Another very common DNS issue is the inability to resolve external names. This problem is more common in Windows 2000 Active Directory domains, but it can happen in Windows 2003 AD domains as well.

The usual culprit is the formation of a root zone (.) which also prevents the formation of Root Hints and Forwarders. Because a root domain is the ultimate authority for name resolution, if you have such a zone, DNS resolution will never pass this zone and external DNS resolution will fail. This usually happens when DNS is not installed before DCpromo on Windows 2000, or if a DNS Server for the domain cannot be contacted during promotion. Have no fear its an easy fix!

Open up the DNS Management MMC and look in the Forward Lookup Zone. You should see two, one called your-domain.com and the root zone (.). Delete the (.) zone. With that gone we need to configure Root Hints and Forwarders. Right-click the DNS Server in the left pane in the DNS Management MMC and select Properties. Select the Forwarding tab and check the box next to "Enable Forwarders". Enter the IP(s) of your ISPs DNS servers and click Add and enter as many forwarders as you like. Now select the Root Hints tab. The root hints should populate automatically, if they do not, restart the DNS Server service.

That is it! Your internal clients should be able to resolve external DNS names now :)

For more information see:

DNS Tips

Windows 2000 DNS White Paper (DOC 2.24MB)

Windows 2003 DNS Server Role