Solved

Setting DNS via group policy

Posted on 2007-04-10
13
635 Views
Last Modified: 2008-01-09
I am working on a project for a small business.  They have Windows Server 2003 and 6 or 7 clients hooked to it.  Currently there is a group policy that sets the clients dns servers to the windows 2003 server.  I am doing some upgrades to their network and the ip of the server is changing.  I turned off the group policy setting that sets the dns server so now it grabs whatever the router says the ip for dns is.  I know this because when I do an ipconfig /all I see the dns ip for the isp.  However, when I do an nslookup for a domain it shows that it is still trying to use the old ip for the windows server as the dns.  I've tried flushing the dns, running group policy update etc and nothing seems to work.  How do I get rid of this group policy setting on the local computer level?
0
Comment
Question by:BofADev
  • 7
  • 6
13 Comments
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18883218
Is your router running DHCP? It should really be running on the server, turned off on the router, and the server handing out IP configurations including the DNS server within DHCP.
Is this the case ?
0
 

Author Comment

by:BofADev
ID: 18883253
No right now the router is handing out ip since there are some computers that are not a memeber of the domain.  
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18883269
The computers do not need to be members of the domain to obtain DHCP addressing from the server. Having the server manage DHCP gives you much better control.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18883282
ps- Having the server manage DHCP also helps with local DNS registration of older Windows clients, in addition there are far more scope options.
0
 

Author Comment

by:BofADev
ID: 18883301
I still don't think this would solve the problem because when the computers are trying to resolve anything including internal computers on the network they are trying to do it via the old ip of the server.  I need someway to manually override what the group policy previously set for the computer.  When I go into tcp/ip settings there is no dns configured.  When I do ipconfig /all the correct dns is configured.  However, when I do a nslookup it is using the ip for the wrong dns server that doesn't exist.
0
 

Author Comment

by:BofADev
ID: 18883326
What is your opinion?
0
Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 18883445
>>" When I go into tcp/ip settings there is no dns configured. "
Therefore it will receive that information from Group policy, which you have disabled, or the DHCP server, the router. If GP is disabled, change the configuration on the routers DHCP configuration to hand out only your internal DNS server's IP.
The old DNS server that no longer exists may be still there if Group Policy has not refreshed. At a command line on the workstation run:
Win XP:
gpupdate /force
Win 2000:
secedit  /refreshpolicy machine_policy  

followed by:
ipconfig /release
ipconfig /renew
ipconfig /flushdns
0
 

Author Comment

by:BofADev
ID: 18883658
No dice.  I think the problem is before I realized the dns was being set in the group policy I modified the network and the computers can't resolve the domain anymore.  No when I run gpupdate even though it says it was successful I don't think it is getting the most recent version from the server that shows dns not configured.

ipconfig /all shows the ip address for the new server for dns
nslookup domainname shows we are still trying to use the old ip address.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18883792
Maybe there is still a group policy being applied. Try using group policy results wizard in the group policy management console on the server, or gpresult on the workstation, to try to narrow down what if any group policies are still being applied
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/gpresult.mspx?mfr=true 
0
 

Author Comment

by:BofADev
ID: 18885988
Ok I figured out how to get rid of the old group policy that was still being applied.  First I created a local user on the computer and put it in the local admin group.  The I logged into the computer and removed it from the domain.  After restarting the computer I logged in again as the local admin account and did the following

gpupdate /force
ipconfig /release
ipconfig /renew
ipconfig /flushdns

I then did a nslookup on cnn.com and saw that I was going to the correct dns server!

Last step was re-adding it to the domain and restarting.  
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18886035
Interesting. A typical user cannot change TCP/IP configurations, however group policy is applied by the system account before logon completes. I wonder why you needed to be an admin. However, good to hear you were able to resolve.
--Rob
0
 

Author Comment

by:BofADev
ID: 18889576
I probably didnt' need to be admin but I wanted to make sure that I had an account that could log into the machine as admin incase once I re-established the domain connection it didn't map the user to their prior Documents and Settings folder.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 18889998
Thanks for updating. Glad it is resolved.
Cheers !
--Rob
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now