DNS Problems Affecting Outlook and Exchange

JE

unread,

Aug 9, 2007, 1:56:04 PM8/9/07

to

Good Afternoon!

I'm having a problem with all Outlook (XP and 2003) connecting to our
Exchange Server (SBS 2003) that I've traced, I think, back to a DNS problem.

When Outlook opens we receive the error message "Your Microsoft Exchange
Server is unavailable" with the Work Offline, Retry and Cancel buttons
available. If you select Retry (sometimes as many as 4 times) you connect to
the Exchange Server and Everything is fine.

While troubleshooting this problem, I ran into a problem with another
application that connects to SQL server on the same machine as the Exchange
Server.

While these problems were occurring I pinged the SBS Server by name and the
name resolved to 192.168.16.59 which is not the primary IP of the machine.
The Primary IP should be 192.168.16.2. I did an NSLOOKUP on the server name
and it resolved to 192.168.16.59, 192.168.16.2.

The 192.168.16.59 address I believe is used for VPN connections, and when
you use a VPN connection from a remote location, everything works without
error.
If you ping 192.168.16.59 from a local machine, the request times out.

I added a line to the HOSTS file for the server using the 192.168.16.2
address and that corrected the PING and SQL problem, but Outlook still has
the problem until you retry (sometimes multiple times).

I ran MPSRPT_Network on one of the affected machines and noticed what I
appear to be errors with the DNS setup for the Primary DNS Server. For
Example this section:

DNS test . . . . . . . . . . . . . : Passed
Interface {4D9F72F2-EA99-4E5E-8B86-3DB1D3F6EB78}
DNS Domain: FulfordHomes.local
DNS Servers: 192.168.16.2 24.217.0.4
IP Address: 192.168.16.76
Expected registration with PDN (primary DNS domain name):
Hostname: GaylaXP.FulfordHomes.local.
Authoritative zone: FulfordHomes.local.
Primary DNS server: fulfordhomes01.FulfordHomes.local 192.168.16.59
Authoritative NS:192.168.16.59 192.168.16.2
Verify DNS registration:
Name: GaylaXP.FulfordHomes.local
Expected IP: 192.168.16.76
Server 192.168.16.59: Error 1460 ERROR_TIMEOUT
Server 192.168.16.2: NO_ERROR
The DNS registration for GaylaXP.FulfordHomes.local is correct on all
DNS servers

This section shows the Primary DNS and Authoritative NS Server's address to
be 192.168.16.59 which is really not correct. Notice that the verification
fails with a timeout for server 192.168.16.59, but succeeds for server
192.168.16.2 which is the correct primary IP for the server.

I think that this is why Outlook is failing at first, but then is succeeding
eventually. If it resolves the name to the .59 address, it will time out. But
if it finally resolves to the .2 address, it will go through.

This is further evident by the error messages from the DC list test and the
Trust Relationship test. Notice that the DC Discovery test finds the DC
(which is also the Exchange and SQL servers on SBS) at address 192.268.16.2,
but fails the the list test and the trust test unsing the FQDN which I
believe based on the other information will resolve to 192.168.16.59:

DC discovery test. . . . . . . . . : Passed

Find DC in domain 'FULFORDHOMES':
Found this DC in domain 'FULFORDHOMES':
DC. . . . . . . . . . . : \\fulfordhomes01.FulfordHomes.local
Address . . . . . . . . : \\192.168.16.2
Domain Guid . . . . . . : {910D3878-FADB-4006-B6B6-72E6613DFFF6}
Domain Name . . . . . . : FulfordHomes.local
Forest Name . . . . . . : FulfordHomes.local
DC Site Name. . . . . . : Default-First-Site-Name
Our Site Name . . . . . : Default-First-Site-Name
Flags . . . . . . . . . : PDC emulator GC DS KDC TIMESERV WRITABLE
DNS_DC DNS_DOMAIN DNS_FOREST CLOSE_SITE 0x8

Find PDC emulator in domain 'FULFORDHOMES':
Found this PDC emulator in domain 'FULFORDHOMES':
DC. . . . . . . . . . . : \\fulfordhomes01.FulfordHomes.local
Address . . . . . . . . : \\192.168.16.2
Domain Guid . . . . . . : {910D3878-FADB-4006-B6B6-72E6613DFFF6}
Domain Name . . . . . . : FulfordHomes.local
Forest Name . . . . . . : FulfordHomes.local
DC Site Name. . . . . . : Default-First-Site-Name
Our Site Name . . . . . : Default-First-Site-Name
Flags . . . . . . . . . : PDC emulator GC DS KDC TIMESERV WRITABLE
DNS_DC DNS_DOMAIN DNS_FOREST CLOSE_SITE 0x8

