Microsoft KB Archive/322856

= How to configure DNS to use with Exchange Server =

Article ID: 322856

Article Last Modified on 10/27/2006

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Exchange 2000 Server Standard Edition

-



This article was previously published under Q322856



IN THIS TASK
SUMMARY
 * Check DNS Configuration
 * Check DNS Requirements
 * Configure DNS Zone to Allow Dynamic Updates
 * Configure DNS Servers for Correct Name Resolution
 * A problem that may occur if you install Exchange 2000 Server on a multi-homed computer
 * Install and configure DNS
 * Network adaptor configuration
 * You cannot see the domain controllers from the local domain on the Dsaccess tab

REFERENCES



SUMMARY
This article describes the Domain Name System (DNS) requirements for a successful Microsoft Exchange 2000 Server installation in an Active Directory environment.

back to the top

Check DNS Configuration
If you have an incorrect DNS configuration, Exchange 2000 Server-related services may not start, and the following events may be logged in the Application log of Event Viewer:

Event 1
Date:

Time:

Type: Error

User: N/A

Computer:

Source: MSExchangeDSAccess

Category: None

EventID: 2069

Description: Process MAD.EXE (PID=2760). Dsaccess could not find any Global Catalog servers in the enterprise. Promote one or more of your Domain Controllers to a Global Catalog to allow DSAccess to function properly. For more information, click http://search.support.microsoft.com/search/?adv=1.

Event 2
Date:

Time:

Type: Error

User: N/A

Computer:

Source: MSExchangeDSAccess

Category: None

EventID: 2064

Description: Process WINMGMT.EXE (PID=1052). All the remote DS Servers in use are not responding. For more information, click http://search.support.microsoft.com/search/?adv=1.

back to the top

Check DNS Requirements
DNS must meet the following requirements in the Active Directory environment for the correct operation of Exchange 2000 Server:
 * DNS servers must be Berkeley Internet Name Domain (BIND) 8.1-compliant, or later versions.

Note You can use Microsoft Windows 2000 servers or Unix Bind 8.1 servers to meet this requirement.
 * All the DNS servers to where your Exchange 2000 Server computers point must all contain a full copy of your Active Directory Zone. Because this information is of a sensitive nature, do not use external or publicly available DNS servers for this purpose.
 * The DNS zone should allow dynamic updates. Although this is not required, there are many DNS records that you must manually enter if your DNS zone is not configured to allow dynamic updates.

back to the top

Configure DNS Zone to Allow Dynamic Updates

 * 1) Start the DNS snap-in. To do this, click Start, point to Programs, point to Administrative Tools, and then click DNS.
 * 2) Expand the DNS server, expand Forward Lookup Zones, and then expand your domain name. For example, your domain name may be .
 * 3) Right-click your domain, and then click Properties.
 * 4) In the Allow dynamic updates list, click Yes.
 * 5) Click Apply, and then click OK.
 * 6) Expand Reverse Lookup Zones, and then expand the IP address range for your domain. For example, expand  . Or, if you have selected Advanced on the View menu, expand  .in-addr.arpa.
 * 7) Right-click your IP address range, and then click Properties.
 * 8) In the Allow dynamic updates list, click Yes.
 * 9) Click Apply, and then click OK.
 * 10) Quit the DNS snap-in.

back to the top

Configure DNS Servers for Correct Name Resolution
 Install and then turn on the DNS Server service. For additional information, click the following article number2 to view the article2 in the Microsoft Knowledge Base:

308201 How to create a new zone on a DNS server in Windows 2000

237675 Setting up the Domain Name System for Active Directory

317590 How to configure DNS dynamic update in Windows 2000

 Configure DNS for dynamic updates. For additional information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base:

317590 How to configure DNS dynamic update in Windows 2000

 Update the domain controllers with the new DNS information. To do this, either restart each domain controller and member server, or run the Netdiag /fix command from each server in the domain. The Netdiag utility is included with the Microsoft Windows 2000 Support Tools. For additional information about the Windows 2000 Support Tools, click the following article number to view the article in the Microsoft Knowledge Base:

301423 How to install the Windows 2000 Support Tools to a Windows 2000 Server-based computer

219289 Description of the Netdiag /fix switch



back to the top

A problem that may occur if you install Exchange 2000 Server on a multi-homed computer
If you install Exchange 2000 Server on a multi-homed computer, where one network adaptor is used for internal communication, and a second network adaptor is used for external communication with the Internet, the following event may be viewed in the Application log:

Event Type: Error

Event Source: MSExchangeDSAccess

Event Category: None

Event ID: 2075

Date:

Time:

User: N/A

Computer:

Description: Process STORE.EXE (PID=2152). DsBind failed. , hr=0x8007054b, deltaT=31. The operation will be retried.

Additionally, SMTP mail that is sent from your internal network to an external recipient may be stuck in the SMTP mail queue, and a non-delivery report (NDR) is returned by your Exchange server.

This problem may occur if all the following conditions are true:
 * The two network adaptors on the multi-homed computer both try to use your Internet service provider's (ISP) DNS server, or any other DNS server that is not on your internal network.
 * The external DNS that the two network adaptors use does not support SRV Records and Dynamic Updates.

The Exchange System Attendant uses the Dsaccess process and the Name Service Provider Interface (NSPI) Proxy to obtain a list of global catalog servers that are on the network. DNS must be up-to-date with the correct SRV Records. Also, it may be functioning correctly for the Dsaccess process to obtain a list of global catalog Servers. If DNS is unavailable, or if DNS is not up-to-date with the correct SRV Records, event 2075 will be logged in the Application log and SMTP mail will not be sent externally.

