Windows 2003 SBS DNS problem

Posted on 2004-11-04
Last Modified: 2010-04-19
I have a small business network setup with 1 server acting as the DC, DNS server, and DHCP server utilizing AD. I have 5 other computers that all have win xp pro on them. It takes over 2 minutes for the xp clients to login. I am almost positive that I have a DNS issue but can not figure out how to get everything working properly.
The present configuration =    internet ------->Fractional T1 modem -------->Netgear Router w/8 port switch ----->then I have all the clients and the server connected to the netgear router/switch.
The router has a static IP and I do not have it set to be a dhcp server because the win 2003 SBS server is the dhcp server. When I do nslookup I it returns the name of the sever but the logins are still slow. I also have the gateway for the server and the clients set to the internal netgear router ip  
(ex.  Do I need to have the clients gateway set to the win 2003 SBS server's ip address?  Any help is greatly appreciated!
Question by:jgroh9
    LVL 82

    Accepted Solution

    Your DNS settings are incorrect. The following setup should work for you:

    *** TCP/IP-Settings ***
    * On your DC/DNS, make sure the only DNS listed in the TCP/IP properties is itself.
    * On your domain members, enter only the DCs as primary DNS.
    * Do NOT enter your ISP's DNS server in the TCP/IP settings on any domain member. All DNS resolution needs to be done by your internal DNS server *only*.

    *** DNS Server Settings ***
    * Delete the root zone (if present) in your DNS server's forward lookup zones (the single dot, "."), to enable external lookups.
    * Right-click your forward and reverse lookup zones, go to Properties, and make sure that Dynamic Updates are enabled.
    * In the properties page of your DNS servers, configure forwarders to point to your ISP's DNS. The forwarders section is the *only* entry in your network where your ISP's DNS should be listed.
    * It's recommended (but not necessary) to set your zones to Active Directory integrated (this can be done in the properties of the zones as well).

    Once you've checked this, open a command prompt and enter "ipconfig /registerdns", then stop and re-start the netlogon service. Check if the SRV records have been created (see link below).

    Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS

    Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003

    How to Verify the Creation of SRV Records for a Domain Controller

    How Domain Controllers Are Located in Windows

    How Domain Controllers Are Located in Windows XP

    SRV Resource Records May Not Be Created on Domain Controller

    HOW TO: Configure DNS for Internet Access in Windows Server 2003

    HOW TO: Troubleshoot DNS Name Resolution on the Internet in Windows Server 2003
    LVL 25

    Expert Comment

    one thing you mentioned concerns me,, when you said:

    When I do nslookup I it returns the name of the sever but the logins are still slow

    that would be a reverse dns lookup (resoving IP to name)

    what happens when you do a regular dns lookup (Name to IP)?? does it resolve to the IP address of the DC?
    ie  nslookup

    can you ping the DC by IP address and by domain name?

    Author Comment

    one quick question...what do I do with the dns server addresses that are used for my isp which are currently configured in my router? Do I leave them there? I believe that I have to?
    LVL 82

    Expert Comment

    Your ISP's DNS servers go into your DNS server's forwarders entries. Your DC/DNS will then answer your internal queries, and when it encounters a query for a domain it isn't responsible for, it will forward the request to your ISP's DNS server.

    Author Comment

    Thanks for your help oBda. I checked all the settings you suggested and I had most of them setup correctly. The problem was that I didn't name the server correctly. When I named the server I named it server01.domain but instead it should have been server01.domain.local
    A silly mistake but in the end I learned a lot from it.
    Thanks again for all your help.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    I have never ceased to be amazed how many problems you can encounter on a fresh install of a Windows operating system.  This is certainly case in point& Unable to complete ANY MSI installation.  This means Windows Updates are failing and I can't …
    Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
    Hi everyone! This is Experts Exchange customer support.  This quick video will show you how to change your primary email address.  If you have any questions, then please Write a Comment below!
    how to add IIS SMTP to handle application/Scanner relays into office 365.

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now