dynamic updates on behalf of its clients when you enable the option "Dynamically update DNS A and PTR records for DHCP clients that do not request updates...",  and this means that the “owner” of the DNS entries is
  DHCP server, not the clients. And the zone accepts the DHCP server’s update because the server has full permission.
  You may try to uncheck the option "Dynamically update DNS A and PTR records for DHCP clients that do not request updates...".
  Best Regards,
  Eve Wang
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected].
  Hi Eve,
  You are correct in your understanding that "non domain trusted devices have been registered their DNS entries in DNS which is configured to allow only secure updates."  I also made a mistake in my original post.  I meant to say that I also
  had "Always dynamically update DNS A and PTR records".  
  Now back to your reply.  Are you saying that if I had my DHCP server running on a non-domain controller that I would be seeing a different behavior in regards to permissions of DNS objects and that I wouldn't be experiencing the behavior of non domain
  trusted devices being created in a secure zone?  I thought setting the DNS dynamic credentials to a normal user account was supposed to help with security concerns in regards to DNS objects.  What would happen if someone named their personal computer
  the same name as one of our file servers or even a domain controller?  Would the DHCP/DNS server actually have the power to overwrite that record in DNS?
  I'll try your recommendation of unchecking the "Dynamically update DNS A and PTR records..." option and see what happens.
  Thanks for your reply...

• Child DNS Zone changing PTR record of OD Master

  Grretings,
  I am setting up a new OD master server for our school that will also host our DNS. Home folders will be on another server. I am using the DNS GUI for now. Setup master DNS zone of ourschool.lan. OD master has FQDN of admin.ourschool.lan with an IP address of 172.16.2.254. Forward and reverse lookups of OD master are great.
  #host admin.ourschool.lan returns 172.16.2.254
  #host 172.16.2.254 returns admin.ourschool.lan
  When I go to set up a child zone, highschool.ourschool.lan, on this server I set the nameserver to ns1.highschool.ourschool.lan and IP address of 172.16.2.254, I have had the following happen:
  #host admin.ourschool.lan returns 172.16.2.254
  #host 172.16.2.254 returns ns1.highschool.ourschool.lan (not what I want!)
  I understand forward and reverse lookups to OD master need to be rock solid. The changing of the PTR record is going to ruin this. Has anyone else seen this behavior. Should I just do the DNS through terminal and forget the GUI?
  Thank you for any feedback. I searched this discussion list and didn't find anything similar to this in the postings.
  Best Regards,
  Steve
  OS X Server and Client   Mac OS X (10.4.6)  

  Your problem stems from the fact you're trying to create two separate A records for the same IP address.
  The GUI will automatically create a reverse DNS entry for each a record. Since you have two A records that point to 172.16.2.254 that's where your problem lies.
  Your solution is either to use a CNAME (or alias) for the second hostname (e.g. ns1.highschool.ourschool.lan CNAME admin.ourschool.lan), or manage the DNS by hand and don't use the GUI tools.

• DNS GUI bug in Server Admin?

  A minor problem, thought I'd ask anyway:
  When I'm editing a zone, and I go into the Machines tab, and attempt to sort any of the Name / Primary Address / Comment columns by clicking the relevant tab at the top of the column, nothing happens.
  Anyone else experiencing this? Like I said, a very minor problem, but if anyone knows how to fix this, I'd like to hear about it.
  Many thanks--
  Xserve   Mac OS X (10.4.8)  

  Hi
  No, actually the machines tab is for defining
  machines. You can choose to mark a machine as an MX
  for the zone but that's not it's main or only
  function.
  The Mail Service manual as well as the Server Essentials User Guide makes no mention of this or more likely does not expand on the information given. CNAMES and A records are created when clicking on the Zones tab. MX records are enabled when selecting the Machines tab for the defined Zone. Admittedly the GUI only offers simple DNS configuration.
  You can also use it to create CNAMEs for each machine
  defined
  If there is a method of doing this using the GUI then please post and share the information.

• Creating SRV and CNAME records for Lync

  Our domain is hosted at Verio/Rapidsite.  The Zone File for the site has different columns than those identified in the setup information for Lync, so I am not sure how to set up the DNS changes to get Lync working.  The fields to be populated
  at Verio are Name, Ttl, Class, Type and Spec.  Our domain name is intergraphic.com.
  How do I apply the necessary information in this situation?

