Split-Brain DNS
Editor's Note: Windows & .NET Magazine welcomes feedback from readers about the magazine. Please include your full name, email address, and daytime phone number with your letter. We edit all letters and replies for style, length, and clarity.
Mark Minasi's Inside Out: "Troubleshooting DNS-Related AD Logon Problems, Part 2" (February 2002, InstantDoc ID 23565) about AD logons and split-brain DNS was a huge help to me. Everything is working well except that the people on the intranet can't get to their Web site, which is hosted off site on a Windows NT 4.0 server. Will you explain in greater detail how to copy the records from the public zone to the intranet zone?
—Richard Murphy
rmurphy@apluscomputers.com
Probably the simplest solution is to retype them. Most public zones have only a handful of records—a few mail servers and Web servers—and that's it. But if your internal DNS is a primary DNS server rather than an AD-integrated server, you could just grab the zone file from the public DNS server (assuming it's BIND or a BIND clone like NT 4.0's DNS) and use Notepad to copy the records from the external zone file to the internal one. The internal zone files live in \winnt\system32\dns and have names such as acme.com.dns. Here are the steps:
- Stop the internal DNS Server service.
- Open the internal .dns file with Notepad.
- Get the external DNS server's zone files (assuming that you can).
- Copy the external DNS server's Web, mail, and other relevant records into the internal .dns file.
- Save the internal .dns file.
- Restart the DNS Server service.
—Mark Minasi
Disabling the Print Spooler Service
In Jordan Ayala's "Win2K Server Services, Part 2" (November 15, 2001, InstantDoc ID 22762), Table 3 mentions that you should disable the Print Spooler service only if the system isn't a print server. A better recommendation is to disable the Print Spooler service only if the system isn't a print server or a client.
The Print Spooler service is needed to offer print services to other clients on the network, but the server also uses the service to print to local or remote printers. Disabling the Print Spooler service disallows any process running on the server from printing on any printer. Although it's uncommon for a server to print documents to printers, knowing that the Print Spooler service offers print spooling capabilities is notable: The service lets clients use shared printers but also lets the server send documents to its local printing spool queue for printing.
—Felipe Alfaro Solana
Where to Find DhcpExim
Sean Daily's "Recovering DHCP" (September 2001, InstantDoc ID 21841) explains in detail how to recover from DHCP server failure. The sidebar "DhcpExim in Action" (InstantDoc ID 21842) mentions that Microsoft's DHCP Database Export Import utility (dhcpexim.exe) isn't available for download. However, since you published the article, Microsoft has made the tool available at http://www.microsoft.com/windows2000/techinfo/reskit/tools/new/dhcpexim-o.asp.
—Dan Parr
dep@atlcat.ca
Case of the Stinky Magazines Solved
Windows & .NET Magazine has literally started to stink recently! Whatever new paper or printing process you used in the March 2002 issue produced a horrid odor. I have to keep the magazine away from my nose when I'm reading it. You might save money with this new process, but you will lose readers.
—Ed Lindell
edl@molectron.com
We checked with our printer and found that the mysterious odor occurred with mailed copies of the magazine. The printer, in turn, checked with the United States Postal Service (USPS). Apparently, the postal service irradiated the magazines, and a reaction with the ink produced the stinky odor. Several other publishers and printers reported similar complaints, and the USPS said it planned to discontinue the process soon. Be sure to let us know if your nose doesn't notice a big improvement with future issues.
—Janet Robbins
Determining Operations Masters
In the first Q&A in Tricks & Traps: "Daily Answers" (February 2002, InstantDoc ID 23403), Sean Daily discusses several built-in or supplemental tools that you can use to determine which domain controllers (DCs) on a network act as operations masters (i.e., hold Flexible Single-Master Operation*FSMO*roles) for a Windows 2000 forest and domains. One tool that the article doesn't include is the one I use the most: Netdom. The command
netdom query fsmo
provides information for the current domain, and
netdom query fsmo /domain:
provides information for domain xxxx. Netdom is in the Support Tools, so everyone who has Win2K has access to it.
—Joe Richards
joe@joeware.net