DNSLint ?????? ?? ?????

???? ?????? ???? ??????
???? ID: 321045 - ?? ???????? ?? ?????? ??? ?? ?? ???? ???? ???? ??.
??? ?? ??????? ???? | ??? ?? ??????? ????

?? ????? ??

??????

DNSLint ?? Microsoft Windows ?????? ?? ?? ??????? DNS ??? ?????? ???????? ?? ????? ???? ??? ???? ??? ???? ???

????? ????? Microsoft ??????? ?????? ?? ??????? ?? ??? ?????? ??::
?? ??? ?? ??????? ?????? ??? ?? ??????? ????
??????? ????
Dnslint.exe ?????? ?? ??????? ?????
Microsoft ?????? ??????? ?? ???? ??????? ???? ?? ???? ??? ???? ????? ?? ???, ????? ???? ?????? ?? ????? ?? ???? ?? Microsoft ???????? ??? ?????::
119591?????? ?????? ?? Microsoft ?????? ??????? ???? ??????? ????
Microsoft ????? ?? ??? ?? ????? ?? ????? ?? ??? Microsoft ?? ?? ?????? ?? ?????? ???? ??????? ?????-??? ?????????? ?? ????? ???? ?? ????? ????? ?? ?? ??.. ????? ?? ?? ???????-??????????? ????? ?? ???????? ???? ??? ?? ?? ????? ??? ???? ?? ??????? ???????? ?? ????? ??? ??? ???? ??..

???? ???????

DNSLint ?? ??? ?????? ?? ????? ??? ?????? ?? ???? ???? (DNS) ??????? ???? ?? ?? ?? HTML ??????? ????? ????? ??? ?????? ???:
  • dnslint /d: ?? diagnoses "lame ????????" ?? ???? ??????? DNS ???????? ?? ??????? ???? ????
  • dnslint /ql: ??? ????-??????? ??? ?? ?? ?? ???? DNS DNS ??????? ?? ??????? ??? ?? ??????
  • dnslint /ad: ?????? ?????????? ?? ??? ????? ??? ?? ????? DNS ??????? ??????? ??? ?? ??????????
DNSLint ?? ?? ????-?????? ?????? ??? The syntax is:
dnslint /d domain_name | /ad [LDAP_IP_address] | /ql input_file
[/c [smtp,pop,imap]] [/no_open] [/r report_name]
[/t] [/test_tcp] [/s DNS_IP_address] [/v] [/y]
?? ?? ?? ????????? ???? ????/d,/ad??,/qlwhen you run DNSLint. Other switches are optional.

You use the/dswitch to request domain name tests. This switch is useful when you troubleshoot lame delegation issues.
  • You must specify a domain name to test.
  • You cannot use the/dswitch with the/ad?????.
?? ?? ????? ????/adswitch to request Active Directory tests.
  • The/adswitch resolves DNS records that are used for AD forest replication.
  • By default, the local system's LDAP service is used.
  • You can specify a remote LDAP server IP address (optional).
  • Only valid IP addresses are accepted. Names are not accepted.

    Typically, this is an Active Directory domain controller.
  • ?? ????? ????/adswitch with the/soption, where/sspecifies the IP address of a DNS server that is authoritative for the _msdcs zone in the AD forest root.
  • You cannot use the/adswitch with/d??,/c.
?? ?? ????? ????/qlswitch to request DNS query tests from a list.
  • The/qlswitch sends the DNS queries specified in a text input file
  • You must specify the path and name of the input file.
  • the/qlswitch supports A, PTR, CNAME, SRV and MX record queries.
  • You create a sample input file by running the following:
    dnslint /ql autocreate
  • You cannot use the/qlswitch with/d,/ad??,/c.
???:
  • You cannot use/d,/ad, ??/qltogether.
  • You cannot use/ctogether with/ad??,/ql.
  • ?? ?? ????? ????/ad, you must also specify/s.

Optional switches


?????/cto request connectivity tests on e-mail servers.
  • The/cswitch tests SMTP, POP, and IMAP ports on e-mail servers found.
  • By default, all three (the SMTP, POP, and IMAP ports) are tested. You can specify one or a combination. To do this, use a comma-separated list:/c pop,imap,smtp.
To prevent report from automatically opening, use/no_open. The/no_openswitch is useful in scripts.