  Hi kristikay,
  Agree with Ben, you’d better consult Verio for support.
  Verio do not support SRV, so you can’t set up it in GUI, it only can be set up in your zone file.
  In addition, if possible you can move your DNS name to GoDaddy.
  A similar case for your reference.
  https://social.technet.microsoft.com/Forums/lync/en-US/8b41151b-ce4a-495e-9c93-f375796ca201/web-hosting-dns-limitations-no-srv-records
  Best regards,
  Eric

• Excel format difference in GUI and NWBC

  Hi Experts,
  We have implemented Launchpad with different SAP T-codes. For IW38 tcode.
  1. If we execute in GUI and tried to save record in excel. Format is perfect with coloring of columns, without any empty rows or columns.
  2. But when we use the same T-code in NWBC, the excel being downloaded doesnt contain cloring and it shows 1 empty colomn and 1 empty row.
    End user needs same excel sheet as in GUI. Please help to solve this. Version is NWBC HTML 3.5.
  Regards,
  Dhanu.

  Hi Shrishti,
  I am sorry. I should have explained you the steps. Actually, after executing CJE2. You need to double click on report group 12KST1A for S_ALR_87013558 and 12KST1B for S_ALR_87013557.
  Now, for both the report groups. Just click on the Output type tab. I am sure that for S_ALR_87013558 report, middle one radio button must have been selected in your case. Just change it to Graphical Report Output OR it would be much better if you just make it available on selection screen by clicking on check button at the bottom.
  have a look at the screen shot.
  Just do the changes and revert back.
  Regards,
  Amit Rajoria

• Please help with A record and MX record!

  Guys please help - our IT guy disappeared and we changed the hosting over the weekend. He did setup exchange server for all the emails so now i am trying to recreate all the settings in bluehost for email and the bluehost is asking whats A record for our
  Exchange server. Forgive me but i am not an IT guy... where do i find the A record for our exchange server? I would greatly appreciate it if somebody could point me into that direction.

  If the DNS A record for mail.mydomainname.com is currently pointing to your Exchange server's external IP address then I would imagine that's setup correctly.
  Name servers are those used to find out where to get the DNS records for a domain, eg it tells people doing a DNS lookup the address of your DNS server(s) so they can query them to find the required records. As such I'm unsure whether you actually mean name
  servers or not.
  Anything that ends in a .local address is definitely a local record, eg it is only used internally on your local network. On the internet there's no such thing as .local, so server1.mywebsite.local definitely wouldn't be the address you'd put into your public
  DNS records. Do you mean that in Outlook when you look at the server address that you connect to collect email that it is displaying server1.mywebsite.local? If so then that's completely separate to where mail is delivered.
  With the CNAME and MX records I'd suspect that they'd remain the same if they currently point to the mail.mydomain.com address, if they point elsewhere then you might well need to update them.
  What confuses me is what is it that's been changed with your hosting? You say you've changed, and presumably bluehost are the new hosting company, but not what has changed to them. Do you mean the domain has transferred to them, or just the website, or your
  internet access or something else?. You say that via the bluehost dns editor mail already points to mail.mydomainname.com, so it sounds to me as if the relevant records have already been setup and are working. Is email failing to be sent / received currently?

• Lync 2010 client and SRV record

  When Lync 2010 was originally set up in our environment, we included our login domain which is a .local as a SIP domain but everyone uses our additional SIP domain which is a .org.
  In our internal DNS, we have SRV records under both domains. Question is if a Lync 2010 client is doing autodiscover and their SIP domain is the .org, will the client look at the SRV record in the .local domain? I don't think this SRV record was ever used
  even though its the users login domain, its not their SIP domain.

  You're right, the SRV records that belongs to your .local domain are not used by the lync client for a user that hs a .org sip domain sign-in address, so as you are saying if all the users are configured with a .org sip domain that means these SRV records
  were never used, and you can safely remove them.
  Regards,
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread

