List all DNS servers in an AD Forest

Is there a way (preferably powershell, of course!) to find all DNS servers in an AD forest? Not domain controllers running DNS but ANY Windows servers running DNS.
Here is the situation...I have one root domain to which I am adding a new domain controller. There are roughly 20 child domains which should all have their dns servers set to forward to my root domain for unresolved queries. I need to change the forwarders on all DNS servers in the Forest (I've got that part figured out). However, I know that not all Domain Controllers in all of the domains are DNS servers and vice versa (not all DNS servers in the domains are domain controllers).
So...anything that I can query to find all dns servers in the Forest (short of querying every server in the Forest for the existence of the DNS Server service?)
I've searched but can't seem to find anything in wmi.
Thanks,
Nate

That would just list all DCs within a domain (not even in the entire forest).
You can use DNSLint (http://support.microsoft.com/kb/321045) or dnscmd (assuming you’re hosting your AD DNS Zones on Microsoft DNS Servers) to query for
NS records.
Regards
Christoffer Andersson – Principal Advisor
Enfo Zipper
"EXRAPUL" wrote in message news:ea6d0f00-0bc0-4786-b63b-c618e51ff264...
Hi Nate,
Yes, we can find list of DNS servers by using a command "nltest".
Here is the syntax nltest/dnsgetdc:<forest name>
example: nltest/dnsgetdc:microsoft.com
Enfo Zipper Christoffer Andersson – Principal Advisor

Similar Messages

Cannot list all the servers within cluster (on Resin)

We have 10 Resin servers in the cluster, but when I try to list them I got only 9 of them listed.
It doesn't list the local server (the one from which the servlet is actually invoked).
Do you have any other idea how to list all the servers?
Here is the code I use:
for (int i = 0; i < clusterList.length; i++) {
     ClusterMXBean cluster = (ClusterMXBean) Jmx.findGlobal(clusterList.getObjectName());
     // --- retrieve all servers within one cluster
     ServerConnectorMXBean[] srunNames = cluster.getServers();
     for (int j = 0; j < srunNames.length; j++) {
          ServerConnectorMXBean server = (ServerConnectorMXBean) Jmx
                    .findGlobal(srunNames[j].getObjectName());
          String host = server.getAddress();
          int port = server.getPort();
          String state = server.getState();
And here is the MX configuration:
resin:type=SessionManager,Host=default,WebApp=/
resin:type=ServerConnector,name=i
resin:type=ServerConnector,name=h
resin:type=ServerConnector,name=b
resin:type=Resin
resin:type=ServerConnector,name=j
resin:type=ProxyCache
resin:type=Host,name=default
resin:type=ServerConnector,name=c
resin:type=ServerConnector,name=e
resin:type=Port,name=192.68.1.50-6802
resin:type=ServerConnector,name=g
resin:type=ServerConnector,name=a
resin:type=ThreadPool
resin:type=WebApp,Host=default,name=/
resin:type=WebApp,Host=default,name=/mya
resin:type=ConnectionPool,Host=default,WebApp=/mya,name=jdbc/mya
resin:type=ServerConnector,name=f
resin:type=Cluster,name=cluster1
resin:type=ServerConnector,name=d
resin:type=SessionManager,Host=default,WebApp=/mya
resin:type=Server

kus wrote:
There is a solution but not a very portable one, i.e. you can't use it to get a listing of files from any server that you happen to look at. But here are the steps you need to take:
1. Use a browser (firefox, opera, etc.) to view the file listing and then view the source.
2. Duplicate the retrieval of data from the given URL in Java (new URL(...), etc.)
3. Parse the HTTP response and/or the HTML that the server returns to you to extract what you need.
Step #3 is the biggest piece of work and the format you need to parse will depend on whatever the remote server hands to you. It's intended for humans, not machines; every server can decide how to format this and it even depends on the server's configuration how this data is presented to you. In any case, it's entirely up to you to make sense of whatever the server happens to throw back at you and if the server happens to present you a nice, picturesque page rather than a listing of files then your completely out of luck.He actually wasn't talking about http at all, so most of this thread has been a wild goose chase.

List all SQL servers on network

Hello,
I'm trying to find a way to produce a list of all the SQL servers running on a network and have been looking at the SQLDataSourceEnumerator GetDataSources method. However there is a note saying this may not show all the SQL servers and may return a different list each time it is called. I would be grateful if anyone has anymore information on why this will not always return a complete list and may be different each time or if anyone knows if there is a way I can get a list of SQL servers that is more consistent?
Thanks,
Caroline

u can execute this code
Set NoCount On
Declare @CurrID int,@ExistValue int, @MaxID int, @SQL nvarchar(1000)
Declare @TCPPorts Table (PortType nvarchar(180), Port int)
Declare @SQLInstances Table (InstanceID int identity(1, 1) not null primary key,
InstName nvarchar(180),
Folder nvarchar(50),
StaticPort int null,
DynamicPort int null,
Platform int null);
Declare @Plat Table (Id int,Name varchar(180),InternalValue varchar(50), Charactervalue varchar (50))
Declare @Platform varchar(100)
Insert into @Plat exec xp_msver platform
select @Platform = (select 1 from @plat where charactervalue like '%86%')
If @Platform is NULL
Begin
Insert Into @SQLInstances (InstName, Folder)
Exec xp_regenumvalues N'HKEY_LOCAL_MACHINE',
N'SOFTWARE\Microsoft\Microsoft SQL Server\Instance Names\SQL';
Update @SQLInstances set Platform=64
End
else
Begin
Insert Into @SQLInstances (InstName, Folder)
Exec xp_regenumvalues N'HKEY_LOCAL_MACHINE',
N'SOFTWARE\Microsoft\Microsoft SQL Server\Instance Names\SQL';
Update @SQLInstances Set Platform=32
End
Declare @Keyexist Table (Keyexist int)
Insert into @Keyexist
Exec xp_regread'HKEY_LOCAL_MACHINE',
N'SOFTWARE\Wow6432Node\Microsoft\Microsoft SQL Server\Instance Names\SQL';
select @ExistValue= Keyexist from @Keyexist
If @ExistValue=1
Insert Into @SQLInstances (InstName, Folder)
Exec xp_regenumvalues N'HKEY_LOCAL_MACHINE',
N'SOFTWARE\Wow6432Node\Microsoft\Microsoft SQL Server\Instance Names\SQL';
Update @SQLInstances Set Platform =32 where Platform is NULL
Select @MaxID = MAX(InstanceID), @CurrID = 1
From @SQLInstances
While @CurrID <= @MaxID
Begin
Delete From @TCPPorts
Select @SQL = 'Exec xp_instance_regread N''HKEY_LOCAL_MACHINE'',
N''SOFTWARE\Microsoft\\Microsoft SQL Server\' + Folder + '\MSSQLServer\SuperSocketNetLib\Tcp\IPAll'',
N''TCPDynamicPorts'''
From @SQLInstances
Where InstanceID = @CurrID
Insert Into @TCPPorts
Exec sp_executesql @SQL
Select @SQL = 'Exec xp_instance_regread N''HKEY_LOCAL_MACHINE'',
N''SOFTWARE\Microsoft\\Microsoft SQL Server\' + Folder + '\MSSQLServer\SuperSocketNetLib\Tcp\IPAll'',
N''TCPPort'''
From @SQLInstances
Where InstanceID = @CurrID
Insert Into @TCPPorts
Exec sp_executesql @SQL
Select @SQL = 'Exec xp_instance_regread N''HKEY_LOCAL_MACHINE'',
N''SOFTWARE\Wow6432Node\Microsoft\\Microsoft SQL Server\' + Folder + '\MSSQLServer\SuperSocketNetLib\Tcp\IPAll'',
N''TCPDynamicPorts'''
From @SQLInstances
Where InstanceID = @CurrID
Insert Into @TCPPorts
Exec sp_executesql @SQL
Select @SQL = 'Exec xp_instance_regread N''HKEY_LOCAL_MACHINE'',
N''SOFTWARE\Wow6432Node\Microsoft\\Microsoft SQL Server\' + Folder + '\MSSQLServer\SuperSocketNetLib\Tcp\IPAll'',
N''TCPPort'''
From @SQLInstances
Where InstanceID = @CurrID
Insert Into @TCPPorts
Exec sp_executesql @SQL
Update SI
Set StaticPort = P.Port,
DynamicPort = DP.Port
From @SQLInstances SI
Inner Join @TCPPorts DP On DP.PortType = 'TCPDynamicPorts'
Inner Join @TCPPorts P On P.PortType = 'TCPPort'
Where InstanceID = @CurrID;
Set @CurrID = @CurrID + 1
End
Select serverproperty('ComputerNamePhysicalNetBIOS') as ServerName, InstName, StaticPort, DynamicPort,Platform
From @SQLInstances
Set NoCount Off

Domain Controllers that are DNS servers DNS Client settings

[Copying verbatim from a mail by Joe ]
So I have been pinged by a few folks recently on configuration of client DNS settings on Domain Controllers that are also functioning as DNS Servers. Lots of debate. I understand there has been long time debate within MSFT as well.
From http://blogs.technet.com/b/askds/archive/2010/07/17/friday-mail-sack-saturday-edition.aspx there
is the quote
"3.When referencing a DNS server on itself, a DNS client should always use a loopback address and not a real IP address."
From http://www.microsoft.com/en-us/download/confirmation.aspx?id=9166 (Windows
Server 2008 R2 Core Network Guide)
"9. In Preferred DNS server, type the IP address of your DNS server. If you plan to use the local computer as the preferred DNS server, type the IP address of the
local computer.
10. In Alternate DNS Server, type the IP address of your alternate DNS server, if any. If you plan to use the local computer as an alternate DNS server, type the IP address of
the local computer."
From http://technet.microsoft.com/en-us/library/dd378900(v=ws.10).aspx (DNS:
DNS servers on <adapter name> should include their own IP addresses on their interface lists of DNS servers)
"The inclusion of its own IP address in the list of DNS servers improves performance and increases availability of DNS servers. However, if the DNS server is also a domain controller and it points only to
itself for name resolution, it can become an island and fail to replicate with other domain controllers. For this reason, use caution when configuring the loopback address on an adapter if the server is also a domain controller. The loopback address should
be configured only as a secondary or tertiary DNS server on a domain controller...
Add the loopback IP address to the list of DNS servers on all active interfaces. The loopback IP address should not be the first server in the list."
ESPECIALLY "For this reason, use caution when configuring the loopback address on an adapter if the server is also a domain controller. The loopback address should be configured only as a secondary or tertiary
DNS server on a domain controller." and "Add the loopback IP address to the list of DNS servers on all active interfaces. The loopback IP address should not be the first server in the list."
Why shouldn't loopback not be first, the justification is why you shouldn't only use loopback, not why it shouldn't be first.
From http://technet.microsoft.com/en-us/library/ff807362(v=ws.10).aspx (DNS:
DNS servers on <adapter name> should include the loopback address, but not as the first entry)
"If the loopback IP address is the first entry in the list of DNS servers, Active Directory might be unable to find its replication partners.
The inclusion of its own IP address in the list of DNS servers improves performance and increases availability of DNS servers. However, if the DNS server is also a domain controller and it points only to itself,
or points to itself first for name resolution, this can cause a delay during startup. For this reason, use caution when configuring the loopback address on an adapter if the server is also a domain controller. The loopback address should be configured only
as a secondary or tertiary DNS server on a domain controller."
This also seems like justification against only using loopback versus using it first.
Are there any actual real documented issues for using loopback first and a remote DNS server second and perhaps third? If the local DNS server service isn't working yet (or at all), I would expect the DNS Client process
to try to connect to it, fail, and then failover to the secondary just like I would expect it to failover if the remote DNS server was secondary and it was unavailable and it failed back to the loopback. Am I making a bad assumption?
And by documented I don't mean random responses to questions on the internet or other such items. I mean a KB article or technet article or properly researched and tested other web article from a reliable resource.
thanks,
joe

As I understand it, the scenario whereby a DC could become an 'island' if it points only to itself, or to itself first, was repaired in the Windows Server 2003 product cycle. See
http://support.microsoft.com/kb/275278 for information about this scenario.
However, there is still a known problem of slow boot times that can occur. See
http://support.microsoft.com/kb/2001093 for information about this. The scenario that is discussed assumes there is a power failure and servers shut down due to overheating while on backup power. When
multiple servers come online simultaneously after power is restored, there can be a significant delay.
The recommended configuration is one that avoids a single point of failure, but also tries to optimize the speed of resource record registration, so that Active Directory can properly synchronize.
-Greg

List of DNS Negative Cache

Hi Folks
I'm having problems with what I believe to be intermittent negative responses for a host from DNS servers that we forward external queries to and those negative responses being cached.
Because of the intermittent nature of the problem every time it is reported I have not been able to carry out a query on the downstream DNS servers that has not produced a positive result.
I would like to know if it is possible to see if negative responses for this specific host are being cached on our DNS servers.
Thanks in advance
Kevin

You can possibly use DNSCMD, but I'm not sure if it will display negatively cached data. Have you tried using ipconfig /displaydns on the client to see what it negatively cached? And I'm not sure that will work. I can't reproduce the problem, since
none of my customers have this issue.
Keep in mind, [quoted from http://tools.ietf.org/html/rfc2308]:
"Negative caching was an optional part of the DNS specification and
   deals with the caching of the non-existence of an RRset [RFC2181] or
   domain name."
"[...] however had a fundamental flaw in that it did not allow a name
   server to hand out those cached responses to other resolvers [...]"
So my feeling is there are non-existing records in some of your DNS servers, or incorrect SOA records, or lame delegations. If your organization is that large, and DNS was not designed properly (all DNS servers in an org must have the same exact reference
to all records or issues will results, especially with AD), then I can see this may occur. So in reality, once you determined what data is negatively cached, the best way is to use DIG or nslookup testing directly against your forwarders for the records
that you believe are negative lookiong for NXDOMAIN responses (which are the records that have been negatively cached).
It may have been possible that Negative Caching was set on *some* of your Windows DNS servers, but not all. That will definitely cause problems. That's done by setting the
NegativeCacheTime to something really much higher than the default 300 seconds (15 minutes). If you are an admin and have access to those machines, you can take a look at that setting in the registry remotely.
Configuring Caching and Negative Caching
http://technet.microsoft.com/en-us/library/cc959309.aspx
Here was a thread that asked the same thing, but no resolution:
Windows DNS Server Negative Cache
"So how do I display what info is in the negative cache? From the command line…"
http://blog.joeware.net/2006/08/12/522/
Further, if your org is using ISA or TMG, and they've set negative caching on those servers, then DNS has nothing to do with it! Check this article out:
ISA: Configuring Negative Caching.
http://www.isaserver.org/tutorials/Configuring_Negative_Caching.html
Ace Fekay
MVP, MCT, MCITP EA, MCTS Windows 2008/R2, Exchange 2007 & Exchange 2010, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
This post is provided AS-IS with no warranties or guarantees and confers no rights.

Order of DNS servers when using DHCP random after 10.9.3 update

I am operating my local DNS server on my home network for resolving all local IP addresses and names.
The router which connects me to the ouside world is also running a DHCP server serving the local network.
It inherits from outside world two DNS server IP addresses (which cannot be disabled) and has the local DNS server
manualy configured to be "first". I.e. it supplies via DHCP option 6 an ordered list of three DNS servers.
So far so good and all was working well until the 10.9.3 update...
I.e. the local DNS was on top of the list and the others where only queried when it was not responding for some reason.
After the 10.9.3 update every time I do a DHCP renewal the list of DNS servers has a different (random) order.
Not surprisingly if the local DNS isn't on top local lookups will fail.
I have done some packet analysis on the LAN and the DHCP is definitely sending the DNS server IP addresses in the correct order
(see rfc 2132, chapter 3.8).
So why does 10.9.3 get the idea that it has to re-shuffle the order? To "improve the experience"???
And more importantly hot to get rid of it and restore normal behaviour?

This may be a bug. Send a bug report: Bug Reporting - Apple Developer. You can also report it via Apple Feedback, but the first link is better.

How can I list all the domains configured for Weblogic Servers?

How can I list all the domains configured for Weblogic Servers?
I saw a note, which says the following:
"WebLogic Server does not support multi-domain interaction using either the Administration Console, the weblogic.Admin utility, or WebLogic Ant tasks. This restriction does not, however, explicitly preclude a user written Java application from accessing multiple domains simultaneously."
In my case, I just want to list all the domains, is that possible by using any scripts?
Thanks
AJ

If you use WLS Node Manager and the Config Wizard was used to create the domains, then the list of domains should be in a location like this:
<MIDDLEWARE_HOME>\wlserver_10.3\common\nodemanager\nodemanager.domains
Enterprise Manager Grid Control also has support for multi-domain management of WLS in a console.

List all servers with OS and service pack

Is there an easy way using any script or software to list all servers joined to your domain including operating system (i.e. server 2008) and service pack level, without having to check each manually?

Hi Cf090,
The limit is used to Specify the number of objects to return that matches the criteria that you specify. If you specify a value of
0 for <NumberOfObjects>, this parameter returns all matching objects. If you do not specify this parameter,
dsquery displays the first 100 results by default.
For more detailed information to use dsquery, please refer to this article:
http://technet.microsoft.com/en-us/library/cc754232.aspx
If you have any other questions, please feel free to let me know.
Best Regards,
Anna

Urgent: How to list all alias for a server throw DNS query?

Hi
Is there anyone know how to list all alias for a server by asking the network DNS. Is that possible?
It doesn't work with InetAddress it return a single result.
Best regard

InetAddress will not get you the aliases, but you can certainly find all the different IP addresses for a specific host name using the getAllByName() method.
You won't be able to get the aliases since those IP addresses (assuming there are more than 1) will all be cached as mapping to the name you passed to the getAllByName() method and you can't clear the map cache until the JVM exits.
So your best hope is to get a list of IP's and either exit your app and restart with a new mode, or save them to a file for another app to read.

DirectAccess 2012 has wrong DNS servers listed

Hello,
I'm setting up DirectAccess on Server 2012 and having issues with the wrong DNS servers continually added to the configuration. My setup is as follows, 2 Server 2008 R2 DCs running DNS, both have a static IPv4 and IPv6 addresses. The DirectAccess
server has a single NIC behind a NAT device and also has static IPv4 and IPv6 addresses. My problem is that I keep getting a DNS: Not working properly error on the dashboard. It says:
Error:
Enterprise DNS servers (fd7e:ed10:5cb6:7777::ac10:a22, fd7e:ed10:5cb6:7777::ac10:a21) used by DirectAccess clients for name resolution are not responding. This might affect DirectAccess client connectivity to corporate resources.
The thing is these are not nor ever have been the IP addresses of my DC/DNS servers. I've removed them by using the configuration editor but with each restart of the server they reappear. I examined the DirectAccess Server
Settings GPO and they are listed in the Extra Registry Settings section buy I am unable to edit that portion. I've read other threads on this forum that state I need to add the IPv6 address of the DA server as the DNS server but I still get DNS errors
when I do that and after a restart the same two DNS servers show up again.
Anyone have any ideas? Your assistance is greatly appreciated.

Hi,
Thanks for you reply and sorry for relying so late.
Did you point the DNS server address to the IP address of the internal NIC? Maybe you can refer to the similar thread below:
http://social.technet.microsoft.com/Forums/windowsserver/en-US/df08fa06-d3fc-4ca9-b4a2-85824a10819a/direct-access-server-dns-error?forum=winserver8setup
Best regards,
Susie

Script to list all servers in my domain

i need to list all the windows servers in my organization so i was wondering if anyone knew of or had a script that could do this and export it to a csv file.

You don't need a script. You just need to list servers from the computer browse list. This can be done with
Net View or the Browstat commands.
browstat vw 1 | find /i ",SS" will list just the servers. With the browstat output there are several items you can easily search for, Version, DFS, SQL, etc.
\\Servername NT 05.02 (W,S,SQL,NT,SS,BBR,DFS)
Use quick edit/Mark and copy in the command prompt to select and copy only the server names out as needed.
Using the browse list is actually a better method because it shows you only active servers. While obtaining a list from Active Directory will have old server accounts listed.
http://support.microsoft.com/kb/818092