?????/rswitch to specify the name of the report file that is created.
  • The .htm file name extension is automatically added to report names.
  • The report is created in HTML format. The default name is Dnslint.htm
  • The default location is the current directory.
?????/sswitch to bypass an InterNIC whois lookup.
  • You can specify DNS server IP address instead of querying InterNIC for one.
  • The/sswitch starts checking DNS records by using the supplied IP address.
  • Only valid IP addresses are accepted. Names are not accepted.
  • InterNIC ?????? ??????? ???? ??? ?? ????? ????? ?? ??? ???? ?? ??? ?? ?????? ?? ????? ?????
  • ?? ?? ????? ????/AD, ?? ????? ????/sauthoritative AD ???????? ?? ??? ????? ??? _msdcs subdomain ?? ??? ?? ?? ???? DNS ????? ????????? ???? ?? ????
  • ?? ?? ????? ????/AD, ??? ???? ???/s ??????? ?????????????? ???? ?? ??????? ?????? AD ??????? ??? ???? ?????? ?? ?? ?? ???? ????
?????/t?????? ?? ?? ??? ????? ?? ??? ?????? ???? ???? ?? ????
  • ??? ????? ????. htm ??????? ?? ??? ??? ???? ??? ??, ????? ???. txt ????? ??? ????????? ???
  • The text file created in the same directory as the .htm report file.
?????/test_tcpto request that TCP port 53 be tested.
  • By default, only UDP port 53 is tested.
  • The/test_tcpoption checks whether TCP port 53 is responding to queries.
  • The/test_tcpoption cannot be used with/ql.
?????/vto request verbose output to the screen.

?????/yto overwrite an existing report file without being prompted. The /y switch is useful in scripts.

Required parameters


To run DNSLint, you must use one of the three following parameters:
  1. ?????/dfor domain name tests
  2. ?????/adfor Active Directory replication tests.
  3. ?????/ql?? ??????? ???? ?????? ??? ????????? ?????
?????/d???? ??????? DNS ????? ??? ?? ??????? ???? ?? ??? ????? (????? ??? ???????) ????? "???????? lame" ???????? ?? ????? ???? ??? ??? ???? ?? ??? ?? ????? ?? ????? ???? ?? ???? DNS ?? ??????? ????????? ????? ??? ?? ????? ?? ??????? ?? ??? ?? ?? ??????? ?? ????? ?? ??? ??????? ???? ??? ?? ?? ???? ??? ????? ??? ???????? ???? ???? ??? ?? ???? ??? ?? ?? ???? ???? ???, ?? ????? ???? ?????? ??? ?? ??????? ?? ??????? ?? ??????? ?? ???? ???? ??????? ????? ??? ?? ????? ????? ??/s?????? ?? ????? ???? ???? ??????

?????/AD?????? ??????????? ?? ???????? ????????? ???? ?? ??? ????????? DNS ??????? ?? ??????? ???? ?? ??? ????? (?????? ?????????? ???????) ????? ???? ???/AD????? ????, ?? ??????? ?? ??? ????? ???? ???? ?? ?? LDAP ????? ?? IP ??? ????????? ????? ??????????, ?? ?? ?????? ?????????? ????? ???????? ??? ??? DNSLint ???? ????? ???????? ?? ?? ??? ??, ??? IP ??? ?????? ?? ??????? ?? ????? ???? ?? ??? ??????? ??? ?? 127.0.0.1 ???

?????/ql????????? ??? ????? ???? ??? DNS ??????? ?? ??????? ???? ?? ??? ????? (?????? ???? ???????) ????? ????? ?? ??? ?????? ????? ?? ?? ??? ????? ???? ?? ??? ????????? ????? ?????dnslint /ql autocreateto generate a sample text input file called In-dnslint.txt. This file contains an explanation on the required format. You can use this file as a template to create other input files.

