Documente Academic
Documente Profesional
Documente Cultură
Contents
Introduction to Product Operations Guide........................................................................... ............1
Document Purpose................................................................................................................. .....1
Document Purpose.................................................................................................... .....................1
Intended Audience.................................................................................................................. .....1
Intended Audience..................................................................................................... .....................1
How to Use This Guide............................................................................................................. ...1
How to Use This Guide................................................................................................ ...................1
Background.............................................................................................................. ...................2
Background.............................................................................................................................. .......2
High-Level Processes for Maintaining Windows Server 2003 DNS Service...................................5
Overview............................................................................................................. ........................5
Overview............................................................................................................................. ............5
Technology Required.............................................................................................................. .....6
Technology Required................................................................................................. .....................6
Maintenance Processes Checklist........................................................................................... ....9
Maintenance Processes Checklist.............................................................................. ....................9
Operating Quadrant................................................................................................ .................9
Operating Quadrant................................................................................................................ .....9
Service Monitoring and Control SMF................................................................................... .9
Service Monitoring and Control SMF...................................................................... .................9
Storage Management SMF........................................................................... .....................10
Storage Management SMF........................................................................................... .........10
Supporting Quadrant...................................................................................................... ........11
Supporting Quadrant......................................................................................... ........................11
Incident Management SMF.................................................................... ............................11
Incident Management SMF.................................................................................... ................11
Problem Management SMF.................................................................... ...........................12
Problem Management SMF.................................................................................... ...............12
Optimizing Quadrant.................................................................................................. ............13
Optimizing Quadrant.................................................................................................................. 13
Capacity Management SMF..................................................................................... ..........13
Capacity Management SMF........................................................................ ..........................13
Availability Management SMF............................................................................... .............14
Availability Management SMF............................................................................................... .14
Changing Quadrant............................................................................................................... .15
Changing Quadrant.................................................................................................. .................15
Change Management SMF........................................................................... .....................15
Change Management SMF........................................................................................... .........15
Configuration Management SMF........................................................................................ 16
Configuration Management SMF........................................................................... ................16
Detailed Maintenance Actions............................................................................................... ........17
Overview.......................................................................................................... .........................17
Overview.......................................................................................................................... .............17
Process: Data backup, restore, and recovery operations............................................. .............18
Process: Data backup, restore, and recovery operations............................................................. .18
Task: Create DNS backup and pull backup files to remote storage.......................................18
Task: Create DNS backup and pull backup files to remote storage................................. ..........18
Option 1—System State............................................................................................ .........18
Option 1—System State............................................................................... .........................18
Procedure 1: Manual backup to tape or external locally-attached storage.........................18
Procedure 1: Manual backup to tape or external locally-attached storage.............................18
Procedure 2: Scriptable manual copy to remote server directory.......................................19
Procedure 2: Scriptable manual copy to remote server directory..........................................19
iv Managing the Windows Server Platform
Contributors
Program Manager
Jeff Yuhas, Microsoft Corporation
Lead Writers
Jim Quiggle, Covestic Inc., USA
Michael Sarabosing, Covestic Inc, USA
Other Contributors
Marius Apreutesei, Microsoft Corporation
Jason Popp, Microsoft Corporation
Test Manager
Greg Gicewicz, Microsoft Corporation
QA Manager
Jim Ptaszynski, Microsoft Corporation
Technical Editor
Patricia Rytkonen, Volt Technical Services
Production Editor
Kevin Klein, Volt Technical Services
1
Introduction to Product
Operations Guide
Document Purpose
This guide describes processes and procedures for improving the management of
Microsoft® Windows Server™ 2003 Domain Name System (DNS) Service in your
infrastructure.
Intended Audience
This material should be useful for anyone planning to deploy this product into an
existing IT infrastructure, especially one based on the IT Infrastructure Library (ITIL)
—a comprehensive set of best practices for IT service management—and Microsoft
Operations Framework (MOF). It is aimed primarily at two main groups: IT
managers and IT support staff (including analysts and service-desk specialists).
Background
This guide is based on Microsoft Solutions for Management (MSM). MSM provides a
combination of best practices, best-practice implementation services, and best-
practice automation, all of which help customers achieve operational excellence as
demonstrated by high quality of service, industry reliability, availability, and
security, and low total cost of ownership (TCO).