To resolve this problem, you must install DNS on an internal server, and then configure DNS to work correctly with the Dsaccess process. To do this, follow these steps:

Install and configure DNS
 On the server where you want to install DNS, click Start, point to Settings, and then click Control Panel. Double-click Add/Remove Programs, and then click Add/Remove Windows Components. In the Components list, double-click Networking Services, click to select the DNS (Domain Name System) check box, and then click OK.</li> Click Next, and then click Finish.</li> Close Add/Remove Programs, and then close Control Panel.</li> Click Start, point to Programs, point to Administrative Tools, and then click DNS.</li> Expand the server object, click Forward Lookup Zone, and then confirm that your domain is added to the Forward Lookup Zone. If your domain is not added to the Forward Lookup Zone, you must add it. For more information about how to add your domain to the Forward Lookup Zone, click the following article number to view the article in the Microsoft Knowledge Base:

308201 How to create a new zone on a DNS Server in Windows 2000

</li> If a folder named . exists under the Forward Lookup Zone, delete the . folder. To do this, follow these steps:  Right-click ., and then click Delete.</li> Click OK when you are prompted with the Are you sure you want to delete the zone from the server message.</li> In the Warning dialog box, click Yes.</li></ol>

Note The . folder is set up when you install DNS. The . folder automatically makes the DNS server a Root Hint DNS server. For more information for more information about the. folder, click the following article number to view the article in the Microsoft Knowledge Base:

291382 Frequently asked questions about Windows 2000 DNS and Windows Server 2003 DNS

</li> Right-click the   folder, and then click Properties.</li> Click the General tab, and then click Change.</li> In the Change Zone Type dialog box, click Active Directory-integrated, and then click OK.</li> In the Allow dynamic updates list, click Yes, click Apply, and then click OK.</li> Expand Forward Lookup Zones, and the click .</li> In the right-pane, make sure that internal IP address entries and Host entries are listed, and that external IP addresses are not listed.</li> <li>Right-click the server object, point to All Tasks, and then click Stop.</li> <li>Right-click the server object, point to All Tasks, and then click Start.</li> <li>Right-click the server object, and then click Properties.</li> <li>Click the Forwarders tab, and then click to select the Enable Forwarders check box.

Note If the Enable Forwarders check box is unavailable, you must wait for the DNS settings to be updated. Close DNS, and then try again after fifteen minutes.

If the Forwarders tab is unavailable, follow these steps to make the Forwarders tab available: <ol style="list-style-type: lower-alpha;"> <li>Start Command Prompt. To do this, click Start, click Run, type CMD, and then click OK.</li> <li>Type the following commands, and press ENTER after each command:

ipconfig /flushdns

ipconfig /registerdns

</li></ol> </li> <li>Optionally, click the Advanced tab, and then click to clear the Enable Round Robin check box in the Server Options list.</li> <li>Right-click the server object, point to All Tasks, and then click Stop.</li> <li>Right-click the server object, point to All Tasks, and then click Start.</li> <li>Quit DNS.</li></ol>

back to the top

Network adaptor configuration
To configure your network adaptor, follow these steps: <ol> <li>Right-click My Network Places, and then click Properties.</li> <li>Right-click Local Area Connection, and then click Properties.</li> <li>Click Internet Protocol (TCP/IP), and then click Properties.</li> <li>Verify that the IP address in the Preferred DNS server box is the IP address of your internal DNS server, and then click OK two times.</li> <li>Right-click your external network connection, and then click Properties.</li> <li>Click Internet Protocol (TCP/IP), and then click Properties.</li> <li>Verify that the IP address in the Preferred DNS server box is the IP address of your internal DNS server.</li> <li>Click Advanced, click the DNS tab, click to clear the Register this connections address in DNS check box, and then click OK.</li> <li>In the Components checked are used by this connection list, click to clear the Client for Microsoft Networks check box, click to clear the Network Load Balancing check box, and then click to clear the File and Printer Sharing for Microsoft Networks check box.</li> <li>Click OK.</li> <li>Right-click Local Area Connection, and then click Properties.</li> <li>Click Internet Protocol (TCP/IP), and then click Properties.</li> <li>Click Advanced, and then click the DNS tab.</li> <li>In the DNS server addresses, in order of use list, make sure that your internal DNS server is at the top of the list, and any external DNS servers are at the bottom of the list.</li> <li>Click OK three times.</li> <li>Start Command Prompt. To do this, click Start, click Run, type CMD, and then click OK.</li> <li>Type the following commands, and press ENTER after each command:

ipconfig /flushdns

ipconfig /registerdns

</li></ol>

back to the top

You cannot see the domain controllers from the local domain on the Dsaccess tab
When you view the Dsaccess tab in the properties of Microsoft Exchange 2000 Service Pack 2, you may not see the names of the local domain controllers in the list of domain controllers. However, you can see the names of the domain controllers in the parent domain and in other child domains.

This issue may occur if you delegate the zone to the child domain and enable the DNS servers in the parent domain to be forwarders.

To resolve this issue, follow these steps:
 * 1) Click Start, point to Programs, point to Administrative Tools, and then click DNS.
 * 2) Right-click the server object, and then click Properties.
 * 3) Click the Forwarders tab, click to select the Do not use recursion check box, and then click OK.
 * 4) Quit DNS.

back to the top

<div class="moreinformation_section">

MORE INFORMATION
For more information about how to set up an SMTP Virtual Server to point to an external DNS server, click the following article number to view the article in the Microsoft Knowledge Base:

289045 &quot;Host Unknown&quot; message when sending outbound Internet mail

For more information about how to set up an SMTP connector, click the following article number to view the article in the Microsoft Knowledge Base:

294736 When to create SMTP connectors in Exchange 2000 and later

<div class="references_section">