Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 259
  • Last Modified:

NSlookup from NT to 2003

Hey guys, I am a bit confused about my dns problem with two domains and seek your expert advice for the following situation:

Two pristine networks: Nt4 and 20003 Active Directory. two domain controllers on AD are dns servers 128.0.2.5 and 128.0.2.6 respectively. No dns servers on NT4 environment. DC's and member servers on AD environment can resolve each other via dns just fine.

Problem: Any workstation in the nt4 environment cannot succesfully resolve AD servers via DNS, this also includes my Windows XP workstation which has static DNS entries of 128.0.2.5 and 128.0.2.6. Here is the outpout of the nslookup both forward and reverse from my workstation:

C:\>nslookup corpwk3sdc01
Server:  corpwk3sdc01.domain.local
Address:  128.0.2.5

*** corpwk3sdc01.domain.local can't find corpwk3sdc01: Server failed



C:\>nslookup 128.0.2.6
Server:  corpwk3sdc01.domain.local
Address:  128.0.2.5

Name:    corpwk3sdc02.domain.local
Address:  128.0.2.6

I get the same results on NT4 servers, any thoughts? Since my workstation is not set to DHCP, does this mean i have to manualy register my DNS? If so then how come the reverse DNS comes up fine? Note: nothing about my workstation, name or IP is listed in the DNS forward and lookup zones. Do I need to add the dns suffix of domain.local on my local area connection DNS properties?
0
SANG501
Asked:
SANG501
1 Solution
 
Netman66Commented:
Try installing the Directory Services client on one of the NT workstations.
0
 
ColinRoydsCommented:
sounds like you are having a security issue, dns in win2k/3 by default only allows secure communication, in other words if you want to query the server you must be on the same domain or have a working trust relationship, for a quick fix change the security option in dns to allow for unsecure communication, then try nslook from a nt domain based workstation, if this works then look at the trust relationship between the two if you have one, or leave it as it is using the unsecure option.
0
 
SANG501Author Commented:

My trusts are not completely working, I didnt know I trust had to be setup before you can use other domain dns servers. I'll try that and post the results.
0
 
oBdACommented:
This is not a permissions issue; your DNS server is answering your requests just fine, as you can see by the response for the reverse lookup query.
The problem with the forward lookup is that you are querying just the host name. A query with the server's FQDN like
nslookup corpwk3sdc01.domain.local
should work just fine.
On your NT4 clients, you'll have to either enter domain.local in the domain field of the DNS tab, or (if for whatever reason you need another domain name there) add the domain.local (as well as the domain name from the "Domain" field!) in the dns suffix search list.
If you want to lookup your NT4 machines in DNS as well, you'll have to enter their names and addresses manually into your DNS. NT4 doesn't know about such modern things as Dynamic DNS; if you were using a W2k DHCP server for your NT4 machines, you could tell the DHCP to register the DNS addresses handed out on behalf of the clients, but for the moment, there's no way around entering the information manually.
0

Featured Post

Free recovery tool for Microsoft Active Directory

Veeam Explorer for Microsoft Active Directory provides fast and reliable object-level recovery for Active Directory from a single-pass, agentless backup or storage snapshot — without the need to restore an entire virtual machine or use third-party tools.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now