Re: Help with Zone tranfers keep breaking

Yes they are AD Integrated. Yes we told each server to allow zone transfers
to each other. There is no FW in the way of transfers.

Whats happening however is the DNS server in Forrest A has decided the only
Server it will use for authentication is Server C in Forrest B. If C is
unavailable it will not do zone transfers and it breaks the link therefore
causing havoc. It is my understanding that if C is unavailable then it
should transfer with the others but it wont. It gives the error "Logon
server unavaible." Server A in Forrest B is the main server not C. So to me
it doesnt make any sence.

"Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx> wrote in message
news:%23txPFFezGHA.4092@xxxxxxxxxxxxxxxxxxxxxxx
Ok here is how it looks and yes DNS Integration is turned on the
primaries.
what do you mean with this? The DNS is Active Directory Integrated? Are
you sure?
If yes, you only need to check allow zone transfer in each server, FW
defenitions (if any), and that the servers are reachable (for example by
ping).




--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Chris Peikert" <c.peikert@xxxxxxxxxxxxxxxxxx> wrote in message
news:U7WJg.20027$kO3.9100@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Ok here is how it looks and yes DNS Integration is turned on the
primaries.

Forrest A --- Server A---DNS Primary with Forrest B DNS Secondary

Forrest B --- Server A --- DNS Primary with Forrest A Secondary

Forrest B --- Server B --- DNS Primary with Forrest A Secondary

Forrest B --- Server C --- DNS Primary with Forrest A Secondary

Forrest A is in 192.168.123.x subnet
Forrest B with Server A, and C is in 192.168.1.x Subnet
Forrest B with Server B is in 192.168.18.x Subnet.

There is only one firewall but its not in the path of communication
between these 3 subnets. They all link up to a Routing Switch.




"Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx> wrote in message
news:O$2DzXVzGHA.4932@xxxxxxxxxxxxxxxxxxxxxxx
Ok.

I believe they are all primary zones.

All zones Primary Zones AD Integrated? I'm asking this because you can
only have one single standard Primary Zone configured on one server and
all other servers that need that Standard Primary Zone will have to be
setup with secondary zone.
For example (In forest B) if ServerA as a Standard Primary Zone, then
ServerB and C would need to have secondary Zones configured. In this
scenario If you configure ServerB and C with primary zones, that means
that all zones will be independent from each other.
You can confirm this on the Zone properties.

Assuming that you have Primary Zone AD Integrated:
Let me see if I get this right:
On Forest A you have a DNS server configured with a Primary Zone
Then you add a Secondary zone From ForestB, you configured that
secondary Zone to load from ForestB-ServerA,B and C.
That Zone only updates when ServerC is online Correct?

Check:
-Go to ForestA DNS ServerA and right click on that secondary zone and
choose properties, on the general tab, confirm that you have the correct
IPAddresses for the servers (A,B and C) in ForestB.
-Then go to EACH Server in forestB (Server A, B and C), right Click on
the Zone choose Zone Transfers Tab, make sure that in EACH server you
have the option "Allow Zone Transfers" Selected and the option "Only to
the following Servers" and that you have the Correct IPAddress for
ServerA In ForestA, this has to be done in EACH DNS Server in ForestB.

FW=Firewall, I asked this because if you have those servers (From
ForestB) in different locations they might have one Different FW to
each, and that FW might prevent Zone transfer. Check Ports 53 TCP/UDP.

Conditional Forwarding (Only in windows 2003):
Defines where Specific queries for especific Domains are forwarded, this
is a very popular method used in different forests configuration
scenario (Note: You can't use Secondary Zones and Conditional Forwarding
to the Same Domain in the Same server, you can only use one of both
methods in each server).

http://technet2.microsoft.com/WindowsServer/en/library/0104be3c-0405-4455-b011-6950875c04461033.mspx?mfr=true

http://www.windowsnetworking.com/articles_tutorials/DNS_Conditional_Forwarding_in_Windows_Server_2003.html




--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Chris Peikert" <c.peikert@xxxxxxxxxxxxxxxxxx> wrote in message
news:ozHJg.13112$%j7.12508@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I believe they are all primary zones.
All servers are setup to do Zone transfers.
We are not using any forwarders if thats what FW is.
What is conditional forwarding?

"Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx> wrote in message
news:eJ9dCKQzGHA.4816@xxxxxxxxxxxxxxxxxxxxxxx
Hi

Are you working with Secondary Zones?
Did you configured Server A,B and C to allow zone transfer?
Do you have any FW between these servers?

Why don't you use Conditional Forwarding?

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Chris Peikert" <c.peikert@xxxxxxxxxxxxxxxxxx> wrote in message
news:palJg.4478$yO7.3130@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Here is a setup of our current system.

Forrest A ---- Domain A ---- Server A

Forrest B ---- Domain A ----Server A (main server), B, and C.

Forrest A keeps having trouble with the DNS staying updated. When it
tries to replicate the zone info it gets an error "Unable to locate a
logon server." The server Forrest A wants is Server C in Forrest B.
Question is why doesnt Server A or B answer the request? Also is
there a way to make it look for Server A instead of C?
We rebooted Server C and it works fine for now, but what will happen
if C dies and goes offline permanatly? We could really appreciate
some help here. Thanks.













.

Relevant Pages

  • Re: Establishing DNS zone transfer for multiple domains
    ... I'm finding my way in setting up DNS. ... running on a windows 2003 server. ... I have successfully managed to setup a zone transfer for one of the ... Zone transfers are done on a zone by zone basis. ...
    (microsoft.public.windows.server.dns)
  • Re: RWW not connecting to desktop BOSS
    ... And about the strange reverse DNS record, ... Open DHCP server, right click the server's FQDN and select ... |> To configure the zone to permit dynamic updates, ... |> prevented two times in a brief interval because of zone transfers. ...
    (microsoft.public.windows.server.sbs)
  • Re: Help with Zone tranfers keep breaking
    ... Can you please confirm that in DNS Server in Forest A Secondary Zone you ... have NS records for SrvA,B and C from ForestB? ...
    (microsoft.public.windows.server.dns)
  • RE: exchange server cannot mount mailbox store
    ... What's the exact detailed DNS Events ... Type desired internal IP address of your SBS server. ... it will delete the reverse lookup zone if the zone no longer ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • Re: Simple DNS For Private LAN -- SOLVED
    ... I used your examples and the "view" statement mentioned my Mathew Seaman to build a BIND 9 DNS server that is authoritative for mykitchentable.net. ... a local "master zone" visible only to my private LAN as you describe ... internal home network. ... which points to the root DNS servers. ...
    (freebsd-questions)