Escolar Documentos
Profissional Documentos
Cultura Documentos
Complying with all applicable copyright laws is the responsibility of the user. Without
limiting the rights under copyright, this document may be reproduced, stored in or
introduced into a retrieval system, or transmitted in any form or by any means
(electronic, mechanical, photocopying, recording, or otherwise), but only for the
purposes provided in the express written permission of Microsoft Corporation.
Microsoft, Active Directory, Visual Basic, Windows, Windows NT, and Windows Server
are either registered trademarks or trademarks of Microsoft Corporation in the
United States and/or other countries.
The names of actual companies and products mentioned herein may be the
trademarks of their respective owners.
Domain Name System (DNS) Service Product Operations Guide iii
Contents
Introduction to Product Operations Guide ....................................................................................... 1
Document Purpose ...................................................................................................................... 1
Intended Audience ....................................................................................................................... 1
How to Use This Guide ................................................................................................................ 1
Background .................................................................................................................................. 2
High-Level Processes for Maintaining Windows Server 2003 DNS Service ................................... 5
Overview ...................................................................................................................................... 5
Technology Required ................................................................................................................... 6
Maintenance Processes Checklist ............................................................................................... 9
Operating Quadrant .................................................................................................................. 9
Service Monitoring and Control SMF .................................................................................... 9
Storage Management SMF................................................................................................. 10
Supporting Quadrant .............................................................................................................. 11
Incident Management SMF................................................................................................. 11
Problem Management SMF ................................................................................................ 12
Optimizing Quadrant .............................................................................................................. 13
Capacity Management SMF ............................................................................................... 13
Availability Management SMF ............................................................................................ 14
Changing Quadrant ................................................................................................................ 15
Change Management SMF................................................................................................. 15
Configuration Management SMF ........................................................................................ 16
Detailed Maintenance Actions ....................................................................................................... 17
Overview .................................................................................................................................... 17
Process: Data backup, restore, and recovery operations .......................................................... 18
Task: Create DNS backup and pull backup files to remote storage ...................................... 18
Option 1—System State ..................................................................................................... 18
Procedure 1: Manual backup to tape or external locally-attached storage ........................ 18
Procedure 2: Scriptable manual copy to remote server directory ...................................... 19
Option 2—System State and Zone File Backup ................................................................. 20
Procedure 1: Manual backup to tape or external locally-attached storage ........................ 20
Procedure 2: Scriptable manual copy to remote server directory ...................................... 20
Task: Verify previous day's backup job .................................................................................. 22
Procedure 1: Verify the backup job is completed ............................................................... 22
Process: Data backup, restore, and recovery operations .......................................................... 23
Task: Verify restore ................................................................................................................ 23
Procedure 1: Verify restore configuration of a primary zone .............................................. 24
Procedure 2: Verify restore configuration of a secondary zone ......................................... 24
Procedure 3: Verify restore configuration of a stub zone ................................................... 25
Process: Design for recovery ..................................................................................................... 26
Task: Test the server restoration capability ........................................................................... 26
Procedure 1: Restoring from backup Active Directory integrated DNS .............................. 26
Procedure 2: Restoring from backup standard primary zone ............................................. 27
Process: Storage resource management .................................................................................. 28
Task: Monitor disk space for DNS logs and database ........................................................... 28
Procedure 1: Monitor disk usage and availability ............................................................... 28
Process: Managing resources and service performance........................................................... 30
Task: Capture service performance statistics ........................................................................ 30
Procedure 1: Configure DNS performance logging ............................................................ 31
Process: Perform monitoring ..................................................................................................... 34
Task: Capture usage performance statistics .......................................................................... 34
Procedure 1: Configure DNS performance logging ............................................................ 35
Task: Capture system performance statistics ........................................................................ 38
Procedure 1: Configure DNS performance logging ............................................................ 38
Process: Managing resources and service performance........................................................... 42
iv Managing the Windows Server Platform
Contributors
Program Manager
Jeff Yuhas, Microsoft Corporation
Lead Writers
Jim Quiggle, Covestic Inc., USA
Michael Sarabosing, Covestic Inc., USA
Other Contributors
Marius Apreutesei, Microsoft Corporation
Jason Popp, Microsoft Corporation
Test Manager
Greg Gicewicz, Microsoft Corporation
QA Manager
Jim Ptaszynski, Microsoft Corporation
Technical Editor
Patricia Rytkonen, Volt Technical Services
Production Editor
Kevin Klein, Volt Technical Services
1
Introduction to Product Operations
Guide
Document Purpose
This guide describes processes and procedures for improving the management of
Microsoft® Windows Server™ 2003 Domain Name System (DNS) Service in your
infrastructure.
