Domain Users losing AD Authetication - DNS Issue?

I have a Single Domain AD server (windows 2000), and about two weeks ago I started adding a VOIP phone system on the network.  For the phones on the system to work they need the Phone Server to be the primary DNS server.  So I simply went to my DHCP server and changed the DNS Servers to serve out.  Before I had my local DNS server, which is my PDC and an external DNS server listed.  Now I just added the Phone System Server to the DNS list, and put it on top.  Now since I have  done this I have been having issues with domain users losing authetication to the domain.  When they try to access the network it will ask for a user name and password.  I am not sure if this is a DNS issue, but I am interested in what you have to say.  At first I thought maybe my AD was going corrupt.

Thanks for the help....any help would be great!
redekopmfgAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

bhnmiCommented:
You shouldn't need to have the phones use the PBX as the primary DNS server. You should be able to create an a record for what ever hostname the phones are looking for in you forward lookup zone.

What kind of PBX are you running?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bhnmiCommented:
And yes it is directly related to DNS, your issue is. If you do not have a record for the domain pointing to the DC you will experience allot of issues.
0
redekopmfgAuthor Commented:
Okay...so I am thinking that I can tackle this in two manors:
1.  Leave the DNS servers the way they are and add a forward lookup to the PBX.
2.  Do not use the PBX as a DNS server and place a forwarder for the phones to the PBX.

I believe that you are suggesting the later of the two.  

I am going to have to brush up on my skills of forward lookup zones.  Any help comments for this?
0
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

bhnmiCommented:
Just create an A record for the PBX host on your current DNS server.
0
redekopmfgAuthor Commented:
I should also say that the temporary fix that seems to renew the authentication is to log off and log back on with the problem computer.  Can you shed some more light on why this affects the AD authetication?
0
bhnmiCommented:
as in current I mean the AD DNS server. Your AD DNS server needs to be the primary or else AD will not work correctly.

So if the phones are looking for pbxserver, create and A record for pbxserver in the DNS server on your DC and point it to the IP of the pBX.
0
bhnmiCommented:
Because AD depends fully on DNS to know where everything is.
0
redekopmfgAuthor Commented:
So the phones are looking for s3856.pbxtra.fonality.com and I have created a forward lookup zone with a host pointing to the PBXtra Server at 192.168.2.20.  Have I done something wrong here, because it is not working for me.
0
bhnmiCommented:
Sure are.

Are you using a hosted service? Because they phones are looking for a server at pbxtra.fonality.com. This is a live domain on the internet.

Can you give a little more info on the pBX you are using?
0
redekopmfgAuthor Commented:
It is not a hosted service, but there is some linking through their servers for certain things like remote sets and software updates.  I do not know know what else to say.  The system is from www.fonality.com and is called the PBXtra Call Center Edition.

If I set the primary DNS to the local address of 192.168.2.20, then everything work fine, except for the AD.

Let me know specific question if you have them!
0
bhnmiCommented:
What is the hostname of the PBX server that lives on your network.
0
redekopmfgAuthor Commented:
I do not know.  All I know is the IP address of 192.168.2.20.  I am waiting for a reply from Support on this.
0
bhnmiCommented:
What happened?
0
redekopmfgAuthor Commented:
Sorry!  I thought I had posted this.

I changed my primary back to my domain controller, and added a forward lookup zone to the PBXtra.  Once the phones renewed there IP's and booted we had not more issues with the DNS lookup on the Domain.

Thank You for your Help!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.