Non-AD Integrated Secondary DNS Promote to Master?
Hello. We currently run a non-domain joined 2012 R2 DNS server for our external .com domain. I would like to stand up a secondary in our DR datacenter, but am wondering how I would promote it to master in the event our current master were to fail? Both platforms
are Server 2012 R2.
ns1.domain.com = master
ns2.domain.com = secondary
In the event ns1 experienced a failure, I'd like to be able to promote ns2 to become master (authoritative) for the .com domain to allow record changes.
Hi,
According to your description, my understanding is that primary DNS server has been down, and you want to change the secondary DNS server (not domain member and configured for external name resolution) to primary DNS server.
If there is one DNS server in your domain, I am wondering if it is an AD-Intergraded zone. And if the secondary DNS server has a full transferred secondary zone.
In general, compared the secondary DNS server with primary DNS server, you may find that the secondary one do not have a folder in forwarder lookup zones named
_msdcs.<domain.com>, according zone transfer we may copy this folder and RRs. But considering the primary DNS server is down, we need to manually copy these date to secondary DNS server.
If the primary zone is not AD-Integrated, open path %systemroot%\system32\dns\
on primary DNS server and copy the file _msdcs.domain.com.dns/domain.com.dns
to the corresponding path on secondary DNS server, then create primary zone using this exiting file. All RRs will be displayed once the zone has been created.
For AD-Integrated primary zone, we need to back up the zone by command lines and then restore it to the secondary DNS server, detailed steps you may reference:
https://technet.microsoft.com/en-us/library/jj649877.aspx
https://technet.microsoft.com/zh-cn/library/ff807395(v=ws.10).aspx
Or you may also try to manually add the folder _msdcs.domain.com.dns, including its sub folders and RRs. And remember to change the secondary zone type to primary.
And remember to redirect DNS clients to use the secondary DNS server as the primary one.
Best Regards,
Eve Wang
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]
Similar Messages
-
Secondary DNS failing to redirect clients when Primary DNS goes down
I have a single domain with two Windows 2008 servers, DC1 (physical) and DC2 (virtual). Both servers run DNS and are GC servers, and the entire domain is on the same subnet (192.168.0.x).
All clients on the network are configured to use DC1 as primary DNS, DC2 as secondary DNS.
DHCP is enabled only on DC1. (This might be part of the issue, not sure).
The problem is that when DC1 goes down for a reboot or repair, we lose access to the internet from our clients. Trying to pull up any website results in a "Page cannot be displayed" error. DC2 is available during this time and can be
pinged from any client but does not resolve DNS requests, even if I specify it as the primary DNS server on one of my workstations. However I can log on to DC2 locally and browse the web.
Here are the results of a DCdiag /dnsall from DC2 (I bolded areas of concern):
Directory Server Diagnosis
Performing initial setup:
* Connecting to directory service on server DC2.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=mydomain,DC=com,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=com
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=mydomain,DC=com,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=DC1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=com
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=DC2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomain,DC=com
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC2
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
Determining IP6 connectivity
* Active Directory RPC Services Check
......................... DC2 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC2
Test omitted by user request: Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Test omitted by user request: FrsEvent
Test omitted by user request: DFSREvent
Test omitted by user request: SysVolCheck
Test omitted by user request: KccEvent
Test omitted by user request: KnowsOfRoleHolders
Test omitted by user request: MachineAccount
Test omitted by user request: NCSecDesc
Test omitted by user request: NetLogons
Test omitted by user request: ObjectsReplicated
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: Replications
Test omitted by user request: RidManager
Test omitted by user request: Services
Test omitted by user request: SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: VerifyReferences
Test omitted by user request: VerifyReplicas
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
See DNS test in enterprise tests section for results
......................... DC2 passed test DNS
Running partition tests on : ForestDnsZones
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running partition tests on : DomainDnsZones
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running partition tests on : Schema
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running partition tests on : Configuration
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running partition tests on : mydomain
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running enterprise tests on : mydomain.com
Starting test: DNS
Test results for domain controllers:
DC: DC2.mydomain.com
Domain: mydomain.com
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
Microsoftr Windows Serverr 2008 Standard
(Service Pack level: 2.0)
is supported
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000006] Intel(R) PRO/1000 MT Network Connection:
MAC address is 00:0C:29:91:59:68
IP Address is static
IP address: 192.168.0.249
DNS servers:
192.168.0.105 (DC1.mydomain.com.) [Valid]
127.0.0.1 (DC2) [Valid]
The A host record(s) for this DC was found
Warning: The AAAA record for this DC was not found
[Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.) - mydomain.com]
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found primary
Root zone on this DC/DNS server was not found
TEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders Information:
192.168.0.105 (DC1.mydomain.com.) [Valid]
192.168.0.7 (<name unavailable>) [Invalid (unreachable)]
Error: Forwarders list has invalid forwarder: 192.168.0.7 (<name unavailable>)
TEST: Delegations (Del)
Delegation information for the zone: mydomain.com.