Intended Audience
This material should be useful for anyone planning to deploy this product into an
existing IT infrastructure, especially one based on the IT Infrastructure Library
(ITIL)—a comprehensive set of best practices for IT service management—and
Microsoft Operations Framework (MOF). It is aimed primarily at two main groups:
IT managers and IT support staff (including analysts and service-desk specialists).
Background
This guide is based on Microsoft Solutions for Management (MSM). MSM provides a
combination of best practices, best-practice implementation services, and best-
practice automation, all of which help customers achieve operational excellence as
demonstrated by high quality of service, industry reliability, availability, and
security, and low total cost of ownership (TCO).
These MSM best practices are based on MOF, a structured, yet flexible approach
based on ITIL. MOF includes guidelines on how to plan, deploy, and maintain IT
operational processes in support of mission-critical service solutions.
Central to MOF—and to understanding the structure of this guide—are the MOF
Process and Team models. The Process Model and its underlying service
management functions (SMFs) are the foundation for the process-based approach
that this guide recommends for maintaining a product. The Team Model and its role
clusters offer guidance for ensuring the proper people are assigned to operational
roles.
Figure 1 shows the MOF Process Model combined with the SMFs that make up each
quadrant of the Process Model.
Figure 1
MOF Process Model and SMFs
Domain Name System (DNS) Service Product Operations Guide 3
Figure 2 shows the MOF Team Model, along with some of the many functional roles
or function teams that might exist in service management organizations. These roles
and function teams are shown mapped to the MOF role cluster to which they would
likely belong.
Change management
Release/systems engineering
Configuration control/asset
management
Software distribution/licensing
Intellectual property protection Quality assurance Enterprise architecture
Network and system security Infrastructure engineering
Intrusion detection Capacity management
Virus protection Release Cost/IT budget management
Audit and compliance admin Resource and long-range
Contingency planning planning
Security Infrastructure
Partner Support
Figure 2
MOF Team Model and examples of functional roles or teams
4 Managing the Windows Server Platform
The MOF Team Model is built on six quality goals, which are described and matched
with the applicable team role cluster in Table 1.
Table 1. MOF Team Model Quality Goals and Role Clusters
Quality Goal Team Role Cluster
Domain Name System (DNS) is the primary method for name resolution in
Windows Server 2003. DNS is also a requirement for deploying Microsoft Active
Directory® directory service, but Active Directory is not a requirement for deploying
DNS. However, integrating DNS with Active Directory enables DNS servers to take
advantage of the security, performance, and fault tolerance capabilities of Active
Directory.
6 Managing the Windows Server Platform
Technology Required
Table 3 lists the tools or technologies used in the procedures described in this guide.
All tools should be accessed from a Windows Server 2003 server console, except in
those cases where a link is provided.
Table 3. Tools and Technologies Required to Use the Procedures in This Guide
Required Technology Description Location
DNS Manager Used for modifying DNS Start > Control Panel >
parameters. These Administrative Tools
centralized management
Or to open DNS Manager
and monitoring tools can be
using the command line,
found either in type:
Administrative Tools after
initial installation of the %systemroot%\System32\
DNS service, or through dnsmgmt.msc
Adminpak.msi.
Event Viewer Provides logs for Start > Control Panel >
transactional reactive Administrative Tools >
reviews of system and Event Viewer
service events. It is Or to open Event Viewer
automatically installed with
using the command line:
Windows Server 2003.
Start >Run. In the Open box,
type eventvwr.msc and then
click OK.
