Solved

NSlookup from NT to 2003

Posted on 2004-09-08
4
249 Views
Last Modified: 2010-04-19
Hey guys, I am a bit confused about my dns problem with two domains and seek your expert advice for the following situation:

Two pristine networks: Nt4 and 20003 Active Directory. two domain controllers on AD are dns servers 128.0.2.5 and 128.0.2.6 respectively. No dns servers on NT4 environment. DC's and member servers on AD environment can resolve each other via dns just fine.

Problem: Any workstation in the nt4 environment cannot succesfully resolve AD servers via DNS, this also includes my Windows XP workstation which has static DNS entries of 128.0.2.5 and 128.0.2.6. Here is the outpout of the nslookup both forward and reverse from my workstation:

C:\>nslookup corpwk3sdc01
Server:  corpwk3sdc01.domain.local
Address:  128.0.2.5

*** corpwk3sdc01.domain.local can't find corpwk3sdc01: Server failed



C:\>nslookup 128.0.2.6
Server:  corpwk3sdc01.domain.local
Address:  128.0.2.5

Name:    corpwk3sdc02.domain.local
Address:  128.0.2.6

I get the same results on NT4 servers, any thoughts? Since my workstation is not set to DHCP, does this mean i have to manualy register my DNS? If so then how come the reverse DNS comes up fine? Note: nothing about my workstation, name or IP is listed in the DNS forward and lookup zones. Do I need to add the dns suffix of domain.local on my local area connection DNS properties?
0
Comment
Question by:SANG501
4 Comments
 
LVL 51

Expert Comment

by:Netman66
Comment Utility
Try installing the Directory Services client on one of the NT workstations.
0
 
LVL 12

Expert Comment

by:ColinRoyds
Comment Utility
sounds like you are having a security issue, dns in win2k/3 by default only allows secure communication, in other words if you want to query the server you must be on the same domain or have a working trust relationship, for a quick fix change the security option in dns to allow for unsecure communication, then try nslook from a nt domain based workstation, if this works then look at the trust relationship between the two if you have one, or leave it as it is using the unsecure option.
0
 
LVL 1

Author Comment

by:SANG501
Comment Utility

My trusts are not completely working, I didnt know I trust had to be setup before you can use other domain dns servers. I'll try that and post the results.
0
 
LVL 82

Accepted Solution

by:
oBdA earned 500 total points
Comment Utility
This is not a permissions issue; your DNS server is answering your requests just fine, as you can see by the response for the reverse lookup query.
The problem with the forward lookup is that you are querying just the host name. A query with the server's FQDN like
nslookup corpwk3sdc01.domain.local
should work just fine.
On your NT4 clients, you'll have to either enter domain.local in the domain field of the DNS tab, or (if for whatever reason you need another domain name there) add the domain.local (as well as the domain name from the "Domain" field!) in the dns suffix search list.
If you want to lookup your NT4 machines in DNS as well, you'll have to enter their names and addresses manually into your DNS. NT4 doesn't know about such modern things as Dynamic DNS; if you were using a W2k DHCP server for your NT4 machines, you could tell the DHCP to register the DNS addresses handed out on behalf of the clients, but for the moment, there's no way around entering the information manually.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Join & Write a Comment

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now