More optional switches



The/v(verbose) switch turns "verbose mode" on. With this switch on, DNSLint will output the steps it is taking to collect data to the screen. You can send this output to a file. ?????? ?? ???:dnslint /v /d msn.com.
By default, the name of the report that DNSLint generates is Dnslint.htm. ?? ???/r(report) switch, you can specify the name and location of the report file that DNSLint generates. You can give the report file the same name as the domain name or DNS server that was tested. The ".htm" file name extension is appended to the report name automatically because the report is in HTML format.

???????? ??? ??, DNSLint ???????? ??? ?? ?? ?? ????? ???? ??? ?? ?? ??? ??????? ????? ????? ?? ?????? ????, ?? ????? ???? whatever ????????? ?? ?????? ?? ??????? ?????. htm ????? ??? ??????????, Microsoft Internet Explorer. htm ????????? ?? ??????? ??? HTML ?? ????? ??? ???? ?? ??? DNSLint ?? ????? ?? ??????? ?????? ????? ?? ??? ??? ????? ???? ???

??? ??????? ???? ???? ?? ????? ????????? ????, ?? ??? ???? ?? ?? ???? ??????? ?? ??? ????????? ????? DNSLint ?? ?????? ???? ??????? ???????? ?? ????????? ?????? ???????? (UNC) ??? ?????? ?? ???, ????dnslint /d msn.com /r c:\reports\reskitC:\Reports ??????? ??? Reskit.htm ??? ?? ?? ??????? ????? ??? ????dnslint /d mydom.local /r \\server1\reports\mydom?????? ?????? ??? ??????? ???? server1 ??? ?? ?? ?? ??????? ????? ??? ??????? ?? ??? ?? Mydom.htm ???


??? ?? ?????????/t??? ??? ??????? ?? ?? HTML (???) ?????, DNSLint ????? ???????? ??? ??????? ????? ??? ???. htm ??????? ?? ??? ??? ?????? ?? ???? ????? ??? ????????? ??. txt ??? ????? ??. htm ????? ?? ??? ??????? ??? ???? ?? ??? ?????? ?? ???, ????dnslint /d msn.com /r c:\reports\reskit /tC:\Reports ??????? ??? ?? ??????? ????? ??? ?? ??????? Reskit.htm ??? ???? ??, ?? ???? Reskit.txt ??? ???? ???

???????? ??? ??, ?? DNSLint ??? ????? ?? ?? ???? ??????? ???? ?? ??? ??? ???? ?? ???? ?? ?? ??????? ???? ?? ??? ?? ?? ?? ???? ??? ?? ??? ?????? ??????? ??? ????? ??, ?? DNSLint ???? ????? ?? ???????? ???? ?? ???? ?? ???/y??????, DNSLint ???? ???????? ??????? ???? ?????? ????? ?????? ?? ??? ????? ??? ????? . Htm ????? ?? ????????. txt ????? ??? ???????? ?? ?? ?? ?????? ?? ????? ?????

????dnslint /y /d msn.com /r c:\reports\reskit /tC:\Reports ??????? ??? ?? ??????? ????? ??? ?? ??????? Reskit.htm ??? ???? ??, ?? ???? Reskit.txt ??? ???? ??? ?????? ??????? ?? ??????? ???? ????? ??? ???? ???????? ?? ??? ????

The/no_openswitch prevents DNSLint from automatically opening the report after it is generated. This option is useful when you use DNSLint in scripts when you do not want to review the reports immediately or review the reports from the system that DNSLint was run from. ?????? ?? ???, ????dnslint /y /d msn.com /no_opengenerates a report called Dnslint.htm that overwrites a pre-existing report with the same name, without prompting the user. DNSLint does not automatically open the report when it is completed.

?????/test_tcp(test TCP port 53) option to request that TCP port 53 be tested when/dis used. Many DNS servers on the Internet today do not accept DNS queries on TCP port 53, to avoid possible attacks on that port. By default, only UDP port 53 is tested when DNSLint is run. Specifying the /test_tcp option will get DNSLint to send a single DNS query by TCP and report whether a response was received.

