name resolving issue


We have a windows 2003 domain controller, with DNS and WINS.  Our XP clients are set up pointing to our DNS.  Everything normally works fine, but every once in awhile (maybe once a day for a user) they will try opening one of their programs that connects to a sql server, and they will get a message sayin they cannot connect to it.  IF i ping the server by name, I get a 64.15.x.x address instead of my internal 10.x.x.x or whatever!  
So I'll go into their configuration file that points to the name of the server and change it to the IP and its fine.  But its never the same user.
Another example that has been happening lately is to our mail server.  They won't be able to connect to email and if I ping our server by name I get a weird 64.15 address........We use static IPs if that helps.
Its very frustrating!  We never make changes to our DNS server.  Any ideas?  
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Bernie SalvaggioIT ManagerCommented:
OK, just to be sure... Your domain controller running DNS is the ONLY DNS server on your network and EVERY computer and server point to it for DNS right? Even the server itself?

If not, that's how it should be if they're all on the domain.  With everything pointed to your one DNS server, and a forwarder set up on the DNS server, you should be fine.

If that's all fine, what's your DNS setup? Are you running AD integrated? Standard primary? Allowing for dynamic updates?

kjbbnkAuthor Commented:
To answer all your question - Yes this domain controller is the only dns server on our network (we have a very simple network) and every single computer points to it for dns, and yes the server itself.

Yes it is AD integrated and allows for only "secure" dynamic updates....How do i know if it is standard primary?

One thing I just noticed, in our forward look up zone area....and I don't know if it makes a lick of a difference....we used to have an old domain a year ago, and it has been off for the past year.   I just noticed that something is checked that says "zone transfers" and it says "only to the following servers", and our old domain ip address is in there.
Would that make a difference?

It is just weird how this will only happen to one or or two users everyday, and not even everyday.  It's like it just decides not to resolve one server's name to IP, but will do the rest.  Just so bizarre (and annoying).
yes I reckon if you uncheck zone transfers and try that
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

You are using a domain name that you own or is not allocated, yes?  BTW, do you have any idea what these 65.15.x.x addresses are?  Do they have any significance in your own local network context?

BTW, you should avoid using microsoft for anything DNS related - the integration of AD and DNS is such a massive kludge it's a wonder it ever works at all.  If your other services (ie sql, etc) require integrated AD and DNS on the main server, I pity your situation...

>I just noticed that something is checked that says "zone transfers" and it says "only to the following servers", and our old domain
>ip address is in there.
>Would that make a difference?

Unlikely - that would be a setting controlling which servers can download (vie AXFR, etc) a copy of your DNS zone file - allowing some other server read-access to your zone file is unlikely to cause lookups to fail in the way you describe.

> yes I reckon if you uncheck zone transfers and try that

Well, know I said it was unlikely to matter, but if we were't talking about Microsoft stuff, I'd have said it was impossible.

Beyond that, I can't really help much - if it requires AD, we don't install it.


Bernie SalvaggioIT ManagerCommented:
If it's AD integrated, then it's not Standard Primary, don't worry about it.

It seems that your DNS and WINS aren't getting along.  What are you using NetBIOS for that you need to have a WINS server up and running? Theoretically, unless you're running Exchange in a large, multi-subnet environment, you shouldn't need NetBIOS, and therfore shouldn't need WINS.;en-us;837391

Your computers may be getting confused at times and retrieving name resolution from WINS instead of DNS.  Note the question below from a MS KB article.

Question: Why can't I use WINS for name resolution like it is used in Microsoft Windows NT 4.0?

Answer: A Windows 2000 or Windows Server 2003 domain controller does not register Active Directory-related information with a WINS server; it only registers this information with a DNS server that supports dynamic updates such as a Windows 2000 or Windows Server 2003 DNS server. Other Windows 2000-based and Windows Server 2003-based computers do not query WINS to find Active Directory-related information.

Can you provide any more information about your setup and why you need WINS?

kjbbnkAuthor Commented:
We still have some Win98 machines.  We can't get off until we rid of this one specific application.  Don't we need WINS for Windows 98?
kjbbnkAuthor Commented:
There is nothing in our XPs that have a WINS address, only DNS.
The 98s that use WINS and DNS never have issues with this kind of thing.
Bernie SalvaggioIT ManagerCommented:
You don't need WINS for Win 98 machines, at least for normal file, app, and print sharing so long as your DNS is fine.  I don't know about specific apps and/or mail servers you may use, they may require WINS for 98 systems.

The 64.15.x.x address that the mail server and SQL server is showing up as, is it the same for both when things change? Do you have a proxy server set up that they may be getting mixed up with and going out instead of your normal setup?
kjbbnkAuthor Commented:
No proxy server. and no the IPs are different.

I did a little searching on this problem and found someone
 else who posted something similar with a windows 2003 server network.  But his situation was using dhcp, dns, terminal server, and using DSL.  He pinged by name from their server and would get a 64.15.x.x.  (its always a 64.15, but the last two are always different).

Bizarre....wish I knew why random PCs would do this.

> You don't need WINS for Win 98 machines, at least for normal file, app, and print sharing so long as your DNS is fine

Do you have a supporting URL for that claim?  I just did a fresh 98se install with the specific purpose of testing what kind of traffic a win98 machine generates for nmb lookups for non-local machines, and all it did until I specified a WINS server was send useless broadcast packets to the local subnet.


Bernie SalvaggioIT ManagerCommented:

Joh, I was too general, and slightly ignorant, I apologize.  You are right that a WINS server is required for non-local machines.  I took too many assumptions as to the layout of his network.  However, if a win98 machine isn't seperated by a router from the destination machine, it can use b-node name resolution to find the machine.  So WINS isn't NEEDED under all circumstances.  It could be needed on a local network if a specific app requires it though, which is why I mentioned specific apps.

kjbbnk, I can only think of a few things to check, and they're long shots.

You can check the hosts and/or lmhosts files on the suspect machines to make sure they don't have entries for the IP's in question.  Those files are in \SystemRoot\system32\drivers\etc

How about random network connectivity issues between the clients and servers? I know it tends to only be one client at a time but it's worth checking.

Also, one more thing, you posted that you have zone transfers enabled to an old domain but the domain is "off."  What do you mean by "off?"  Is there still a server running DNS at the IP that it specifies there? If so, you should change that, it may be pulling that wierd IP from that server.

Other than that, I'm stumped for now.

kjbbnkAuthor Commented:
Sorry - turned out they had a secondary DNS that started interfering.
Took that out via script. :)
Thanks everyone.  Figured it out on my own.
Closed, 125 points refunded.

Community Support Moderator
Experts Exchange

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.