Strange DNS problem

From: C Hall (someone_at_microsoft.com)
Date: 04/18/05 

Date: Mon, 18 Apr 2005 09:58:32 -0400

Good morning,

This past Friday, I was having problems with my DNS. The short version is
that I ended up deleting our zones and am in the process of resolving that
problem. However, when I went to do this last Friday, a DNS server from
another organization showed up as the SOA for the newly created zone. I had
been receiving alerts most of the day that this ip address was doing a nmap
udp port sweep. I talked to the vendor this morning and they had no idea.
For more details, I'm providing the post to the dns forum where I'm trying
to resolve the issue of being able to recreate the zone. It seemed like we
were getting compromised.

DNS Post:
We have three DCs--DC1, DC2, and DC3. We had an AD Integrated zone for our
forward lookup zone. On DC3, the zone showed as a secondary zone, so I tried
to change the type to an AD integrated zone (right-click, properties,
etc...), but it wouldn't allow it. I didn't write down the actual message,
but I was given two options: use the current zone or use the AD zone.
Neither option would work. I decided to delete the zone, thinking that since
the zone was a secondary zone that it would just die and I would be able to
create an AD zone or that the AD zone would replicate over. That didn't
work. In fact, the AD zone disappeared on both DC1 and DC2.

Next, I panicked and posted my previous thread ("Urgent!!!").

I have just tried creating a Primary zone on DC1 and created secondary zones
on DC2 & DC3. Then I ran Netdiag /fix. I wish I could say that I saved the
results to a text file, but I didn't. I did get it printed, though. The DNS
test shows it failed (surprise) with several FATAL errors trying to recreate
dns entries. I had set the zone to allow dynamic updates, accept updates
from all servers and had manually entered NS, A and PTR records for all DCs.
At this point, all zones have once again disappeared--the primary on the
master and the two secondary zones.

Any clues would be appreciated.

Relevant Pages

  • Re: RWW not connecting to desktop BOSS
    ... follow-up was just to mention the strange Reverse DNS entry for desktop BOSS. ... Open DHCP server, right click the server's FQDN and select Properties. ... To configure the zone to permit dynamic updates, ... click Non-secure and secure in the Dynamic updates ...
    (microsoft.public.windows.server.sbs)
  • Re: RWW not connecting to desktop BOSS
    ... Open DHCP server, right click the server's FQDN and select Properties. ... Navigate to DNS tab. ... To configure the zone to permit dynamic updates, ... click Non-secure and secure in the Dynamic updates ...
    (microsoft.public.windows.server.sbs)
  • Re: Rename 2K3 Domain - DNS Issues
    ... Fix those FAIL or WARN problems, or post them with the other symptoms here. ... Name" tab, the domain name is listed, and it is the "DNS Suffix for this ... The DNS zone is likely dynamic since you have one of them registering ... The new zone is set up to allow secure dynamic updates only; ...
    (microsoft.public.windows.server.active_directory)
  • Re: change secondary zone to AD integrated
    ... was running DNS on NT4 and was then upgraded. ... from DCs of the same domain where that zone is AD ... Microsoft MVP (Windows Server System: ... > the server is now running as a secondary zone, ...
    (microsoft.public.windows.server.dns)
  • RE: exchange server cannot mount mailbox store
    ... What's the exact detailed DNS Events ... Type desired internal IP address of your SBS server. ... it will delete the reverse lookup zone if the zone no longer ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)