DNS Zones Losing Info

Similar Messages

• Another DNS Zone Question! :)

  I have several geographic sites all with their own leopard servers (ten or so). Each are open directory masters managing public ip subnets. We do have an external dns server and all of our servers have registered names that are part of the same domain....
  My question is this... when setting up dns on each server, do I need to create zones, or can I just make the dns forward to our external name server. I am worried that having more that one ns authoritative for the same domain will cause problems with our isp dns server? I have one server running just fine without zones... just forwarders ... and all is running smoothly, ical, wiki's, mcx, mobile accounts, etc...
  Looking forward to finding out whether having zones at other locations and authoritative dns servers is a bad thing or not.
  Thanks.

  As long as the external DNS server has all of the info you need, there's no need to set up duplicate zones on your servers; as you note, it could even cause problems if the info got out of sync. In fact, you don't even need to act as a forwarder, you could just turn off DNS service and configure all your computers (servers & clients) to use your ISP's DNS servers.
  In your situation, I see two reasons you might want to run DNS service: in case your internet link goes down (losing access to DNS tends to make it hard to find servers, even if they're on the same LAN), or if the public DNS servers don't have the reverse DNS (IP number -> domain name) entries you need. If you're worried about the first, you could set your servers as secondaries (aka slaves) for the relevant zones, in which case they'll download the zone files from the master and automatically keep in sync. If the second is an issue, you're probably best off bugging your ISP -- since the reverse records are tied to your IP numbers, and those're "owned by" the ISP, they're generally in charge of the reverse DNS no matter who's hosting your forward DNS zones.

• DNS - Zone NS / delegation in 10.6?

  Is it possible to create a new name server (NS) record (New Delegation in Microsoft Windows DNS Management utility) in a already made DNS zone under Snow Leopard?
  thanks

  I'm assuming you mean an NS record for a subdomain (creating them for the zone itself is easy in Server Admin -> DNS service -> Zones -> select the zone -> General -> Nameservers). The GUI admin tools don't have a way to delegate subdomains, but you should be able to do it by editing the zone files directly. There are actually two files for each zone, /var/named/db.zonename. (note the period at the end) and /var/named/zones/db.zonename.zone.apple; the second is maintained by the GUI tools, and is not save to edit, but you can add whatever you want to the first one. Just add an NS record to the end of it; it should look something like this:
  ;THE FOLLOWING INCLUDE WAS ADDED BY SERVER ADMIN. PLEASE DO NOT REMOVE.
  $INCLUDE /var/named/zones/db.zonename.zone.apple
  subdomain.zonename. IN NS delegatedserver.example.net.
  Be sure to include the trailing periods on both the subzone and delegated server portion. Then stop & restart the DNS service to get it to reload the zone, and test to make sure it's actually serving the info properly (it's very picky about its file syntax, and if anything's wrong it tends to skip the zone, or even not start at all).

• MX/CName Entries in DNS Zone

  Hey All,
  How do you add MX entries and CNAME entries to a XServe 10.3.9 DNS zone? I tried using the Admin Server console and selected DNS zone but all of the buttons were disabled and it wouldn't let me start the service.
  Is there a file I can just edit to get the job does or does it have to be set through the console?

  I also fought with Server Admin and DNS on 10.4.8 and finally gave up; there are too many bugs in Server Admin simply preventing managing DNS entries (especially when you want to set up more than for a handful of domains).
  Personally I found it more easier to do this from the command line. Here is a short outline:
  Log in by SSH as root user, go to /etc directory and edit named.conf file (e.g. "pico named.conf").
  For each domain, add an entry like this:
  zone "domain.tld" IN {
  file "domain.tld.zone";
  type master;
  Save the file, restart DNS ("serveradmin stop dns", "serveradmin start dns"). Ensure that DNS runs ("serveradmin status dns"); if it not runs, you made a spelling error somewhere in your entries and need to check named.conf.
  Then go to /var/named directory and create a "zone" file for each domain. Use the same filename as you specified before; in this example "domain.tld.zone".
  Such a file contains typically this:
  $TTL 86400
  domain.tld. IN SOA dns1.mydnsserver.tld. info.domain.tld. (2006110101 3h 1h 1w 1h)
  domain.tld. IN NS dns1.mydnsserver.tld.
  domain.tld. IN NS dns2.mydnsserver.tld.
  domain.tld. IN MX 10 domain.tld.
  domain.tld. IN TXT "v=spf1 a mx ~all"
  domain.tld. IN A 194.77.100.91
  www IN CNAME domain.tld.
  Then again, restart DNS service.
  My example shows a basic domain's DNS record, but you may wish to use different/more entries. Either look on the Web for some explanations about DNS or just ask again
  However please note that from now on you cannot use Server Admin any longer to modify DNS settings - this leads, without warning, to lose any domain records created manually !!! The only task you can do is to check the DNS log file from there.
  By the way, in order to verify made DNS entries for domains, I found http://www.dnsreport.com being of high value for me.

