DNS problem on Windows Server 2008 R2 Domain Controller ping returns unknown IP address

Restart the Netlogon service on the Domain Controller. This recreates the DNS SRV records for you.

Then clear the DNS cache and try again.

Rob, I restarted the Netlogon service, then did an "ipconfig /flushdns" on both the Domain Controller and one of my workstations....got the same result as I posted in my attachments above.  Anything else you can think of?

Verify the IP details of all Domain Controllers. Don't use the GUI though as this can be different to what is actually bound to the NIC (I've seen it multiple times - although it's rare).

Use NETSH to get the Adapter information:
netsh interface ipv4 show addresses
netsh interface ipv4 show dnsservers

If that information is as expected, then concentrate on DNS.
Open your Forward Lookup Zones > Expand 'Domain.com' and just check the A record, NS records match the IP of the DC's and not the random address you are getting.

Open the _msdcs zone as well, and check the ldap and kerberos SRV records to see if any do exist, and what server they are pointing too. You should have one of each for every DC.

Everything returned from the "netsh" commands appeared fine.  Under DNS, the A records pointed to the correct IP addresses as well.  I'm not that knowledgeable with the rest.  I found a "_msdcs.daisrvr.com" entry that had a number of sub "folders" under it (dc, domains, etc.) and a "_msdcs" entry UNDER the domain entry that showed an NS record that pointed to my domain controller (I only have one DC), but nothing else!?  Should that have an ldap and kerberos SRV record?

did you connect the new feed directly into the dc? This is the only possible way a public IP can land on the DC.

usually, since you have a firewall, configuring/reconfiguring its WAN side is all that is required. the LAN does not need to change.

I don't have (and don't want) a public IP on my DC.  The DC has 2 NICs, using the 192.168.x.x private IP numbers.  Also, I've disconnected my hardware firewall (probably will have to buy a new one....) so take the firewall out of the equation for this issue. Another piece of information I forgot to mention before is that when I ping "daisrvr.com", I get an IP address that starts with 184.168.x.x , but if I ping the full DC name and domain "server.daisrvr.com", I get a different IP address that starts with 50.x.x.x !?  I'm lost at this point. Prior to Wednesday of last week (and for a number of years before....) this setup was working just perfectly!?

Oh,  your issue is that you are using a public domain for your AD.  The info you get is because the systems from which you ping include DNS server  references to external DNS servers. In an AD environment, you should only push DNS servers that are  your DCs. never push public DNS servers to the workstations..

I appreciate your response, but what are you talking about?  I'm NOT using a PUBLIC domain, I'm trying to get my PRIVATE domain to work correctly so all my workstations can connect to my server.  That is my issue!

Your AD domain Name is DAISRVR.com This is a Public Domain: A private domain like private IPs are not accessible anywhere outside the Local Environment.

Non-authoritative answer:
Name:    daisrvr.com
Address:  184.168.221.48

This is the reason when you have a system with an external DNS referenced it could send the request to an external DNS server and receive the external IP.

Checking into this further, you are right, but this really shouldn't be the situation.  I have an SSL Certificate for "server.daisrvr.com" that I bought from GoDaddy to set up a RemoteApp that my customers can get into on my system.  However, I never BOUGHT this domain name (I just made it up...), yet when I do a WHOIS on the domain name, GoDaddy pops up with myself as the owner of this domain!?  I guess I'll have to talk to GoDaddy and get this straightened out somehow, but this was never intended to be a PUBLIC domain.  Thanks for your diligence.

Thinking about this further, I've been using "daisrvr.com" as a PRIVATE domain for years and everything was working up until last week.  GoDaddy apparently registered this as a "public" domain back in 2012, so why is this now becoming a problem?  Again, everything I'm using the domain name for is internal with the sole exception of the SSL certificate that I needed to purchase so customers could get access via RemoteApp to my server?  But that name COULD have been anything (daisrvr.biz, daisrvr.whatever, etc.), only if I were to change it now, I would still need to buy an SSL certificate to point to whatever I rename it to!?

Most SSL certificates have to be issued/verified the only option uses domain registration.

Usually, using a self signed and providing the user's with your CAs public cert to be added to their system as trusted.

I am no expert but here is my input :

I have seen many networks that use a public domain for their internal domain. The only thing this means you might need to tweak some DNS entries.

I do not think the certificate is your problem.

I would look at  internal DNS setup.
What dns server are you using to resolve internally?