Find Windows 2000 DC in domain 'FULFORDHOMES':
Found this Windows 2000 DC in domain 'FULFORDHOMES':
DC. . . . . . . . . . . : \\fulfordhomes01.FulfordHomes.local
Address . . . . . . . . : \\192.168.16.2
Domain Guid . . . . . . : {910D3878-FADB-4006-B6B6-72E6613DFFF6}
Domain Name . . . . . . : FulfordHomes.local
Forest Name . . . . . . : FulfordHomes.local
DC Site Name. . . . . . : Default-First-Site-Name
Our Site Name . . . . . : Default-First-Site-Name
Flags . . . . . . . . . : PDC emulator GC DS KDC TIMESERV WRITABLE
DNS_DC DNS_DOMAIN DNS_FOREST CLOSE_SITE 0x8

DC list test . . . . . . . . . . . : Failed
'FULFORDHOMES': No DCs are up.
List of DCs in Domain 'FULFORDHOMES':
fulfordhomes01.FulfordHomes.local (this DC is down)
[WARNING] Cannot ping 'fulfordhomes01.FulfordHomes.local' (it
may be down).

Trust relationship test. . . . . . : Failed
Test to ensure DomainSid of domain 'FULFORDHOMES' is correct.
'FULFORDHOMES': No DCs are up (Cannot run test).
Secure channel for domain 'FULFORDHOMES' is to
'\\fulfordhomes01.FulfordHomes.local'.
Since 'fulfordhomes01.FulfordHomes.local' is down, it cannot be tested.

Any help that you could give to get the DNS straightened out would be
greatly appreciated.

Thanks!
--
JE

Ken Zhao [MSFT]

unread,

Aug 9, 2007, 11:19:31 PM8/9/07

to

Hello Jeff,

Thank you for using newsgroup!

Based on my experience, this similar issue may be related to DNS. I'd like
to suggest you try the following steps to troubleshoot this issue:

Step 1: Ping DNS Server Fails?
If the client computer is configured for a DNS server that is not
available, DNS either needs to be disabled or needs to be configured for a
DNS server that is available at all times.

Step 2: Ping DNS Server Succeeds?
If the DNS server is available and configured properly, the Microsoft
Exchange Server name and IP address need to be added to the DNS database.
After this is done, pinging the Microsoft Exchange Server name will resolve
to an IP address by the DNS server, allowing for faster startup times of
the Microsoft Exchange client.

Step 3: Add Microsoft Exchange Server to HOSTS File
The HOSTS file gets read every time a Winsock application attempts to
resolve a host name. There are NO #PRE options to preload entries (that is
how it is done in LMHOSTS). You can add the Microsoft Exchange Server entry
to the HOSTS file and try again without having to restart Windows. The
HOSTS file for Windows 95 is located in the Windows directory, and the
HOSTS file for Windows NT is located in the
%systemroot%\system32\drivers\etc\ folder.

Thanks & Regards,

Ken Zhao

Microsoft Online Support
Microsoft Global Technical Support Center

Get Secure! - www.microsoft.com/security <http://www.microsoft.com/security>
====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

JE

unread,

Aug 9, 2007, 11:48:01 PM8/9/07

to

Ken,
As I stated in my original post, the ping by name to the DNS server failed
at first because when pinged by name, the name resolved to the wrong IP
address 192.168.16.59.

After I added the correct IP to the HOSTS file, the name resolved to the
correct addressand the ping went through. This however did not correct the
problem with Outlook.

The address that the name resolved to I believe was created by DHCP for
RRAS. Please review the results of the MPSRPT_Network that I added in the
post and note that the Primary DNS and Authoritative NS Server's address
shows up 192.168.16.59.

My DHCP Scope is 192.168.16.50 - 192.168.16.99. If I check the DHCP Leases,
there is a lease for 192.168.16.59 with a TYPE of DHCP and a UNIQUE ID of
RRAS.
Again, this address isn't a "Real Address" assigned to an adapter and will
only respond to a ping if you are connected to a VPN through RRAS. The IP
that is actually assigned to the adapter that is pingable by all is
192.168.16.2.

Again if you look at the DNS test results generated by MPSRPT_Network you
can see that the first query runs against 192.168.16.59, which fails, but
then 192.168.16.2 is queried and the query succeeds.

So in response to your response, the ping now succeeds after adding an entry
to the hosts file even though an (A) record already exists for the server in
DNS with the correct address. But Outlook still fails initially until 1 or
multiple retrys.