• DNS disaster and how can stop it for future

  Hi
  Last week, I found lots of static records were deleted automatically from DNS server console which cuased lots of P1 in my environment.
  I found some below envents before the time when issue occurred.
  I want  to know why DNS randomely Host reocrds were deleted automatically. Even opned case with MS but could not get anything from MS that why this was happened.
  finally we resotred the DNS zones from backup tool and after restoring everythying was working fine.
  please see some below events:
  =================
  Log Name:      Directory Service
  Source:        NTDS ISAM
  Date:          12/29/2013 12:01:00 AM
  Event ID:      2001
  Task Category: (16)
  Level:         Information
  Keywords:      Classic
  User:          N/A
  Computer:      DC101.prise.med.org
  Description:
  NTDS (528) NTDSA: Shadow copy instance 31 freeze started.
  =
  Log Name:      Directory Service
  Source:        Microsoft-Windows-ActiveDirectory_DomainService
  Date:          12/29/2013 12:05:22 AM
  Event ID:      2094
  Task Category: Replication
  Level:         Warning
  Keywords:      Classic
  User:          ANONYMOUS LOGON
  Computer:      DC101.prise.med.org
  Description:
  Performance warning: replication was delayed while applying changes to the following object. If this message occurs frequently, it indicates that the replication is occurring slowly and that the server may have difficulty keeping up with changes.
  Object DN: CN=1 All Workstations_resultset_0_0\0ADEL:b6a014b6-ef00-459b-ae1e-f948bb38af2f,CN=Deleted Objects,DC=prise,DC=med,DC=org
  Object GUID: b6a014b6-ef00-459b-ae1e-f948bb38af2f
  Partition DN: DC=prise,DC=med,DC=org
  Server: 1cdbccca-a84c-4095-ba55-1504137ef9c5._msdcs.med.org
  Elapsed Time (secs): 17
  User Action
  A common reason for seeing this delay is that this object is especially large, either in the size of its values, or in the number of values. You should first consider whether the application can be changed to reduce the amount of data stored on the object,
  or the number of values.  If this is a large group or distribution list, you might consider raising the forest functional level to Windows Server 2003 or greater, since this will enable replication to work more efficiently. You should evaluate whether
  the server platform provides sufficient performance in terms of memory and processing power. Finally, you may want to consider tuning the Active Directory Domain Services database by moving the database and logs to separate disk partitions.
  If you wish to change the warning limit, the registry key is included below. A value of zero will disable the check.
  Additional Data
  Warning Limit (secs): 10
  Limit Registry Key: System\CurrentControlSet\Services\NTDS\Parameters\Replicator maximum wait for update object (secs)
  =======
  Log Name:      Directory Service
  Source:        NTDS ISAM
  Date:          12/29/2013 12:36:03 AM
  Event ID:      510
  Task Category: Performance
  Level:         Warning
  Keywords:      Classic
  User:          N/A
  Computer:      DC101.prise.med.org
  Description:
  NTDS (528) NTDSA: A request to write to the file "D:\Windows\NTDS\ntds.dit" at offset 1731624960 (0x0000000067368000) for 8192 (0x00002000) bytes succeeded, but took an abnormally long time (62 seconds) to be serviced by the OS. In addition, 6 other
  I/O requests to this file have also taken an abnormally long time to be serviced since the last message regarding this problem was posted 160409 seconds ago. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance
  diagnosing the problem.
  ====
  Log Name:      Directory Service
  Source:        NTDS ISAM
  Date:          12/31/2013 12:57:49 AM
  Event ID:      509
  Task Category: Performance
  Level:         Warning
  Keywords:      Classic
  User:          N/A
  Computer:      DC101.prise.med.org
  Description:
  NTDS (528) NTDSA: A request to read from the file "D:\Windows\NTDS\ntds.dit" at offset 967688192 (0x0000000039adc000) for 16384 (0x00004000) bytes succeeded, but took an abnormally long time (107 seconds) to be serviced by the OS. In addition, 7 other
  I/O requests to this file have also taken an abnormally long time to be serviced since the last message regarding this problem was posted 1328 seconds ago. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance
  diagnosing the problem.
  =
  Log Name:      Directory Service
  Source:        NTDS ISAM
  Date:          12/31/2013 12:59:14 AM
  Event ID:      510
  Task Category: Performance
  Level:         Warning
  Keywords:      Classic
  User:          N/A
  Computer:      DC101.prise.med.org
  Description:
  NTDS (528) NTDSA: A request to write to the file "D:\Windows\NTDS\ntds.dit" at offset 978018304 (0x000000003a4b6000) for 8192 (0x00002000) bytes succeeded, but took an abnormally long time (84 seconds) to be serviced by the OS. In addition, 148 other
  I/O requests to this file have also taken an abnormally long time to be serviced since the last message regarding this problem was posted 84 seconds ago. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance
  diagnosing the problem.
  ==
  Log Name:      File Replication Service
  Source:        NtFrs
  Date:          12/30/2013 7:08:20 AM
  Event ID:      13508
  Task Category: None
  Level:         Warning
  Keywords:      Classic
  User:          N/A
  Computer:      DC101.prise.med.org
  Description:
  The File Replication Service is having trouble enabling replication from  DC110 to DC101 for d:\windows\sysvol\domain using the DNS name DC110.prise.med.org. FRS will keep retrying.
   Following are some of the reasons you would see this warning.
   [1] FRS can not correctly resolve the DNS name SHINFRPEMDC110.prise.med.org from this computer.
   [2] FRS is not running on  MDC110.prise.med.org.
   [3] The topology information in the Active Directory Domain Services for this replica has not yet replicated to all the Domain Controllers.
   This event log message will appear once per connection, After the problem is fixed you will see another event log message indicating that the connection has been established.