Domain Name System (DNS) Service Product Operations Guide 7
Operating Quadrant
The processes for this chapter are based on the service management functions (SMFs)
that make up the MOF Operating Quadrant. Further information about the MOF
Process Model and the MOF SMFs is available at
http://www.microsoft.com/solutions/msm/techinfo/default.asp, or search for the
document title on TechNet at http://www.microsoft.com/technet/default.asp.
Supporting Quadrant
The processes for this section are based on the SMF guides that make up the MOF
Supporting Quadrant.
Optimizing Quadrant
The tasks for this section are based on the SMF guides that make up the MOF
Optimizing Quadrant.
Changing Quadrant
The processes for this section are based on the SMF guides that make up the MOF
Changing Quadrant.
Further information about the MOF Process Model and the MOF SMFs is available at
http://www.microsoft.com/solutions/msm/techinfo/default.asp, or search for the
document title on TechNet at http://www.microsoft.com/technet/default.asp.
18 Managing the Windows Server Platform
Dependencies
● Backup jobs are logged to disk.
● Incident management process.
Technology Required
● Backup
● Event Viewer
Domain Name System (DNS) Service Product Operations Guide 23
Dependencies
Scheduled zone file and system state backups are being performed.
Technology Required
● DR lab or similar equipment
● Backup
28 Managing the Windows Server Platform
rem – DNS Check Disk Space for Log and DB Drive ---------------------
rem --------------------------------------------------------------------------
-------
rem -- List all DNS Servers in the strDNSServer array in quotes
rem -- and separated by commas. use "." for localsystem.
rem --
rem -- Example:
rem -- strDNSServer=array("dnssvr01","dnssvr02","192.168.23.21")
rem --
arrDNSSvr = array( ".","dnssvr01")
rem --------------------------------------------------------------------------
-------
The following is the script listing for a single server with a specific drive check:
rem – DNS Check Disk Space for Log and DB Drive ----------------
Dependencies
None
Technology Required
● Basic Windows Server 2003 operating system installed with DNS
● Windows Management Instrumentation (WMI) infrastructure
● CScript
30 Managing the Windows Server Platform
rem --------------------------------------------------------------------------
-------
rem -- List all DNS Servers in the strDNSServer array in quotes
rem -- and separated by commas. use "." for localsystem.
rem --
rem -- Example:
rem -- arrDNSSvr=array("DNSsvr01","dnssvr02","192.168.23.21")
rem --
rem --------------------------------------------------------------------------
-------
For Each strComputer in arrDNSsvr
Wscript.Echo “—“ & strComputer & “------------------------------“
Next
Next
m=Month(Now)
d=Day(Now)
s=Second(Now)
If (m<10) Then
m="0" & m
End If
If (d<10) Then
d="0" & d
End If
If (s<10) Then
s="0" & s
End If
strFormattedDate = chr(34) & m & "/" & d & "/" & Year(Now) & " " & Hour(Now) &
":" & Minute(Now) & ":" & s & ".000" & chr(34)
2. After the line “For Each objItem in colItems” all the way to “Next” are the output
commands to echo the results to screen. Select the objects you would like to log
and replace the “Wscript.Echo …” lines with concatenated and formatted output,
including formatting such as “ (quotes) represented by chr(34) and , (commas).