• How to setup multiple DNS zones in a single domain

  We have a small charter school running a Mac Open Directory network on a single subnet with a single registered FQDN for its internal domain. We are about to open a second school within a wing of the same building which will also be on a Mac Open Directory domain, but since it is legally a separate school (just administered by the same staff) it needs to be on it's own subnet and have its own LDAP directory.
  Is there a way to program DNS between the two schools so that DNS traffic can be routed between them without breaking the DNS and Open Directory/Kerberos realms of either? Both schools will share the same internal domain name. Is it as simple as creating two primary DNS zones on each other's nameservers, both using the same domain name but each having its own designated nameserver for that particular subnet?
  For instance, the existing school is running DNS on server1.example.com within the 10.39.54.0/23 subnet. The second school will be running DNS on server2.example.com within the 10.39.56.0/23 subnet. Would I then simply create two primary zones within each subnet, one referring to its own with itself as the nameserver and one within the neighbor subnet referencing that subnet's server as the designated nameserver.
  Or would I do this with each schools DNS servers searching through its own subnet as its primary zone with the neighbor zone being added as a secondary zone?
  Thanks!

  You have two options.
  Use a DNS server with a single internal domain example.com and have (as you said) server1.example.com
  If the two subnets are on separate networks either via a router or VLAN, then you could run a separate DHCP server on each and advertise the appropriate DNS server for that subnet.
  Otherwise you could have a single DNS server and either single DHCP advertising that single DNS server and have both server1 and server2 in the single DNS zone, or a DHCP server in each subnet but still pointing to the same single DNS server.
  Each of these two servers would be an Open Directory Master
  Note: in DNS terminology a DNS 'zone' is the same thing as a Domain Name.
  The second option which if you want to keep the two 'schools' completely separate is to do the following
  Use a DNS server per subnet
  Use a DHCP server per subnet
  Use a different domain name per school e.g. school1.com and school2.com
  Create a server record on each as appropriate e.g. server1.school1.com and server2.school2.com
  You cannot have a single DNS server have two identical zones e.g. example.com and example.com as they are of course the same thing.
  If the two schools will merge officially at some point it might be better to use the same domain name, if they are going to fully split then definiately it is going to be better to use two different domain names.

• Hosting Multiple DNS Zones on different servers How To?

  Hello, I have an issue that I would like one of the experts to help out with.
  I am currently facing an issue with DNS. I currently need to be able to ping certain machines on my internal domain by their external IP address.
  Example: machineA.domain.local has IP address 192.168.1.10 but from the inside of my network I would need to be able to ping machineA.domain.local and have it resolve to my EXTERNAL IP ADDRESS.
  Now as far as I know using a split DNS would solve this issue. Herein lies my issue.
  My DNS works half the time. Sometimes I will ping machineA.domain.local and it will resolve the internal address and sometimes it would resolve the public IP address (which I set manually in my split DNS)
  Now, my reasoning for this is because there are multiple entries with the same machine name on the same domain controller that resolve to different IP addresses. So when I ping machineA.domain.local the reply will be a "confused" reply.
  Here is what I tried to do to correct the issue. I created another Windows Server 2008 R2 machine with only the DNS role installed. I then removed the split DNS from my domain controller and added the zone "zone.domain.com" with the A record "machineA.domain.com"
  I did not join the domain with the new machine as I did not believe it to be necessary.
  The machines on the inside still cannot ping "machineA.domain.com", nor can my new server successfully ping "machineA.domain.local". It can resolve "machineA.domain.com" but I am fairly certain this is because I added it in
  the DNS zone.
  I tried to go a little further and tried to connect to the domain controller DNS via the MMC snap in on my new server. I get an error telling me that the access is denied.
  In order to attempt to fix that I added the computer in the properties of the DNS in the security tab. I also added the newly created server to the DNS admins group.
  Nothing works I am not sure what I am doing incorrect but I would need to know how I can do the following
  A) Successfully (if possible) have 2 different zones on the same domain
  example: internal.domain.local and external.domain.com
  I would need to know how to be able to successfully ping the machines I need to ping that resolves to  the external IP address from the inside without having the internal A record in the DNS zone interfere.
  I would also need to know how I could connect to the domain controllers DNS via another computer (the new server) without having the access is denied error.
  Once again, I tried to use a split DNS on the same server which yielded mixed results. I cannot have the machines replying randomly or go down because 2 DNS zones are on the same machine.
  Thank you hope to get an answer ASAP!

