DNS on Windows Server 2003, 3rd Edition

Query Refused

You generally see a “query refused” error message under two conditions. The first is when you attempt a zone transfer and the server refuses for security reasons (for example, based on the settings in the Zone Transfers tab of the zone properties window). This is what you’ll see:

C:\> nslookup
Default Server:  terminator.movie.edu
Address:  192.249.249.3

> ls movie.edu  
               This attempts a zone transfer
[terminator.movie.edu]
*** Can't list domain movie.edu.: Query refused
The DNS server refused to transfer the zone movie.edu. to your computer. If this
is incorrect, check the zone transfer security settings for movie.edu. on the DNS
server at IP address 192.249.249.3.
>

You might also see a “query refused” error from a name server running a recent version of BIND, which has the ability to restrict queries to different zones based on the querier’s source IP address.

Get DNS on Windows Server 2003, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

DNS on Windows Server 2003, 3rd Edition by Cricket Liu, Matt Larson, Robbie Allen

Query Refused

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly