DNS problems on MS network running Small Business Server 2003

Rather than posting all the NSLOOKUP data, why not post what your DNS settings are on the server and the workstations?

My dns settings are pointing to the Domain Controller that is running DNS.  The IP is 192.168.1.99

All clients are not able to ping the IP or Hostname, I get cannot find host SBSSVR and the error when pinging the IP is request timed out.

I think what has to be done is recreate Active Directory, and re-create DNS from scratch if nobody on here can point me in the right direction.

Chris

PLEASE do not do that. You are running SBS and this will cause you a nightmare and likely require to perform a complete new installation.

I assume this is a new installation?

How did you add your clients? Did you add static IP addresses to the clients or are they running DHCP?
There is a special method required for adding SBS clients to the system so that they pick up all of the correct settings. If you added them the same way that you would have on an ordinary windows 2000/2003 system then you will have no end of troubles.
http://sbsurl.com/itpro
Have a look at this link. It explains the correct way to add clients to the SBS network.

If its dhcp and you added the clients correctly, is your SBS server the only box running the DHCP server service or, for example, is your external dsl router or firewall running dhcp also?

Have you run the SBS setup wizards from the SBS server management screen that you get when you log onto the SBS server?

Thank you for the reply!

I assume this is a new installation?  <Existing install by a tech whom I am replacing, I have very little experience supporting 2003 server>

How did you add your clients?  <Everything was running smoothly before I added a new computer with the same computer name to the domain last night.  What I did was power off the old computer, installed Win 2000 Pro SP4 on new hardware, upgraded to XP Pro sp2, then connected the network to join the domain and update the software.  The pc was able to join the domain, however the next morning no client is able to 1) ping the host name sbssvr or server ip 192.168.1.99 and 2) I am unable to rejoin the new hardware, old pc name to the domain getting this error message (error code 0x0000232B RCODE_NAME_ERROR) The query was for the SRV record for _ldap._tcp.dc._msdcs.holidayinnlh.local  and 3) when I ran the add client computer wizard on sbs, it asked me to visit the following webpage on the client computer http://sbssvr/connectcomputer but I get page cannot be displayed>

Did you add static IP addresses to the clients or are they running DHCP?  <Yes they are all running DHCP done by a linksys vpn router, and DNS is hosted on the SBS>

If its dhcp and you added the clients correctly, is your SBS server the only box running the DHCP server service or, for example, is your external dsl router or firewall running dhcp also?  <The SBS is not running DHCP>

Have you run the SBS setup wizards from the SBS server management screen that you get when you log onto the SBS server?  <I do not know what wizards were run to configure this server, all I know is it was up and running then I added the new hardware and reused an existing computer name and this nightmare started>

Chris

If you remove this machine from the domain/system do the rest of the machines commence working again?

Have a look at this link
http://support.microsoft.com/default.aspx?scid=kb;EN-US;241505

Is there 'anything' else you have done Chris that we need to know about? The more we know, the more we can help.
Keith

Can you post an ipconfig /all from the server please and also from a workstation that is displaying the problem.

I checked the reverse lookup zone and added a PTR record which fixed the error I saw when I run nslookup off the server.  Details follow.

C:\Documents and Settings\Administrator>nslookup
*** Can't find server name for address 192.168.1.99: Non-existent domain
Default Server:  UnKnown
Address:  192.168.1.99

> set type srv
Unrecognized command: set type srv
> set type=srv
> holidayinnlh
Server:  UnKnown
Address:  192.168.1.99

*** UnKnown can't find holidayinnlh: Non-existent domain
> holidayinnlh.local
Server:  UnKnown
Address:  192.168.1.99

holidayinnlh.local
        primary name server = sbssvr.holidayinnlh.local
        responsible mail addr = hostmaster
        serial  = 670
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)

Then once I added the PTR record in the reverse lookup zone, this is the result of running nslookup
C:\Documents and Settings\Administrator>nslookup
Default Server:  sbssvr.holidayinnlh.local
Address:  192.168.1.99


This is from the workstation:
Windows IP Configuration

        Host Name . . . . . . . . . . . . : salescrd
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : HolidayInnLH.local

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . : HolidayInnLH.local
        Description . . . . . . . . . . . : SiS 900-Based PCI Fast Ethernet Adap
ter
        Physical Address. . . . . . . . . : 00-0C-76-8F-77-BB
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.1.104
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.1.1
        DHCP Server . . . . . . . . . . . : 192.168.1.1
        DNS Servers . . . . . . . . . . . : 192.168.1.99
                                            69.44.64.50
        Primary WINS Server . . . . . . . : 192.168.1.99
        Lease Obtained. . . . . . . . . . : Wednesday, September 13, 2006 9:24:4
6 PM
        Lease Expires . . . . . . . . . . : Thursday, September 14, 2006 9:24:46
 PM

And the server:
Windows IP Configuration

   Host Name . . . . . . . . . . . . : SBSSVR
   Primary Dns Suffix  . . . . . . . : holidayinnlh.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : holidayinnlh.local

Ethernet adapter Server Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
   Physical Address. . . . . . . . . : 00-14-22-B3-82-E8
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.1.99
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.1.99
   Primary WINS Server . . . . . . . : 192.168.1.99

Thanks for posting my original request.

