How to configure DNS to use with Exchange Server (322856)


The information in this article applies to:

  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Exchange 2000 Server
This article was previously published under Q322856

IN THIS TASK

SUMMARY

This article describes the Domain Name System (DNS) requirements for a successful Microsoft Exchange 2000 Server installation in an Active Directory environment.

back to the top

Check DNS Configuration

If you have an incorrect DNS configuration, Exchange 2000 Server-related services may not start, and the following events may be logged in the Application log of Event Viewer:

Event 1

Date: <date>
Time: <time>
Type: Error
User: N/A
Computer: <computer name>
Source: MSExchangeDSAccess
Category: None
EventID: 2069
Description: Process MAD.EXE (PID=2760). Dsaccess could not find any Global Catalog servers in the enterprise. Promote one or more of your Domain Controllers to a Global Catalog to allow DSAccess to function properly. For more information, click http://search.support.microsoft.com/search/?adv=1.

Event 2

Date: <date>
Time: <time>
Type: Error
User: N/A
Computer: <computer name>
Source: MSExchangeDSAccess
Category: None
EventID: 2064
Description: Process WINMGMT.EXE (PID=1052). All the remote DS Servers in use are not responding. For more information, click http://search.support.microsoft.com/search/?adv=1.

back to the top

Check DNS Requirements

DNS must meet the following requirements in the Active Directory environment for the correct operation of Exchange 2000 Server:
  • DNS servers must be Berkeley Internet Name Domain (BIND) 8.1-compliant, or later versions.
    Note You can use Microsoft Windows 2000 servers or Unix Bind 8.1 servers to meet this requirement.
  • All the DNS servers to where your Exchange 2000 Server computers point must all contain a full copy of your Active Directory Zone. Because this information is of a sensitive nature, do not use external or publicly available DNS servers for this purpose.
  • The DNS zone should allow dynamic updates. Although this is not required, there are many DNS records that you must manually enter if your DNS zone is not configured to allow dynamic updates.
back to the top

Configure DNS Zone to Allow Dynamic Updates

  1. Start the DNS snap-in. To do this, click Start, point to Programs, point to Administrative Tools, and then click DNS.
  2. Expand the DNS server, expand Forward Lookup Zones, and then expand your domain name. For example, your domain name may beexample.com.
  3. Right-click your domain, and then click Properties.
  4. In the Allow dynamic updates list, click Yes.
  5. Click Apply, and then click OK.
  6. Expand Reverse Lookup Zones, and then expand the IP address range for your domain. For example, expand 192.168.1.x Subnet. Or, if you have selected Advanced on the View menu, expand 1.168.192.in-addr.arpa.
  7. Right-click your IP address range, and then click Properties.
  8. In the Allow dynamic updates list, click Yes.
  9. Click Apply, and then click OK.
  10. Quit the DNS snap-in.
back to the top

Configure DNS Servers for Correct Name Resolution

  1. Install and then turn on the DNS Server service. For additional information, click the following article number2 to view the article2 in the Microsoft Knowledge Base:

    308201 How to create a new zone on a DNS server in Windows 2000

    237675 Setting up the Domain Name System for Active Directory

    317590 How to configure DNS dynamic update in Windows 2000

  2. Configure DNS for dynamic updates. For additional information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base:

    317590 How to configure DNS dynamic update in Windows 2000

  3. Update the domain controllers with the new DNS information. To do this, either restart each domain controller and member server, or run the Netdiag /fix command from each server in the domain. The Netdiag utility is included with the Microsoft Windows 2000 Support Tools. For additional information about the Windows 2000 Support Tools, click the following article number to view the article in the Microsoft Knowledge Base:

    301423 How to install the Windows 2000 Support Tools to a Windows 2000 Server-based computer

    219289 Description of the Netdiag /fix switch

back to the top

A problem that may occur if you install Exchange 2000 Server on a multi-homed computer

If you install Exchange 2000 Server on a multi-homed computer, where one network adaptor is used for internal communication, and a second network adaptor is used for external communication with the Internet, the following event may be viewed in the Application log:
Event Type: Error
Event Source: MSExchangeDSAccess
Event Category: None
Event ID: 2075
Date: Date
Time: Time
User: N/A
Computer: Computer_Name
Description: Process STORE.EXE (PID=2152). DsBind failed. Domain_Name, hr=0x8007054b, deltaT=31. The operation will be retried. Additionally, SMTP mail that is sent from your internal network to an external recipient may be stuck in the SMTP mail queue, and a non-delivery report (NDR) is returned by your Exchange server.

This problem may occur if all the following conditions are true:
  • The two network adaptors on the multi-homed computer both try to use your Internet service provider's (ISP) DNS server, or any other DNS server that is not on your internal network.
  • The external DNS that the two network adaptors use does not support SRV Records and Dynamic Updates.


The Exchange System Attendant uses the Dsaccess process and the Name Service Provider Interface (NSPI) Proxy to obtain a list of global catalog servers that are on the network. DNS must be up-to-date with the correct SRV Records. Also, it may be functioning correctly for the Dsaccess process to obtain a list of global catalog Servers. If DNS is unavailable, or if DNS is not up-to-date with the correct SRV Records, event 2075 will be logged in the Application log and SMTP mail will not be sent externally.