These MSM best practices are based on MOF, a structured, yet flexible approach
based on ITIL. MOF includes guidelines on how to plan, deploy, and maintain IT
operational processes in support of mission-critical service solutions.
Central to MOF—and to understanding the structure of this guide—are the MOF
Process and Team models. The Process Model and its underlying service
management functions (SMFs) are the foundation for the process-based approach
that this guide recommends for maintaining a product. The Team Model and its role
clusters offer guidance for ensuring the proper people are assigned to operational
roles.
Figure 1 shows the MOF Process Model combined with the SMFs that make up each
quadrant of the Process Model.
Figure 1
MOF Process Model and SMFs
Domain Name System (DNS) Service Product Operations Guide 3
Figure 2 shows the MOF Team Model, along with some of the many functional roles
or function teams that might exist in service management organizations. These roles
and function teams are shown mapped to the MOF role cluster to which they would
likely belong.
Change management
Release/systems engineering
Configuration control/asset
management
Software distribution/licensing
Intellectual property protection Quality assurance Enterprise architecture
Network and system security Infrastructure engineering
Intrusion detection Capacity management
Virus protection Release Cost/IT budget management
Audit and compliance admin Resource and long-range
Contingency planning planning
Security Infrastructure
Partner Support
Figure 2
MOF Team Model and examples of functional roles or teams
4 Managing the Windows Server Platform
The MOF Team Model is built on six quality goals, which are described and matched
with the applicable team role cluster in Table 1.
Table 1. MOF Team Model Quality Goals and Role Clusters
Quality Goal Team Role
Cluster
Domain Name System (DNS) is the primary method for name resolution in
Windows Server 2003. DNS is also a requirement for deploying Microsoft Active
Directory® directory service, but Active Directory is not a requirement for deploying
DNS. However, integrating DNS with Active Directory enables DNS servers to take
advantage of the security, performance, and fault tolerance capabilities of Active
Directory.
6 Managing the Windows Server Platform
Technology Required
Table 3 lists the tools or technologies used in the procedures described in this guide.
All tools should be accessed from a Windows Server 2003 server console, except in
those cases where a link is provided.
Table 3. Tools and Technologies Required to Use the Procedures in This Guide
Required Description Location
Technology
Backup Performs backup and restore Start > All Programs >
operations. It is Accessories > System Tools >
automatically installed with Backup
Windows Server 2003. Or to open the Backup tool
using the command line:
Start > Run. In the Open box,
type ntbackup and then click
OK.
DNS Manager Used for modifying DNS Start > Control Panel >
parameters. These Administrative Tools
centralized management Or to open DNS Manager
and monitoring tools can be using the command line,
found either in type:
Administrative Tools after
initial installation of the %systemroot%\System32\
DNS service, or through dnsmgmt.msc
Adminpak.msi.
Domain Name System (DNS) Service Product Operations Guide 7
Event Viewer Provides logs for Start > Control Panel >
transactional reactive Administrative Tools >
reviews of system and Event Viewer
service events. It is Or to open Event Viewer
automatically installed with using the command line:
Windows Server 2003.
Start >Run. In the Open box,
type eventvwr.msc and then
click OK.
Operating Quadrant
The processes for this chapter are based on the service management functions (SMFs)
that make up the MOF Operating Quadrant. Further information about the MOF
Process Model and the MOF SMFs is available at
http://www.microsoft.com/solutions/msm/techinfo/default.asp, or search for the
document title on TechNet at http://www.microsoft.com/technet/default.asp.
Supporting Quadrant
The processes for this section are based on the SMF guides that make up the MOF
Supporting Quadrant.
Optimizing Quadrant
The tasks for this section are based on the SMF guides that make up the MOF
Optimizing Quadrant.
Changing Quadrant
The processes for this section are based on the SMF guides that make up the MOF
Changing Quadrant.
Further information about the MOF Process Model and the MOF SMFs is available at
http://www.microsoft.com/solutions/msm/techinfo/default.asp, or search for the
document title on TechNet at http://www.microsoft.com/technet/default.asp.
18 Managing the Windows Server Platform
Dependencies
● Backup jobs are logged to disk.
● Incident management process.
Technology Required
● Backup
● Event Viewer
Domain Name System (DNS) Service Product Operations Guide 23
Dependencies
Scheduled zone file and system state backups are being performed.
