DNS Server not resolving local addresses/names
Hi,
I recently setup a DNS for a small network with no Active Directory. I had a question which is related to this here https://www.experts-exchange.com/questions/26702157/DNS-server-in-a-Workgroup.html
The DNS server can resolve external domains fine, but it won't resolve internal addresses. The zone is called "workgroup" and I have applied a DNS suffix to all local PC's using DHCP (Option 015).
All the clients come up in address leases as "computername.workgroup" but they wont actually register themselves in the zone, which I'm 99% sure is the problem. I just can't figure out why they are not registering themselves.
So yeah, I'm stuck now :)
Thanks.
I recently setup a DNS for a small network with no Active Directory. I had a question which is related to this here https://www.experts-exchange.com/questions/26702157/DNS-server-in-a-Workgroup.html
The DNS server can resolve external domains fine, but it won't resolve internal addresses. The zone is called "workgroup" and I have applied a DNS suffix to all local PC's using DHCP (Option 015).
All the clients come up in address leases as "computername.workgroup" but they wont actually register themselves in the zone, which I'm 99% sure is the problem. I just can't figure out why they are not registering themselves.
So yeah, I'm stuck now :)
Thanks.
There is no setting in DHCP server that prevents the registration DNS?
what happens if you query the server directly for that computername
eg:
nslookup computername serveripaddress
or
nslookup computername.workgroup serveripaddress
what happens if you query the server directly for that computername
eg:
nslookup computername serveripaddress
or
nslookup computername.workgroup serveripaddress
You can the force your clients to register by restarting them or execute "ipconfig /registerdns"
You can also configure your DHCP to do the dns clients registration.
Paulo
You can also configure your DHCP to do the dns clients registration.
Paulo
ASKER
I double checked dynamic update settings, and they are set to "Nonsecure and Secure".
I also tried manually registering clients using "ipconfig /registerdns", but still not working.
Hmmmmm...
I also tried manually registering clients using "ipconfig /registerdns", but still not working.
Hmmmmm...
If you go into the TCP/IP settings of a client computer, it is setup to register its connection in DNS?
can you post an ipconfig /all from a client computer here?
I'd still be looking at something like group policy or DHCP/DNS server setting which is preventing DNS regisrations.
can you post an ipconfig /all from a client computer here?
I'd still be looking at something like group policy or DHCP/DNS server setting which is preventing DNS regisrations.
ASKER
Yes, that setting is enabled by default in all clients.
here is a dump from ipconfig /all
here is a dump from ipconfig /all
Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\Thanasi>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : KALA-LAPTOP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : workgroup
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-1E-33-4C-44-C9
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . : workgroup
Description . . . . . . . . . . . : Intel(R) WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-16-EA-AC-8A-34
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5c93:635f:9d7a:ee42%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.54(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, 3 January 2011 9:11:58 PM
Lease Expires . . . . . . . . . . : Tuesday, 18 January 2011 12:29:06 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.20
DHCPv6 IAID . . . . . . . . . . . : 184555242
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-B2-B0-2F-00-1E-33-4C-44-C9
DNS Servers . . . . . . . . . . . : 192.168.0.20
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.workgroup:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : workgroup
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{A628C967-6455-4147-8E81-5F0A54BA02A7}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:cc7:ba3:3f57:ffc9(Prefer
red)
Link-local IPv6 Address . . . . . : fe80::cc7:ba3:3f57:ffc9%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
C:\Users\Thanasi>
All that looks OK
It could be this
http://support.microsoft.com/kb/264539
is the DHCP client service running?
It could be this
http://support.microsoft.com/kb/264539
is the DHCP client service running?
Does the event log of the client computers show anything after an ipconfig /registerdns?
What about the DHCP and DNS server logs/event logs.. are they showing anything that would suggest a deny of registration or error?
What about the DHCP and DNS server logs/event logs.. are they showing anything that would suggest a deny of registration or error?
ASKER
Na, cant see anything in the client logs after trying a "ipconfig /registerdns".