Delegated domain name: _msdcs.mydomain.com.
DNS server: DC1.mydomain.com. IP:192.168.0.105 [Valid]
TEST: Dynamic update (Dyn)
Test record _dcdiag_test_record added successfully in zone mydomain.com
Test record _dcdiag_test_record deleted successfully in zone mydomain.com
TEST: Records registration (RReg)
Network Adapter
[00000006] Intel(R) PRO/1000 MT Network Connection:
Matching CNAME record found at DNS server 192.168.0.105:
a32fcfbd-16bb-4697-a23d-20fc3b8c274c._msdcs.mydomain.com
Matching A record found at DNS server 192.168.0.105:
DC2.mydomain.com
Warning:
Missing AAAA record at DNS server 192.168.0.105:
DC2.mydomain.com
[Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)]
Matching SRV record found at DNS server 192.168.0.105:
_ldap._tcp.mydomain.com
Matching SRV record found at DNS server 192.168.0.105:
_ldap._tcp.ac09921d-4553-475e-b25c-059742ac0552.domains._msdcs.mydomain.com
Matching SRV record found at DNS server 192.168.0.105:
_kerberos._tcp.dc._msdcs.mydomain.com
Matching SRV record found at DNS server 192.168.0.105:
_ldap._tcp.dc._msdcs.mydomain.com
Matching SRV record found at DNS server 192.168.0.105:
_kerberos._tcp.mydomain.com
Matching SRV record found at DNS server 192.168.0.105:
_kerberos._udp.mydomain.com
Matching SRV record found at DNS server 192.168.0.105:
_kpasswd._tcp.mydomain.com
Matching SRV record found at DNS server 192.168.0.105:
_ldap._tcp.Default-First-Site-Name._sites.mydomain.com
Matching SRV record found at DNS server 192.168.0.105:
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.com
Matching SRV record found at DNS server 192.168.0.105:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.com
Matching SRV record found at DNS server 192.168.0.105:
_kerberos._tcp.Default-First-Site-Name._sites.mydomain.com
Matching SRV record found at DNS server 192.168.0.105:
_ldap._tcp.gc._msdcs.mydomain.com
Matching A record found at DNS server 192.168.0.105:
gc._msdcs.mydomain.com
Warning:
Missing AAAA record at DNS server 192.168.0.105:
gc._msdcs.mydomain.com
[Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)]
Matching SRV record found at DNS server 192.168.0.105:
_gc._tcp.Default-First-Site-Name._sites.mydomain.com
Matching SRV record found at DNS server 192.168.0.105:
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.mydomain.com
Matching CNAME record found at DNS server 192.168.0.249:
a32fcfbd-16bb-4697-a23d-20fc3b8c274c._msdcs.mydomain.com
Matching A record found at DNS server 192.168.0.249:
DC2.mydomain.com
Warning:
Missing AAAA record at DNS server 192.168.0.249:
DC2.mydomain.com
[Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)]
Matching SRV record found at DNS server 192.168.0.249:
_ldap._tcp.mydomain.com
Matching SRV record found at DNS server 192.168.0.249:
_ldap._tcp.ac09921d-4553-475e-b25c-059742ac0552.domains._msdcs.mydomain.com
Matching
SRV record found at DNS server 192.168.0.249:
_kerberos._tcp.dc._msdcs.mydomain.com
Matching SRV record found at DNS server 192.168.0.249:
_ldap._tcp.dc._msdcs.mydomain.com
Matching SRV record found at DNS server 192.168.0.249:
_kerberos._tcp.mydomain.com
Matching SRV record found at DNS server 192.168.0.249:
_kerberos._udp.mydomain.com
Matching SRV record found at DNS server 192.168.0.249:
_kpasswd._tcp.mydomain.com
Matching SRV record found at DNS server 192.168.0.249:
_ldap._tcp.Default-First-Site-Name._sites.mydomain.com
Matching SRV record found at DNS server 192.168.0.249:
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.com
Matching
SRV record found at DNS server 192.168.0.249:
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.mydomain.com
Matching SRV record found at DNS server 192.168.0.249:
_kerberos._tcp.Default-First-Site-Name._sites.mydomain.com
