pcd8023
asked on
Unable to register DNS records correctly in 2003 AD domain
I know this has been asked many times before, but the recommendations/solutions I've read so far have not helped.
Quick network rundown: Windows 2003 domain. Single domain controller hosting DNS, WINS, RRAS and DHCP. DHCP has the clients using the domain controller as the only DNS and WINS servers.
Problem: I am currently unable to ping our domain by its DNS name (domain.local). When the domain was first setup, I was able to from all workstations. At this point, even pinging the DNS name from the domain controller fails. Using a HOSTS file entry has been about the only way I can get around the problem.
Things I have tried:
Usual "ipconfig /flushdns" "/registerdns" has no effect on any systems.
Server is using itself as the only DNS server. Restarting netlogon service has no effect.
Only issues NetDiag.exe show relate to not having an interface with the Workstation Service and Messenger Service defined in WINS (which shouldn't affect DNS)
DCDiag.exe comes back clean, everything passes.
If I look in the DNS zone for my internal domain, I see the SRV records like I normally should. I've compared these records to domain DNS zones that do work properly and cannot find any real differences.
Under the advice of some post on here, I removed my domain.local DNS zone, uninstalled DNS, reinstalled DNS and then restarted the NetLogon service. After doing this, I had to manually recreate the domain.local DNS zone before it would auto-populate the SRV records and the sub-folder structure you normally see for an AD DNS zone. Such as the _msdcs, _sites, etc folders. Before I manually re-created the DNS zone, I saw a NETLOGON warning Event ID 5781 in my System log. This event ID lists some recommendations, but most pertain to "make sure your DNS server is turned on" or "you're using the wrong IP address for your DNS server", all of which do not help me.
Only major change that I can remember since it was working has been moving our email server. Our email server used to be hosted on this same physical box but was moved in the last few weeks. This problem however started happening months before I moved the email system to a dedicated machine.
Any advice?
Thanks
Quick network rundown: Windows 2003 domain. Single domain controller hosting DNS, WINS, RRAS and DHCP. DHCP has the clients using the domain controller as the only DNS and WINS servers.
Problem: I am currently unable to ping our domain by its DNS name (domain.local). When the domain was first setup, I was able to from all workstations. At this point, even pinging the DNS name from the domain controller fails. Using a HOSTS file entry has been about the only way I can get around the problem.
Things I have tried:
Usual "ipconfig /flushdns" "/registerdns" has no effect on any systems.
Server is using itself as the only DNS server. Restarting netlogon service has no effect.
Only issues NetDiag.exe show relate to not having an interface with the Workstation Service and Messenger Service defined in WINS (which shouldn't affect DNS)
DCDiag.exe comes back clean, everything passes.
If I look in the DNS zone for my internal domain, I see the SRV records like I normally should. I've compared these records to domain DNS zones that do work properly and cannot find any real differences.
Under the advice of some post on here, I removed my domain.local DNS zone, uninstalled DNS, reinstalled DNS and then restarted the NetLogon service. After doing this, I had to manually recreate the domain.local DNS zone before it would auto-populate the SRV records and the sub-folder structure you normally see for an AD DNS zone. Such as the _msdcs, _sites, etc folders. Before I manually re-created the DNS zone, I saw a NETLOGON warning Event ID 5781 in my System log. This event ID lists some recommendations, but most pertain to "make sure your DNS server is turned on" or "you're using the wrong IP address for your DNS server", all of which do not help me.
Only major change that I can remember since it was working has been moving our email server. Our email server used to be hosted on this same physical box but was moved in the last few weeks. This problem however started happening months before I moved the email system to a dedicated machine.
Any advice?
Thanks
mcse2007
is it too much for you to rebuild this server then install DNS ?
When you say that you are unable to ping, do you mean that you do not resolve the nam to an IP address or that you do not get a reply to the ICMP packet?
ASKER
mcse2007: I've considered rebuilding the domain from the ground up, but I'd prefer to fix this issue rather than have to re-do everything. Network wise, it's not a large network. But I'd rather not have to re-configure everything else that uses the domain.
HiddenOne: I am unable to resolve the name domain.local to the IP address of the domain controller. All I get is "Ping request could not find host domain.local. Please check the name and try again" If it helps any, it comes back almost immedietly. Whereas if I try and ping www.gbkeibhreg.com, it thinks for a second or two before kicking back the same error.
HiddenOne: I am unable to resolve the name domain.local to the IP address of the domain controller. All I get is "Ping request could not find host domain.local. Please check the name and try again" If it helps any, it comes back almost immedietly. Whereas if I try and ping www.gbkeibhreg.com, it thinks for a second or two before kicking back the same error.
What happens if you do nslookup domain.local ?
Ok, but just to be clear on this. Your servers name is something like server.domain.local and it is this FQDN that you do not get a response for.
Another thing, is your DNS service bound to the all adapters or the IP address you want it to be? And what is nslookup telling you?
Another thing, is your DNS service bound to the all adapters or the IP address you want it to be? And what is nslookup telling you?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
wingatesl: Using "nslookup domain.local" from both my workstation (which does not have a HOSTS file entry so I can test with) and the domain controller both bring back the correct server name and IP address.
HiddenOne: I am able to ping servername.domain.local and it pings the correct name. I only see the problem when trying to ping domain.local. The problems I've had since this started have been not being able to add a computer to the domain, group policies are not being applied, our exchange server has had what appear to be authentication type issues once it got moved to a different server box. I also checked and do see the A record with the (same as parent folder) name.
HiddenOne: I am able to ping servername.domain.local and it pings the correct name. I only see the problem when trying to ping domain.local. The problems I've had since this started have been not being able to add a computer to the domain, group policies are not being applied, our exchange server has had what appear to be authentication type issues once it got moved to a different server box. I also checked and do see the A record with the (same as parent folder) name.
meh quick an easy fix is to uninstall DNS....
then reinstall it, run resart the netlogon and dns services, run ipconfig /registerdns
see how that goes, has fixed a load of crappy DNS issues in the past
then reinstall it, run resart the netlogon and dns services, run ipconfig /registerdns
see how that goes, has fixed a load of crappy DNS issues in the past
looking at the issue, the more you dig deeper more variables to look at and analyse but that's part of troubleshooting...but if you have time on your side.
but if you are short of time follow the above comments just above mine.
but if you are short of time follow the above comments just above mine.
ASKER
Jay_Jay70 and mcse2007: I've already tried reinstalling DNS on the domain controller and then restarting the NetLogon service. The DNS zone did not auto-populate and I was getting error code 5781 in the System log, basically saying that the server could not register itself within DNS.
ASKER
HiddenOne: You hit it. I think in my rush to try and fix the problem, I simply overlooked the fact that I in fact DID NOT have the (same as parent folder) record. Once I added this, everything came up. Thanks
ASKER
HiddenOne: You hit it. I think in my rush to try and fix the problem, I simply overlooked the fact that I in fact DID NOT have the (same as parent folder) record. Once I added this, everything came up. Thanks