Can't see any errors in the server DNS log either, there are some suggestions in the "Best practices Analyzer" though, here they are:
There are some errors about secondary servers for the zone, but I don't have any, so I guess that's why I'm getting these errors :)
Can't see any errors in the server DNS log either, there are some suggestions in the "Best practices Analyzer" though, here they are:
There are some errors about secondary servers for the zone, but I don't have any, so I guess that's why I'm getting these errors :)
When you're trying to register non-active directory machines to DNS on the server you must specify the DNS suffix in either DHCP or manually on the clients. Then, restart the machines and try to register with DNS again. So, you'll need to either set option 015 (I think) to workgroup in DHCP on the server or manually under the advanced DNS settings on the network card's TCP/IP properties.
ASKER
renazonse: That was already setup.
Sorry about that...I see you included it in your question.
Have you tried manually adding the suffix to a workstation client to see if it works then. The settings are a bit different as the DHCP version is connection specific suffix.
Have you tried manually adding the suffix to a workstation client to see if it works then. The settings are a bit different as the DHCP version is connection specific suffix.
In DNS workgroup environment each zone created needs to allow DNS Automatic Updates manually by administrator. Did you do that? If not, open DNS console and right click on zone name in Forward Lookup zones. Choose "properties" and on "General" tab check if "Dynamic updates" is set up to "Nonsecure and Secure". If not (by default wizard has selected in dropdown box "None"), change that and check once again of your clients will register in DNS automatically.
Regards,
Krzysztof
Regards,
Krzysztof
ASKER
renazonse: I just tried adding the suffix manually and it didn't help :(
iSiek: That's already been set.
iSiek: That's already been set.
ASKER
Ok, I have found some interesting things. In my DHCP log, I find errors like these:
So I enabled that and punched in some credentials for the DHCP to authenticate with the DNS and create the records, I used my Administrator account. (pic attached for this setting too) Then I restarted and I'm still getting errors!!
So I dug some more, turns out, that the credentials you enter, must be an account that is part of the "DnsUpdateProxy" Group. I though easy enough, so I go to add my "Administrator" account to this group but, he group doesn't exist!! I'm guessing that the group is created when you setup Active Directory, which I'm not using. This is documented here http://technet.microsoft.com/en-us/library/dd334715(WS.10).aspx
{Edited by _alias99}
Name-Protection-setting.jpg
DNS-credentials-for-DHCP.jpg
31,01/11/11,00:37:18,DNS Update Failed,192.168.0.52,Tycoon.workgroup,,,0,6,,......So I enabled that and punched in some credentials for the DHCP to authenticate with the DNS and create the records, I used my Administrator account. (pic attached for this setting too) Then I restarted and I'm still getting errors!!
So I dug some more, turns out, that the credentials you enter, must be an account that is part of the "DnsUpdateProxy" Group. I though easy enough, so I go to add my "Administrator" account to this group but, he group doesn't exist!! I'm guessing that the group is created when you setup Active Directory, which I'm not using. This is documented here http://technet.microsoft.com/en-us/library/dd334715(WS.10).aspx
{Edited by _alias99}
Name-Protection-setting.jpg
DNS-credentials-for-DHCP.jpg
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ZJORZ has it...you need to add a suffix to that domain name instead of leaving it as just "WORKGROUP" it should be "WORKGROUP.LOCAL" or something of that nature.
ASKER
Just tried "home.local" and changed the relevant setting, still getting "DNS Update Failed" in DHCP log.
ASKER
Ok wait a sec, its PARTLY working now.
All the clients are showing up in the Reverse Lookup Zone but only my iPhone's are also shwoing up in the Forward Lookup Zone.
Weird, tried restarting the windows machines, and ipconfig /release, renew, flushdns, registerdns.
All the clients are showing up in the Reverse Lookup Zone but only my iPhone's are also shwoing up in the Forward Lookup Zone.
Weird, tried restarting the windows machines, and ipconfig /release, renew, flushdns, registerdns.
ASKER
Ok, using home.local and with name protection off, it seems to be all fine now.
I will wait for a day before awarding points, just to make sure.
I will wait for a day before awarding points, just to make sure.
Glad you got it going. I just saw this from the other thread.
Go to dns, open properties of dns zone and configure the dynamic updates options to "secure and non secure"
Paulo