Solved

Setting DNS via group policy

Posted on 2007-04-10
13
638 Views
Last Modified: 2008-01-09
I am working on a project for a small business.  They have Windows Server 2003 and 6 or 7 clients hooked to it.  Currently there is a group policy that sets the clients dns servers to the windows 2003 server.  I am doing some upgrades to their network and the ip of the server is changing.  I turned off the group policy setting that sets the dns server so now it grabs whatever the router says the ip for dns is.  I know this because when I do an ipconfig /all I see the dns ip for the isp.  However, when I do an nslookup for a domain it shows that it is still trying to use the old ip for the windows server as the dns.  I've tried flushing the dns, running group policy update etc and nothing seems to work.  How do I get rid of this group policy setting on the local computer level?
0
Comment
Question by:BofADev
  • 7
  • 6
13 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18883218
Is your router running DHCP? It should really be running on the server, turned off on the router, and the server handing out IP configurations including the DNS server within DHCP.
Is this the case ?
0
 

Author Comment

by:BofADev
ID: 18883253
No right now the router is handing out ip since there are some computers that are not a memeber of the domain.  
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18883269
The computers do not need to be members of the domain to obtain DHCP addressing from the server. Having the server manage DHCP gives you much better control.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 77

Expert Comment

by:Rob Williams
ID: 18883282
ps- Having the server manage DHCP also helps with local DNS registration of older Windows clients, in addition there are far more scope options.
0
 

Author Comment

by:BofADev
ID: 18883301
I still don't think this would solve the problem because when the computers are trying to resolve anything including internal computers on the network they are trying to do it via the old ip of the server.  I need someway to manually override what the group policy previously set for the computer.  When I go into tcp/ip settings there is no dns configured.  When I do ipconfig /all the correct dns is configured.  However, when I do a nslookup it is using the ip for the wrong dns server that doesn't exist.
0
 

Author Comment

by:BofADev
ID: 18883326
What is your opinion?
0
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 18883445
>>" When I go into tcp/ip settings there is no dns configured. "
Therefore it will receive that information from Group policy, which you have disabled, or the DHCP server, the router. If GP is disabled, change the configuration on the routers DHCP configuration to hand out only your internal DNS server's IP.
The old DNS server that no longer exists may be still there if Group Policy has not refreshed. At a command line on the workstation run:
Win XP:
gpupdate /force
Win 2000:
secedit  /refreshpolicy machine_policy  

followed by:
ipconfig /release
ipconfig /renew
ipconfig /flushdns
0
 

Author Comment

by:BofADev
ID: 18883658
No dice.  I think the problem is before I realized the dns was being set in the group policy I modified the network and the computers can't resolve the domain anymore.  No when I run gpupdate even though it says it was successful I don't think it is getting the most recent version from the server that shows dns not configured.

ipconfig /all shows the ip address for the new server for dns
nslookup domainname shows we are still trying to use the old ip address.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18883792
Maybe there is still a group policy being applied. Try using group policy results wizard in the group policy management console on the server, or gpresult on the workstation, to try to narrow down what if any group policies are still being applied
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/gpresult.mspx?mfr=true 
0
 

Author Comment

by:BofADev
ID: 18885988
Ok I figured out how to get rid of the old group policy that was still being applied.  First I created a local user on the computer and put it in the local admin group.  The I logged into the computer and removed it from the domain.  After restarting the computer I logged in again as the local admin account and did the following

gpupdate /force
ipconfig /release
ipconfig /renew
ipconfig /flushdns

I then did a nslookup on cnn.com and saw that I was going to the correct dns server!

Last step was re-adding it to the domain and restarting.  
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18886035
Interesting. A typical user cannot change TCP/IP configurations, however group policy is applied by the system account before logon completes. I wonder why you needed to be an admin. However, good to hear you were able to resolve.
--Rob
0
 

Author Comment

by:BofADev
ID: 18889576
I probably didnt' need to be admin but I wanted to make sure that I had an account that could log into the machine as admin incase once I re-established the domain connection it didn't map the user to their prior Documents and Settings folder.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18889998
Thanks for updating. Glad it is resolved.
Cheers !
--Rob
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
robocopy 33 116
sql server service accounts 4 42
Do Not Reply on Exchange 2010 1 35
windows 10 update never updates 6 43
Resolve DNS query failed errors for Exchange
In this article, I will show you HOW TO: Perform a Physical to Virtual (P2V) Conversion the easy way from a computer backup (image).
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question