why do i get this alert everyday? Its a remote dc with dns



Alert: DNS 2003 Server External Addresses Resolution Alert

Source: dc.domain.com

Path: dc.domain.com

Last modified by: System

Last modified time: 1/21/2009 3:21:59 PM Alert description: The DNS Server
failed in test resolutions for external addresses.  Its external network
connection or forwarders it is relying on may be unavailable.

This monitor try to check external dns server availability. If you dns server
can not connect to internet or cannot resolve external address you can get
this alert. if you dns server has not connected to internet its ok to
override this monitor your dns server.

Hi Joey,
I have just solved this myself, I have the latest DNS management pack
version 6.0.6480.0. What happens is the monitor ships with a configuration to
execute a DNS query for type "ns" on host "www.microsoft.com". In the alert
description it shows the command syntax (nslookup -querytype=ns <host>
and an ns query for www.microsoft.com it fails.
The problem is that you can't perform an NS type query on a hostname, only
on a domain name. If you either change the type to "A" (host type record) or
the host to "microsoft.com" the query is valid. What you need to do is
override the monitor and change either the "Query Type" or "Host" parameters,
or both. I changed ours to type=A and host=company domain name, and it is now
working fine. The management pack guide explains how to override these
parameters, but doesn't explain the situation that causes the issue. In the
MP guide, it states "By default, the external name resolution monitor
performs an NSLOOKUP query for a host (NS) record at www.microsoft.com to
verify that external resolution is functioning properly." The word "host" is
used, but is followed by "(NS)" which is a name server record type, not a
host type. I guess this is an inadvertent mistake, but the problem I see is
that the management pack was configured using the NS type record, and would
have failed from day one. Not sure how this one would have slipped through
Microsoft testing.
I hope this fixes the problem in your environment too.
--
Regards,
Mick McKean
Brisbane Australia

where are you actually seeing this? I am running 6.0.6278.27 I dont see
anything under alerts

Hi Joey,
I'm not exactly sure what you mean in this reply, as you said you were
getting the alert named "DNS 2003 Server External Addresses Resolution Alert"
in your original post. It is that the monitor that raises this alert that you
need to apply the overrides I suggested to, the monitor name is "DNS 2003
External Resolution Monitor". There is also a DNS 2008 server version of the
monitor named "DNS 2008 External Resolution Monitor". In the alert, there is
a link in the details pane to the monitor that raised the alert. If the alert
has been resolved and no longer visible, you can go to the "Authoring" view,
select "Monitors" and search for the name of the monitors I specified above.
Not sure how experienced you are at applying overrides so let me know if you
need any further help.
Applying ther overrides I suggested is explained in the management pack
guide that comes with the DNS management pack download, in the section
download the latest version of the DNS MP at :
http://www.microsoft.com/downloads/details.aspx?FamilyID=633b718f-5fe8-47d5-a395-8203f8ec354f&displaylang=en&displaylang=en

Regards,
Mick McKean
--
Regards,
Mick McKean
Brisbane Australia

why is it that when io try to import this management pack 6.0.6278.27 has
been imported already?

Should the version number is 6.0.6480.0?

When you override this external address alert to your internal server, that
makes this alert do a nslookup on your internal address not external right?

Hi Joey,
The monitor is designed to query an external DNS address, so if you
configure an external address it will perform a DNS lookup on that address. I
expect you could query an internal address with this monitor too, but am not
sure of this. Remember that all it is doing is a DNS lookup of the defined
record type for the defined hostname.
--
Regards,
Mick McKean
Brisbane Australia

You were dead on with this.  Thanks for the help!  All I have to do was
change the query type to "a" and everything is groovy.  Did not need to
change the host since www.microsoft.com is an A record.

I don't understand why this is not happening to everyone.  Is is possible
that few install the DNS management pack?

Hi Richard,
One thing I should mention about the nslookup that the rule performs - just
after I made my change and answered Joey's original post, I ran the rule
query (for "NS" record) manually and it does work now! It didn't work when I
ran it manually before that, using the same DNS servers, and the same query
from the same host. I was configuring OpsMgr in a new greenfields environment
at the time, which was still being configured for AD and DNS. Some changes
may have been made to DNS forwarding that allowed it to work, but I am not
sure what went on behind the scenes. Either way, I have left it to query for
an "A" record for the company's external web server as this is a more useful
test in my mind.
Glad I was able to assist.
--
Regards,
Mick McKean
Brisbane Australia