  Did you ever run dnscmd /ageallrecords, if yes, it will enable aging & scavenging on the static records too by setting the timestamps value on it. I would also suggest to review the below two article.
  http://blogs.technet.com/b/askpfeplat/archive/2013/10/12/who-moved-the-dns-cheese-auditing-for-ad-integrated-dns-zone-and-record-deletions.aspx
  http://blogs.technet.com/b/networking/archive/2008/03/19/don-t-be-afraid-of-dns-scavenging-just-be-patient.aspx
  Awinish Vishwakarma - MVP
  My Blog: awinish.wordpress.com
  Disclaimer This posting is provided AS-IS with no warranties/guarantees and confers no rights.

• Need clarification on DNS, Certificate and URL? during 2010 to 2013 migration

  Hi Guys,
  I am working on a migration project Lync server 2010 to 2013.
  Lync 2010 Standard Edition and Edge 
  Lync 2013 Ent edition and Edge  (Enterprise Voice "SIP Trunk")
  I need few clarification on How to setup the DNS, Certificate and URL Pre and post migration?
  Shall we use the Lync 2010 existing internal and external URLs to lync 2013 or do we need to setup a new URLs for lync 2013?
  How about the DNS records and Certificates?
  I have gone trough the below blogs but need clear understanding on this part..
  http://lyncdude.com/2013/08/11/understanding-lync-dns-records-and-autoconfiguration/
  https://technet.microsoft.com/en-us/library/hh690044.aspx
  and few more....
  Thanks,
  Balakrishna G
  Regards, Balgates

  Hi,
  Agree with Thamara.Wijesinghe.
  You need to different Web service URL for Lync Server 2010 and Lync Server 2013. If you only have Web service URL for Lync Server 2010, then Lync 2013 mobile will fail to connect to FE Server. If you point Web service URL point to Lync Server 2013 Pool,
  then both Lync 2010 and 2013 mobile clients will connect to FE Server successfully.
  Best Regards,
  Eason Huang
  Eason Huang
  TechNet Community Support

• Need help for create A and MX records (home server)

  What should I put in the DNS (A record, MX) to be able to receive email from my provider Godaddy and send emails directly from my server without passing through Godaddy.
   The server is "home server" and it is not always access (open).
   Incoming Mail: from Godaddy
   Outgoing Mail: form my server

  Hi,
  Based on my knowledge, the default receive connectors are automatically created when the Exchange server is installed. Then the internal and outbound mails can delivered properly through Exchange server. After we create send connector and add public MX record
  and A record on the public DNS server, the inbound mails can be delivered. And we can set the send connector with MX record, then the inbound mails are directly delivered by Exchange server.
  If you have any question, please feel free to let me know.
  Thanks,
  Angela Shi
  TechNet Community Support

• DNS aging and DHCP lease

  Hi all,
  I have AD integrated DNS server. Need advise how to set DNS aging\scavenging based on DHCP lease time. I know how the process works. Found couple of articles where is written "DHCP
  lease duration should match the “no-refresh + refresh” interval."
  Why should DHCP lease be equal to the sum of non-refresh and refresh interval? From my point of view DHCP lease time should be more than DNS non-refresh interval (and less then non-refresh + refresh interval) so DNS clients are able to register new DHCP
  assigned IP address to DNS within refresh period, right?
  Are there any "rules" which tells me what's the best set up of all this timers?
  Tomas

  Hi all,
  Why should DHCP lease be equal to the sum of non-refresh and refresh interval? 
  Because when Non-refresh and Refresh interval expires and the record is not updated it is considered as inactive as Ahmed said. My environment is based on
  (NonRef+Ref) = Lease and works correctly. Just do not try to scavenge records on AD Integrated zones if DHCP lease is something like 2-3 days. Yo will end up in a confusion state with a lot of false
  positives which are considered as inactive but actually they are not inactives!
  Mahdi Tehrani   |  
    |  
  www.mahditehrani.ir
  Please click on Propose As Answer or to mark this post as
  and helpful for other people.
  This posting is provided AS-IS with no warranties, and confers no rights.
  How to query members of 'Local Administrators' group in all computers?