Airport not distributing DNS servers over network

Hi everyone,
I connect to the Internet over ADSL (ISP: Arnet Highway, Buenos Aires, Argentina) using PPPoE from my MacBook Pro.
I have my ADSL modem connected to the Airport Extreme (802.11n) and distributing IP over DHCP just fine. Every device that joins the network obtains a valid IP.
However, DNS servers aren't distributed by the router over the network. Every connected device has to be manually configured to set the DNS servers of my ISP to be able to resolve hosts, instead of 'asking' these addresses to the router, as it should be.
Initially I thought there might be a problem obtainig the DNS servers from the ISP. So in the Airport Utility, in Internet / PPPoE settings, I've manually set my ISP's DNS servers, which should be distributed over the network to all connected devices.
This doesn't happen, and every somebody new joins my wireless network I have to manually change the DNS servers for that connection which, as I'm sure you'll agree with me, can be quite annoying. Not to mention what would happen if my ISP decides to use dynamic DNS addresses.
Thanks for any help you might provide.
Cheers.

Hello belbo,
I connect to the Internet over ADSL using PPPoE from my MacBook Pro.
Is your Macbook Pro Network configured to use PPPoE or DHCP?
I have my ADSL modem connected to the Airport Extreme (802.11n) and distributing IP over DHCP just fine. Every device that joins the network obtains a valid IP.
Is NAT enabled on the AE? Are the valid IP Address obtained from your ISP or from the AE?
However, DNS servers aren't distributed by the router over the network. Every connected device has to be manually configured to set the DNS servers of my ISP to be able to resolve hosts, instead of 'asking' these addresses to the router, as it should be.
When you setup the AE to use PPPoE did you enter a Domain Name or a DHCP Client ID?
Initially I thought there might be a problem obtainig the DNS servers from the ISP. So in the Airport Utility, in Internet / PPPoE settings, I've manually set my ISP's DNS servers, which should be distributed over the network to all connected devices.
The DNS servers listed in the AE aren't distributed to each Network Device but are only used to translate names into IP addresses when need by a Network Device.
This doesn't happen, and every somebody new joins my wireless network I have to manually change the DNS servers for that connection which, as I'm sure you'll agree with me, can be quite annoying. Not to mention what would happen if my ISP decides to use dynamic DNS addresses.
If your AE is distributing IP Address using DHCP and NAT then this should not be a problem but I'm not sure without more information about the questions I asked.
Later.
Buzz

External DNS zone on Internal DNS servers

We currently have a 2 domain forest with DNS running on all domain controllers. All domain controllers are 2012 or 2012 R2 and our Domain and forest functional level is set at 2008 R2 due to the existence of an exchange 2003 server which wont be retired
for several months. We have 2 DNS servers in the root domain and 4 DNS servers in the child domain. This is a centralized DNS setup. Our parent domain is DOMAIN.LOCAL and the child domain is XX.DOMAIN.LOCAL. Externally, our DNS is MYDOMAIN.com. we
do not have a public facing DNS server and our DNS records are hosted by a 3rd party
We want to add the MYDOMAIN.COM DNS zone internally (AD Integrated) since we have several instances where applications do not really work well with the XX.DOMAIN.LOCAL DNS. We want this zone to host several DNS records for internal resolution
only since we do not have any public facing applications or web servers such as SharePoint etc.
My question(s) is this?
How is the best way to do this and how will it affect the zones we currently have in place.
Is it as simple as creating a new forward lookup zone, adding static records?
How do we (or do we) handle delegation?
Any information or suggestions to get me started would be greatly appreciated.
Russ

Hi,
I’m not quite understand your question, do you want to create a new primary DNS zone on your current DNS server? If so, you
just need to create a new primary, you can create the additional primary DNS zone.
The related KB:
Configuring a new primary server
http://technet.microsoft.com/en-us/library/cc776365(v=ws.10).aspx
Hope this helps.
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.

DNS forwarder with 2 real DNS servers, querying them simultaneously

DNS forwarder with >2 real DNS servers, querying them simultaneously and ignoring "server can't find" errors
Hi. When I connect to VPN, my normal DNS isnt queried, and DNS given by VPN answers: "server can't find"
An extract from 'man resolv.conf'
If there are multiple servers, the resolver library queries them in the order listed.
I need another logic. All servers should be queried at the same time, and the soonest positive reply should be used.
The algorithm used is to try a name server, and if the query times out, try the next, until out of name servers, then repeat trying all the name servers until a maximum number of etries are made.
So, if I get "server can't find" error, the next DNS server not queried. I want the DNS forwarder to ignore such answers and wait for replies from other servers.
What software can do this? Maybe dnsmasq? I plan to add 'nameserver 127.0.0.1' to the top of my resolv.conf and configure my scripts to add other nameservers below.

All servers should be queried at the same time
--all-servers
dnsmasq: ignoring nameserver 127.0.0.1 - local interface
good.
How to tell dnsmasq to completely disable dhcp? List all interfaces like this?
no-dhcp-interface=eth0
no-dhcp-interface=tun0
no-dhcp-interface=vboxnet0
no-dhcp-interface=wlan0

Testing an ISA Server Rule, the recursive query to other DNS Servers test fails

Hello,
I am trying to configure the following infrastructure with ISA Server 2006 and two W2003 servers (called "Server1" and "Server2") . "Server1" is a domain controller, and in
"Server2" is the ISA Server installed, which also has
attached two network Ethernet cards, one called "Internal Ethernet Card", and the other one called
"External Ethernet Card".
The infrastructure would be: "Internal Ethernet Card"---- ISA Server ----"External Ethernet Card"---"Router"----"Internet"
"Internal Ethernet Card" manages the internal package traffic of the infrastructure, the network segment which belongs is isolated from what we could called the Outbound traffic, which is linked to a router. "Internal Ethernet Card" it`s
a virtual network.
"Internal Ethernet Card" feature configuration is the following:
- IP address: 192.168.3.3
- Subnet Mask: 255.255.255.0
- DHCP Enabled: No
- DNS Server: 192.168.3.1 (Must point to the DC "Server1" which has the DNS Service installed)
- Default Gateway: None (because doesnt point to outside)
- Primary WINS Server: 192.168.3.1
The "External Ethernet Card" provides, the outbound connection, and this card is connected to the physical router.
It`s feature configuration is the following:
- IP address: 192.168.1.50
- Subnet Mask: 255.255.255.0
- DHCP Enabled: No
- Default Gateway: 192.168.1.1
- DNS Servers: 192.168.3.1 (Must point to the DC "Server1" which has the DNS Service installed)
After configuring the network cards, I create the following rule in the ISA Server to allow the traffic towards outside from the server and the clients which have joined to the domain:
Action: Allow. Protocol: DNS. From:"Server2". To : External. Condition: All Users
After applying the changes to update the configuration, I enter in the Dns Server of "Server1" and in the "Monitoring" tab, I run a "recursive query to other DNS Servers" but fails.
Only works the "simple query against this DNS Server".
I don`t know why fails, but I`m stucked on this issue, because in the "Server1" DNS Server, in the "domain forward IP address list", I have added two DNS addresses which work OK.
I would appreciate some help to solve this issue.
Thanks
Regards

Hello Ms. Long,
Yes, you are right. In the Server1 is configured the DNS server, to use forwarders whose are set in the field "Selected domain`s forwarder IP address list", two DNS address numbers obtained from "Open DNS", which work well.
There is no DNS Server linked to the External NIC.
The Server1 belongs to a private network configured as "VMnet3", which it is set as follows:
IP address: 192.168.3.1
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.3.3
DNS Server: 192.168.3.1
I have tried to test your suggested idea:
> set d2
> google.com
Server: srv-dcfs-01.dominio.local
Address: 192.168.3.1
SendRequest(), len 42
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
google.com.dominio.local, type = A, class = IN
Got answer (113 bytes):
HEADER:
opcode = QUERY, id = 2, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
google.com.dominio.local, type = A, class = IN
AUTHORITY RECORDS:
-> dominio.local
type = SOA, class = IN, dlen = 46
ttl = 3600 (1 hour)
primary name server = srv-dcfs-01.dominio.local
responsible mail addr = hostmaster
serial = 41
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
SendRequest(), len 28
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
google.com, type = A, class = IN
DNS request timed out.
timeout was 2 seconds.
timeout (2 secs)
SendRequest failed
*** Request to srv-dcfs-01.dominio.local timed-out
As you can see highlighted in bold, the problem remains in the "recursive query to other DNS Servers" check.
Maybe is better to put the issue on the "Windows Server General Forum" , because the issue has not nothing in common with the ISA Server, dont you?
Thanks
Best regards

List all DNS servers in an AD Forest

Similar Messages

Maybe you are looking for