For example, to create a System Monitor-style output for DNS
TotalQueryReceived/sec, TotalResponseSent/sec, and ZoneTransferSuccess, the
result would be:
…
For Each objItem in colItems
Wscript.Echo strFormattedDate & “,” & chr(34) &
objItem.TotalQueryReceivedPersec & chr(34) & “,” & chr(34) &
objItem.TotalResponseSentPersec & chr(34) & “,” & chr(34) &
objItem.ZoneTransferSuccess & chr(34)
Next
…
Dependencies
None
Technology Required
● Basic Windows Server 2003 operating system installed with DNS
● WMI infrastructure
● CScript
34 Managing the Windows Server Platform
Next
Domain Name System (DNS) Service Product Operations Guide 37
m=Month(Now)
d=Day(Now)
s=Second(Now)
If (m<10) Then
m="0" & m
End If
If (d<10) Then
d="0" & d
End If
If (s<10) Then
s="0" & s
End If
strFormattedDate = chr(34) & m & "/" & d & "/" & Year(Now) & " " & Hour(Now) &
":" & Minute(Now) & ":" & s & ".000" & chr(34)
2. Between “For Each objItem in colItems” and “Next” are the output commands to
echo the results to screen. Select the objects you would like to log and replace the
“Wscript.Echo …” lines with concatenated and formatted output, including
formatting such as “ (quotes) represented by chr(34) and , (commas). For
example, to create a System Monitor-style output for DNS
TotalQueryReceived/sec, TotalResponseSent/sec, and ZoneTransferSuccess, the
result would be:
…
For Each objItem in colItems
Wscript.Echo strFormattedDate & “,” & chr(34) &
objItem.TotalQueryReceivedPersec & chr(34) & “,” & chr(34) &
objItem.TotalResponseSentPersec & chr(34) & “,” & chr(34) &
objItem.ZoneTransferSuccess & chr(34)
Next
…
Dependencies
None
Technology Required
● DNS server
● WMI infrastructure
● CScript
38 Managing the Windows Server Platform
rem – DNS Server System Load and Utilization Basic Collector ------------
rem ----------------------------------------------------------------------
rem -- List all DNS Servers in the strDNSServer array in quotes
rem -- and separated by commas. use "." for localsystem.
rem --
rem -- Example:
rem -- strDNSServer=array("dnssvr01","dnssvr02","192.168.23.21")
rem --
rem ----------------------------------------------------------------------
For Each strComputer in arrDnssvr
Wscript.Echo “—“ & strComputer & “------------------------------“
2. Between “For Each objItem in colItems” and “Next” are the output commands to
echo the results to screen. Select the objects you would like to log and replace the
“Wscript.Echo …” lines with concatenated and formatted output, including
formatting such as “ (quotes) represented by chr(34) and , (commas). For
example, to create a PerfMon-style output for DNS Server AvailableBytes,
PageReadsPersec, and PagesOutputPersec, the result would be:
…
For Each objItem in colItems
Wscript.Echo strFormattedDate & “,” & chr(34) & objItem.AvailableBytes &
chr(34) & “,” & chr(34) & objItem.PageReadsPersec & chr(34) & “,” & chr(34) &
objItem.PagesOutputPersec & chr(34)
Next
…
Dependencies
None
Technology Required
● WMI infrastructure
● Windows Script Host
● Basic Windows Server 2003 operating system installed with DNS
42 Managing the Windows Server Platform
Dependencies
Capturing service performance in performance logs.
Technology Required
Microsoft Excel or third-party spreadsheet application
For clarity, it may be easier to calculate the daily statistics on the basis of
performance objects.
Dependencies
Capturing service performance in performance logs.
Technology Required
Excel or third-party spreadsheet application
44 Managing the Windows Server Platform
Procedure 1: Select and enable debug logging options on the DNS server
1. Start the DNS Manager from Administrative Tools.
2. From the left-tree view, select the applicable DNS server.
3. On the Action menu, click Properties.
4. Click the Debug Logging tab.
5. Select Log packets for debugging, and then select the events that you want the
DNS server to record for debug logging.
6. Select applicable criteria including Packet direction, Transport protocol, and
type.
7. Specify the log file name, location, and maximum file size. Note that the file
name will be cached and, if re-used, will append to the log instead of
overwriting. This will cause the log file to take up more disk space.
8. Click OK.
Dependencies
DNS Service
Technology Required
DNS Manager
Backup logs will now contain detailed information regarding the backup operations.
46 Managing the Windows Server Platform
Dependencies
● Backup jobs are logged to disk.
● Problem management process.
Technology Required
● Backup
● Third-party backup software
Domain Name System (DNS) Service Product Operations Guide 47
Event Description
ID
140 The DNS server could not initialize the Remote Procedure Call (RPC)
service. If it is not running, start the RPC service or reboot the computer.
For specific error code, see the Record Data page on the Event Viewer.
In order for DNS to run, the Remote Procedure Call (RPC) service must
be running on the DNS server.
