Modify DNS settings on the servers for Windows Essential Business Server

Updated: February 23, 2009

If you migrated settings from a DNS server that is not integrated with Active Directory, follow these steps to ensure that the DNS settings on the Windows EBS servers are correct.

  1. On the Management Server and the Messaging Server, do the following:

    • Confirm that the forward and reverse lookup zones migrated correctly.

    • Confirm that the forward and reverse lookup zones are integrated with Active Directory as primary zones.

    • Remove legacy name servers from the forward and reverse lookup zones.

    • Add a CNAME record for Web Proxy Automatic Discovery (WPAD).

    • Remove any forwarders.

    • Confirm the presence root hints.

    For instructions, see To configure DNS server settings for the Management Server and the Messaging Server later in this topic.

  2. On all three Windows EBS servers, make sure that the network adapters are configured correctly for the DNS servers.

    For instructions, see To configure DNS settings on network adapters later in this topic.

  3. On the Security Server, verify the DNS resolution.

    For instructions, see To verify DNS resolution later in this topic.

TipTip
To work efficiently, complete all of the tasks that are required for one server before moving to the next. Start with the Management Server, then configure the Messaging Server, and then the Security Server.
To configure DNS server settings for the Management Server and Messaging Server
  1. Log on to the Management Server or the Messaging Server as domain administrator.

  2. Click Start, click Administrative Tools, and then click DNS.

  3. In the left pane of DNS Manager, expand the server node (directly under DNS), and then expand Forward Lookup Zones. Click the forward lookup zone for your domain, and then in the right pane, verify that you can see the DNS records that represent your environment.

  4. If you had reverse lookup zones, expand Reverse Lookup Zones. Click the reverse lookup zones for your domain, and then in the right pane, verify that you can see the DNS records that represent your environment.

  5. To check the properties of your forward and reverse lookup zones, right-click the zone, click Properties, click the General tab, and then verify that the Type is Active Directory-Integrated. Click Change, confirm that Primary zone is selected. Click OK.

  6. In the Properties dialog box of each of your forward and reverse zones, click the Name Servers tab. Check to see if any name servers that were configured previously appear in your environment. If any server other than the Management Server and Messaging Server appears in the list, click it, click Remove, and then click OK.

  7. In the left pane, under Forward Lookup Zones, right-click the forward zone for your domain, click New Alias (CNAME), type wpad in the Alias name text box, type the fully qualified domain name (FQDN) of the Security Server in the Fully qualified domain name text box, and then click OK.

  8. In the left pane of DNS Manager, right-click the server node, click Properties, and then click the Forwarders tab.

  9. If any forwarders were configured previously in your environment, click Edit, and then use the Edit Forwarders dialog box to delete them.

  10. In the Properties dialog box, click the Root Hints tab. Verify that you see root server entries, for example, a.root-servers.net. (including the trailing dot).

  11. If the list is empty, click Copy from Server. In the Server to Copy From dialog box, type the IP address 198.41.0.4, and then click OK. Click OK to close the Properties dialog box.

To configure DNS settings on network adapters
  1. On each Windows EBS server, log on as domain administrator, click Start, right-click Network, and then click Properties.

  2. Click Manage network connections, right-click the adapter that is used to connect to your network, and then click Properties.

  3. Double-click Internet Protocol Version 4 (TCP/IPv4), and then click Advanced.

  4. On the DNS tab, modify the list of DNS server addresses so that there are only two entries: the IP address of the Management Server and the IP address of the Messaging Server. If another entry appears, click it, and then click Remove.

  5. On the IP Settings tab, confirm that the Default gateway address is the IP address of the internal adapter on the Security Server.

    noteNote
    Because the Security Server is the default gateway for the network, the Default gateway address setting on the internal adapter of the Security Server should be blank.
  6. On the Security Server, right-click the adapter that is used to connect to the Internet (or external gateway device for your network), click Properties, and then double-click Internet Protocol Version 4 (TCP/IPv4) .

  7. In the Internet Protocol Version 4 (TCP/IPv4 Properties dialog box, confirm that Preferred DNS server and Alternate DNS server are blank and that the Default gateway address text box contains the IP address of your Internet service provider (or the external gateway device for your network). Click OK.

To verify DNS resolution
  1. On the Security Server, open a Command Prompt window and type nslookup.

  2. Type the name of an external domain (such as microsoft.com), and press ENTER. Verify that the DNS resolution succeeds (an IP address is returned).

  3. If the DNS resolution fails, verify that the Security Server has Internet connectivity (check that your external network adapter is connected and it has the correct IP settings).

    noteNote
    If the Security Server is behind another proxy server or firewall, there may be additional steps required for Internet connectivity to function correctly. For more information, consult the Windows EBS Preparation and Planning Guide at the Microsoft Web site (http://go.microsoft.com/fwlink/?LinkId=122157).
  4. Type exit to end nslookup and then type exit to close the Command Prompt window.

Community Additions

ADD
Show: