• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 233
  • Last Modified:

Windows 2003 DNS Problem

I currently have a Windows 2003 AD with DNS.  There are about 10 users on Windows XP Pro workstations that logon to the 2003 AD.  There are no roaming profiles.  When the users go to login to the AD , they hang at "loading personal profiles" for about 10 - 20 minutes.  I went to the AD server and tried to ping the other workstations by name and the server seems to be going out to of the network to resolve the name to an iP address.  

Example:

ping Bill (on local network - ip address 10.20.1.101)

after hitting enter the following occurs
ping Bill(216.107.80.91)
request timed out
request timed out
request timed out

The DHCP server is at a remote location.  

Do I need to setup a DNS forwarder? and if so where?

ALso, is there any configuration that needs to be done on the DHCP server?

Thanks
0
dkh30
Asked:
dkh30
  • 4
  • 4
1 Solution
 
mikeleebrlaCommented:
make sure all computers (workstations and servers) are all pointed to your domain dns server (usually this will be your DC) Your ISPs DNS server shouldn't be listed ANYWHERE on the DNS settings for the LAN cards on your servers or workstations.  

The only place your ISPs dns server should be listed is as a forwarder.  And that is only needed if you are experiencing slow DNS lookups due to the root hint servers (on the internet) being busy.  In that case you might need to set up forwarders so your dns server will forward requests to your ISPs dns server, rather than using the root hints (used by default).  Setting up a forwarder will not resolve your issue at hand.

make sure that your internal AD DNS server is listed on ALL your computers (the most likely cause of your problem)

you say that dhcp is handled at a remote location,,, where is your DNS server located?
0
 
dkh30Author Commented:
MY DNS server is local.  
0
 
mikeleebrlaCommented:
ok,, well are all your computers pointed to it for dns name resolution?  if not they should be
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
dkh30Author Commented:
That is what I think the problem is.  When I issue the command ipconifg /all the dns servers listed are the remote ones.  I was thinking maybe to add to the DHCP server options is to put as the primary dns server should be the local dns server and the secondary and teritary as the remote dns servers.  Then on the local dns have forwarders point to the remote dns servers. If this makes any sense.  What do you think?
0
 
dkh30Author Commented:
I also opened up the event viewer on the users xp pro machine and went to the application log and found the following error

Event ID 1000
Source Userenv

Windows cannot determine the user or computer name. Return value (Returned Value 1722).
0
 
mikeleebrlaCommented:
are the "remote" ones your ISPs dns servers or are they simply AD DNS servers (in your domain) that are at a remote site?

0
 
dkh30Author Commented:
They are simply AD DNS servers in a remote site
0
 
mikeleebrlaCommented:
well in that case they should be giving you the correct IP addresses since their DNS records "should" be the same as the DNS records as the DNS server in your local site.  In any case your local clients should still point to your local dns server since its faster than going over the WAN and in case the WAN goes down your local clients will still have a DNS server they can reach.

run dcdiag and netdiag from command line on your DC,,, these tests might reveal configuration errors.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now