1. Verify that the Remote Procedure Call (RPC) service has been started.
2. Open Administrative Tools, and double-click Services.
3. If the service has been started, try restarting the server.
4. If the error continues, remove and reinstall the RPC Configuration
service by using the Services tab network connection in Network and
Dial-up Connections in Control Panel.
403 The DNS server could not create a Transmission Control Protocol (TCP)
socket. Restart the DNS server or reboot the computer. For the specific
error code, see the Record Data page.
The Wsock32.dll might be incompatible with a third-party TCP/IP stack.
This problem can also occur if the TCP/IP protocol is not bound to the
network adapter.
If you are using a third-party TCP/IP protocol, verify that the protocol is
compatible with the Wsock32.dll.
Check the bindings of the protocol stack. It is a good idea to have TCP/IP
bound at the top of the stack. If the error continues, remove and reinstall
the TCP/IP protocol, and then try again.
1. Open Control Panel, and then double-click Network and Dial-up
Connections.
2. Right-click the connection, and then click Properties.
3. Verify that the bindings for all protocols to network adapters are
enabled and that no broken connections exist in the stack.
Domain Name System (DNS) Service Product Operations Guide 49
Event Description
ID
407 DNS server could not bind the main datagram socket. The data is the
error.
This error can occur if there is a mismatch between the configured IP
address in the Advanced IP Addressing dialog box and the addresses
listed in the Server Properties dialog box for the DNS server. This
problem can also occur if the TCP/IP protocol is not bound to the network
adapter.
Verify that the TCP/IP addresses configured in the Advanced IP
Addressing dialog box match those configured in the Server Properties
dialog box in DNS Manager:
1. Open Control Panel, and double-click Network.
2. Click the Protocols tab, and click TCP/IP Protocol in the Network
Protocols list.
3. Click Properties, and then click Advanced.
Match the IP addresses to those displayed in the DNS server Properties
dialog box:
1. In DNS Manager, right-click the DNS server name, and then click
Properties.
2. Compare the IP addresses with those from the Advanced IP
Addressing dialog box. If there are no IP addresses configured in the
Advanced IP Addressing dialog box or on the Interfaces tab of the
Server Properties dialog box, enter the IP address of your network
adapter. Use the ipconfig -all command to obtain your IP address.
Check the binding of the TCP/IP protocol to the network adapter:
1. Open Control Panel, and double-click Network.
2. Click the Bindings tab.
3. Verify that the bindings for all protocols to network adapters are
enabled and that no broken connections exist in the stack.
50 Managing the Windows Server Platform
Event Description
ID
408 DNS server could not open socket for address [IP address of server].
The DNS server could not open a socket with the current TCP/IP and
DNS service configurations.
Verify that this is a valid IP address on this machine.
If the IP is not valid:
1. Use the Interfaces dialog under Server Properties in the DNS
Manager to remove it from the list of IP interfaces.
2. Stop and restart the DNS server. (If this was the only IP interface on
this machine, the DNS server may not have started as a result of this
error. In that case, remove the DNS\Parameters\ListenAddress value
in the services section of the registry and restart.)
If the IP is valid:
Verify that no other application (for example, another DNS server) is
running that would attempt to use the DNS port.
4001 The DNS server was unable to open zone domain name in Active
Directory. This DNS server is configured to obtain and use information
from the directory for this zone and is unable to load the zone without it.
Check that Active Directory is functioning properly and reload the zone.
4004 The DNS server is configured to use information obtained from Active
Directory for this zone and is unable to load the zone without it.
Check that Active Directory is functioning properly and repeat
enumeration of the zone.
4007 The DNS server was unable to open zone <zone name> in Active
Directory from the application directory partition <partition name>. This
DNS server is configured to obtain and use information from the
directory for this zone and is unable to load the zone without it. Check
that Active Directory is functioning properly and reload the zone. The
event data is the error code.
4016 The DNS server timed out attempting an Active Directory service
operation on <distinguished name>. Check Active Directory to see that it
is functioning properly. The event data contains the error.
