Re: A Reverse Lookup Zone is necessary?
- From: "George Hester" <hesterloli@xxxxxxxxxxx>
- Date: Wed, 21 Sep 2005 02:14:31 -0400
Well Ace thanks. Unfortunately I do not know what I should add as a Reverse
Lookup zone. What is my Network ID? I know my Domain Name and that is it.
The Server is Windows 2000 not Windows 2003. I don't have any PTR entries.
What should they be? P(oin)T(e)R(s) to what? The Router uses 192.168.2.1
that is the Gateway and my DNS Server is 192.168.2.34. DHCP is NOT
installed. The machines get the DHCP automatically.
--
George Hester
_________________________________
"Ace Fekay [MVP]"
<PleaseSubstituteMyActualFirstName&LastNameHere@xxxxxxxxxxx> wrote in
message news:OvXWv6fvFHA.3452@xxxxxxxxxxxxxxxxxxxxxxx
> In news:%23hriTeavFHA.2792@xxxxxxxxxxxxxxxxxxxx,
> George Hester <hesterloli@xxxxxxxxxxx> made this post, which I then
> commented about below:
> > Sometime ago I asked about setting up the DNS Server in Windows 2000
> > correctly. I had an article on it:
> >
> > http://support.microsoft.com/default.aspx?scid=kb;en-us;300202
> >
> > and was given suggestions here. I recall that it was not necessary
> > to make a new Reverse Lookup zone for my situation so I didn't touch
> > it.
> >
> > In one of my domain clients Windows XP SP2 I have this warning in the
> > Event Viewer:
> >
> > In the Event Viewer | System I have a LSASRV Warning Category SPNEGO
> > (Negotiator) Event 40961 and this is its Description:
> >
> > The Security System could not establish a secured connection with the
> > server DNS/prisoner.iana.org. No authentication protocol was
> > available
> >
> > So I wrote to a Windows XP newsgroup and this was the response:
> >
> > This usually means your DNS server is misconfigured and does not have
> > a reverse lookup zone. - Kerry Brown
> >
> > So now I am a little confused. Do I have to set up a Reverse Lookup
> > zone in my DNS Server and if so how do I do it? It wants a Network
> > ID. Which I haven't the slightest idea what that is. Or it wants a
> > Reverse lookup zone name and again I haven't the slightest idea what
> > that is or if it is even necessary. My DNS Server has been
> > configured EXACTLY the way the articles said to do it. And so far I
> > have had no issues with the DNS server in my Windows 2000 clients.
> > It is only the Windows XP client where this issue has cropt up. How
> > do I fix the warning above? Thanks.
>
> Some applications require a reverse zone, but they are few. Win2003 uses a
> reverse zone for the SPNEGO function, a way to ID itself with Kerberos. To
> eliminate the 40961 errors, create a reverse zone and make sure the DCs
have
> PTR entries.
>
> --
> Regards,
> Ace
>
> If this post is viewed at a non-Microsoft community website, and you were
to
> respond to it through that community's website, I may not see your reply.
> Therefore, please direct all replies ONLY to the Microsoft public
newsgroup
> this thread originated in so all can benefit.
>
> This posting is provided "AS-IS" with no warranties or guarantees and
> confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
> Microsoft Windows MVP - Windows Server - Directory Services
> Infinite Diversities in Infinite Combinations.
> =================================
>
>
.
- Follow-Ups:
- Re: A Reverse Lookup Zone is necessary?
- From: Ace Fekay [MVP]
- Re: A Reverse Lookup Zone is necessary?
- References:
- A Reverse Lookup Zone is necessary?
- From: George Hester
- Re: A Reverse Lookup Zone is necessary?
- From: Ace Fekay [MVP]
- A Reverse Lookup Zone is necessary?
- Prev by Date: Re: Win2k DNS and multihomed DC's
- Next by Date: Re: A Reverse Lookup Zone is necessary?
- Previous by thread: Re: A Reverse Lookup Zone is necessary?
- Next by thread: Re: A Reverse Lookup Zone is necessary?
- Index(es):
Relevant Pages
|