Perhaps run nslookup domainname.com

I'm really back to "square one" with this issue.  I have 3 workstations and 1 server on my network.  I lost my internet connectivity last week and had ComCast come out to check out that situation.  I was able to reestablish internet connectivity but had to change the "Default Gateway"  address on my network.  I didn't really think that would be an issue, but it seems to have totally disrupted my local area network and now I can't get my workstations to connect to my "domain-based" server.  Problem is that I have tons of applications installed on 2 of my workstations, the most important of which need to connect to SQL Server installed on my server.  At this point, nothing is working!  When I try to connect my workstations to the domain I get the error message in the attached screenprint (similar to the screen prints above).  I have too many things already installed on both my server (SSL Certificates, RemoteApps, etc.) and my workstations (all of my program development software) which I routinely create image copies for each of my workstations and my server in order to NOT have to ever reinstall all of these software packages.  Bottom line is that I don't even know if I could remember how to reinstall all of this which is why I've been relying on Acronis to make image copies for each of my operating system partitions.  There must be something that I'm missing here since there are a lot of other people who get the same or very similar errors (based on Google searches...) and, if I could just figure out how to get my domain back to the way it was less than a week ago, I could avoid having to start setting everything up again from scratch (which I know is going to generate all kinds of problems with settings that I've made over the years and don't even remember what I did at this point....).    Again, if anyone can help me get my "domain-based" network re-connected without resorting to a complete reinstall, I would be eternally grateful.  The error message I get when attempting to connect my workstations to my server is attached!   TIA, Jim Klocksin

Make sure that your new Router is not Assigning IPs. And make sure your server's LAN IP matches the LAN IP of the new Router. Then Configure the DHCP on the server to have the scope that your new router has.
Server Former LAN: 192.168.7.0 255.255.255.0
Comcast Router LAN: Defaulted to 10.0.0.0 255.255.255.0 10.0.0.1 As gateway.
one option is to reconfigure the Comcast router to have your 192.168.7.0 LAN network.
Alternatively, Disable the DHCP server on the comcast router.
Change the IP address on the Windwos server to use the new LAN.
Configure a new scope on the DHCP server in windows server for 10.0.0.0 255.255.255.0 to match.
And that should do it. MAke sure to add the new IP first, to make sure it propagates to the AD/DNS then .......

I would suggest going through reconfiguring the Comcast Router to match your prior LAN Ips.

I re-posted this issue with a slightly different take on it and I was finally able to resolve this.  I needed to turn off the ipv6 that were checked off on my NIC cards, apparently after I replaced my cable modem to a newer ComCast cable modem router combination.  Thanks for all of your suggestions, I do appreciate the responses!

I've requested that this question be closed as follows:

Accepted answer: 0 points for Jim Klocksin's comment #a40684632

for the following reason:

I provided the ultimate resolution in my final post on this issue.

On windows 2008 you should not be disabling IPV6 as it relies on that and could have unintended consequences. Transitioning away from the Comcast's router allocating IPs if that is the issue to handling the DHCP on your windows server will for future maintain /.....

arnold:  I might already be seeing some of those unintended consequences you referred to.  Can you explain to me how I can keep both IPV6 and IPV4 and have the IPV4 override the IPV6 for local DNS purposes?

arnold:  You're way over my head at this point, but I'll try to give you a better picture of my setup.  

First of all, my provider is ComCast and will always be Comcast (it's the only game in town....).  

I don't know exactly what you mean by preferred LAN IP segment, but I want to use IPV4 if that helps.

All of my computers have hard-coded IP addresses in the 192.168.7.x range.

I just ordered a Zoom Cable Modem/Router with 4 Ethernet ports (1 I'll use for my network, the other 3 I'll be using for Vonage phone lines).

I just ordered a new SonicWall firewall router which I plan to route my Internet from my modem/router into first, then I'll connect the firewall router to a 16-port switch that I already have.

That said, I will probably use my Comcast modem/router for a while, since I'm currently in negotiations with my most important client and can NOT afford to disrupt my internet/email capability (which is exactly what started my problems that initiated this Question in the first place).

My current problems are:

1) the RemoteApp setup that was working beautifully on my server is no longer working

2) I have an FTP program that I wrote that was working on my server (WinServer2008R2) and no longer works, but the program still works when I run it on my Win 7 Pro workstation!?

The only time your LAN or even your server will see a public ip for your domain is when they consult public DNS servers.
So whatever changes between one device to the other happened, resulted in this issue.

Since, you've resolved your issue.

arnold spent a lot of time responding to my posts and deserves any points I can give to him.

Jim, if my comments/suggestions did not help, spending time is no reason to award points.

not sure why you are using statically assigned IPs where you can have your Server allocate IPs on your LAN using the DHCP role Then whenever a new router is brought into the mix, you would adjust its settings to correspond to the LAN IPs you have of 192.168.7.0 255.255.255.0 with 192.168.7.1 as the gateway which will be set on the router.