Technology Required
● DR lab or similar equipment
● Backup
28 Managing the Windows Server Platform
rem – DNS Check Disk Space for Log and DB Drive ---------------------
rem ---------------------------------------------------------------------------------
rem -- List all DNS Servers in the strDNSServer array in quotes
rem -- and separated by commas. use "." for localsystem.
rem --
rem -- Example:
rem -- strDNSServer=array("dnssvr01","dnssvr02","192.168.23.21")
rem --
arrDNSSvr = array( ".","dnssvr01")
rem ---------------------------------------------------------------------------------
The following is the script listing for a single server with a specific drive check:
On Er ro r Resume Next
Set ob jWMISe rv i ce = GetOb jec t ( "w inmgmts : \ \ " & s t rComputer & " \ roo t \ c imv2" )
Dependencies
None
Technology Required
● Basic Windows Server 2003 operating system installed with DNS
● Windows Management Instrumentation (WMI) infrastructure
● CScript
30 Managing the Windows Server Platform
rem
rem -- List all DNS Servers in the strDNSServer array in quotes
rem -- and separated by commas. use "." for localsystem.
rem --
rem -- Example:
rem -- arrDNSSvr=array("DNSsvr01","dnssvr02","192.168.23.21")
rem --
rem
For Each strComputer in arrDNSsvr
Wscript.Echo “—“ & strComputer & “------------------------------“
Win32_PerfFormattedData_DNS_DNS",,48)
For Each objItem in colItems
Wscript.Echo "SecureUpdateFailure: " & objItem.SecureUpdateFailure
Wscript.Echo "SecureUpdateReceived: " & objItem.SecureUpdateReceived
Wscript.Echo "ZoneTransferFailure: " & objItem.ZoneTransferFailure
Wscript.Echo "ZoneTransferRequestReceived: " &
Wscript.Echo "DynamicUpdateQueued: " & objItem.DynamicUpdateQueued
Wscript.Echo "DynamicUpdateReceivedPersec: " &
objItem.DynamicUpdateReceivedPersec
Wscript.Echo "RecursiveQueriesPersec: " & objItem.RecursiveQueriesPersec
Wscript.Echo "RecursiveQueryFailurePersec: " &
Wscript.Echo "RecursiveTimeOutPersec: " & objItem.RecursiveTimeOutPersec
Wscript.Echo "TCPQueryReceivedPersec: " & objItem.TCPQueryReceivedPersec
Wscript.Echo "TCPResponseSentPersec: " & objItem.TCPResponseSentPersec
Wscript.Echo "UDPQueryReceivedPersec: " & objItem.TCPQueryReceivedPersec
Wscript.Echo "UDPResponseSentPersec: " & objItem.TCPResponseSentPersec
Next
Next
m=Month(Now)
Domain Name System (DNS) Service Product Operations Guide 33
d=Day(Now)
s=Second(Now)
If (m<10) Then
m="0" & m
End If
If (d<10) Then
d="0" & d
End If
If (s<10) Then
s="0" & s
End If
strFormattedDate = chr(34) & m & "/" & d & "/" & Year(Now) & " " & Hour(Now) &
":" & Minute(Now) & ":" & s & ".000" & chr(34)
2. After the line “For Each objItem in colItems” all the way to “Next” are the output
commands to echo the results to screen. Select the objects you would like to log
and replace the “Wscript.Echo …” lines with concatenated and formatted output,
including formatting such as “ (quotes) represented by chr(34) and , (commas).