Events 403, 407, and 408 are usually triggered together, as well as 4000, 4001, and
4004.
Domain Name System (DNS) Service Product Operations Guide 51
Dependencies
None
Technology Required
● CScript
● Event Viewer
● DNS server
● Windows 2000, Windows XP, or Windows Server 2003 operating systems
Dependencies
None
Technology Required
DNS server
Dependencies
● DNS/DHCP client
● DNS server
● DHCP server
Technology Required
● DNS Service
● DHCP Service
54 Managing the Windows Server Platform
11180 The system failed to update and remove registration for the network
adapter with settings.
The reason for this failure is that the DNS server the system sent the
update request to timed out. The most likely cause of this failure is that
the authoritative DNS server for the zone where the registration was
originally made is either not running or is unreachable through the
network at this time.
Dependencies
Dynamic DNS is enabled on a DDNS-capable system.
Dynamic DNS Refresh setting is enabled on the DNS server
Technology Required
● Windows 2000, Windows XP, or Windows Server 2003 operating systems
● CScript
Dependencies
● Dynamic DNS is enabled on a DDNS-capable system.
● DHCP services are available.
Technology Required
● Windows 2000, Windows XP, or Windows Server 2003 operating systems
● CScript
● Findstr
Domain Name System (DNS) Service Product Operations Guide 57
Warning Do not leave DNS logging on during normal operations because it consumes both
processing and hard disk resources.
Dependencies
● DNS server.
● DNS audit logging enabled.
Technology Required
Microsoft Excel
Dependencies
None
Technology Required
● Netsh and Pathping are included with Windows Server 2003.
● DNS server.
60 Managing the Windows Server Platform
Event Description
ID
6527 Zone expired before it could obtain a successful zone transfer or update
from a master server acting as its source for the zone. The zone has been
shut down.
This event ID might appear when the DNS server is configured to host a
secondary copy of the zone from another DNS server acting as its source
or master server. Verify that this server has network connectivity to its
configured master server.
If the problem continues, consider one or more of the following options:
1. Delete the zone and recreate it, specifying either a different master
server, or an updated and corrected IP address for the same master
server.
For more information, see Add and remove zones.
2. If zone expiration continues, consider adjusting the expire interval.
For more information, see To adjust the expire interval for a zone.
For more information, see Understanding zones and zone transfer.
6004 The DNS server received a zone transfer request from %1 for a non-
existent or non-authoritative %2.
Dependencies
Network connectivity
Technology Required
● NSLookup
● DNS server
● CScript
A simple query may be initiated by using a Hostname command that makes the DNS
server authoritative for the record. A recursive query test would include a Hostname
command that makes the DNS server not authoritative for the record. A
comprehensive recursive test may also involve a flushing of the name cache to
ensure that DNS forwarding is utilized during the recursive test.
Dependencies
None
Technology Required
● DNS server
● NSLookup
Domain Name System (DNS) Service Product Operations Guide 63
Dependencies
DNS Service
Technology Required
● DNS Manager
● DNSCmd
Domain Name System (DNS) Service Product Operations Guide 65
Dependencies
Formalized configuration management process
Technology Required
● DNS server
● DNSCmd
66 Managing the Windows Server Platform
DNSLint
[dns server] 169.254.46.138
www.reskit.com,a,r
169.254.197.1,ptr,r
[dns~server] 169.254.46.200
reskit.com,cname,r
reskit.com,mx,r
_kerberos._tcp.dc._msdcs.reskit.com,srv,r
Domain Name System (DNS) Service Product Operations Guide 67
This line: [dns server] 169.254.46.138 specifies the IP address of a DNS server to send
queries to. [dns server] must be specified followed by a valid IP address. If either of
these two components is missing, an error is generated and the specified input file is
rejected.
Subsequent lines indicate the queries to send to the specified DNS server:
www.reskit.com,a,r
169.254.197.1,ptr,r
The type of record is then immediately followed by a comma. No spaces are allowed
on either side of the comma.
The third field is the type of query. This field immediately follows the comma after
the type of record. Valid query types are as follows:
● r = recursive
● i = iterative
Nothing else is required to follow the third field. All three fields are required, and no
spaces are allowed anywhere within the query line. A fourth field is optional.
