Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

No Reverse Lookup Zones Created

0 views
Skip to first unread message

Jean Claude

unread,
Sep 1, 2004, 6:10:14 AM9/1/04
to
Hi there,

I joined a company recently that implemented AD 2003 with
DNS integrated. There are forward zones but no reverse
zones created. On request I was told the implimentation
team did not create reverse zones. But as usual the guys
that did it left the company.

I have been attempting to find out why they would not want
reverse zones if there are any reasons, but cant seem to
find any concrete information. I know it has to be created
but need to supplement my request with documentation.

Our system is running server 2003 in a cluster.

Many thanks
Jean Claude

Sharad Naik

unread,
Sep 1, 2004, 6:46:39 AM9/1/04
to
Well, the set up might not be indeed needing reverse zones.
If you want to go ahead and add (won't be any harm to add these),
you can do this with windows interface (DNS management console) or
command line (dnscmd) if you have a number of zoes to add.

The procedure is simple and very well explained in Windows Help.
On 2003 server, start help and give search for just ' zone '.
In the list of topics that will appear just scroll down and find 'Add a
revers lookup zone'.
It explains both the methods.
Simillarly give search for ' PTR ' and you will find help to add records in
reverse zone
using both methods.

Sharad

"Jean Claude" <anon...@discussions.microsoft.com> wrote in message
news:3ff201c4900b$df9d3b40$a601...@phx.gbl...

Jean Claude

unread,
Sep 1, 2004, 7:07:15 AM9/1/04
to
Thanks

>.
>

Sharad Naik

unread,
Sep 1, 2004, 12:13:52 PM9/1/04
to
Well, I realize that I did not read your post properly and could not get
what you asked.

You want documented support for 'whether reverse zones are necessary or
not', and NOT how to create them.

Again on win 2003 server, go to windows help give search for 'PTR'.
In the topics listed find 'Reverse lookup : DNS'. In the description
of this, go to the bottom and see the Notes.

Sharad

"Jean Claude" <anon...@discussions.microsoft.com> wrote in message

news:3fa501c49013$d6be4a70$a501...@phx.gbl...

Thomas Lee

unread,
Sep 1, 2004, 6:24:10 PM9/1/04
to
In message <3ff201c4900b$df9d3b40$a601...@phx.gbl>, Jean Claude
<anon...@discussions.microsoft.com> writes

>I have been attempting to find out why they would not want reverse
>zones if there are any reasons, but cant seem to find any concrete
>information. I know it has to be created but need to supplement my
>request with documentation.

One reason is because it's generally not needed in order to support DNS.
Besides NSLookup, there's nothing I can think of in the base OS that
_requires_ reverse lookup.

If you have a mail server product, it might be capable of doing reverse
DNS lookups, thus this might be useful. But for internal systems, normal
access controls are possibly more useful for security.

Reverse DNS zones also increase replication traffic. Increased traffic
is to be avoided where possible.

So all in all, I can see why they might not have done it.

Why do you need it?

Thomas

--
Thomas Lee
doct...@gmail.com

Ace Fekay [MVP]

unread,
Sep 3, 2004, 9:26:33 PM9/3/04
to
In news:qkSzBtOK...@mail.psp.co.uk,
Thomas Lee <t...@psp.co.uk> made a post then I commented below

Hi Thomas,

Just would like to point out, I've seen some issues with Win2003 and 40961
errors that are alleviated with creating a reverse zone.

Cheers!
:-)

Ace


0 new messages