Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Setting DNS via group policy

Posted on 2007-04-10
13
Medium Priority
?
646 Views
Last Modified: 2008-01-09
I am working on a project for a small business.  They have Windows Server 2003 and 6 or 7 clients hooked to it.  Currently there is a group policy that sets the clients dns servers to the windows 2003 server.  I am doing some upgrades to their network and the ip of the server is changing.  I turned off the group policy setting that sets the dns server so now it grabs whatever the router says the ip for dns is.  I know this because when I do an ipconfig /all I see the dns ip for the isp.  However, when I do an nslookup for a domain it shows that it is still trying to use the old ip for the windows server as the dns.  I've tried flushing the dns, running group policy update etc and nothing seems to work.  How do I get rid of this group policy setting on the local computer level?
0
Comment
Question by:BofADev
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
13 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18883218
Is your router running DHCP? It should really be running on the server, turned off on the router, and the server handing out IP configurations including the DNS server within DHCP.
Is this the case ?
0
 

Author Comment

by:BofADev
ID: 18883253
No right now the router is handing out ip since there are some computers that are not a memeber of the domain.  
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18883269
The computers do not need to be members of the domain to obtain DHCP addressing from the server. Having the server manage DHCP gives you much better control.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 77

Expert Comment

by:Rob Williams
ID: 18883282
ps- Having the server manage DHCP also helps with local DNS registration of older Windows clients, in addition there are far more scope options.
0
 

Author Comment

by:BofADev
ID: 18883301
I still don't think this would solve the problem because when the computers are trying to resolve anything including internal computers on the network they are trying to do it via the old ip of the server.  I need someway to manually override what the group policy previously set for the computer.  When I go into tcp/ip settings there is no dns configured.  When I do ipconfig /all the correct dns is configured.  However, when I do a nslookup it is using the ip for the wrong dns server that doesn't exist.
0
 

Author Comment

by:BofADev
ID: 18883326
What is your opinion?
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 2000 total points
ID: 18883445
>>" When I go into tcp/ip settings there is no dns configured. "
Therefore it will receive that information from Group policy, which you have disabled, or the DHCP server, the router. If GP is disabled, change the configuration on the routers DHCP configuration to hand out only your internal DNS server's IP.
The old DNS server that no longer exists may be still there if Group Policy has not refreshed. At a command line on the workstation run:
Win XP:
gpupdate /force
Win 2000:
secedit  /refreshpolicy machine_policy  

followed by:
ipconfig /release
ipconfig /renew
ipconfig /flushdns
0
 

Author Comment

by:BofADev
ID: 18883658
No dice.  I think the problem is before I realized the dns was being set in the group policy I modified the network and the computers can't resolve the domain anymore.  No when I run gpupdate even though it says it was successful I don't think it is getting the most recent version from the server that shows dns not configured.

ipconfig /all shows the ip address for the new server for dns
nslookup domainname shows we are still trying to use the old ip address.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18883792
Maybe there is still a group policy being applied. Try using group policy results wizard in the group policy management console on the server, or gpresult on the workstation, to try to narrow down what if any group policies are still being applied
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/gpresult.mspx?mfr=true 
0
 

Author Comment

by:BofADev
ID: 18885988
Ok I figured out how to get rid of the old group policy that was still being applied.  First I created a local user on the computer and put it in the local admin group.  The I logged into the computer and removed it from the domain.  After restarting the computer I logged in again as the local admin account and did the following

gpupdate /force
ipconfig /release
ipconfig /renew
ipconfig /flushdns

I then did a nslookup on cnn.com and saw that I was going to the correct dns server!

Last step was re-adding it to the domain and restarting.  
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18886035
Interesting. A typical user cannot change TCP/IP configurations, however group policy is applied by the system account before logon completes. I wonder why you needed to be an admin. However, good to hear you were able to resolve.
--Rob
0
 

Author Comment

by:BofADev
ID: 18889576
I probably didnt' need to be admin but I wanted to make sure that I had an account that could log into the machine as admin incase once I re-established the domain connection it didn't map the user to their prior Documents and Settings folder.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18889998
Thanks for updating. Glad it is resolved.
Cheers !
--Rob
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post we will be converting StringData saved within a text file into a hash table. This can be further used in a PowerShell script for replacing settings that are dynamic in nature from environment to environment.
IF you are either unfamiliar with rootkits, or want to know more about them, read on ....
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question