To resolve this problem, you must install DNS on an internal server, and then configure DNS to work correctly with the Dsaccess process. To do this, follow these steps:

Install and configure DNS

  1. On the server where you want to install DNS, click Start, point to Settings, and then click Control Panel.
  2. Double-click Add/Remove Programs, and then click Add/Remove Windows Components.
  3. In the Components list, double-click Networking Services, click to select the DNS (Domain Name System) check box, and then click OK.
  4. Click Next, and then click Finish.
  5. Close Add/Remove Programs, and then close Control Panel.
  6. Click Start, point to Programs, point to Administrative Tools, and then click DNS.
  7. Expand the server object, click Forward Lookup Zone, and then confirm that your domain is added to the Forward Lookup Zone. If your domain is not added to the Forward Lookup Zone, you must add it. For more information about how to add your domain to the Forward Lookup Zone, click the following article number to view the article in the Microsoft Knowledge Base:

    308201 How to create a new zone on a DNS Server in Windows 2000

  8. If a folder named . exists under the Forward Lookup Zone, delete the . folder. To do this, follow these steps:
    1. Right-click ., and then click Delete.
    2. Click OK when you are prompted with the Are you sure you want to delete the zone from the server message.
    3. In the Warning dialog box, click Yes.


    Note The . folder is set up when you install DNS. The . folder automatically makes the DNS server a Root Hint DNS server. For more information for more information about the . folder, click the following article number to view the article in the Microsoft Knowledge Base:

    291382 Frequently asked questions about Windows 2000 DNS and Windows Server 2003 DNS

  9. Right-click the Your_Domain_Name folder, and then click Properties.
  10. Click the General tab, and then click Change.
  11. In the Change Zone Type dialog box, click Active Directory-integrated, and then click OK.
  12. In the Allow dynamic updates list, click Yes, click Apply, and then click OK.
  13. Expand Forward Lookup Zones, and the click Your_Domain_Name.
  14. In the right-pane, make sure that internal IP address entries and Host entries are listed, and that external IP addresses are not listed.
  15. Right-click the server object, point to All Tasks, and then click Stop.
  16. Right-click the server object, point to All Tasks, and then click Start.
  17. Right-click the server object, and then click Properties.
  18. Click the Forwarders tab, and then click to select the Enable Forwarders check box.

    Note If the Enable Forwarders check box is unavailable, you must wait for the DNS settings to be updated. Close DNS, and then try again after fifteen minutes.

    If the Forwarders tab is unavailable, follow these steps to make the Forwarders tab available:
    1. Start Command Prompt. To do this, click Start, click Run, type CMD, and then click OK.
    2. Type the following commands, and press ENTER after each command:

      ipconfig /flushdns

      ipconfig /registerdns

  19. Optionally, click the Advanced tab, and then click to clear the Enable Round Robin check box in the Server Options list.
  20. Right-click the server object, point to All Tasks, and then click Stop.
  21. Right-click the server object, point to All Tasks, and then click Start.
  22. Quit DNS.


back to the top

Network adaptor configuration

To configure your network adaptor, follow these steps:
  1. Right-click My Network Places, and then click Properties.
  2. Right-click Local Area Connection, and then click Properties.
  3. Click Internet Protocol (TCP/IP), and then click Properties.
  4. Verify that the IP address in the Preferred DNS server box is the IP address of your internal DNS server, and then click OK two times.
  5. Right-click your external network connection, and then click Properties.
  6. Click Internet Protocol (TCP/IP), and then click Properties.
  7. Verify that the IP address in the Preferred DNS server box is the IP address of your internal DNS server.
  8. Click Advanced, click the DNS tab, click to clear the Register this connections address in DNS check box, and then click OK.
  9. In the Components checked are used by this connection list, click to clear the Client for Microsoft Networks check box, click to clear the Network Load Balancing check box, and then click to clear the File and Printer Sharing for Microsoft Networks check box.
  10. Click OK.
  11. Right-click Local Area Connection, and then click Properties.
  12. Click Internet Protocol (TCP/IP), and then click Properties.
  13. Click Advanced, and then click the DNS tab.
  14. In the DNS server addresses, in order of use list, make sure that your internal DNS server is at the top of the list, and any external DNS servers are at the bottom of the list.
  15. Click OK three times.
  16. Start Command Prompt. To do this, click Start, click Run, type CMD, and then click OK.
  17. Type the following commands, and press ENTER after each command:

    ipconfig /flushdns

    ipconfig /registerdns



back to the top

You cannot see the domain controllers from the local domain on the Dsaccess tab

When you view the Dsaccess tab in the properties of Microsoft Exchange 2000 Service Pack 2, you may not see the names of the local domain controllers in the list of domain controllers. However, you can see the names of the domain controllers in the parent domain and in other child domains.

This issue may occur if you delegate the zone to the child domain and enable the DNS servers in the parent domain to be forwarders.

To resolve this issue, follow these steps:
  1. Click Start, point to Programs, point to Administrative Tools, and then click DNS.
  2. Right-click the server object, and then click Properties.
  3. Click the Forwarders tab, click to select the Do not use recursion check box, and then click OK.
  4. Quit DNS.


back to the top

MORE INFORMATION

For more information about how to set up an SMTP Virtual Server to point to an external DNS server, click the following article number to view the article in the Microsoft Knowledge Base:

289045 "Host Unknown" message when sending outbound Internet mail

For more information about how to set up an SMTP connector, click the following article number to view the article in the Microsoft Knowledge Base:

294736 When to create SMTP connectors in Exchange 2000 and later

REFERENCES

300202 How to configure DNS for Internet access in Windows 2000

291382 Frequently asked questions about Windows 2000 DNS and Windows Server 2003 DNS

298448 Windows 2000 DNS and Active Directory information and technical resources

262068 How to set up Exchange 2000



back to the top

Modification Type:MajorLast Reviewed:9/13/2006
Keywords:kberrmsg kbHOWTOmaster KB322856 kbAudITPro
©2004 Microsoft Corporation. All rights reserved.