For example, to create a System Monitor-style output for DNS
TotalQueryReceived/sec, TotalResponseSent/sec, and ZoneTransferSuccess, the
result would be:
…
For Each objItem in colItems
Wscript.Echo strFormattedDate & “,” & chr(34) &
Win32_PerfFormattedData_DNS_DNS",,48)
For Each objItem in colItems
Wscript.Echo "TotalQueryReceivedPersec: " &
Wscript.Echo "TotalResponseSentPersec: " &
Wscript.Echo "WINSLookupReceivedPersec: " &
Wscript.Echo "WINSResponseReceivedPersec: " &
Wscript.Echo "WINSReverseResponseSentPersec: " &
objItem.WINSReverseResponseSentPersec
Wscript.Echo "WINSReverseLookupReceivedPersec: " &
objItem.WINSReverseLookupReceivedPersec
Next
Domain Name System (DNS) Service Product Operations Guide 37
m=Month(Now)
d=Day(Now)
s=Second(Now)
If (m<10) Then
m="0" & m
End If
If (d<10) Then
d="0" & d
End If
If (s<10) Then
s="0" & s
End If
strFormattedDate = chr(34) & m & "/" & d & "/" & Year(Now) & " " & Hour(Now) &
":" & Minute(Now) & ":" & s & ".000" & chr(34)
2. Between “For Each objItem in colItems” and “Next” are the output commands to
echo the results to screen. Select the objects you would like to log and replace the
“Wscript.Echo …” lines with concatenated and formatted output, including
formatting such as “ (quotes) represented by chr(34) and , (commas). For
example, to create a System Monitor-style output for DNS
TotalQueryReceived/sec, TotalResponseSent/sec, and ZoneTransferSuccess, the
result would be:
…
For Each objItem in colItems
Wscript.Echo strFormattedDate & “,” & chr(34) &
Dependencies
None
Technology Required
● DNS server
● WMI infrastructure
● CScript
38 Managing the Windows Server Platform
rem – DNS Server System Load and Utilization Basic Collector ------------
rem ----------------------------------------------------------------------
rem -- List all DNS Servers in the strDNSServer array in quotes
rem -- and separated by commas. use "." for localsystem.
rem --
rem -- Example:
rem -- strDNSServer=array("dnssvr01","dnssvr02","192.168.23.21")
rem --
rem ----------------------------------------------------------------------
For Each strComputer in arrDnssvr
Wscript.Echo “—“ & strComputer & “------------------------------“
Win32_PerfFormattedData_PerfOS_Processor",,48)
For Each objItem in colItems
Wscript.Echo "PercentPrivilegedTime: " & objItem.PercentPrivilegedTime
Wscript.Echo "PercentProcessorTime: " & objItem.PercentProcessorTime
Wscript.Echo "PercentUserTime: " & objItem.PercentUserTime
Next
Win32_PerfFormattedData_PerfProc_Process
For Each objItem in colItems where Name = ‘dns’ ",,48)
Wscript.Echo "PageFileBytes: " & objItem.PageFileBytes
Wscript.Echo "PercentProcessorTime: " & objItem.PercentProcessorTime
Wscript.Echo "PercentUserTime: " & objItem.PercentUserTime
Next
Win32_PerfFormattedData_PerfOS_Memory",,48)
For Each objItem in colItems
Wscript.Echo "AvailableBytes: " & objItem.AvailableBytes
Wscript.Echo "PageReadsPersec: " & objItem.PageReadsPersec
Wscript.Echo "PagesInputPersec: " & objItem.PagesInputPersec
Wscript.Echo "PagesOutputPersec: " & objItem.PagesOutputPersec
Wscript.Echo "PageWritesPersec: " & objItem.PageWritesPersec
Next
Set colItems = objWMIService.ExecQuery("Select * from
Win32_PerfFormattedData_PerfDisk_PhysicalDisk",,48)
Domain Name System (DNS) Service Product Operations Guide 41
Win32_PerfFormattedData_Tcpip_NetworkInterface",,48)
For Each objItem in colItems
Wscript.Echo "BytesTotalPersec: " & objItem.BytesTotalPersec
Next
Next
":" & Minute(Now) & ":" & s & ".000" & chr(34)
2. Between “For Each objItem in colItems” and “Next” are the output commands to
echo the results to screen. Select the objects you would like to log and replace the
“Wscript.Echo …” lines with concatenated and formatted output, including
formatting such as “ (quotes) represented by chr(34) and , (commas). For
example, to create a PerfMon-style output for DNS Server AvailableBytes,
PageReadsPersec, and PagesOutputPersec, the result would be:
…
For Each objItem in colItems
Wscript.Echo strFormattedDate & “,” & chr(34) & objItem.AvailableBytes &
chr(34) & “,” & chr(34) & objItem.PageReadsPersec & chr(34) & “,” & chr(34) &
Next
…
Dependencies
None
Technology Required
● WMI infrastructure
● Windows Script Host
● Basic Windows Server 2003 operating system installed with DNS
42 Managing the Windows Server Platform
Dependencies
Capturing service performance in performance logs.
Technology Required
Microsoft Excel or third-party spreadsheet application
For clarity, it may be easier to calculate the daily statistics on the basis of
performance objects.
