DNS MP External Resolution Monitor always in a critical state?


This is a problem in the 6.0.6480.0 version of the DNS MP.

This MP includes a monitor to inspect the DNS server’s ability to resolve external domains.

The problem is – that the moniotr defaults to inspecting “www.microsoft.com” when it should use a base domain, like “microsoft.com”.

 

You will find all of your DNS servers in this state – if you dont override it.  This is true for 2003 and 2008 servers:

 

image

 

image

 

To resolve this – simply override the monitor, for ALL OBJECTS OF TYPE, and change the Host string from “www.microsoft.com” to “microsoft.com”.  If your DNS servers cannot resolve external addresses by design – disable this monitor.

 

image

Comments (8)

  1. Kevin Holman says:

    There is an internal and an external resolution monitor.  Microsoft.com is just a default external resolution namespace.  If you cannot resolve that, or wish to use a different one – then change it via override.

  2. Kevin Holman says:

    If you want to modify a script in a sealed MP – you must disable the workflow completely via override, and write your own workflow using a script in a unsealed MP of your own.

  3. That’s because the "querytype" is ‘NS’. You can even leave the "host" string as it is and change the querytype to "A" instead 😉

  4. Kevin Holman says:

    @Subrata – you would have to disable this workflow, and then create your own with a consecutive samples condition detection module in the monitor type to make that work. So no, not easily. That said – this MP is OLD and has been replaced with a much newer
    one.

  5. Terence Tse says:

    I’ve changed the value to "microsoft.com" as you mentioned. Applied to all objects of type DNS. It worked for a week then the DNS External Res Monitor alerts came back. Weird.

  6. Brian Hansen says:

    I have found that the external resolution monitor fails due to it timing out. There is an option in the monitor to change the timeout period for the nslookup but it looks like they forgot to put the param in some parts of the script.

    function DoNslookup(Host,Server,QueryType)

    {

     if (Option == 1)

     {

       strCommand = "cmd /c " + strApplication + " -timeout="  +intTimeoutSeconds  +  " -querytype=" + QueryType + " " + Host + " " + Server + " > "" + strOutputFile + "" 2> "" + strErrrOutputFile + """;

       strCommand1 = strApplication + " -timeout="  +intTimeoutSeconds  +  " -querytype=" + QueryType + " " + Host + " " + Server;

     }

     else

     {

     strCommand = "cmd /c " + strApplication + " -querytype=" + QueryType + " " + Host + " " + Server + " > "" + strOutputFile + "" 2> "" + strErrrOutputFile + """;

     strCommand1 = "cmd /c " + strApplication + " -querytype=" + QueryType + " " + Host + " " + Server;

     }

    Notice after the "else" statement the command lines do not include the timeout variable.

    Is there any way to change this script inside the sealed DNS Library to add that param?

  7. Hi Kevin,

    Why do we keep the host as microsoft.com and not of the actual host's we use ?

    Regards,

    Dhanraj

  8. subrata says:

    Can we change the failure count to 3 to trigger the alert in remedy ?

Skip to main content