Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

URGENT - Windows 2003 DNS Setup Challenges.

Posted on 2006-03-26
11
Medium Priority
?
1,605 Views
Last Modified: 2010-03-19
Hello,

I have setup DNS on a Windows 2003 Server (non-SBS) domain controller as per the instructions I have found all over this site.  However, I am still running into problems.

Questions:

1) Am I naming the forward zone correctly?  The AD domain name is company.local - I named the zone dns.company.local.  Was this OK?  Any suggestions here?  In my forward lookup zones folder I have two records: SOA and NS record.  Both contain the FQDN of the the DC.  Are any records missing here?

2) When I type NSLOOKUP I get non-existant domain.  As per intructions on this site, I put a reverse look up entry in in the form of a PTR record.  I type NSLOOKUP again and I get a proper prompt with no errors.  What record should I be adding here? Is the PTR one correct?

3) When I run netdiag and test DNS it fails all over the place with theI get "Cannot find authoratitive DNS server for the name "windows2003servername.company.local" The domain name may not be registered in DNS.  This is my first hint that something is wrong.  Any ideas here?

When I nslookup internet domains, I get a response just fine.

The Windows 2003 Server is the only domain controller and DNS server on the network. It is configured with a static IP, subnet mask and the gateway address is the IP of the router.  The DNS server is also a static IP and is the IP address of itself.  The only place the ISP DNS servers are in the Forwarders tab.  Internet works fine.

How do I know if DNS is actually working.  It seems to be except for the netdiag fatal errors. I remain confused.

Other clues DNS may not be functioning is when I stop and start the netlogon service, this error appears:

Event Type:      Warning
Event Source:      NETLOGON
Event Category:      None
Event ID:      5781
Description:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'DomainDnsZones.eurotech2006.local.' failed.  These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).  

Possible causes of failure include:  
- TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers
- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration  

USER ACTION  
Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt or by restarting Net Logon service. Nltest.exe is available in the Microsoft Windows Server Resource Kit CD.


0
Comment
Question by:xweberx
  • 6
  • 4
11 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 2000 total points
ID: 16296098
1. the zone should also be called company.local. We'll come onto your other records later.
2. The reverse zone will look after itself (to start with) when you have the DNS correct.
3. Lets sort out 1. first then look at this bit.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16296103
Make sure you create it as AD-Integrated.... It will call itself company.loca.dns as it saves it....
0
 
LVL 1

Author Comment

by:xweberx
ID: 16296246
Thanks, Keith.

Zone now company.local

Folder under Forward Lookup Zone has two records in it:
SOA and NS both contain entries of servername.company.local and list the server's IP address.

Reverse lookup zone created and  has the same records SOA and NS also list the server's IP address.  
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 1

Author Comment

by:xweberx
ID: 16296251
And according to the DNS MMC, both the forward and reverse lookup zone are AD integrated.
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 16296263
The zone name should be just company.local if that is what you want.  When you say dns.company.local do you mean you created a "standard primary zone" or created it "active directory integrated"? To create the DC you would have needed a suitable working DNS server so was this already setup before the DC or is that server no longer available?

You might just need to re-register the server itself in DNS ... easiest way just restart it or try

ipconfig /registerdns

to start with

Steve
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16296316
OK.

As you add new servers/work stations, they need to be set to point to this server for their dns.

OK. In the dns manager, find the forwarders tab. In here, put the IP addresses of the dns servers of your ISP. This will tell your DNS service to use these dns servers when it can't resolve a request itself.

0
 
LVL 1

Author Comment

by:xweberx
ID: 16296335
I deleted the dns.company.local and created company.local

This seemed to have helped things quite a bit.

The netdiag test is now passing DNS. When I try nslookup from the command prompt, I get an error that it can't find server address name.  I understand this may a reverse zone problem.  What kind of record should I create in the reverse zone?  

I just gave a client machiine a static IP with the internal DNS server I just created and it now logs on instantly rather than taking 5 minutes.  That is a most excellent sign.  Thanks!

I now see that PTR records are starting to appear in the reverse lookup zone.  Looks like things are working here.  Thank-you for help.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16296401
Welcome
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16296409
When you are ready, you will set up yur dhcp scopes (if you are going to use them) and will set the dns for the clients etc in there.
0
 
LVL 1

Author Comment

by:xweberx
ID: 16296522
DHCP has been activated and is working beautifully.  Again, thanks very much for your help.  You have created some very happy users tomorrow morning with the return of the insta-logon!
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16296566
Glad to be of help.
Regards
keith
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
In this article, the configuration steps in Zabbix to monitor devices via SNMP will be discussed with some real examples on Cisco Router/Switch, Catalyst Switch, NAS Synology device.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question