  Anyone have any ideas on this?

• How to change DNS zone, or how to host email outside of BC

  I have BC from Creative Cloud Suite, so I have the cheapest possible plan for BC.  Meaning I don't get any email hosting.  So I was looking to host email outside of BC.  I looked it up on google to see if it could be done (I'm really new with all this hosting stuff!), and I found that if you change the DNS zone and MX records to certain things you could.  I had to delete the MX record I had set up prior to finding out BC won't host my email, and I went to set up an Advance DNS Records.. But I'm not sure what to do! There's a lot of information I'm not sure about, and I don't know what goes where!
  I'd like to have godaddy host my email, and what I found is that I need to change my DNS zone to: mailstore1.secureserver.net and change MX records to 0 smtp.secureserver.net 10 mailstore1.secureserver.net
  I may end up finding somewhere else to host email at a later point, but right now I just want to try to figure out how to do this so I'll be able to in the future.  Any and all help is appreciated! Thank you

  Hi
  All you need to do is go to Admin > Site Settings > Site Domains and activate your new domain. You’ll have to enter an MX record for e-mail to be setup, which will be provided by godaddy.
  Here’s a similar article on the same topic:
  http://forums.adobe.com/message/4997019#4997019
  Let me know how it goes

• DNS record is not dynamically created in DNS Zone, when joining to DNS domain

  hi
  in my test lab i have deployed two virtual machines (both are windows server 2008 R2 enterprise).
  on vm1 i have installed just DNS role (without Active directory) and created a primary non-ADintegrated zone.
  on this DNS zone, i have enabled dynamic update set to
  non-secure & secure .
  now in my vm2 (as a DNS client) , i set the ip address of this DNS server as preferred DNS server and then in system properties, on the primary DNS suffix field, i entered the name of my DNS domain (mydomain.lab)& rebooted VM2, but the a record of this
  client (vm2) is not registered (created ) in mydomain.lab zone.
  i respect the record be created like the situations which we join a client to AD domain 

  Hi  John ,
  When registering DNS record ,client will send a SOA query to find the primary server of the zone .Then send register message to the server .
  We can use nslookup to find the problem :
  Open Command Prompt
  type nslookup
  type set type=soa
  type zone name
      1. If there is positive response ,check the name of
  primary name server and the IP address of the server .
  Its name should be vm1.mydomain.lab .If not ,edit the SOA record in the zone .
  If no IP address ,edit NS record in the zone .
      2. If there is no response ,check the SOA record in the zone .
  We can manually delete and recreate the records to ensure there are right SOA and NS records .
  Here is the guide for using nslookup :
  Nslookup :
  https://technet.microsoft.com/en-us/library/cc940085.aspx
  Best Regards,
  Leo
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]
  Hi Leo, thanks for reply.
  i did all steps you mentioned but still no result.
  i put an screenshot of my desktop here , everything is shown here:

• Can't create DNS zones in Server Admin

  Hi All,
  So, I've run into this strange problem where when configuring the zone files for the DNS server in Server Admin that clicking on the + button doesn't do anything. I've re-installed Tiger Server including reformating the disk and still nothing.
  Can anyone tell me where the zone file is kept. It might be better just to make my own unless anyone can tell me why the + button isn't working.
  Thanks much!