Matching SRV record found at DNS server 192.168.0.249:
_ldap._tcp.gc._msdcs.mydomain.com
Matching A record found at DNS server 192.168.0.249:
gc._msdcs.mydomain.com
Warning:
Missing AAAA record at DNS server 192.168.0.249:
gc._msdcs.mydomain.com
[Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)]
Matching SRV record found at DNS server 192.168.0.249:
_gc._tcp.Default-First-Site-Name._sites.mydomain.com
Matching SRV record found at DNS server 192.168.0.249:
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.mydomain.com
Warning: Record Registrations not found in some network adapters
TEST: External name resolution (Ext)
Internet name www.microsoft.com was resolved successfully
Summary of test results for DNS servers used by the above domain
controllers:
DNS server: 192.168.0.7 (<name unavailable>)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.168.0.7
[Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
DNS server: 192.168.0.105 (DC1.mydomain.com.)
All tests passed on this DNS server
Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered
DNS delegation for the domain _msdcs.mydomain.com. is operational on IP 192.168.0.105
DNS server: 192.168.0.249 (DC2)
All tests passed on this DNS server
Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
Domain: mydomain.com
DC2
PASS WARN FAIL PASS PASS WARN PASS
......................... mydomain.com failed test DNS
Test omitted by user request: LocatorCheck
Test omitted by user request: IntersiteLooks like it may be trying to forward to a machine that's down (DC1 and another 192.168.0.7) and root hints aren't available.
Check out this article:
http://technet.microsoft.com/en-us/library/ff807391(v=ws.10).aspx
See if you can enable DNS access through the firewall to the Internet if it's not already available. Try to match whatever forwarder settings are on DC1, or remove them entirely and let the server resolve DNS from Internet root servers. Alternativly,
you could change your forwarder to a public DNS server you have access to, your ISP should supply this or you could test with something common like 4.2.2.2.
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
SWC Unified Communications -
Hi
I have a secondary DNS zone for a partner site which I am going to use to configure a trust between the two. After a zone transfer has completed there is an exclamation mark next to the secondary zone in DNS Manager and an error saying Zone not loaded by
DNS server. I then have to right click the zone and choose reload for the zone to then load correctly.
Does anyone have any ideas on what could be causing this issue?
Thanks
ShanePlease make sure that zone transfer is allowed: https://technet.microsoft.com/en-us/library/cc776973(v=ws.10).aspx
You can also try getting a copy of the zone using NSlookup and see if this is done with no errors: http://social.technet.microsoft.com/wiki/contents/articles/29184.nslookup-for-beginners.aspx#Zone_Transfer
This posting is provided AS IS with no warranties or guarantees , and confers no rights.
Ahmed MALEK
My Website Link
My Linkedin Profile
My MVP Profile -
Adding Secondary DNS entry in server, but Changes didnt take effects
Hello.
we have two servers, at time of installation we didnt configured ADC+secondary Dns in our network, so these servers were configured with only DC and Primary DNS server IP. later on we built ADC with secondary DNS, now when we add ADC+secondary DNS
IP to these server it demands restart. and after restarting no changes made. means it didnt add the secondary dns ip.
Please adviseHi,
Maybe you need to registry the secondary DNS server under Networks in the
Windows Azure management portal. In addition, it seems that you also need to add the secondary DNS server in the
DNS Servers and VPN Connectivity page.