?? ????? ?? ???? ???/test_tcpoption with/d, ??/AD. However, you cannot use the/test_tcpoption with/ql??/ad /s localhostcombination. ?? ???/qlfunction, TCP port 53 can be tested directly from the input file. The/ad /s localhostfunction tests whether the locally configured DNS servers can resolve DNS records used for Active Directory Forest replication. You can test TCP port 53 connectivity by using/ad /sip_addrinstead, whereip_addris the IP address of a DNS server that is authoritative for the _msdcs zone in the root of the Active Directory domain.

?????? ?? ???::
dnslint /d microsoft.com /v /test_tcp
The/c(connectivity test) switch requests that DNSLint test well-known e-mail ports on all of the e-mail servers it finds while inspecting DNS servers for the specified domain name. The Simple Mail Transfer Protocol (SMTP), Post Office Protocol (POP version 3), and Internet Message Access Protocol (IMAP version 4) are supported. By default, when the/cswitch is specified, DNSLint tries to connect to all three ports on each e-mail server that it finds. That is, TCP port 25 for SMTP, TCP port 110 for POP, and TCP port 143 for IMAP.

DNSLint reports the state that each port is in: "Listening", "Not Listening", or "No Response." If DNSLint finds that a port is Listening, it also returns the response from the port if any is returned. For example, if an SMTP port is listening, it typically returns a response that is consistent with the SMTP protocol specification, such as the following:

220 mailsrv.reskit.com Microsoft ESMTP MAIL Service, Version: 5.0.2195.3705 ready at Mon, 13 May 2002 17:08:36 -0700

When a port is reported as "Not Listening", this indicates that the e-mail server being queried has responded with a TCP packet with the Reset flag set. This indicates that there is no service or program listening on the port.

"No Response" is reported when the target e-mail server does not respond to the connection attempt. Assuming that the target server is operational and running, this indicates that the port is being filtered on the target server or somewhere between the client that is running DNSLint and target server.

The commanddnslint /y /v /c /d msn.comgenerates a report called Dnslint.htm that overwrites a pre-existing report with the same name, without prompting the user. ???????/coption is specified, an extra section is appended to the bottom of the standard DNSLint report:
Network Connectivity Tests
E-mail server: smtp-gw-4.msn.com
IP address: 207.46.181.13

SMTP response:
220 cpimssmtpa18.msn.com Microsoft ESMTP MAIL Service, Version:
5.0.2195.4905 ready at Tue, 14 May 2002 09:26:06 -0700

POP response: NO RESPONSE (possibly filtered)

IMAP response: NO RESPONSE (possibly filtered)
???:

One or more POP servers did not respond.
One or more IMAP servers did not respond.

When a target e-mail server does not respond to a connection attempt on one of its e-mail ports, DNSLint retries the connection three times. This is standard behavior for a TCP client. Because DNSLint waits for three separate TCP connection attempts to time out before DNSLint indicates that there was "No Response", this process can slow down the completion of the report. To optimize DNSLint operation, you can specify which e-mail port or ports you want to check instead of checking all three all the time.

By default, when the/coption is specified, all three TCP ports (25, 110, 143) are checked. But you can specify which ports to check after the/c??????? Specify a comma-delimited list immediately after the/c??????? Specify valid ports only:smtp,pop,imap. Any combination of these three ports works. For example, the commanddnslint /d reskit.com /c smtpspecifies that only the SMTP port (TCP port 25) should be checked.


The commanddnslint /d reskit.com /c pop,smtpspecifies that only the SMTP port (TCP port 25) and POP port (TCP port 110) should be checked.

The commanddnslint /d reskit.com /c imap,popspecifies that only the IMAP port (TCP port 143) and POP port (TCP port 110) should be checked.


?? ????? ?? ???? ???/s(server) switch with the/d, ??/AD???????? The/sswitch has several purposes, but it only takes one type of data, a valid IP address of a DNS server (with one exception).

When you specify/d,/soption bypasses the InterNIC Whois lookup that DNSLint performs by default. As a result, DNSLint can run tests on private networks and on domain names that are deeper than the second-level domains on the Internet. DNSLint can also test domain names that are not supported by InterNIC. At the time this article was written, InterNIC supported Whois lookups for the following domains: .biz, .com, .coop, .edu, .info, .int, .museum, .net, and .org.