• A and PTR records update under zone's folder..

  Hi Friends
  I have below power shell script which is working fine if I have single zone But I have domain folder in single zone.
  I am using below script to add A records and PTR records in zone but This script is not updating A and PTR records on domain folder under the Zone..
  $CSVFile = Import-Csv "D:\DNS update script\DNSentries.csv"
  $CSVFile | foreach {dnscmd $_.dnsserver /RecordAdd $_.Zone $_.name /CreatePTR $_.type $_.IP}
  It giving me below error:
  Command failed: DNS_ERROR_ZONE_DOES_NOT_EXIST 9601 0x2581

  Try this:
  $csvfile | foreach {
  If ($_.zone -match "\.") {
  $Domain = $_.zone
  dnscmd $_.dnsserver /RecordAdd $_.Zone $_.name /CreatePTR $_.type $_.IP
  } Else {
  dnscmd $_.dnsserver /RecordAdd $Domain "$($_.name).$($_Zone)" /CreatePTR $_.type $_.IP
  Please note the format of the child domain and host name in this command, and that the root domain is collected from the first record that has a . in it.  If your file isn't organized correctly, this won't work.  You could add a command to get
  the server's root domain, there are a lot of ways to do that but I didn't spend time on that.  You could also just hard code that since I'm guessing you're working within one DNS hierarchy.  
  I did test this and it worked - the key is in the 2nd command, it needs to be in the form of 
  dnscmd DNSServer /RecordAdd RootDomain HostName.ChildDomain /CreatePTR A 1.2.3.4
  Good luck, hope this helps!

• DNS Key and TSIG Key problems

  Evidently I cannot figure out how to create the dns and tsig keys. The TSIG key works as far as updating the leases in the Java console but it does not update dns. This is from the messages file:
  Mar 9 10:47:49 FSQC dhcpd: DHCPRELEASE of 172.16.31.93 from 00:1c:c0:c1:c7:3e (win7test) via eth0 (found)
  Mar 9 10:47:52 FSQC dhcpd: DHCPDISCOVER from 00:1c:c0:c1:c7:3e via eth0
  Mar 9 10:47:53 FSQC dhcpd: DHCPOFFER on 172.16.31.93 to 00:1c:c0:c1:c7:3e (win7test) via eth0
  Mar 9 10:47:53 FSQC [NCPL]: client 172.16.31.2#33368: request has invalid signature: TSIG TSIGKey: tsig verify failure (BADKEY)
  Mar 9 10:47:53 FSQC dhcpd: if win7test.queencity.lnaa.com IN A rrset doesn't exist add win7test.queencity.lnaa.com 129600 IN A 172.16.31.93: bad DNS key.
  Mar 9 10:47:53 FSQC dhcpd: DHCPREQUEST for 172.16.31.93 (172.16.31.2) from 00:1c:c0:c1:c7:3e (win7test) via eth0
  Mar 9 10:47:53 FSQC dhcpd: DHCPACK on 172.16.31.93 to 00:1c:c0:c1:c7:3e (win7test) via eth0
  Mar 9 10:47:53 FSQC [NCPL]: client 172.16.31.2#33368: request has invalid signature: TSIG TSIGKey: tsig verify failure (BADKEY)
  Mar 9 10:47:53 FSQC dhcpd: if win7test.queencity.lnaa.com IN A rrset doesn't exist add win7test.queencity.lnaa.com 129600 IN A 172.16.31.93: bad DNS key.
  Mar 9 10:47:53 FSQC dhcpd: DHCPREQUEST for 172.16.31.93 (172.16.31.2) from 00:1c:c0:c1:c7:3e (win7test) via 172.16.31.1
  Mar 9 10:47:53 FSQC dhcpd: DHCPACK on 172.16.31.93 to 00:1c:c0:c1:c7:3e (win7test) via 172.16.31.1
  Mar 9 10:47:56 FSQC dhcpd: DHCPINFORM from 172.16.31.93 via eth0
  Mar 9 10:47:56 FSQC dhcpd: DHCPACK to 172.16.31.93 (00:1c:c0:c1:c7:3e) via eth0
  Mar 9 10:47:56 FSQC dhcpd: DHCPINFORM from 172.16.31.93 via 172.16.31.1
  Mar 9 10:47:56 FSQC dhcpd: DHCPACK to 172.16.31.93 (00:1c:c0:c1:c7:3e) via eth0
  I used dnssec-keygen with the following syntax:
  dnssec-keygen -a HMAC-MD5 -b 218 -n HOST mykey
  Used the secret generated for both keys, different secrets by changing the mykey name, all to no avail.
  What am I doing wrong to get the "bad DNS key" and invalid signature for the TSIG Key?
  Thanks