More information:
Setup a Windows Server 2012 R2 Domain Controller in Windows Azure: IP Addressing and Creating a Virtual Network
Install a Replica Active Directory Domain Controller in Windows Azure Virtual Networks
In addition, according to the article below, it seems that you can use Powershell to make change in
.NETCFG files to achieve that.
Editing DNS in Windows Azure
Note: Microsoft is providing this information as a convenience to
you. The sites are not controlled by Microsoft. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
Best regards,
Susie -
Setting up Primary/Secondary DNS in Weblogic
Hi,
Can we setup primary & secondary DNS IP in Weblogic server? .. Please provide some reference.
Regards,
NCYou will also need to add the name of the secondary server in your domain name server list (where you registered your domain)
Note necessarily. If this is only serving your LAN then you need to tell your LAN clients about this server, but entering this server's address in their DNS servers field (which may be populated via DHCP if you're using that).
You only need to register the domain if you're serving public DNS to external clients but I'm guessing that's already handled elsewhere. -
Last login: Thu Jun 30 17:08:31 on ttys000
184-228-234-70:~ Dylan10$ command:dig
-bash: command:dig: command not found
184-228-234-70:~ Dylan10$ dig
; <<>> DiG 9.6.0-APPLE-P2 <<>>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54800
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 14
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 298424 IN NS k.root-servers.net.
. 298424 IN NS b.root-servers.net.
. 298424 IN NS j.root-servers.net.
. 298424 IN NS h.root-servers.net.
. 298424 IN NS i.root-servers.net.
. 298424 IN NS e.root-servers.net.
. 298424 IN NS l.root-servers.net.
. 298424 IN NS g.root-servers.net.
. 298424 IN NS f.root-servers.net.
. 298424 IN NS m.root-servers.net.
. 298424 IN NS d.root-servers.net.
. 298424 IN NS c.root-servers.net.
. 298424 IN NS a.root-servers.net.
;; ADDITIONAL SECTION:
f.root-servers.net. 389411 IN A 192.5.5.241
f.root-servers.net. 411367 IN AAAA 2001:500:2f::f
b.root-servers.net. 389410 IN A 192.228.79.201
e.root-servers.net. 389410 IN A 192.203.230.10
a.root-servers.net. 384828 IN A 198.41.0.4
a.root-servers.net. 405612 IN AAAA 2001:503:ba3e::2:30
d.root-servers.net. 389409 IN A 128.8.10.90
d.root-servers.net. 414286 IN AAAA 2001:500:2d::d
g.root-servers.net. 389411 IN A 192.112.36.4
h.root-servers.net. 389410 IN A 128.63.2.53
h.root-servers.net. 411367 IN AAAA 2001:500:1::803f:235
j.root-servers.net. 389411 IN A 192.58.128.30
j.root-servers.net. 422036 IN AAAA 2001:503:c27::2:30
i.root-servers.net. 389411 IN A 192.36.148.17
;; Query time: 92 msec
;; SERVER: 68.28.58.92#53(68.28.58.92)
;; WHEN: Thu Jun 30 17:11:05 2011
;; MSG SIZE rcvd: 512
184-228-234-70:~ Dylan10$
Were is my secondary dns?I'm not sure what you're looking for here; that dig command is not how you look at the configured DNS servers.
The dig command gets you a translation from an available DNS server. (It doesn't particularly care which DNS server it gets a translation from, either.)
If you want to ask a specific DNS server, use the @ notation on the dig command.
To see which DNS servers are configured from the command line, you can peek into the /etc/resolv.conf file. -
Set up secondary DNS for mail?
When I first configured my server using the advance setup, I successfully setup my DNS services using a domain name for the primary zone that is not a registered domain. I have no intention of ever using the domain name I use internally on the net.
I usually host my mail services with third-party hosting company and just use my server for file and print services. However, I recently purchased a new domain name and have considered using the mail services to host the domain. My question is:
Do I need to setup a secondary zone for this domain, or should I start over and reconfigure my server? I had read that once you configure your primary DNS, it is hard to go back and reconfigure it.
Also, once I have the DNS properly configured, it is my understanding that I'll just need to point the MX records at my hosting company towards my server to make it work, correct?If you're just looking for mail then there's no need to start from scratch - you can just tell the mail server to accept mail for your new domain in addition to the existing domain.