Remove the DNS server 69.44.64.50 - if that server answers a request (Just because the other is preferred doesn't mean this can't occasionally answer first) you will have problems.

Clients should ONLY know about the AD DNS server.

When I set the client to use a static DNS server of .199 the client no longer was able to access the Internet and still had the problem of not being able to ping the server by hostname or IP.

Have you checked over the services on the server?  Is DNS running on the server (is the actual service running and not stopped, failed, etc).

Are there any event log errors (I expect many).  Would be helpful if you could post the logs (save them then post them to www.ee-stuff.com so that we may all access them).

For your reference (probably at a later date):
10 DNS Errors That Will Kill Your Network
http://mcpmag.com/features/article.asp?EditorialsID=413

Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382

Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003
http://support.microsoft.com/?kbid=825036

How to Verify the Creation of SRV Records for a Domain Controller
http://support.microsoft.com/?kbid=241515

SRV Resource Records May Not Be Created on Domain Controller
http://support.microsoft.com/?kbid=239897

How Domain Controllers Are Located in Windows XP
http://support.microsoft.com/?kbid=314861

How to Verify an Active Directory Installation in Windows Server 2003
http://support.microsoft.com/?kbid=816106

[links, in part, originally provided by oBdA]

Here is the DNS log
https://filedb.experts-exchange.com/incoming/ee-stuff/796-dns01.txt

I also see this in the Application log
9/13/2006      10:56:43 PM      Userenv      Error      None      1054      NT AUTHORITY\SYSTEM      SBSSVR      Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted.

I am really out of my league on this problem.

I expect Lee's links probably cover the elements but specifically....

The Clients should only know about the AD DNS server. This is one of the prime reasons why it is not always a good idea to let the router provide the dhcp settings and to let the SBS server do its job pr providing the DHCP instead.

If you are providing the DNS statically for the clients, only put in the 192.168.x.y address.

On the SBS server, it also (in the tcpip settings - advanced - dns) should have the 192.168.x.y address only.

Within the SBS server dns manager, in the Forwarders tab, this should have the DNS ip addresses of your ISP.

You are correct Keith, for the forwarders the ISP's dns servers are listed as all other DNS domains.

The SBS only lists one DNS server, and that is the Server's IP.  Which I can ping from the server itself, but no client is able to ping the server.  They get a request timeout.

Checking the DNS config on the server, I do not see any entry which would give clients a secondary DNS server that is the ISP dns server.

No, and it doesn't need one. As the clients should be talking to the tht sbs box at all times, it is the SBS box (using the forwarders) that gets the information (for external dns lookups) on behalf of the client and then returns the information.

Can you rerun the CEIW wizard? (Configure Email and Internet Wizard) on the SBS box please?

Hi Keith!  I am going on site in the next few hours and have a short list of things to try.

1) Disable/re-enable the NIC on the SBS.

2) Uninstall NIC and restart SBS.

3) Physically cable SBS and one client into isolated switch and try to ping SBS from client.  I'm also going to set a new static IP for the SBS and client at this step.

4) Physically cable SBS and one client into isolated router and try to ping SBS from client.  I am going to let the isolated router perform DHCP and DNS but it will not be Internet connected.

5) I will look at the CEIW on the server.

OK. I think you will find once you are there that this is a much simpler, configuration issue you are facing rather than a failure of the type you mentiuon in your shortlist.

Shame that you do not have the .xml backup file that can be created of ISA that stores the configuration :(

We'll be about. It's 7.45PM here so I might have hit the sack by the time you get to site but am sure someone else will be able to pick this up and run with it if necessary.

Regards
Keith

Update,  nothing we tried on that list allowed clients to ping the server.  Not even when directly connected to an isolated switch.

I still am going to say this is a DNS problem because when clients attempt to ping the server's host name, they receive the host not found error.  Like if you typed ping www.g1gle.com you get the message "ping request could not find host g1gle.com.  Please check the name and try again.

We found the problem.

Somehow there was a problem with the non-plug and play Drivers for IP Network Address Translator.

Once this was disabled, the clients were able to ping the server by host name and IP.  All other related problems are now solved.

The only question to be asked is:
How did that happen?