  Actually, it does work for XP machines but not Windows 7.
  >>> On 3/10/2012 at 5:46 AM, in message <[email protected]>, magic31<[email protected]> wrote:
  tomdoster;2181158 Wrote:
  > Still doesn't update. From the messages file:
  > Mar 9 15:39:46 FSQC dhcpd: DHCPRELEASE of 172.16.31.93 from
  > 00:1c:c0:c1:c7:3e (win7test) via eth0 (found)
  > Mar 9 15:39:52 FSQC dhcpd: DHCPDISCOVER from 00:1c:c0:c1:c7:3e via
  > eth0
  > Mar 9 15:39:52 FSQC dhcpd: DHCPOFFER on 172.16.31.93 to
  > 00:1c:c0:c1:c7:3e (win7test) via eth0
  > Mar 9 15:39:53 FSQC dhcpd: if win7test.queencity.lnaa.com IN A rrset
  > doesn't exist add win7test.queencity.lnaa.com 129600 IN A 172.16.31.93:
  > timed out.
  > Mar 9 15:39:53 FSQC dhcpd: DHCPREQUEST for 172.16.31.93 (172.16.31.2)
  > from 00:1c:c0:c1:c7:3e (win7test) via eth0
  > Mar 9 15:39:53 FSQC dhcpd: DHCPACK on 172.16.31.93 to
  > 00:1c:c0:c1:c7:3e (win7test) via eth0
  > Mar 9 15:39:53 FSQC dhcpd: if win7test.queencity.lnaa.com IN A rrset
  > doesn't exist add win7test.queencity.lnaa.com 129600 IN A 172.16.31.93:
  > timed out.
  >
  > What does the 'timed out' mean?
  >
  > Good thing its the weekend. This is too frustrating. Good old Netware
  > was much easier.
  I'd try setting up DDNS without using a TSIG key first (if not done so)
  so you are sure it's not a basic communication problem somewhere. To
  get this to work the DHCP server must set to be allowed to update the
  zone (in the allow update option within the settings of each zone, for
  forward and reverse zone, add the ip address of the server doing DHCP).
  Then configure DHCP to do the updates as specified in this TID:
  http://www.novell.com/support/viewCo...2644&sliceId=1
  (the TID mentions adding any to the allow update, I'd opt to specify
  the ip of the dhcp server).
  Also make sure there are no (old) existing records that might be
  preventing an update.
  -Willem
  Novell Knowledge Partner (voluntary sysop)
  It ain't anything like Harry Potter.. but you gotta love the magic IT
  can bring to this world
  magic31's Profile: http://forums.novell.com/member.php?userid=2303
  View this thread: http://forums.novell.com/showthread.php?t=453219

• Diffrence between JRA recording and Flight recording?

  The latest jrockit has two recording options JRA and Flight recording. What is the difference?
  Thanks
  Manoj

  Hi Manoj,
  In the latest version (R28.x) you can only make flight recordings. JRA was the predecessor to Flight Recorder, used by R27.x and earlier releases.
  The main differences are
  * Flight Recorder can always be turned on (and we recommend you have it on) so you can flush the last x minutes of data to disk when you run into problems.
  * Flight Recorder can record information higher up in the stack, e.g database qúeries, EJB calls, webservices etc
  * Flight Recorder has more information about the JVM, e.g exception profiling and more detailed GC-data.
  * Flight Recorder has less overhead (<1% with the default settings) and there are more ways to configure it so you only record what you need.
  * Flight Recorder has a better GUI for viewing the recorded data, a GUI that is continously improved upon.
  Best regards
  Erik