Dependencies
Capturing service performance in performance logs.
Technology Required
Excel or third-party spreadsheet application
44 Managing the Windows Server Platform
Dependencies
DNS Service
Technology Required
DNS Manager
Backup logs will now contain detailed information regarding the backup operations.
46 Managing the Windows Server Platform
Dependencies
● Backup jobs are logged to disk.
● Problem management process.
Technology Required
● Backup
● Third-party backup software
Domain Name System (DNS) Service Product Operations Guide 47
Event Description
ID
140 The DNS server could not initialize the Remote Procedure Call (RPC)
service. If it is not running, start the RPC service or reboot the computer. For
specific error code, see the Record Data page on the Event Viewer.
In order for DNS to run, the Remote Procedure Call (RPC) service must be
running on the DNS server.
1. Verify that the Remote Procedure Call (RPC) service has been started.
2. Open Administrative Tools, and double-click Services.
3. If the service has been started, try restarting the server.
4. If the error continues, remove and reinstall the RPC Configuration
service by using the Services tab network connection in Network and
Dial-up Connections in Control Panel.
403 The DNS server could not create a Transmission Control Protocol (TCP)
socket. Restart the DNS server or reboot the computer. For the specific error
code, see the Record Data page.
The Wsock32.dll might be incompatible with a third-party TCP/IP stack.
This problem can also occur if the TCP/IP protocol is not bound to the
network adapter.
If you are using a third-party TCP/IP protocol, verify that the protocol is
compatible with the Wsock32.dll.
Check the bindings of the protocol stack. It is a good idea to have TCP/IP
bound at the top of the stack. If the error continues, remove and reinstall the
TCP/IP protocol, and then try again.
1. Open Control Panel, and then double-click Network and Dial-up
Connections.
2. Right-click the connection, and then click Properties.
3. Verify that the bindings for all protocols to network adapters are
enabled and that no broken connections exist in the stack.
Domain Name System (DNS) Service Product Operations Guide 49
Event Description
ID
407 DNS server could not bind the main datagram socket. The data is the error.
This error can occur if there is a mismatch between the configured IP
address in the Advanced IP Addressing dialog box and the addresses listed
in the Server Properties dialog box for the DNS server. This problem can
also occur if the TCP/IP protocol is not bound to the network adapter.
Verify that the TCP/IP addresses configured in the Advanced IP Addressing
dialog box match those configured in the Server Properties dialog box in
DNS Manager:
1. Open Control Panel, and double-click Network.
2. Click the Protocols tab, and click TCP/IP Protocol in the Network
Protocols list.
3. Click Properties, and then click Advanced.
Match the IP addresses to those displayed in the DNS server Properties
dialog box:
1. In DNS Manager, right-click the DNS server name, and then click
Properties.
2. Compare the IP addresses with those from the Advanced IP
Addressing dialog box. If there are no IP addresses configured in the
Advanced IP Addressing dialog box or on the Interfaces tab of the
Server Properties dialog box, enter the IP address of your network
adapter. Use the ipconfig -all command to obtain your IP address.
Check the binding of the TCP/IP protocol to the network adapter:
1. Open Control Panel, and double-click Network.
2. Click the Bindings tab.
3. Verify that the bindings for all protocols to network adapters are
enabled and that no broken connections exist in the stack.
50 Managing the Windows Server Platform
Event Description
ID
408 DNS server could not open socket for address [IP address of server].
The DNS server could not open a socket with the current TCP/IP and DNS
service configurations.
Verify that this is a valid IP address on this machine.
If the IP is not valid:
1. Use the Interfaces dialog under Server Properties in the DNS Manager
to remove it from the list of IP interfaces.
2. Stop and restart the DNS server. (If this was the only IP interface on this
machine, the DNS server may not have started as a result of this error.
In that case, remove the DNS\Parameters\ListenAddress value in the
services section of the registry and restart.)
If the IP is valid:
Verify that no other application (for example, another DNS server) is
running that would attempt to use the DNS port.
4001 The DNS server was unable to open zone domain name in Active Directory.
This DNS server is configured to obtain and use information from the
directory for this zone and is unable to load the zone without it.
Check that Active Directory is functioning properly and reload the zone.
4004 The DNS server is configured to use information obtained from Active
Directory for this zone and is unable to load the zone without it.
