[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


Windows 2003 SBS DNS problem

Posted on 2004-11-04
Medium Priority
Last Modified: 2010-04-19
I have a small business network setup with 1 server acting as the DC, DNS server, and DHCP server utilizing AD. I have 5 other computers that all have win xp pro on them. It takes over 2 minutes for the xp clients to login. I am almost positive that I have a DNS issue but can not figure out how to get everything working properly.
The present configuration =    internet ------->Fractional T1 modem -------->Netgear Router w/8 port switch ----->then I have all the clients and the server connected to the netgear router/switch.
The router has a static IP and I do not have it set to be a dhcp server because the win 2003 SBS server is the dhcp server. When I do nslookup I it returns the name of the sever but the logins are still slow. I also have the gateway for the server and the clients set to the internal netgear router ip  
(ex.  Do I need to have the clients gateway set to the win 2003 SBS server's ip address?  Any help is greatly appreciated!
Question by:jgroh9
  • 2
  • 2
LVL 85

Accepted Solution

oBdA earned 1600 total points
ID: 12496236
Your DNS settings are incorrect. The following setup should work for you:

*** TCP/IP-Settings ***
* On your DC/DNS, make sure the only DNS listed in the TCP/IP properties is itself.
* On your domain members, enter only the DCs as primary DNS.
* Do NOT enter your ISP's DNS server in the TCP/IP settings on any domain member. All DNS resolution needs to be done by your internal DNS server *only*.

*** DNS Server Settings ***
* Delete the root zone (if present) in your DNS server's forward lookup zones (the single dot, "."), to enable external lookups.
* Right-click your forward and reverse lookup zones, go to Properties, and make sure that Dynamic Updates are enabled.
* In the properties page of your DNS servers, configure forwarders to point to your ISP's DNS. The forwarders section is the *only* entry in your network where your ISP's DNS should be listed.
* It's recommended (but not necessary) to set your zones to Active Directory integrated (this can be done in the properties of the zones as well).

Once you've checked this, open a command prompt and enter "ipconfig /registerdns", then stop and re-start the netlogon service. Check if the SRV records have been created (see link below).

Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS

Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003

How to Verify the Creation of SRV Records for a Domain Controller

How Domain Controllers Are Located in Windows

How Domain Controllers Are Located in Windows XP

SRV Resource Records May Not Be Created on Domain Controller

HOW TO: Configure DNS for Internet Access in Windows Server 2003

HOW TO: Troubleshoot DNS Name Resolution on the Internet in Windows Server 2003
LVL 25

Expert Comment

ID: 12496365
one thing you mentioned concerns me,, when you said:

When I do nslookup I it returns the name of the sever but the logins are still slow

that would be a reverse dns lookup (resoving IP to name)

what happens when you do a regular dns lookup (Name to IP)?? does it resolve to the IP address of the DC?
ie  nslookup DC.domainname.com

can you ping the DC by IP address and by domain name?

Author Comment

ID: 12496524
one quick question...what do I do with the dns server addresses that are used for my isp which are currently configured in my router? Do I leave them there? I believe that I have to?
LVL 85

Expert Comment

ID: 12497010
Your ISP's DNS servers go into your DNS server's forwarders entries. Your DC/DNS will then answer your internal queries, and when it encounters a query for a domain it isn't responsible for, it will forward the request to your ISP's DNS server.

Author Comment

ID: 12503235
Thanks for your help oBda. I checked all the settings you suggested and I had most of them setup correctly. The problem was that I didn't name the server correctly. When I named the server I named it server01.domain but instead it should have been server01.domain.local
A silly mistake but in the end I learned a lot from it.
Thanks again for all your help.

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question