kjbbnk
asked on
name resolving issue
Hi,
We have a windows 2003 domain controller, with DNS and WINS. Our XP clients are set up pointing to our DNS. Everything normally works fine, but every once in awhile (maybe once a day for a user) they will try opening one of their programs that connects to a sql server, and they will get a message sayin they cannot connect to it. IF i ping the server by name, I get a 64.15.x.x address instead of my internal 10.x.x.x or whatever!
So I'll go into their configuration file that points to the name of the server and change it to the IP and its fine. But its never the same user.
Another example that has been happening lately is to our mail server. They won't be able to connect to email and if I ping our server by name I get a weird 64.15 address........We use static IPs if that helps.
Its very frustrating! We never make changes to our DNS server. Any ideas?
We have a windows 2003 domain controller, with DNS and WINS. Our XP clients are set up pointing to our DNS. Everything normally works fine, but every once in awhile (maybe once a day for a user) they will try opening one of their programs that connects to a sql server, and they will get a message sayin they cannot connect to it. IF i ping the server by name, I get a 64.15.x.x address instead of my internal 10.x.x.x or whatever!
So I'll go into their configuration file that points to the name of the server and change it to the IP and its fine. But its never the same user.
Another example that has been happening lately is to our mail server. They won't be able to connect to email and if I ping our server by name I get a weird 64.15 address........We use static IPs if that helps.
Its very frustrating! We never make changes to our DNS server. Any ideas?
ASKER
To answer all your question - Yes this domain controller is the only dns server on our network (we have a very simple network) and every single computer points to it for dns, and yes the server itself.
Yes it is AD integrated and allows for only "secure" dynamic updates....How do i know if it is standard primary?
One thing I just noticed, in our forward look up zone area....and I don't know if it makes a lick of a difference....we used to have an old domain a year ago, and it has been off for the past year. I just noticed that something is checked that says "zone transfers" and it says "only to the following servers", and our old domain ip address is in there.
Would that make a difference?
It is just weird how this will only happen to one or or two users everyday, and not even everyday. It's like it just decides not to resolve one server's name to IP, but will do the rest. Just so bizarre (and annoying).
Yes it is AD integrated and allows for only "secure" dynamic updates....How do i know if it is standard primary?
One thing I just noticed, in our forward look up zone area....and I don't know if it makes a lick of a difference....we used to have an old domain a year ago, and it has been off for the past year. I just noticed that something is checked that says "zone transfers" and it says "only to the following servers", and our old domain ip address is in there.
Would that make a difference?
It is just weird how this will only happen to one or or two users everyday, and not even everyday. It's like it just decides not to resolve one server's name to IP, but will do the rest. Just so bizarre (and annoying).
yes I reckon if you uncheck zone transfers and try that
You are using a domain name that you own or is not allocated, yes? BTW, do you have any idea what these 65.15.x.x addresses are? Do they have any significance in your own local network context?
BTW, you should avoid using microsoft for anything DNS related - the integration of AD and DNS is such a massive kludge it's a wonder it ever works at all. If your other services (ie sql, etc) require integrated AD and DNS on the main server, I pity your situation...
>I just noticed that something is checked that says "zone transfers" and it says "only to the following servers", and our old domain
>ip address is in there.
>Would that make a difference?
Unlikely - that would be a setting controlling which servers can download (vie AXFR, etc) a copy of your DNS zone file - allowing some other server read-access to your zone file is unlikely to cause lookups to fail in the way you describe.
> yes I reckon if you uncheck zone transfers and try that
Well, know I said it was unlikely to matter, but if we were't talking about Microsoft stuff, I'd have said it was impossible.
Beyond that, I can't really help much - if it requires AD, we don't install it.
Cheers,
-Jon
BTW, you should avoid using microsoft for anything DNS related - the integration of AD and DNS is such a massive kludge it's a wonder it ever works at all. If your other services (ie sql, etc) require integrated AD and DNS on the main server, I pity your situation...
>I just noticed that something is checked that says "zone transfers" and it says "only to the following servers", and our old domain
>ip address is in there.
>Would that make a difference?
Unlikely - that would be a setting controlling which servers can download (vie AXFR, etc) a copy of your DNS zone file - allowing some other server read-access to your zone file is unlikely to cause lookups to fail in the way you describe.
> yes I reckon if you uncheck zone transfers and try that
Well, know I said it was unlikely to matter, but if we were't talking about Microsoft stuff, I'd have said it was impossible.
Beyond that, I can't really help much - if it requires AD, we don't install it.
Cheers,
-Jon
If it's AD integrated, then it's not Standard Primary, don't worry about it.
It seems that your DNS and WINS aren't getting along. What are you using NetBIOS for that you need to have a WINS server up and running? Theoretically, unless you're running Exchange in a large, multi-subnet environment, you shouldn't need NetBIOS, and therfore shouldn't need WINS.
http://support.microsoft.com/default.aspx?scid=kb;en-us;837391
Your computers may be getting confused at times and retrieving name resolution from WINS instead of DNS. Note the question below from a MS KB article.
Question: Why can't I use WINS for name resolution like it is used in Microsoft Windows NT 4.0?
Answer: A Windows 2000 or Windows Server 2003 domain controller does not register Active Directory-related information with a WINS server; it only registers this information with a DNS server that supports dynamic updates such as a Windows 2000 or Windows Server 2003 DNS server. Other Windows 2000-based and Windows Server 2003-based computers do not query WINS to find Active Directory-related information.
Can you provide any more information about your setup and why you need WINS?