Appending “,tcp” to the third field will make DNSLint send the specified query
using the TCP protocol instead of the default UDP protocol. Again, no spaces are
allowed and nothing should follow this field if it is used.
Dependencies
CMDB
Technology Required
● DNS server
● DNS Manager
Domain Name System (DNS) Service Product Operations Guide 69
…where resource record type is the type of resource record that you were querying for
in your original query, and FQDN is the FQDN for which you were querying
(terminated by a period).
● If the response includes a list of NS and A resource records for delegated servers,
repeat step 1 for each server and use the IP address from the A resource records
as the server IP address.
● If the response does not contain an NS resource record, you have a broken
delegation.
● If the response contains NS resource records, but no A resource records, type set
recursion and query individually for A resource records of servers listed in the
NS records. If you do not find at least one valid IP address of an A resource
record for each NS resource record in a zone, you have a broken delegation.
Dependencies
Network connectivity
Technology Required
● DNS server
● NSLookup
70 Managing the Windows Server Platform
Dependencies
None
Technology Required
● DNS server
● DNSCmd
Dependencies
None
Technology Required
● DNS server
● DNSCmd
● DNS Manager
Dependencies
● Active Directory domain-implemented
● CMDB
Technology Required
● CSVDE
● DNS server
● Microsoft Excel
Dependencies
● Formalized architectural standard, stored in the CMDB.
● Performance monitoring and configuration snapshots are performed regularly.
● Collaboration and communication are required between operations teams.
Technology Required
None
74 Managing the Windows Server Platform
Supporting Quadrant Incident Management Support and Operations Daily and weekly
SMF Role Clusters
Technology Required
● Third-party tools that provide incident management ticketing functionality.
● A Microsoft Access or SQL Server database can also be used to create incident
tickets.
Technology Required
● Third-party tools that provide incident management ticketing functionality.
● A Microsoft Access or SQL Server database can also be used to create incident
tickets.
Domain Name System (DNS) Service Product Operations Guide 77
The numbers reported should then be analyzed to assess the incident management
process and to determine how to improve effectiveness and efficiency.
Dependencies
● Responding to daily service request.
● Weekly service request activity report.
Technology Required
Microsoft Excel
78 Managing the Windows Server Platform
The two tasks that follow—attending a CAB meeting and reviewing an emergency
change request—are among several tasks that would be associated with classification
and authorization. Attending a CAB meeting is singled out because it is common to
much of the change process. Reviewing an emergency change request is singled out
because emergency changes typically involve high risk and require a great outlay of
time and resources.
More information about the other tasks, and about the change management process
in general, is available at
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutions/ms
m/smf/smfchgmg.asp, or search for “Change Management SMF” on TechNet at
http://www.microsoft.com/technet/default.asp.
Domain Name System (DNS) Service Product Operations Guide 79
Dependencies
● A process must be established to initiate a change request in the operations
environment.
● CAB members must have already been chosen.
Technology Required
Operations team educated about MOF/ITIL.
Along with change type, collect the configuration item (CI) that will be affected
by the change. (Configuration items, which are any objects that are subject to
change, fall under change management.) For DNS servers, these items include:
● DNS server hardware
● Active Directory hardware and domain controller hardware
● Hardware vendor
● Server role
● Windows Server 2003 software
● Service packs
● Hotfixes
● Monitoring software
● Backup software
● Processes and procedures
● Documentation
● RFCs
Domain Name System (DNS) Service Product Operations Guide 81
Dependencies
● A process must be established to initiate a change request in the operational
environment.
● An identified CAB/EC roster and individuals who are contacted for emergency
changes as they relate to DNS Service.
● An operations team with knowledge about MOF/ITIL.
Technology Required
Basic Windows Server 2003 operating system installed with DNS
4
Processes by MOF Role Clusters
This chapter is designed for those who want to see all processes for a single role
cluster in one place. The information is the same as that in the previous two chapters.
The only difference is that the processes are ordered by MOF role cluster.