  Definitely better to make your own, if you know how (lots of good google-able docs on this). Using Server Admin for DNS zone files is dicey at best.
  BIND config file is located at '/etc/named.conf'
  Zone files live in '/var/named/.' Primary zone files are named 'myDomain.com.zone' and secondary files are named 'myDomain.com.bak'
  Feel free to email me if you need some default files.
  Can anyone tell me where the zone file is kept. It
  might be better just to make my own unless anyone can
  tell me why the + button isn't working.
  iBook G4   Mac OS X (10.4.3)  

• Active Directory Integrated DNS Zones, replicate only to specific domain controllers

  I have a customer with a fairly large Active Directory forest with many domains that they are trying to consolidate into a single domain which likely take 18 to 24 months according to their timeline.  During this time, they would like all DNS zones
  to be serviced directly from the new domain controllers, meaning, domain A would have replicas of domain B, C, D, E, etc.  Because the environment is complex and some domain controllers in domains other than A are in a very sad state and replication problems
  abound, they would like to avoid replicating all zones forest wide.  
  I've never done this before, or even considered it necessary, is it even possible?  I don't have a ton of time for trial and error, but based on this there seems to be some hope:
  https://technet.microsoft.com/en-us/library/cc753801.aspx?f=255&MSPPError=-2147217396
  Is this telling me how to do what I want to do?
  Thanks
  J
  Joseph M. Durnal MCM: Exchange 2010 MCITP: Enterprise Messaging Administrator, Exchange 2010 MCITP: Enterprise Messaging Administrator, MCITP: Enterprise Administrator

