URGENT - Windows 2003 DNS Setup Challenges.
Posted on 2006-03-26
I have setup DNS on a Windows 2003 Server (non-SBS) domain controller as per the instructions I have found all over this site. However, I am still running into problems.
1) Am I naming the forward zone correctly? The AD domain name is company.local - I named the zone dns.company.local. Was this OK? Any suggestions here? In my forward lookup zones folder I have two records: SOA and NS record. Both contain the FQDN of the the DC. Are any records missing here?
2) When I type NSLOOKUP I get non-existant domain. As per intructions on this site, I put a reverse look up entry in in the form of a PTR record. I type NSLOOKUP again and I get a proper prompt with no errors. What record should I be adding here? Is the PTR one correct?
3) When I run netdiag and test DNS it fails all over the place with theI get "Cannot find authoratitive DNS server for the name "windows2003servername.company.local" The domain name may not be registered in DNS. This is my first hint that something is wrong. Any ideas here?
When I nslookup internet domains, I get a response just fine.
The Windows 2003 Server is the only domain controller and DNS server on the network. It is configured with a static IP, subnet mask and the gateway address is the IP of the router. The DNS server is also a static IP and is the IP address of itself. The only place the ISP DNS servers are in the Forwarders tab. Internet works fine.
How do I know if DNS is actually working. It seems to be except for the netdiag fatal errors. I remain confused.
Other clues DNS may not be functioning is when I stop and start the netlogon service, this error appears:
Event Type: Warning
Event Source: NETLOGON
Event Category: None
Event ID: 5781
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'DomainDnsZones.eurotech2006.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
Possible causes of failure include:
- TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers
- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration
Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt or by restarting Net Logon service. Nltest.exe is available in the Microsoft Windows Server Resource Kit CD.