Check that Active Directory is functioning properly and repeat enumeration
of the zone.
4007 The DNS server was unable to open zone <zone name> in Active Directory
from the application directory partition <partition name>. This DNS server
is configured to obtain and use information from the directory for this zone
and is unable to load the zone without it. Check that Active Directory is
functioning properly and reload the zone. The event data is the error code.
4016 The DNS server timed out attempting an Active Directory service operation
on <distinguished name>. Check Active Directory to see that it is
functioning properly. The event data contains the error.
Events 403, 407, and 408 are usually triggered together, as well as 4000, 4001, and
4004.
Domain Name System (DNS) Service Product Operations Guide 51
Dependencies
None
Technology Required
● CScript
● Event Viewer
● DNS server
● Windows 2000, Windows XP, or Windows Server 2003 operating systems
Dependencies
None
Technology Required
DNS server
Dependencies
● DNS/DHCP client
● DNS server
● DHCP server
Technology Required
● DNS Service
● DHCP Service
54 Managing the Windows Server Platform
11180 The system failed to update and remove registration for the network
adapter with settings.
The reason for this failure is that the DNS server the system sent the
update request to timed out. The most likely cause of this failure is that
the authoritative DNS server for the zone where the registration was
originally made is either not running or is unreachable through the
network at this time.
Dependencies
Dynamic DNS is enabled on a DDNS-capable system.
Dynamic DNS Refresh setting is enabled on the DNS server
Technology Required
● Windows 2000, Windows XP, or Windows Server 2003 operating systems
● CScript
Dependencies
● Dynamic DNS is enabled on a DDNS-capable system.
● DHCP services are available.
Technology Required
● Windows 2000, Windows XP, or Windows Server 2003 operating systems
● CScript
● Findstr
Domain Name System (DNS) Service Product Operations Guide 57
Dependencies
● DNS server.
● DNS audit logging enabled.
Technology Required
Microsoft Excel
Dependencies
None
Technology Required
● Netsh and Pathping are included with Windows Server 2003.
● DNS server.
60 Managing the Windows Server Platform
Event Description
ID
6527 Zone expired before it could obtain a successful zone transfer or update
from a master server acting as its source for the zone. The zone has been
shut down.
This event ID might appear when the DNS server is configured to host a
secondary copy of the zone from another DNS server acting as its source or
master server. Verify that this server has network connectivity to its
configured master server.
If the problem continues, consider one or more of the following options:
1. Delete the zone and recreate it, specifying either a different master
server, or an updated and corrected IP address for the same master
server.
For more information, see Add and remove zones.
2. If zone expiration continues, consider adjusting the expire interval.
For more information, see To adjust the expire interval for a zone.
For more information, see Understanding zones and zone transfer.
6004 The DNS server received a zone transfer request from %1 for a non-existent
or non-authoritative %2.
Dependencies
Network connectivity
Technology Required
● NSLookup
● DNS server
● CScript
A simple query may be initiated by using a Hostname command that makes the DNS
server authoritative for the record. A recursive query test would include a Hostname
command that makes the DNS server not authoritative for the record. A
comprehensive recursive test may also involve a flushing of the name cache to
ensure that DNS forwarding is utilized during the recursive test.
Dependencies
None
Technology Required
● DNS server
● NSLookup
Domain Name System (DNS) Service Product Operations Guide 63
Dependencies
DNS Service
Technology Required
● DNS Manager
● DNSCmd
Domain Name System (DNS) Service Product Operations Guide 65
Dependencies
Formalized configuration management process
Technology Required
● DNS server
● DNSCmd
66 Managing the Windows Server Platform
DNSLint
[dns server] 169.254.46.138
www.reskit.com,a,r
169.254.197.1,ptr,r
[dns~server] 169.254.46.200
reskit.com,cname,r
reskit.com,mx,r
_kerberos._tcp.dc._msdcs.reskit.com,srv,r
Domain Name System (DNS) Service Product Operations Guide 67
This line: [dns server] 169.254.46.138 specifies the IP address of a DNS server to send
queries to. [dns server] must be specified followed by a valid IP address. If either of
these two components is missing, an error is generated and the specified input file is
rejected.
Subsequent lines indicate the queries to send to the specified DNS server:
www.reskit.com,a,r
169.254.197.1,ptr,r
Format of the queries:
The first field in the line is the name to query—for example, www.reskit.com. The
name is then immediately followed by a comma. No spaces are allowed on either
side of the comma.