There is also an (A) record for the same server with the 192.168.16.59
address in DNS created I'm guessing by RRAS/DHCP?

For some reason though it still appears to be trying to use the .59 address
for resolution at first, (again see results of MPSRPT_Network in the original
post.

I hope that this makes sense.

If it helps, this problem began after deleting all of the active leases in
DHCP to force everyone to renew. Everything had worked for a long time until
then.

Thanks!

--
JE

JE

unread,

Aug 10, 2007, 8:40:01 PM8/10/07

to

Ken,
I found the problem. THe DNS Server was set to Listen on All Interfaces,
which included the PPP Adapter for RAS at 192.168.16.59. When I changed the
setting to Listen On: "Only the following IP addresses" and removed
192.168.16.59 leaving 192.168.16.2, everything worked fine.

My Outlook problem cleared up, I was able to remove the line from the HOSTS
file pointing to 192.168.16.2 and all of the pings succeeded and the name
resolved to the correct address.

In addition, the MPSREPORT_Network diagnostics no longer had the anomalies
in the DNS Section that I listed in the post.

My question now is, with the entry in the HOSTS file, why was Outlook still
querying DNS to resolve the Exchange server name? I understand now why it
would succeed after the rery. It was as I originaly expected, it was querying
192.168.16.59, timing out, then querying 192.168.16.2 after the retry.

Please let me know your thoughts.

Thanks!
--
JE

Ken Zhao [MSFT]

unread,

Aug 13, 2007, 3:05:51 AM8/13/07

to

Hi Jeff,

Based on my research, below is the order of host name resolution over
TCP/IP:
1. HOSTS file DNS Server NetBIOS Cache WINS server Broadcast LMHOSTS file
2. DNS Server NetBIOS Cache WINS server Broadcast LMHOSTS file
3. NetBIOS Cache WINS server Broadcast LMHOSTS file
4. WINS server Broadcast LMHOSTS file
5. Broadcast LMHOSTS file
6. LMHOSTS file

Therefore, it will first check local HOSTS file. Not sure why your
problematic machine was being querying DNS.

Thanks & Regards,

Ken Zhao

Microsoft Online Support
Microsoft Global Technical Support Center

Get Secure! - www.microsoft.com/security <http://www.microsoft.com/security>
====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
| Thread-Topic: DNS Problems Affecting Outlook and Exchange

| thread-index: AcfbsCbepEoXCH+PTCK/r+/4wzHoNg==
| X-WBNR-Posting-Host: 207.46.192.207
| From: =?Utf-8?B?SkU=?= <Jeff...@anon.postalias>
| References: <AEAFEA28-E78D-4BB8...@microsoft.com>
<hrFQL1v2...@TK2MSFTNGHUB02.phx.gbl>
<40D534AB-8FE8-4514...@microsoft.com>
| Subject: RE: DNS Problems Affecting Outlook and Exchange
| Date: Fri, 10 Aug 2007 17:40:01 -0700
| Lines: 298
| Message-ID: <7E8E4C63-09E3-4213...@microsoft.com>

| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.dns:4499

Ken Zhao [MSFT]

unread,

Aug 15, 2007, 4:39:17 AM8/15/07

to

Hi Jeff,

I am just writing to see how everything is going. If you have any updates
or need any further assistance on this issue, please feel free to let me
know.

Thanks & Regards,

Ken Zhao

Microsoft Online Support
Microsoft Global Technical Support Center

Get Secure! - www.microsoft.com/security <http://www.microsoft.com/security>
====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
| X-Tomcat-ID: 76585249
| References: <AEAFEA28-E78D-4BB8...@microsoft.com>
<hrFQL1v2...@TK2MSFTNGHUB02.phx.gbl>
<40D534AB-8FE8-4514...@microsoft.com>

<7E8E4C63-09E3-4213...@microsoft.com>
| MIME-Version: 1.0
| Content-Type: text/plain

| Content-Transfer-Encoding: 7bit
| From: v-k...@online.microsoft.com ("Ken Zhao [MSFT]")
| Organization: Microsoft
| Date: Mon, 13 Aug 2007 07:05:51 GMT

| Subject: RE: DNS Problems Affecting Outlook and Exchange

| X-Tomcat-NG: microsoft.public.windows.server.dns
| Message-ID: <dedEthX3...@TK2MSFTNGHUB02.phx.gbl>
| Newsgroups: microsoft.public.windows.server.dns
| Lines: 398
| Path: TK2MSFTNGHUB02.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.dns:4524
| NNTP-Posting-Host: tomcatimport2.phx.gbl 10.201.218.182