Before you do this, though, make sure you have a) a static IP address and b) working reverse DNS for your IP address. If you don't have this then remote mail servers may not accept your mail since you look like a spammer.
Apart from that, once you setup postfix to accept mail for your new domain then, yes, all you need to do is change your MX records. -
Configure DHCP to add non domain computers to DNS
Hi
We would like to add non domain computers automaticallly to DNS through our DHCP server.
The reason is that we actally use Linux and our Linux admins would like the machines automatically to DNS when receiving a IP.
I assumed that it was just a matter of selecting "Always dynamically update DNS A and PTR records" on the IPv4 scope option, but it doesn't seem to work?
Lasse
/LasseI started out changing that setting to "Dynamically update DNS records for DHCP clients that do not request updates" but it didn't seem to work.
I then changed "Always dynamically update DNS A and PTR records" and it didn't work. Then I tried having both settings set and then it worked. I then removed "Always dynamically update DNS A and PTR records" since it shouldn't be necessary
and then it still worked..... :-)
Lasse
/Lasse -
Setting up a secondary DNS zone
i work for a digital web agency and we have our primary DNS server setup on a Linux box.
overall we have no problems with it however from time to time it can go down which causes lots of problems.
I've been thinking about potentially setting up a Secondary slave DNS server on my network but using the 10.6 server box i currently have setup.
is this possible if my primary DNS server is on a linux box?You will also need to add the name of the secondary server in your domain name server list (where you registered your domain)
Note necessarily. If this is only serving your LAN then you need to tell your LAN clients about this server, but entering this server's address in their DNS servers field (which may be populated via DHCP if you're using that).
You only need to register the domain if you're serving public DNS to external clients but I'm guessing that's already handled elsewhere. -
SAP to Non-SAP Integration best Practices
Hi Folks,
Recently I demonstrated to few of my managers the integration of our SAP ISU with a 3rd Party MDUS System via SAP PI. A question which was repeatedly asked is 'Why SAP PI'? Isn't there any other way to do it? They did mention BAPIs and doing things directly in ABAP but I couldn't really answer as to how weigh one on the other in this particular scenario.
I do know that there are standard ES Bundles for achieving integration with 3rd Party Systems via SAP PI, We can do the interface and message mappings but
is it possible to achieve this integration with the 3rd Party MDUS System without using PI?
3rd party MDUS can only integrate via its web Services so how would they get called?
Whats the trade-off in case of Performance, Development Cost?
I am looking for best practices, recommendations, trade-offs and possibilities. Your input is very much appreciated.
Regards,
Adil KhalilHi Adil,
The below blog might be useful
Consuming Services with ABAP
regards,
Harish -
How to go from exchange to non-exchange integration?
Due to security policies, customers wanted to stop receiving voicemail via outlook all together but via the phones only. Without rebuilding Unity from scratch, is there a quick solution for this? I think I could block the Exchange IP from getting to Unity so to make Unity thinks that Exchange is down. That way, Unity won't send anything to Exchange and all messages will get stored locally on Unity. However, I'm looking for a more permanent solution instead. Any suggestions would be greatly appreciated. Thanks.
Unfortunately, Unity is dependent upon Exchange to function properly. Even in a voicemail-only configuration, messages are still sent to a user mailbox in Exchange. The difference between that and the Unified Messaging configuration you have today is that the email account that receives the mailbox used to receive any given user's messages is basically invisible to users. To the contrary, with Unified Messaging the user's mailbox that Unity sends messages to is their actual mailbox that they use day in and day out. You could switch to a voicemail-only configuration and that's really the only viable option with Unity. You do not want to trick Unity into thinking that Exchange is down - this would force Unity into UMR mode and that's undesirable.
The other option which warrants some serious consideration is to migrate off of Unity and over to Unity Connection. When you do that, you could migrate user data over and provide voicemail-only or integrated messaging (IMAP).
Hailey
Please rate helpful posts! -
What is the trick in adding a "secondary zone" to my DNS server
Hello,
I am having a hard time adding a secondary zone to my dns server. I followed the instructions carefully but I still get the "refuse" on my zone transfer. Do I need to go to the "NIC" of my interface card and make the primary DNS
as the server itself and the secondary DNS the IP of the "remote" DNS server?