  He actually didn't specify much about dynamic updates requirements for old domains, if they don't need secure dynamic updates then a primary zone would work:
  The DNS Server service allows dynamic update to be enabled or disabled on a per-zone basis at each server that is configured to load
  either a standard primary or directory-integrated zone.
  REF: Understanding Dynamic updates
  This post is provided AS IS with no warranties or guarantees, and confers no rights.
  ~~~
  Questo post non fornisce garanzie e non conferisce diritti

• External DNS zone on Internal DNS servers

  We currently have a 2 domain forest with DNS running on all domain controllers. All domain controllers are 2012 or 2012 R2 and our Domain and forest functional level is set at 2008 R2 due to the existence of an exchange 2003 server which wont be retired
  for several months. We have 2 DNS servers in the root domain and 4 DNS servers in the child domain. This is a centralized DNS setup. Our parent domain is DOMAIN.LOCAL and the child domain is XX.DOMAIN.LOCAL. Externally, our DNS is MYDOMAIN.com. we
  do not have a public facing DNS server and our DNS records are hosted by a 3rd party
  We want to add the MYDOMAIN.COM DNS zone internally (AD Integrated) since we have several instances where applications do not really work well with the XX.DOMAIN.LOCAL DNS. We want this zone to host several DNS records for internal resolution
  only since we do not have any public facing applications or web servers such as SharePoint etc.
  My question(s) is this?
  How is the best way to do this and how will it affect the zones we currently have in place.
  Is it as simple as creating a new forward lookup zone, adding static records?
  How do we (or do we) handle delegation?
  Any information or suggestions to get me started would be greatly appreciated.
  Russ

  Hi,
  I’m not quite understand your question, do you want to create a new primary DNS zone on your current DNS server? If so, you
  just need to create a new primary, you can create the additional primary DNS zone.
  The related KB:
  Configuring a new primary server
  http://technet.microsoft.com/en-us/library/cc776365(v=ws.10).aspx
  Hope this helps.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• Adding DNS zone

  Hi folks,
  i`m running a Mac mini with OS X Server 10.7.4 installed. Initially i set up a DNS zone for internal use only which was called myzone.lan. Now i wanted to set up a second zone for internal and external use called myzone.com. When i first added it in Server Admin the reverse mapping was created automatically. Because of a name missmatch i deleted my zone and the reverse lookup zones. Now if i try to add it once more the reverse mapping isn`t created anymore. I`m only able to add the zone name and for example an a record which i called server.myzone.com. But the reverse lookup is always missing.
  What can i do?
  Greetz

  That's not really what I am looking for. I have a privet DNS zone set up on my server and would like to point a different zone to a different server while still using the root hints that are built into the dns server for everything else. take a look at this http://images.apple.com/server/macosx/docs/NetworkServices_Adminv10.6.pdf
  and search for Forward Zones it's on page 50.
  This doc talkes about the ability to do what I am trying to do just not how to do it.

• Secondary DNS Zone

  Hi
  I have a secondary DNS zone for a partner site which I am going to use to configure a trust between the two. After a zone transfer has completed there is an exclamation mark next to the secondary zone in DNS Manager and an error saying Zone not loaded by
  DNS server. I then have to right click the zone and choose reload for the zone to then load correctly.
  Does anyone have any ideas on what could be causing this issue?
  Thanks
  Shane

  Please make sure that zone transfer is allowed: https://technet.microsoft.com/en-us/library/cc776973(v=ws.10).aspx
  You can also try getting a copy of the zone using NSlookup and see if this is done with no errors: http://social.technet.microsoft.com/wiki/contents/articles/29184.nslookup-for-beginners.aspx#Zone_Transfer
  This posting is provided AS IS with no warranties or guarantees , and confers no rights.
  Ahmed MALEK
  My Website Link
  My Linkedin Profile
  My MVP Profile

• Child DNS Zone changing PTR record of OD Master

  Grretings,
  I am setting up a new OD master server for our school that will also host our DNS. Home folders will be on another server. I am using the DNS GUI for now. Setup master DNS zone of ourschool.lan. OD master has FQDN of admin.ourschool.lan with an IP address of 172.16.2.254. Forward and reverse lookups of OD master are great.
  #host admin.ourschool.lan returns 172.16.2.254
  #host 172.16.2.254 returns admin.ourschool.lan
  When I go to set up a child zone, highschool.ourschool.lan, on this server I set the nameserver to ns1.highschool.ourschool.lan and IP address of 172.16.2.254, I have had the following happen:
  #host admin.ourschool.lan returns 172.16.2.254
  #host 172.16.2.254 returns ns1.highschool.ourschool.lan (not what I want!)
  I understand forward and reverse lookups to OD master need to be rock solid. The changing of the PTR record is going to ruin this. Has anyone else seen this behavior. Should I just do the DNS through terminal and forget the GUI?
  Thank you for any feedback. I searched this discussion list and didn't find anything similar to this in the postings.
  Best Regards,
  Steve
  OS X Server and Client   Mac OS X (10.4.6)  

  Your problem stems from the fact you're trying to create two separate A records for the same IP address.
  The GUI will automatically create a reverse DNS entry for each a record. Since you have two A records that point to 172.16.2.254 that's where your problem lies.
  Your solution is either to use a CNAME (or alias) for the second hostname (e.g. ns1.highschool.ourschool.lan CNAME admin.ourschool.lan), or manage the DNS by hand and don't use the GUI tools.

• Adding a new DNS zone to OD master for use as mail server

  hi all,
  i recently migrated form apple's postfix to kerio mail server. i am usung an xserve to run OD master, DNS, Jabber, Windows PDC and kerio mail.
  server name is mail.domain1.com and i am hosting it on local IP 192.168.0.4 and using NAT on my firewall.
  i would liek to setuop another kerio domain and mail server on the same box but not sure how to approach DNS.
  i need to add mail.domain2.com
  i am abel to add the second mail server in kerio but not sure if i need to setuo a second DNS zone on the same server on order to be able to have my local clients conect to the new domain. i only have 4 users for domain2.com and plan to use kerios built in autrhentication so i dont realy need another LDAP or user authentication server for now.
  currently i am using the hosting package of my provider to server mail.domain2.com as well as www.domain2.com
  i would liek to keep the site wit he hosting company but just move the mail server with my kerio server. that is teh setup i have for domain1 - i host mail server mail.domain1.com on premices and i have my domain reqistration site host the site for www.domain1.com
  i assme i can do this with virtual domains?
  any help is appreciated.
  thanks
  martin

  hi all,
  i recently migrated form apple's postfix to kerio mail server. i am usung an xserve to run OD master, DNS, Jabber, Windows PDC and kerio mail.
  server name is mail.domain1.com and i am hosting it on local IP 192.168.0.4 and using NAT on my firewall.
  i would liek to setuop another kerio domain and mail server on the same box but not sure how to approach DNS.
  i need to add mail.domain2.com
  i am abel to add the second mail server in kerio but not sure if i need to setuo a second DNS zone on the same server on order to be able to have my local clients conect to the new domain. i only have 4 users for domain2.com and plan to use kerios built in autrhentication so i dont realy need another LDAP or user authentication server for now.
  currently i am using the hosting package of my provider to server mail.domain2.com as well as www.domain2.com
  i would liek to keep the site wit he hosting company but just move the mail server with my kerio server. that is teh setup i have for domain1 - i host mail server mail.domain1.com on premices and i have my domain reqistration site host the site for www.domain1.com
  i assme i can do this with virtual domains?
  any help is appreciated.
  thanks
  martin