The second field follows the comma immediately after the name to query. The
second field is the type of record to query for. Valid types are as follows:
● a = host
● ptr = pointer
● cname = alias
● mx = mail exchange
● srv = service location
The type of record is then immediately followed by a comma. No spaces are allowed
on either side of the comma.
The third field is the type of query. This field immediately follows the comma after
the type of record. Valid query types are as follows:
● r = recursive
● i = iterative
Nothing else is required to follow the third field. All three fields are required, and no
spaces are allowed anywhere within the query line. A fourth field is optional.
Appending “,tcp” to the third field will make DNSLint send the specified query
using the TCP protocol instead of the default UDP protocol. Again, no spaces are
allowed and nothing should follow this field if it is used.
● DNSLint
● Windows Server 2003 Support Tools
Dependencies
CMDB
Technology Required
● DNS server
● DNS Manager
Domain Name System (DNS) Service Product Operations Guide 69
…where resource record type is the type of resource record that you were querying for
in your original query, and FQDN is the FQDN for which you were querying
(terminated by a period).
● If the response includes a list of NS and A resource records for delegated servers,
repeat step 1 for each server and use the IP address from the A resource records
as the server IP address.
● If the response does not contain an NS resource record, you have a broken
delegation.
● If the response contains NS resource records, but no A resource records, type set
recursion and query individually for A resource records of servers listed in the
NS records. If you do not find at least one valid IP address of an A resource
record for each NS resource record in a zone, you have a broken delegation.
Dependencies
Network connectivity
Technology Required
● DNS server
● NSLookup
70 Managing the Windows Server Platform
Dependencies
None
Technology Required
● DNS server
● DNSCmd
Dependencies
None
Technology Required
● DNS server
● DNSCmd
● DNS Manager
Dependencies
● Active Directory domain-implemented
● CMDB
Technology Required
● CSVDE
● DNS server
● Microsoft Excel
Dependencies
● Formalized architectural standard, stored in the CMDB.
● Performance monitoring and configuration snapshots are performed regularly.
● Collaboration and communication are required between operations teams.
Technology Required
None
74 Managing the Windows Server Platform
Technology Required
● Third-party tools that provide incident management ticketing functionality.
● A Microsoft Access or SQL Server database can also be used to create incident
tickets.
Technology Required
● Third-party tools that provide incident management ticketing functionality.
● A Microsoft Access or SQL Server database can also be used to create incident
tickets.
Domain Name System (DNS) Service Product Operations Guide 77
The numbers reported should then be analyzed to assess the incident management
process and to determine how to improve effectiveness and efficiency.
Dependencies
● Responding to daily service request.
● Weekly service request activity report.
Technology Required
Microsoft Excel
78 Managing the Windows Server Platform
The two tasks that follow—attending a CAB meeting and reviewing an emergency
change request—are among several tasks that would be associated with classification
and authorization. Attending a CAB meeting is singled out because it is common to
much of the change process. Reviewing an emergency change request is singled out
because emergency changes typically involve high risk and require a great outlay of
time and resources.
More information about the other tasks, and about the change management process
in general, is available at
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutions/ms
m/smf/smfchgmg.asp, or search for “Change Management SMF” on TechNet at
http://www.microsoft.com/technet/default.asp.
Domain Name System (DNS) Service Product Operations Guide 79
Dependencies
● A process must be established to initiate a change request in the operations
environment.
● CAB members must have already been chosen.
Technology Required
Operations team educated about MOF/ITIL.
Along with change type, collect the configuration item (CI) that will be affected
by the change. (Configuration items, which are any objects that are subject to
change, fall under change management.) For DNS servers, these items include:
● DNS server hardware
● Active Directory hardware and domain controller hardware
● Hardware vendor
● Server role
● Windows Server 2003 software
● Service packs
● Hotfixes
● Monitoring software
● Backup software
● Processes and procedures
● Documentation
● RFCs
Domain Name System (DNS) Service Product Operations Guide 81
Dependencies
● A process must be established to initiate a change request in the operational
environment.
● An identified CAB/EC roster and individuals who are contacted for emergency
changes as they relate to DNS Service.
● An operations team with knowledge about MOF/ITIL.
