Hide-and-Go-Seek the DNS Client Registration
I was creating a secure baseline build for our organization’s Windows Server 2003 member and application servers and at the time I was working on locking down unneeded services. Messenger service?...
View ArticleDNS Server GPO Settings Invisible in IPConfig
One of my all-time favorite group policy settings is DNS Servers in the Network / DNS Client node under Administrative Templates. Now this policy setting only applies to XP and while I don't know the...
View ArticleEnabling DNS "Secure Only" Updates
Enabling DNS Secure Only Updates Prerequisites / Suggestions This article is aimed to help start us on the right track to enabling DNS security in our organization in a way to best...
View ArticleDomain Controllers Register APIPA Address for Disconnected NICs
There’s an interesting DNS registration behavior that occurs on domain controllers. I’m not sure that it only occurs on domain controllers but I do know that it isn’t normal behavior. Most of our...
View ArticleNumeric AD Sites
Numbers are legal characters for a DNS name and best I can tell from my understanding of the RFCs, there is nothing against names with all numbers. In fact, I have customers that use number strings...
View ArticleScript – Automate Primary and Secondary Zone Creation
A request came up in a newsgroup for a script which would automate the creation of a primary zone on one DNS server, enable zone transfers, and then configure a secondary zone on another DNS server. A...
View ArticleNetlogon DNS SRV Resource Record Registration
<<I realized that though it shows through in the traces, I erred in the post. Specifically, I included Windows 2000 in the list of operating systems that refresh every 24 hours. I have included...
View ArticleDirectory Service Client Failover
The nature of Microsoft’s directory service clients provides for inherent fault-tolerance in the event of a failure. There are often questions about how, or if, this failover works properly. In this...
View ArticleUntying Aging and Scavenging
I honestly believe that one of the greatest barriers to proficiency for IT administrators is terminology. There is such a variety of terms, acronyms, and usages, that IT is really like its own...
View ArticlePING vs NSLookup
Have you ever noticed that ping and nslookup give different results when resolving a name? This happened to me many, many times and it caused me some frustration before I made the effort to understand...
View ArticleFollow the Bouncing Packet
FtBP: Prerequisites Part 1/8 One understanding that I think has helped me a great deal in troubleshooting problems, and designing networks and services is the evolution of a...
View ArticleFollow the Bouncing Packet: Packet Formation
FtBP: Packet Formation Part 2/8 Packets on the wire (purposely repeated) As we go through this series we will go over some examples to help understand the progression of a network...
View ArticleFollow the Bouncing Packet: Switching
FtBP: Switching Part 3/8 In our last discussion we covered the formation of a network packet in preparation to send that packet on the wire. Today we will cover the packet's travel...
View ArticleFollow the Bouncing Packet: End to End, B to A
FtBP: End-to-End, B-to-A Part 8/8 Last time we talked about how a network packet changes through a NAT device, and we finished off the transit of our network packet to Computer B....
View ArticleHow to Find a Network Adapter in the Registry
Many times I have found it needful to be able to find what adapters are loaded on a server, whether they are not showing up in device manager, I wanted to validate whether network...
View ArticleA Nifty Trick to Backing-up AD Integrated DNS Zones
A Nifty Trick to Backing-up AD Integrated DNS Zones Purpose A few years ago I had a customer that lost their DNS databases that were stored in AD. They asked me if there was any way to...
View ArticleDNS Registration with NetDiag
!!! WARNING: IT Systems Administrator blasphemy ahead !!! Actually, here it is right here: I know that NetDiag is a staple tool for systems administrators but I’ve never been a big consumer of the...
View ArticleAre Your DNS Application Partitions Corrupt?
Hello all, Eric here again. Just recently I was at a customer site in Japan for a few weeks and they had a number of interesting issues, so while I have some time here in the Naha airport, I thought...
View ArticleWhy Are Some of My AD Integrated Zones Loading But Not Others?
While on the topic if DNS, one of the DC's that had the corrupt application partition (discussed in my last blog entry) also had another interesting issue that's not all that common, at least in my...
View ArticleDNS Command Line and GUI Scenarios Clarified
How's it goin' team? Eric here again. It's been a while since I've blogged, so I figured I'd write one based on some scenarios during a recent customer visit. I was on-site with a customer that added...
View ArticleDNS Forwarder Auto Population in 2008 R2
Hello all, this is Eric again. Recently I was at a customer site finishing up a 2008 R2 (pre-SP1 – and there is a difference as discussed in my update at the end) upgrade project, cutting over their...
View ArticleMultiple Copies of a Primary Zone Stored in Different Locations...but not...
Greetings All. Eric here again. Recently I was doing an ADRAP remediation and one of the High Risk findings that the tool found was "Multiple Copies of a Primary zone Stored in Different Locations". In...
View Article
More Pages to Explore .....