Also, do I need to start configuring the "reverse Lookup zone" (before even starting to add a "secondary zone" and perform a -ZONE -TRANSFER), and add first the "a" record of the other (remote) DNS server?
Thanks,
Teapaq Long.
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 6525
Date: 11/10/2014
Time: 2:07:21 PM
User: N/A
Computer: REM-LAB-2K3.leftremote.com
Description:
A zone transfer request for the secondary zone localright.com was refused by
the master DNS server at 192.168.77.92. Check the zone at the master server
192.168.77.92 to verify that zone transfer is enabled to this server. To do
so, use the DNS console, and select master server 192.168.77.92 as the appli
cable server, then in secondary zone localright.com Properties,view the set-
tings on the Zone Transfers tab. Based on the settings you choose, make any
configuration adjustments there (or possibly in the Name Servers tab) so that
a zone transfer can be made to this server.
For more information, see Help and Support Center at
http://go.microsoft.com/
fwlink/events.asp.
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 6525
Date: 11/10/2014
Time: 12:03:18 PM
User: N/A
Computer: LOC-LAB-2K8.localright.com
Description:
A zone transfer request for the secondary zone leftremote.com was refused by
the master DNS server at 192.168.95.92. Check the zone at the master server
192.168.95.92 to verify that zone transfer is enabled to this server. To do
so, use the DNS console, and select master server 192.168.95.92 as the appli
cable server, then in secondary zone leftremote.com Properties,view the set-
tings on the Zone Transfers tab. Based on the settings you choose, make any
configuration adjustments there (or possibly in the Name Servers tab) so that
a zone transfer can be made to this server.
For more information, see Help and Support Center at
http://go.microsoft.com/
fwlink/events.asp.Hi,
According to the event ID 6525, this may be caused by a refuse of zone transfer request.
In normal, the secondary DNS server just configured with a preferred DNS server as itself, the alternate DNS server is optional, it depends on your needs.
When you fill the master DNS server’s IP address when you add secondary zone in the secondary DNS server, it will prompt a warming information if you do not add a PTR record in the master DNS server in the reverse lookup zone, but this won’t affect the zone
transfer process.
Have you followed the description of event log and check to see if the master server has enabled zone transfer(Properties
of zone->Zone Transfer tab->Allow zone transfer)?
Besides, verify that the master server of the secondary zone is authoritative for the zone. Reference steps below:
1. On the secondary DNS server, open DNS manager.
2. Right-click zone, select the General tab, note the IP address of the server that is listed in
Master Servers.
3. In the console tree, right-click DNS, and then click
Connect to DNS Server.
4. Click The following computer, type the IP address of the master DNS server, and then click
OK.
5. In the console tree, expand the master DNS server, and then expand the folder that contains the zone.
Note: If the zone is not in the folder, the server is not authoritative for the zone. In this case, you must configure the secondary server to transfer the zone from the correct master server.
6. Right-click the zone, click Properties, and then click the
Name Servers tab.
7. Confirm that the secondary server is listed with the correct IP address. To correct the list, do one of the following:
If the secondary server is not in the list, click Add.
If the IP address of the secondary server is incorrect, click the server in the list, and then click
Edit.
If this problem still exits, from the event log I notice that there are 2 secondary DNS server, REM-LAB-2K3.leftremote.com and LOC-LAB-2K8.localright.com. Are they belong to different domain(leftremote.com and localrght.com) ? what the relationship between
them?
It would be helpful if you could provide the network topology. And describe the IP configuration of master DNS server and secondary DNS server.
Best Regards,
Eve Wang -
Can a replica node have secondary indexes the master does not?
In a JE replication group, is it possible to instantiate a replica (non-master) node that includes additional secondary indices that the master and the other replicas do not have? I would like to have this replica node optimized for performing fast searches on the additional indexes. Previously, all my nodes have had the exact same schema with only a single, primary index. Certainly I could add the secondary indexes on all the nodes, including the master, but the other nodes won't benefit from the add'l indexes as no such searches are expected to be performed on those nodes.
Hi,
No, this is not currently supported. Secondaries must be created on the master as usual and will be replicated to all nodes. However, if secondaries are read frequently on a particular node, they are more likely to stay in cache on that node, or at least more so than on other nodes. So it still may be beneficial to service read requests for secondaries on a subset of nodes. This is a special case of the more general approach where read requests are balanced among nodes according to some form of data partitioning.
The ability to store secondary indexes only on particular nodes would require several new features and is not currently planned:
- ability to have non-replicated databases in a replicated environment
- triggers on the replica so that secondaries can be maintained
- automatic re-creation of indexes when a node is restored from scratch
--mark -
OD replica, DNS secondary zone, server will not resolve itself
We are testing an OD replica to run in a separate location from our OD master. Master OD and DNS is all set and working as expected. Separate location network user connections and DNS all work as expected when calling the OD master and DNS primary zone. The OD replication works fine. I want to use the same machine as a DNS secondary zone getting its records from the DNS on the OD master. DNS secondary zone seems to pull the records from the primary without trouble.
In testing the secondary DNS without forwarders or backup DNS systems, known internal addresses are resolved by the clients correctly. The issue that I am trying to resolve is that server will not resolve itself. I have the System Preferences / Network / DNS pointed to 127.0.0.1. The DNS is resolving for the clients. Running changeip -checkhostname gives
"The DNS hostname is not available, please repair DNS and re-run this tool."
If I ask a client to browse to the server's web site it resolves fine and I get the default page as expected.
With all of the above in mind, binding a local client to the OD replica and pointing the clients' DNS at the DNS secondary zone results in failure of the bind and the client saying that the server is not responding. If the DNS on the client is pointed to the DNS primary zone, the bind works fine and everything behaves as expected. Pointing the Server to the DNS primary zone resolves the problem as well and it is able to resolve itself.
The problem is that if our connection to our primary site goes down, I want everything to function independently at the second location. If the primary DNS zone is gone the OD replica server cannot resolve itself and authenticaion then does not happen making the OD replica pointless.
Any ideas?
Thanks.Found it. I did not copy the reverse mappings from the primary DNS zone.
On the primary zone
- In Server.app/DNS/ select show all records in the gear
- double click reverse header for each subnet and indicate to allow zone transfer for the reverse records
On the secondary zone
- Add additional secondary zones for the exact title of each reverse record zone
- example main records are FQDN.com
- reverse records are 2.81.10.in-addr.arpa for the items in the 10.81.2.0 subnet
OD replica now resolves itself. -
Using Open DNS etc with a Verizon and secondary router
I have a Airport Extreme Base Station setup in Bridge Mode to the Verizon router. How do I add or replace the DNS server to Open DNS etc?
You need to set your desired DNS servers in the Actiontec since that is your DHCP server. When the AEBS is in bridge mode, its DHCP server is disabled.
Login to the Actiontec
Click on the My Network icon
Select Network Connections from the left menu
Select Broadband coax or Broadband ethernet as appropriate.
Click on Settings
Across from DNS Server, select "Use the following DNS Server addresses" from the pulldown.
Enter the primary and secondary DNS Server addresses for OpenDNS.
Click Apply.
Maybe you are looking for
-
Print to vide/External video not working in FCP, PLEASE HELP
I have the FCP HD 4.5 and am having difficulty communicating to my Panasonic PV-800. Capture is great, but when trying to view external video or print to video, the default blue screen of my cameras vtr mode is distorted and no video comes through. I
-
The "Send Link" feature no longer opens an Outlook email.
Even with the last incarnation of version 4, this problem started after it had been working just fine before. Do not know where to look.
-
Software update for A2109A - how to install from external sd?
I bought my wife and son an A2109A tablet each just a few days ago. I immediately did an ota update. When I checked if there any further updates it said the tablet had the latest software from 297 days ago. I see everyone on forums talking about a je
-
How is Upgradation Process takes place?
Hi Experts, I sincerely thankful to all who are providing solutions here. I have recently moved to Up-gradation environment from 4.6c to 6.00 ECC. But I need your help before i start up with pace in this assignment. Please give me an Idea at what poi
-
my iphone 4 screen is blue & resting when I turn on camera.