DNS error log confusion.

[jazzdrive 0]

We are running Windows 2003 with Exchange 2003. However, I'm confused about what to do about some of these DNS error logs, or if I should worry at all.

 

The log we consistantly get is this:

 

Event Type: Error

Event Source: DNS

Event Category: None

Event ID: 6702

Date: 1/5/2005

Time: 12:32:35 PM

User: N/A

Computer: MAINSERVER

Description:

DNS server has updated its own host (A) records. In order to ensure that its DS-integrated peer DNS servers are able to replicate with this server, an attempt was made to update them with the new records through dynamic update. An error was encountered during this update, the record data is the error code.

 

If this DNS server does not have any DS-integrated peers, then this error

should be ignored.

 

If this DNS server's Active Directory replication partners do not have the correct IP address(es) for this server, they will be unable to replicate with it.

 

To ensure proper replication:

1) Find this server's Active Directory replication partners that run the DNS server.

2) Open DnsManager and connect in turn to each of the replication partners.

3) On each server, check the host (A record) registration for THIS server.

4) Delete any A records that do NOT correspond to IP addresses of this server.

5) If there are no A records for this server, add at least one A record corresponding to an address on this server, that the replication partner can contact. (In other words, if there multiple IP addresses for this DNS server, add at least one that is on the same network as the Active Directory DNS server you are up[censored].)

6) Note, that is not necessary to update EVERY replication partner. It is only necessary that the records are fixed up on enough replication partners so that every server that replicates with this server will receive (through replication) the new data.

 

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Data:

0000: 2a 23 00 00 *#..

 

 

Any help would be much appreciated.

 

Thanks.

[DosFreak 2]

Are you running any other DNS servers?

[jazzdrive 0]

No, we have only one server.

[DosFreak 2]

Don't have 2003 DNS in front of me right now but there's probably a checkbox to notify other DNS servers of updates. Just click around until you find it.

[clutch 1]

By default, "Allow Zone Transfers" should be off in 2003 DNS, and if your server is the only one configured as a name server you should be OK.

 

Now, if you have other domain controllers, the zone is AD integrated, and the zone is configured to replicate to other domain controllers in the domain then there could be an issue. Here is the order of DNS configuration to follow with Windows Server 2003:

 

1. First DC is configured to point to itself for DNS.

2. Second, third, fourth, etc. DCs point to first DC for DNS during setup and DCPROMO.

3. Once DCPROMO is complete, they may point to themselves as the DNS records will have replicated ("islanding" is no longer an issue with 2003).

4. Remember to configure forwarders on your "root" DNS boxes to point to the outside world if needed for Internet name resolution.

[yakkob 0]

I answered your 'other' same thread in the Applications (XP) with this, so I'll post it here too>

 

To help you out with the deletion of log files just add this batch script to run every 1/2 hour as a scheduled task:

 

erase "c:\Program Files\Exhchange\MDBDATA\E0000*.log"

 

So you can at least concentrate on the other problem.

 

HTH

 

[DosFreak 2]

Uhhh, don't do that. You REALLY don't want to do that. Sure, you might get away with it every once in awhile but it's like speeding on a cliff while it's raining. Eventually something bad is bound to happen.

 

Read this article for a good simple explanation: http://weblogs.asp.net/exchange/archive/2004/05/12/130556.aspx

[yakkob 0]

ook...

 

my bad.

 

Good link there Dosfreak.