We help IT Professionals succeed at work.

Nslookup does not work correctly outside of Windows Domain: Reverse DNS?

montana4me
montana4me asked
on
Medium Priority
1,218 Views
Last Modified: 2008-03-06
A laptop that is part of a windows SBS 2003 domain cannot resolve domain names and therefore has no internet connectivity outside of the domain

When the laptop is part of  the domain nslookup shows: Default Server: nameofserver.windowsdomainname.local, Address: 192.168.1.2

When the laptop leaves the  domain nslookup shows: cant find server name of address 192.168.1.2 no response from server. Default Server unknown, address 192.168.1.2

Obviously the laptop should not be trying to contact the server on my windows domain when it  leaves the domain.

It has been suggested that this is the result of the reverse DNS records not being set correctly on the windows domain. This seems counter-intuitive to me, the laptop works fine in the area where there is a problem but not where there is no problem. Perhaps this is just my lack of understanding

If it is true that the solution is fixing  "reverse DNS records on the windows domain, what do I need to check and possibly fix?

If fixing the Reverse DNS records is not the solution, what is? The laptop needs internet connectivity outside of the windows domain.

Thanks.
Comment
Watch Question

Commented:
Hello montana4me,

can you give me an ipconfig /all of the server + the laptop please?
Is the latop using dhcp?


Regards,

suppsaws
Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

When you say "leaves the domain", you mean still connected to the same network infrastructure? Or actually off the LAN completely?

Anyway, I can't see why that would be Reverse Lookup, makes no sense to me and doesn't fit the symptoms.

If you do mean that it's left your LAN then it would be a case of looking at the TCP/IP settings on the system, whether it's statically configured, or whether the DHCP Server it's getting information from is giving it incorrectly (ipconfig /all will do).

Chris

Commented:
Pretty sure its because you have static DNS at the lest and a static IP at the most. Reverse DNS has nothing to do with it. You should set the network adapter to obtain IP address automatically and DNS server automatically. If you need a certain IP when at work create a reservation in the DHCP scope for you mac address.

Commented:
Some basic things, because this is a sbs network:

- SBS needs to be the DHCP server
- SBS needs to be the DNS and WINS server
- clients must use DHCP
- clients must be joined via http://servername/connectcomputer
- rerun the 'connect to the internet wizard' so the server has all the correct settings, and ONLY the server has the ISP dns server addresses.

Author

Commented:
Hello Suppsaws:

When I left the domain:

Here is what ipconfig /all showed on the laptop outside of the windows domain:

windows ip configuration
Hosthame: mycomputername
primary DNS Suffix: mydomain.local
node type: unknown
IP routing enabled: No
WINS.Proxy enabled: No
DNS Suffix  send list: mydomain.local

for my adapter:

Physical address: corrrect Mac
DHCP Enabled: yes
Auto config: yes
IP Address: 208.8.178.50
subnet mask: 255.255.255.224
Default Gateway: 208.8.178.33
DHCP Server: 204.212.40.1
DNS Server: 204.212.40.2

When I am in the domain here is what it is showing now inside the windows domain:

Windows IP configuration

Host name: mycomputername
Primary DNS Suffix: windowsdomain.local
Node type: Unknown
IP Routing enabled: No
WINS Proxy Enabled: No
DNS Suffix Search List: windowsdomain.local

Ethernet adapter Wireless Networking connection:
Connection specific DNS suffix: blank
Description: wireless Lan Adapter
Physical address: correct MAC address
DCHP Enabled: yes
Autoconfiguration enabled: yes
IP Address 192.168.1.101
Subnet Mask: 255..255.255.0
Default Gateway: 192.168.1.1
DHCP Server: 192.168.1.2
DNS Servers: 192.168.1.2
Lease etc todays date
Lease expires 24 hours.

Author

Commented:
Hello Chris-Dent,

Leaves the domain means this is laptop that needs to be used out of the office. It works fine in the office, it does not work fine outside of the office. The problem outside is that it "thinks" the name server it should use is the one back at the office!

This is what I need to fix

Thanks.

Author

Commented:
Hello BHNMI,

The SBS server is is both the DHCP and the DNS server. The laptop does have a static (assigned IP) in the windows domain through a reservation in DHCP.

Outside of the domain, (on the road), the network adapter has no problem being assigned a different IP Address, a different DNS server etc, it just will NOT use the ISP assigned name server as NSlookup shows. Outside of the domain, ping works fine, and a browser will go to a ip address just fine. It will not resolve names though and ping will not work with names either.

Thanks.

Author

Commented:
Hello Suppaws,2nd suggestion.

It is my belief that the computer IS correctly joined to the domain and the main server is both the DHCP server and the name server. I posted IP config /all. Does this confirm my belief?

DrDave242Principal Support Engineer
CERTIFIED EXPERT

Commented:
The domain's reverse lookup records don't have anything to do with it.  If you were receiving that error from nslookup while inside your network, then it could very well be the reverse lookup, but not outside.  The NIC doesn't appear to want to let go of the internal DNS server address, but I'm not sure why.  When you're outside of the network, if you open nslookup and type "server <external_dns_ip_address>," can nslookup then resolve names?  It should be able to...but that won't really fix the problem.  I'll have to see if I can dig up anything on this.
Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

Hey,

Both connections are on the same Wireless card?

You might want to retry reinitialising the TCP/IP stack by following this one:

http://support.microsoft.com/kb/299357

And / Or try reinstalling the Network Drivers and such.

Chris

Author

Commented:
Hello,

I paid MS the $259 fee for an incident involving networking. They have had me try several things, some useful others not so. I still don't have an answer, but am getting there. When I do, I will post the solution here. Apparently, the problem is linked to a group policy on the domain I log into. Anyway the preferred/required DNS server, 192.168.1.2, is set in my registry currently. No surprise then that setting provided by the network card are ignored.

Thanks.
Here is the solution to the problem. In my registry there was a setting:

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient

This had a key NameServer where the value was set to 192.168.1.2

I don't know how this was set. Perhaps it was set by a policy from the domain. Anyway, once I found this, I changed the value to point to the Open DNS name servers. This value is not changed whether I am in or out of the windows domain.

With this change, I can resolve names anywhere and can access any website. I hope this is useful to others.

Explore More ContentExplore courses, solutions, and other research materials related to this topic.