-Bernie
It seems that your DNS and WINS aren't getting along. What are you using NetBIOS for that you need to have a WINS server up and running? Theoretically, unless you're running Exchange in a large, multi-subnet environment, you shouldn't need NetBIOS, and therfore shouldn't need WINS.
http://support.microsoft.com/default.aspx?scid=kb;en-us;837391
Your computers may be getting confused at times and retrieving name resolution from WINS instead of DNS. Note the question below from a MS KB article.
Question: Why can't I use WINS for name resolution like it is used in Microsoft Windows NT 4.0?
Answer: A Windows 2000 or Windows Server 2003 domain controller does not register Active Directory-related information with a WINS server; it only registers this information with a DNS server that supports dynamic updates such as a Windows 2000 or Windows Server 2003 DNS server. Other Windows 2000-based and Windows Server 2003-based computers do not query WINS to find Active Directory-related information.
Can you provide any more information about your setup and why you need WINS?
-Bernie
ASKER
We still have some Win98 machines. We can't get off until we rid of this one specific application. Don't we need WINS for Windows 98?
ASKER
There is nothing in our XPs that have a WINS address, only DNS.
The 98s that use WINS and DNS never have issues with this kind of thing.
The 98s that use WINS and DNS never have issues with this kind of thing.
You don't need WINS for Win 98 machines, at least for normal file, app, and print sharing so long as your DNS is fine. I don't know about specific apps and/or mail servers you may use, they may require WINS for 98 systems.
The 64.15.x.x address that the mail server and SQL server is showing up as, is it the same for both when things change? Do you have a proxy server set up that they may be getting mixed up with and going out instead of your normal setup?
The 64.15.x.x address that the mail server and SQL server is showing up as, is it the same for both when things change? Do you have a proxy server set up that they may be getting mixed up with and going out instead of your normal setup?
ASKER
No proxy server. and no the IPs are different.
I did a little searching on this problem and found someone
else who posted something similar with a windows 2003 server network. But his situation was using dhcp, dns, terminal server, and using DSL. He pinged by name from their server and would get a 64.15.x.x. (its always a 64.15, but the last two are always different).
Bizarre....wish I knew why random PCs would do this.
I did a little searching on this problem and found someone
else who posted something similar with a windows 2003 server network. But his situation was using dhcp, dns, terminal server, and using DSL. He pinged by name from their server and would get a 64.15.x.x. (its always a 64.15, but the last two are always different).
Bizarre....wish I knew why random PCs would do this.
> You don't need WINS for Win 98 machines, at least for normal file, app, and print sharing so long as your DNS is fine
Do you have a supporting URL for that claim? I just did a fresh 98se install with the specific purpose of testing what kind of traffic a win98 machine generates for nmb lookups for non-local machines, and all it did until I specified a WINS server was send useless broadcast packets to the local subnet.
Cheers,
-Jon
Do you have a supporting URL for that claim? I just did a fresh 98se install with the specific purpose of testing what kind of traffic a win98 machine generates for nmb lookups for non-local machines, and all it did until I specified a WINS server was send useless broadcast packets to the local subnet.
Cheers,
-Jon
http://www.microsoft.com/resources/documentation/WindowsServ/2003/all/techref/en-us/Default.asp?url=/Resources/Documentation/windowsserv/2003/all/techref/en-us/W2K3TR_netwk_namer_over.asp
Joh, I was too general, and slightly ignorant, I apologize. You are right that a WINS server is required for non-local machines. I took too many assumptions as to the layout of his network. However, if a win98 machine isn't seperated by a router from the destination machine, it can use b-node name resolution to find the machine. So WINS isn't NEEDED under all circumstances. It could be needed on a local network if a specific app requires it though, which is why I mentioned specific apps.
kjbbnk, I can only think of a few things to check, and they're long shots.
You can check the hosts and/or lmhosts files on the suspect machines to make sure they don't have entries for the IP's in question. Those files are in \SystemRoot\system32\drive
How about random network connectivity issues between the clients and servers? I know it tends to only be one client at a time but it's worth checking.
Also, one more thing, you posted that you have zone transfers enabled to an old domain but the domain is "off." What do you mean by "off?" Is there still a server running DNS at the IP that it specifies there? If so, you should change that, it may be pulling that wierd IP from that server.
Other than that, I'm stumped for now.
-Bernie
Joh, I was too general, and slightly ignorant, I apologize. You are right that a WINS server is required for non-local machines. I took too many assumptions as to the layout of his network. However, if a win98 machine isn't seperated by a router from the destination machine, it can use b-node name resolution to find the machine. So WINS isn't NEEDED under all circumstances. It could be needed on a local network if a specific app requires it though, which is why I mentioned specific apps.
kjbbnk, I can only think of a few things to check, and they're long shots.
You can check the hosts and/or lmhosts files on the suspect machines to make sure they don't have entries for the IP's in question. Those files are in \SystemRoot\system32\drive
How about random network connectivity issues between the clients and servers? I know it tends to only be one client at a time but it's worth checking.
Also, one more thing, you posted that you have zone transfers enabled to an old domain but the domain is "off." What do you mean by "off?" Is there still a server running DNS at the IP that it specifies there? If so, you should change that, it may be pulling that wierd IP from that server.
Other than that, I'm stumped for now.
-Bernie
ASKER
Sorry - turned out they had a secondary DNS that started interfering.
Took that out via script. :)
Thanks everyone. Figured it out on my own.
Took that out via script. :)
Thanks everyone. Figured it out on my own.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If not, that's how it should be if they're all on the domain. With everything pointed to your one DNS server, and a forwarder set up on the DNS server, you should be fine.
If that's all fine, what's your DNS setup? Are you running AD integrated? Standard primary? Allowing for dynamic updates?
-Bernie