Task 1: Create DNS backup and pull backup files to remote storage
Monthly Processes
The DNS server does not resolve names or may not resolve them correctly.
Possible Causes and Resolutions of Problem
When a DNS client attempts to resolve a name, a "Name not found” error is
returned from the server.
Possible Causes and Resolutions of Problem
DNS server clients are not performing dynamic updates to the DNS server
authoritative for the zone.
Possible Causes and Resolutions of Problem
Review how zone delegations are utilized and revise configurations as needed.
For each sub-domain delegated to its own zone, the parent zone needs to have
delegation records added to it. Use the New Delegation Wizard to simplify the
addition of these records.
Event Description
ID
408 The DNS server could not open socket for address [IPaddress]. Verify that
this is a valid IP address for the server computer.
To correct the problem, you can do the following:
If the specified IP address is not valid, remove it from the list of restricted
interfaces for the server and restart the server. For more information, see
To restrict a DNS server to listen only on selected addresses.
If the specified IP address is no longer valid and was the only address
enabled for the DNS server to use, the server might not have started as a
result of this configuration error. To correct this problem, delete the
following value from the registry and restart the DNS server:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS\P
arameters\ListenAddress
If this is a valid IP address for the server computer, verify that no other
application that would attempt to use the same DNS server port (such as
another DNS server application) is running. By default, DNS uses TCP
port 53.
413 The DNS server will send requests to other DNS servers on a port other
than its default port (TCP port 53).
This DNS server is multi-homed and has been configured to restrict DNS
Server service to only some of its configured IP addresses. For this reason,
there is no assurance that DNS queries made by this server to other
remote DNS servers will be sent using one of the IP addresses enabled for
the DNS server.
This might prevent query answer responses returned by these servers
from being received on the DNS port that the server is currently
configured to use. To avoid this problem, the DNS server sends queries to
other DNS servers using an arbitrary non-DNS port, and the response is
received regardless of the IP address used.
If you want to limit the DNS server to using only its configured DNS port
for sending queries to other DNS servers, use the DNS console to perform
one of the following changes in the server properties configuration on the
Interfaces tab:
● Select All IP addresses to enable the DNS server to listen on all
configured server IP addresses.
● Or, if you continue to select and use Only the following IP addresses,
limit the IP address list to a single server IP address.
For more information, see To restrict a DNS server to listen only on selected
addresses.
Domain Name System (DNS) Service Product Operations Guide 101
Event Description
ID
414 The server computer currently has no primary DNS suffix configured. Its
DNS name is currently a single label host name. For example, its currently
configured name is "host" rather than "host.example.microsoft.com" or
another fully qualified name.
While the DNS server has only a single label name, default resource
records created for its configured zones use only this single label name
when mapping the host name for this DNS server. This can lead to
incorrect and failed referrals when clients and other DNS servers use
these records to locate this server by name.
In general, the DNS server should be reconfigured with a full DNS
computer name appropriate for its domain or workgroup use on your
network. For more information, see To configure the primary DNS suffix for a
client computer.
708 The DNS server did not detect any zones of either primary or secondary
types. It will run as a caching-only server.
A DNS server that does not host any DNS zones but performs name
resolution and stores the results in its cache will not be authoritative for
any zones.
For more information, see Using caching-only servers.
315 The DNS server wrote a new version of zone [zonename] to file [filename].
0 You can view the new version number by clicking the Record Data tab.
This event should appear only if the DNS server is configured to operate
as a root server. For more information, see DNS-related files.
652 Zone [zonename] expired before it could obtain a successful zone transfer
7 or update from a master server acting as its source for the zone. The zone
has been shut down.
This event ID might appear when the DNS server is configured to host a
secondary copy of the zone from another DNS server acting as its source
or master server. Verify that this server has network connectivity to its
configured master server.
If the problem continues, consider one or more of the following actions:
Delete the zone and recreate it, specifying either a different master server
or an updated and corrected IP address for the same master server.
For more information, see Add and remove zones.
If zone expiration continues, consider adjusting the expire interval.
For more information, see To adjust the expire interval for a zone.
For more information, see Understanding zones and zone transfer.