Our intranet site which runs on a Windows 2003 server and runs IIS60 will no
t
work after our primary dns crashed last week.  We have the security in IIS
set at basic authentication and the login box still appears but when you typ
e
your username and password it comes back and says page cannot be displayed.
We have an lmhosts file on the IIS box that points to the dns server and
public IP address for our domain.  Since the primary dns server went down, w
e
added an lmhosts file to our secondary DNS server but it still doesn't work.
We checked the firewall and made a change to reflect to secondary dns server
.
Does anyone have any other ideas as to what else I can check?  If I left out
any pertinent info let me know.

[ Post a follow-up to this message ]

This sounds like a DNS/networking issue, unrelated to IIS. Pertinent
information includes the mechanism that your entire network uses to
look up IP addresses for names.

- Why don't you just restore the primary DNS server
- Or point all your servers to use the secondary DNS?
- Why would you play around with HOSTS/LMHOSTS?
- Why do you think that adding LMHOSTS file to secondary DNS server
help?

If your machines use DHCP to get network settings, make sure the
secondary DNS server is broadcast out to the DHCP clients and you're
done. If you use static routing, make sure that several DNS servers
such as primary and secondary are configured by default and you are
done.

To me, whatever you are doing does not appear to address losing a DNS
server.


//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//


Larry wrote:
> Our intranet site which runs on a Windows 2003 server and runs IIS60 will 
not
> work after our primary dns crashed last week.  We have the security in IIS
> set at basic authentication and the login box still appears but when you t
ype
> your username and password it comes back and says page cannot be displayed
.
> We have an lmhosts file on the IIS box that points to the dns server and
> public IP address for our domain.  Since the primary dns server went down,
 we
> added an lmhosts file to our secondary DNS server but it still doesn't wor
k.
> We checked the firewall and made a change to reflect to secondary dns serv
er.
>  Does anyone have any other ideas as to what else I can check?  If I left 
out
> any pertinent info let me know.

[ Post a follow-up to this message ]

Dave -  The reason we are using lmhosts is because our intranet server is
outside the FW or in the DMZ.  The DNS server (s) are inside the FW and for
the intranet server to be able to see the primary DNS server we use an
lmhosts file so it can authenticate users with AD.  It has to do something
with authentication because it prompts for a username and password.  If I
turn off basic authentication in IIS it takes you into the intranet with no
problems.

"David Wang" wrote:

> This sounds like a DNS/networking issue, unrelated to IIS. Pertinent
> information includes the mechanism that your entire network uses to
> look up IP addresses for names.
>
> - Why don't you just restore the primary DNS server
> - Or point all your servers to use the secondary DNS?
> - Why would you play around with HOSTS/LMHOSTS?
> - Why do you think that adding LMHOSTS file to secondary DNS server
> help?
>
> If your machines use DHCP to get network settings, make sure the
> secondary DNS server is broadcast out to the DHCP clients and you're
> done. If you use static routing, make sure that several DNS servers
> such as primary and secondary are configured by default and you are
> done.
>
> To me, whatever you are doing does not appear to address losing a DNS
> server.
>
>
> //David
> http://w3-4u.blogspot.com
> http://blogs.msdn.com/David.Wang
> //
>
>
> Larry wrote: 
>
>

[ Post a follow-up to this message ]

"Larry" <Larry@discussions.microsoft.com> wrote in message
news:0F84B7DF-6B2E-42B3-9279-F91AD722DFF0@microsoft.com...
> Dave -  The reason we are using lmhosts is because our intranet server is
> outside the FW or in the DMZ.  The DNS server (s) are inside the FW and
> for

then it is not an "intranet server", it is external.  period.
you may think it is "internal" - but you placed it outside.

> the intranet server to be able to see the primary DNS server we use an
> lmhosts file so it can authenticate users with AD.  It has to do something

lmhosts has absolutely nothing to do with locating DNS servers.
The Tcp/Ip config determines the DNS server(s) in use, and
nothing else does, plus it is specified by IP.

If a machine is doing AD authentications, and is a member of the
AD domain, then it must be using a DNS server that knows about
the AD that is deployed (hosts its zones).
If that requirement (not recommendation, _requirement_) is not
met then you cannot expect things to work.
Also, for AD based authentication to work the machine at which
the authentication is attempted must be able to access DCs of
the account domain which it might try contacting for the authN
and also GCs.

> with authentication because it prompts for a username and password.  If I
> turn off basic authentication in IIS it takes you into the intranet with
> no
> problems.

If you mean basic is turned off but authentication is still required,
then you have different issues than DNS availability.
If you mean it works with the site is made to not require authentication
(made anonymous) then all issues are still fair game.

Roger[vbcol=seagreen]
>
> "David Wang" wrote:
> 

[ Post a follow-up to this message ]