?? ?? ????? ????/AD,/s????? authoritative subdomain ???? ????? DNS ??????? ?? ??? ?? ?? ???? DNS ????? ?? IP ??? ????????? ???? ?? ??? ????? ???? ???? ?? ?????? ??????????? ?? ???????? ????????? ??????? ???? ??????????, ?? ?? ?????? ??????????? ?? ???????? ?? ??? ?? ??????? _msdcs subdomain. ?????? ?? ???, ?????? ??????????? ?? ???????? ?? ??? myad.reskit.com ??? ???? ??, ??? DNS ????? ?? ????? ?? ????? ???? ?? ?? ?? ?? ???? ?? authoritative _msdcs.myad.reskit.com ??? ?? ???, ?????? ??????????? ????????? ??? ????? ??? ?? DNS ??????? ???? ??????? ???? ???????????? ???????? ??? ??, _msdcs.myad.reskit.com ??????? ?? ???? ?? ???? ?? ????? DNS ????? ?? ???? However the DNS infrastructure has been designed, the/soption is used to specify a DNS server that is authoritative for the _msdcs.myad.reskit.com zone.

The/soption must specify a valid IP address. The only exception to this rule is the following combination:
dnslint /ad /s localhost
"localhost" is not a valid IP address. When you specify this parameter with the/ad /scombination, DNSLint tests the local system's (the system that is running DNSLint) ability to resolve the DNS records that are used for Active Directory forest replication. Recursive DNS ?????? ???? ???? ?? ??? ???????? ???? ??? DNS server(s) ??????? ?????? ?? ?????? ???? ?? ??????? ?????? ?????? ??????????? ?? ???????? ????????? ???? ?? ??? ????? DNS ??????? ?? ?? ?? ???? ???? ?? ?? ???? ?????? ???? ????? ????? ???????? ?? ?????? ??????????? ????????? ???????? ?? ?????? ?? ???

?????? ??????????, ???? ??? DNS ????? ????????? ???? ??? ??????? ?????? ??? ?? ?? ????????? ?? ?????? DNS ??????? ??????? ????????? ??????? ?? ?????????, ????? ??? DNS ????? ?? ??????? ?????? DNS ????? ???? ?? ????? ?? ??????????? ???? ????, ?? ???? ??? ???? ????? ????? ???? ???? ???

???????? ??????? ?? ???, Microsoft ?????? ??? ??? ???? ????? ?? ??? ????? ???? ?????? ????? ????::
261968????? ??? ????????? ??????? ??? ????? ???? ?? ??????? ???? ?????? ?? ??????????

???

???? ID: 321045 - ????? ???????: 03 ?????? 2010 - ??????: 2.0
???? ???? ???? ??:
  • Microsoft Windows 2000 Server
  • Microsoft Windows XP Home Edition
  • Microsoft Windows XP Professional
  • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
  • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
  • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
  • Microsoft Windows Server 2003, Enterprise x64 Edition
  • Microsoft Windows Small Business Server 2003 Premium Edition
  • Microsoft Windows Small Business Server 2003 Standard Edition
??????: 
kbdownload kbinfo kbmt KB321045 KbMthi
???? ?????? ????????
??????????: ?? ???? ?? ???? ??????? ?? ????? ?? Microsoft ????-?????? ?????????? ?????? ?????? ???? ??? ??. Microsoft ???? ??? ????-???????? ?? ????-???????? ????? ?????? ?? ???? ???????? ???? ?? ???? ????? ????? ??? ?? ??? ?????? ?? ???? ???? ???? ??? ????? ??. ???????, ????-???????? ???? ????? ???? ???? ???? ???. ?????, ????????, ?????-???? ?? ??????? ?? ???????? ?? ???? ???, ???? ?? ??? ?????? ???? ???? ??? ????? ??? ?? ???? ??. Microsoft ??????? ??? ???? ?? ?????? ?? ??????????, ????????? ?? ??? ?????? ?? ???? ????? ?? ???? ???????? ?? ??? ???? ????? ?? ??? ????????? ???? ??. Microsoft ????-?????? ?????????? ?? ????? ?????? ?? ?? ??? ??.
?????????? ?? ??????? ????????? ??????? ??:321045

??????????? ???

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com