Solved

2003 AD-integrated DNS problems

Posted on 2004-08-20
7
1,143 Views
Last Modified: 2007-12-19

I have two domain controllers in an AD network and I am trying to setup and configure DNS on dc1 properly before configuring and installing dns on dc2. I noticed the the wizard set my primary dns on dc1 as 127.0.0.1.Is this correct or should i set it to be the same ip address thats static'd into dc1's local area connection example: 128.0.2.5. Here's the output:

Windows IP Configuration

   Host Name . . . . . . . . . . . . : computername
   Primary Dns Suffix  . . . . . . . : company.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : company.local

Ethernet adapter Local Area Connection 3:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : HP Network Team #1
   Physical Address. . . . . . . . . : 00-0F-20-D1-4D-6E
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 128.0.2.5
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 128.0.1.1
   DNS Servers . . . . . . . . . . . : 127.0.0.1
                                       198.6.1.3
                                       198.6.100.25

C:\>nslookup 128.0.2.5
Server:  localhost
Address:  127.0.0.1

*** localhost can't find 128.0.2.5: Non-existent domain

What am I doing wrong and why can't I resolve 128.0.2.5 (dc1)? Also should I be using secure dynamic updates or just dynamic updates?
0
Comment
Question by:SANG501
  • 4
  • 3
7 Comments
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 11854261
which machine where you on when you did the above nslookup?

I wouldn't set the dns server to the loopback (127.0.0.1) just set it to the actual IP address of the DNS server that you want it to point to.

Also,  i wouldn't have your 2nd and 3rd dns servers listed as "real" public dns server b/c say your internal dns server is down, it will then give you results from a "public" dns server,, which of course will not have any info about your internal network,, so you will not get the disired results.
0
 
LVL 1

Author Comment

by:SANG501
ID: 11854288
I did the nslookup from 128.0.2.5(dc1)
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 11854356
well change its dns server to 128.0.2.5 (itself) and then check the DNS MMC to see that if it has a reverse lookup zone for your domain and a reverse A record for DC1.  DO you even have reverse zones configured,, since you are doing nslookup 1.1.1.1 which is a reverse lookup??
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 1

Author Comment

by:SANG501
ID: 11854417

After changing the primary DNS to 128.0.2.5 i can now get the right results from nslookup. I also created a reverse lookup zone with 128.0 as the network id. However, the only items I see in this zone are: two NS files pointing to DC1 and DC2 respectively and a SOA record. Is this correct?
0
 
LVL 1

Author Comment

by:SANG501
ID: 11854444
nevermind, I did a refresh and got a pointer record. Thanks for the assistance.

Also, can you or someone enlighten me as to whcih dynamic update is recommended?
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 11854647
there are only 2 types of dynamic updates that i know of,, secure and not secure.

by default, clients will attempt to use unsecure first,, then if that fails they will attempt to use the secure method.  if you have 98/95 computers these clients will have to be added to the DNSProxyUpdate Group in active directory.  windows 2000/xp machines are in this group by default.
0
 
LVL 25

Accepted Solution

by:
mikeleebrla earned 500 total points
ID: 11854661
opps,,, i meant you will have to add your DHCP server to the DNSProxyUpdate Group
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now