Technology Required
Basic Windows Server 2003 operating system installed with DNS
4
Processes by MOF Role
Clusters
This chapter is designed for those who want to see all processes for a single role
cluster in one place. The information is the same as that in the previous two chapters.
The only difference is that the processes are ordered by MOF role cluster.
Task 1: Create DNS backup and pull backup files to remote storage
Monthly Processes
The DNS server does not resolve names or may not resolve them correctly.
Possible Causes and Resolutions of Problem
When a DNS client attempts to resolve a name, a "Name not found” error is returned
from the server.
Possible Causes and Resolutions of Problem
DNS server clients are not performing dynamic updates to the DNS server
authoritative for the zone.
Possible Causes and Resolutions of Problem
Review how zone delegations are utilized and revise configurations as needed.
For each sub-domain delegated to its own zone, the parent zone needs to have
delegation records added to it. Use the New Delegation Wizard to simplify the
addition of these records.
Event Description
ID
408 The DNS server could not open socket for address [IPaddress]. Verify that
this is a valid IP address for the server computer.
To correct the problem, you can do the following:
If the specified IP address is not valid, remove it from the list of restricted
interfaces for the server and restart the server. For more information, see To
restrict a DNS server to listen only on selected addresses.
If the specified IP address is no longer valid and was the only address
enabled for the DNS server to use, the server might not have started as a
result of this configuration error. To correct this problem, delete the
following value from the registry and restart the DNS server:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\Par
ameters\ListenAddress
If this is a valid IP address for the server computer, verify that no other
application that would attempt to use the same DNS server port (such as
another DNS server application) is running. By default, DNS uses TCP port
53.
413 The DNS server will send requests to other DNS servers on a port other than
its default port (TCP port 53).
This DNS server is multi-homed and has been configured to restrict DNS
Server service to only some of its configured IP addresses. For this reason,
there is no assurance that DNS queries made by this server to other remote
DNS servers will be sent using one of the IP addresses enabled for the DNS
server.
This might prevent query answer responses returned by these servers from
being received on the DNS port that the server is currently configured to
use. To avoid this problem, the DNS server sends queries to other DNS
servers using an arbitrary non-DNS port, and the response is received
regardless of the IP address used.
If you want to limit the DNS server to using only its configured DNS port
for sending queries to other DNS servers, use the DNS console to perform
one of the following changes in the server properties configuration on the
Interfaces tab:
● Select All IP addresses to enable the DNS server to listen on all
configured server IP addresses.
● Or, if you continue to select and use Only the following IP addresses,
limit the IP address list to a single server IP address.
For more information, see To restrict a DNS server to listen only on
selected addresses.
Domain Name System (DNS) Service Product Operations Guide 99
Event Description
ID
414 The server computer currently has no primary DNS suffix configured. Its
DNS name is currently a single label host name. For example, its currently
configured name is "host" rather than "host.example.microsoft.com" or
another fully qualified name.
While the DNS server has only a single label name, default resource records
created for its configured zones use only this single label name when
mapping the host name for this DNS server. This can lead to incorrect and
failed referrals when clients and other DNS servers use these records to
locate this server by name.
In general, the DNS server should be reconfigured with a full DNS
computer name appropriate for its domain or workgroup use on your
network. For more information, see To configure the primary DNS suffix
for a client computer.
708 The DNS server did not detect any zones of either primary or secondary
types. It will run as a caching-only server.
A DNS server that does not host any DNS zones but performs name
resolution and stores the results in its cache will not be authoritative for any
zones.
For more information, see Using caching-only servers.
3150 The DNS server wrote a new version of zone [zonename] to file [filename].
You can view the new version number by clicking the Record Data tab.
This event should appear only if the DNS server is configured to operate as
a root server. For more information, see DNS-related files.
6527 Zone [zonename] expired before it could obtain a successful zone transfer or
update from a master server acting as its source for the zone. The zone has
been shut down.
This event ID might appear when the DNS server is configured to host a
secondary copy of the zone from another DNS server acting as its source or
master server. Verify that this server has network connectivity to its
configured master server.
If the problem continues, consider one or more of the following actions:
Delete the zone and recreate it, specifying either a different master server or
an updated and corrected IP address for the same master server.
For more information, see Add and remove zones.
If zone expiration continues, consider adjusting the expire interval.
For more information, see To adjust the expire interval for a zone.
For more information, see Understanding zones and zone transfer.