DNS Server not Logging

  • Thread starter Thread starter Tim
  • Start date Start date
T

Tim

I have an issue where I can't get my DNS server to log any errors into the
DNS event viewer. It does log out debugging information to the winnt
\system32\dns\dns.log file however my event viewer stays empty. I know
when you restart the server you at least get an informational note that the
service started.

Has anyone seen anything like that? Along with this when I update an AD
zone with a new host or whatever, the serial number isn't incrementing.
Thus I'm not getting any records entered into the problem DNS server
replicated to all our other DNS servers in the enterprise.

Any help would be appreciated.

TIA

Tim
 
In
Tim said:
I have an issue where I can't get my DNS server to log any errors
into the DNS event viewer. It does log out debugging information to
the winnt \system32\dns\dns.log file however my event viewer stays
empty. I know when you restart the server you at least get an
informational note that the service started.

Has anyone seen anything like that? Along with this when I update an
AD zone with a new host or whatever, the serial number isn't
incrementing. Thus I'm not getting any records entered into the
problem DNS server replicated to all our other DNS servers in the
enterprise.

Any help would be appreciated.

TIA

Tim
Click to expand...

If there's nothing to log, I would leave it alone. Are you getting any
errors with DNS resolution?

Logging levels can be increased if you want by tweaking the reg:

198408 - Microsoft DNS Server Registry Parameters, Part 1 of 3:
http://support.microsoft.com/?id=198408

As for serial number behavior, with AD Integrated zones and having more than
one DNS server, this is expected behavior because if the netlogon server is
refreshing its data into DNS, it will be the SOA of the zone for the moment
in time and will replicate that. If another server refreshes its data, then
that's the SOA. When this happens, the serial number may bounce back and
forth appearing not to be current.

282826 - Active Directory-Integrated DNS Zone Serial Number Behavior:
http://support.microsoft.com/?id=282826

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
 
Subject: Re: DNS Server not Logging
From: "Ace Fekay [MVP]"
<PleaseSubstituteMyActualFirstName&[email protected]>
Newsgroups: microsoft.public.win2000.dns

In

If there's nothing to log, I would leave it alone. Are you getting any
errors with DNS resolution?

Logging levels can be increased if you want by tweaking the reg:

198408 - Microsoft DNS Server Registry Parameters, Part 1 of 3:
http://support.microsoft.com/?id=198408

As for serial number behavior, with AD Integrated zones and having
more than one DNS server, this is expected behavior because if the
netlogon server is refreshing its data into DNS, it will be the SOA of
the zone for the moment in time and will replicate that. If another
server refreshes its data, then that's the SOA. When this happens, the
serial number may bounce back and forth appearing not to be current.

282826 - Active Directory-Integrated DNS Zone Serial Number Behavior:
http://support.microsoft.com/?id=282826
Click to expand...


Thanks Ace, it appears that someone had tweaked the registry to only
allow errors to be logged. I changed that to everything and events
started showing up.

How long does it usually take a DNS record entered into one DNS server
to replicate to all other DNS servers in the domain? What would hinder
this replication? For instance a record I entered into our primary DNS
server didn't appear on all the other ones for a really long time,
however when I restarted the DNS server on the child DNS servers, the
record appeared.

I was just curious. Thank you so much for your help so far, I really
appreciate it.
 
In
Tim said:
Thanks Ace, it appears that someone had tweaked the registry to only
allow errors to be logged. I changed that to everything and events
started showing up.

How long does it usually take a DNS record entered into one DNS server
to replicate to all other DNS servers in the domain? What would
hinder this replication? For instance a record I entered into our
primary DNS server didn't appear on all the other ones for a really
long time, however when I restarted the DNS server on the child DNS
servers, the record appeared.

I was just curious. Thank you so much for your help so far, I really
appreciate it.
Click to expand...

No prob for the help. :-)

AD Integrated zones replicate with AD's replication schedule. If the DCs are
all in one Site, the min/max time between DCs is 5min/15min, which depends
on the partnerships created by the KCC. If in different Sites, that depends
on your Site link replication schedule and frequency settings in the link's
properties, default is 3 hours, 24/7.

What exactly is a "really long time"? 10 minutes? 3 hours? A whole day?

As for a record not appearing elsewhere, did you try to just refresh the
zone before restarting the service? The console is not dynamic.



Ace
 
Back
Top