Domain Users losing AD Authetication - DNS Issue?
I have a Single Domain AD server (windows 2000), and about two weeks ago I started adding a VOIP phone system on the network. For the phones on the system to work they need the Phone Server to be the primary DNS server. So I simply went to my DHCP server and changed the DNS Servers to serve out. Before I had my local DNS server, which is my PDC and an external DNS server listed. Now I just added the Phone System Server to the DNS list, and put it on top. Now since I have done this I have been having issues with domain users losing authetication to the domain. When they try to access the network it will ask for a user name and password. I am not sure if this is a DNS issue, but I am interested in what you have to say. At first I thought maybe my AD was going corrupt.
Thanks for the help....any help would be great!
Thanks for the help....any help would be great!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
And yes it is directly related to DNS, your issue is. If you do not have a record for the domain pointing to the DC you will experience allot of issues.
ASKER
Okay...so I am thinking that I can tackle this in two manors:
1. Leave the DNS servers the way they are and add a forward lookup to the PBX.
2. Do not use the PBX as a DNS server and place a forwarder for the phones to the PBX.
I believe that you are suggesting the later of the two.
I am going to have to brush up on my skills of forward lookup zones. Any help comments for this?
1. Leave the DNS servers the way they are and add a forward lookup to the PBX.
2. Do not use the PBX as a DNS server and place a forwarder for the phones to the PBX.
I believe that you are suggesting the later of the two.
I am going to have to brush up on my skills of forward lookup zones. Any help comments for this?
Just create an A record for the PBX host on your current DNS server.
ASKER
I should also say that the temporary fix that seems to renew the authentication is to log off and log back on with the problem computer. Can you shed some more light on why this affects the AD authetication?
as in current I mean the AD DNS server. Your AD DNS server needs to be the primary or else AD will not work correctly.
So if the phones are looking for pbxserver, create and A record for pbxserver in the DNS server on your DC and point it to the IP of the pBX.
So if the phones are looking for pbxserver, create and A record for pbxserver in the DNS server on your DC and point it to the IP of the pBX.
Because AD depends fully on DNS to know where everything is.
ASKER
So the phones are looking for s3856.pbxtra.fonality.com and I have created a forward lookup zone with a host pointing to the PBXtra Server at 192.168.2.20. Have I done something wrong here, because it is not working for me.
Sure are.
Are you using a hosted service? Because they phones are looking for a server at pbxtra.fonality.com. This is a live domain on the internet.
Can you give a little more info on the pBX you are using?
Are you using a hosted service? Because they phones are looking for a server at pbxtra.fonality.com. This is a live domain on the internet.
Can you give a little more info on the pBX you are using?
ASKER
It is not a hosted service, but there is some linking through their servers for certain things like remote sets and software updates. I do not know know what else to say. The system is from www.fonality.com and is called the PBXtra Call Center Edition.
If I set the primary DNS to the local address of 192.168.2.20, then everything work fine, except for the AD.
Let me know specific question if you have them!
If I set the primary DNS to the local address of 192.168.2.20, then everything work fine, except for the AD.
Let me know specific question if you have them!
What is the hostname of the PBX server that lives on your network.
ASKER
I do not know. All I know is the IP address of 192.168.2.20. I am waiting for a reply from Support on this.
What happened?
ASKER
Sorry! I thought I had posted this.
I changed my primary back to my domain controller, and added a forward lookup zone to the PBXtra. Once the phones renewed there IP's and booted we had not more issues with the DNS lookup on the Domain.
Thank You for your Help!
I changed my primary back to my domain controller, and added a forward lookup zone to the PBXtra. Once the phones renewed there IP's and booted we had not more issues with the DNS lookup on the Domain.
Thank You for your Help!