Monday, July 2, 2007

Nslookup is your friend NSLookup -type=all



DNS entries and the NSLookup utility are used to troubleshoot SMTP related mail issues. NSLookup is available on most server based platforms and can be a great help in determining where the problem lies, often times. If you have determined that your SMTP problem is with receiving Internet mail or sending mail to a particular Internet domain, you will want to use NSLookup to evaluate DNS records. Telnet is often used after analyzing the DNS records to test connectivity.

NSLookup (Name Server Lookup) is a command-line executable

(NSLOOKUP.EXE) that is available on most server-based platforms,

Including:


• Windows NT 4.0, Windows 2000 and Windows XP, Vista, Windows Severs Family

• OS/400 (iSeries) and OS/390 (zSeries)

• UNIX platforms

DNS: Domain Name service/system. DNS translated complicated 32 bits IP addresses into human friendly names. DNS in windows active directory achieves different goals and objectives. Below is one of my post in TechNet DNS forums

Many people seem to have this question, and some confusion how to configure DNS with integration of active directory. DNS (domain name service/System) plays critical role in AD environment. I believe most of the confusion being caused by not having solid active directory knowledge. I have tried to put some notes together to help to community and cleared out some of this confusion. Please take a look below article to see if it helps you DNS is backbone of active directory and directory service depends on DNS mechanism (service records) to work properly. Since, the principle of having AD and its database, being able to offer services to its clients, understanding how these services are being offered, and how they correlates into DNS concept is what makes AD works in my opinion.

http://smtp25.blogspot.com/2007/05/do-not-configure-dns-client-settings-on_818.html

Best regards

oz ozugurlu


I am not going to show you how to get everything with one shoot. We need to figure out all the records including MX records for sbc.com. Here is the command we would issue from DOS or power Shell

PS C:\> nslookup -type=all sbc.com

No win this example I have asked the internal DNS server 10.160.9.70 I got the above answer.

I have 4 more internal DNS servers and I want to ask them same question. Here how we do it.

If I want to see what domain controller my workstation authenticated against I would issue

I would type on DOS following command

C:\WINDOWS\system32>set

I also would use this command and find out the DC I have logged into.

F:\>echo %LOGONSERVER%

\\NHQDTCDC4

Now Nslookup is asked the question to this DC in the example.

F:\>set

ALLUSERSPROFILE=C:\Documents and Settings\All Users

APPDATA=C:\Documents and Settings\OOzugurlu\Application Data

CLASSPATH=.;C:\Program Files\Java\j2re1.4.2_12\lib\ext\QTJava.zip

CommonProgramFiles=C:\Program Files\Common Files

COMPUTERNAME=OOZUGURLUPC

ComSpec=C:\WINDOWS\system32\cmd.exe

DEFLOGDIR=C:\Documents and Settings\All Users\Application Data\McAfee\DesktopPro

tection

EXCHICONS=C:\Program Files\Exchsrvr\bin\maildsmx.dll

FP_NO_HOST_CHECK=NO

GC_LOCALEDIR=C:\Program Files\Common Files\Clarify\bin\locale

HOMEDRIVE=F:

HOMEPATH=\

HOMESHARE=\\NHQJPK1FS1\OzugurluO$

HOMESRV=NHQJPK1FS1

LOGONSERVER=\\NHQDTCDC4

LOGONSRV=\\NHQDTCDC4

NUMBER_OF_PROCESSORS=2

OS=Windows_NT

Path=C:\ORACLE\ORA81\bin;C:\Program Files\Oracle\jre\bin;C:\Program Files\Suppor

t Tools\;C:\Program Files\Common Files\Clarify\bin;C:\WINDOWS\system32;C:\WINDOW

S;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\;C:\Program

Files\Diskeeper Corporation\Diskeeper\;C:\Program Files\Symantec\pcAnywhere\;C:

\Program Files\QuickTime\QTSystem\;C:\WINDOWS\system32\WindowsPowerShell\v1.0

PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1

PROCESSOR_ARCHITECTURE=x86

PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 3, GenuineIntel

PROCESSOR_LEVEL=15

PROCESSOR_REVISION=0403

ProgramFiles=C:\Program Files

PROMPT=$P$G

QTJAVA=C:\Program Files\Java\j2re1.4.2_12\lib\ext\QTJava.zip

SESSIONNAME=Console

SystemDrive=C:

SystemRoot=C:\WINDOWS

TEMP=C:\DOCUME~1\OOZUGU~1\LOCALS~1\Temp

TMP=C:\DOCUME~1\OOZUGU~1\LOCALS~1\Temp

USERDNSDOMAIN=ARCHQ.RI.REDCROSS.NET

USERDOMAIN=ARCHQ

USERNAME=oozugurlu

USERPROFILE=C:\Documents and Settings\OOzugurlu

VSEDEFLOGDIR=C:\Documents and Settings\All Users\Application Data\McAfee\Desktop

Protection

windir=C:\WINDOWS


C:\>nslookup

Default Server: nhqdtcdc3.Smtp25.org

Address: 10.160.9.70

> type=mx sbc.com

Server: sbc.com

Addresses: 144.160.134.61, 144.160.103.79


The server "10.160.9.70: who is taking to us and giving answer back to us.

Now I want to ask same questions to another DC/DNS server, here how to switch to another DNS server( you need to know the FQDN of the server)

> Server reddns1.redcross.org

Default Server: reddns1.redcross.org

Address: 162.6.6.13

Default Server: reddns1.redcross.org

Address: 162.6.6.13

> type=mx sbc.com

Server: sbc.com

Addresses: 144.160.134.61, 144.160.103.79

You can ask to any DNS server by typing following command

Server FQDN of the DNS server and pressing enter

Best

Oz Ozugurlu

1 comment:

Unknown said...

Nslookup can also be used to check up on your OWN network from a security perspective.
Nslookup