 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Windows Server Forum / Windows Server 2003 / DNS / July 2005Do I need to have a root entry
Hi there, I am currently setting up my 2003 AD. This is going to cover various sites(all over Europe). Every site will have a proxy server (freebie linux boxes) I am using intergrated DNS. Do I need to have a root entry in my Windows 2003 SP1 DNS boxes? I am getting a DNS Event ID 706 in the event viewer. "The DNS server does not have a cache or other database entry for root name servers. ...........To correct this problem, use the DNS console to update the server root hints." Because of my proxies I do not need any name resolution outside of my AD domain's. Obviously I cannot ignore this error so what should I do? or can I ? Regards > Hi there, > [quoted text clipped - 14 lines] > > Obviously I cannot ignore this error so what should I do? or can I ? You can delete the root entry and this will get rid of the error. If you do not need Internet resolution provided by DNS, disable recursion and do not configure any Forwarders.  SignatureTodd J Heron, MCSE Windows Server 2003/2000/NT; CCA ---------------------------------------------------------------------------- This posting is provided "as is" with no warranties and confers no rights Hi there Tod, I hope you don't mind me butting in, but would he not need to add at least conditional forwarding?( I do accept that this will "turn off" name reslution for the internet9 I don't see how he could otherwise do internet name resolution and the Lan name resolution. regards John > Hi there Tod, > [quoted text clipped - 6 lines] > > regards John No problem John. The Proxy servers can do that for him (web, ftp traffic) so long as they are configured for external resolution. As he didn't state the need for anything else I left my answer at that. SignatureTodd J Heron, MCSE Windows Server 2003/2000/NT; CCA ---------------------------------------------------------------------------- This posting is provided "as is" with no warranties and confers no rights Thanx for answering that. John Hi Todd, I was curiously watching this thread. All the clients and server will have to point to the local DNS server. Web can use the proxy server. But how about other applications, like antivirus, mail clients etc. (assuming he doesn't have local mail server). Ofcourse the OP has not raised such issues, may be in his network he doesn't want users to give external access to such applications, or had not considered this while deciding that he doesnt need his DNS to resolve external queires. Am just curious whether the proxy can take care of such applications too. Also his proxys will be forwarding to external server so what would be the harm if he deletes the root zone and use forwarders? Sharad >> Hi there Tod, >> [quoted text clipped - 11 lines] > state > the need for anything else I left my answer at that. > Hi Todd, > I was curiously watching this thread. [quoted text clipped - 15 lines] > > Sharad Yeah Sharad, I see no harm if he deletes the root zone and use forwarders. SignatureTodd J Heron, MCSE Windows Server 2003/2000/NT; CCA ---------------------------------------------------------------------------- This posting is provided "as is" with no warranties and confers no rights On second thoughts, OP already has a root zone and is happy with it execept for the error. So your first answer to OP's post was correct and appropriate. :) Sorry for confusing with earlier post. Sharad >> Hi Todd, >> I was curiously watching this thread. [quoted text clipped - 18 lines] > > Yeah Sharad, I see no harm if he deletes the root zone and use forwarders. Many thanks for your help guys. You pointed out things that did not cross my mind. My AV updates come from internal servers. My Security updates come from internal servers My mail clients do not require external resolution. The SMTP server takes care of that(and its not part of the AD). I find that most applications come with an oppertunity to configure a proxy setting. However if they do not work or there is not "proxy setting" then forwarding is the only way. One final question Todd. You say that I should delete the root entry and this will get rid of the error. However was it not that by deleting the root entry that I got this error in the first place? Regards, > On second thoughts, OP already has a root zone and is happy with it execept > for the error. [quoted text clipped - 25 lines] > > > > Yeah Sharad, I see no harm if he deletes the root zone and use forwarders. > Web can use the proxy server. > But how about other applications, like antivirus, mail clients etc. > (assuming he doesn't have local mail server). To conserve bandwidth and simplify management these critical network services can be handled by a server based solution which negates the need for external resolution. And I will go out on a limb and say that in any corporate environment you should centralize these kinds of apps. Particularly Antivirus. Symantec (not playing favorites, just picking one) Corp can gather updates and push them down to clients with much more expediency than say 300 clients all fighting for bandwidth to download the same files. Since the OP did not mention any issues with other services, but does mention that proxies are set up, it may be safe to initially assume that they have these bases covered. SignatureManny Borges MCSE NT4-2003 (+ Security) MCT, Certified Cheese Master The pen is mightier than the sword, and considerably easier to write with. -- Marty Feldman > Hi Todd, > I was curiously watching this thread. > All the clients and server will have to point to the local DNS server. > Ofcourse the OP has not raised such issues, may be in his network he > doesn't want users to give external access to such applications, [quoted text clipped - 25 lines] >> state >> the need for anything else I left my answer at that. |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2010 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.