?
Solved

DNS Records Problem Registration

Posted on 2008-11-10
12
Medium Priority
?
692 Views
Last Modified: 2012-06-27
Dear SIr,

I have a domain controller [ISCADKC] inmy company with DNS server installed.
I have 40 computers joined to this Domain with the right DNS configuration per workstation, but there is 4 records only in the Forward Lookup zone and the Reverse Lookup Zone.
No PTR and Host records for the others...
I have seen this Error in the Event Viewer: ID 6702

Event Type:      Error
Event Source:      DNS
Event Category:      None
Event ID:      6702
Date:            11/10/2008
Time:            8:43:47 AM
User:            N/A
Computer:      DOMAIN
Description:
DNS server has updated its own host (A) records.  In order to ensure that its DS-integrated peer DNS servers are able to replicate with this server, an attempt was made to update them with the new records through dynamic update.  An error was encountered during this update, the record data is the error code.
 
If this DNS server does not have any DS-integrated peers, then this error
should be ignored.
 
If this DNS server's Active Directory replication partners do not have the correct IP address(es) for this server, they will be unable to replicate with it.
 
To ensure proper replication:
1) Find this server's Active Directory replication partners that run the DNS server.
2) Open DnsManager and connect in turn to each of the replication partners.
3) On each server, check the host (A record) registration for THIS server.
4) Delete any A records that do NOT correspond to IP addresses of this server.
5) If there are no A records for this server, add at least one A record corresponding to an address on this server, that the replication partner can contact.  (In other words, if there multiple IP addresses for this DNS server, add at least one that is on the same network as the Active Directory DNS server you are updating.)
6) Note, that is not necessary to update EVERY replication partner.  It is only necessary that the records are fixed up on enough replication partners so that every server that replicates with this server will receive (through replication) the new data.

0
Comment
Question by:ISC-IT-Admin
  • 7
  • 5
12 Comments
 
LVL 3

Assisted Solution

by:ggoossens
ggoossens earned 1160 total points
ID: 22920933
Is this a multihomed server? Only one A record pointing to its internal IP should be into the DNS... is this the case?
How are the DNS settings from the server? Is the DNS pointing to its own (internal) address?
0
 
LVL 3

Assisted Solution

by:ggoossens
ggoossens earned 1160 total points
ID: 22920970
Is this a possible solution? If you use DHCP...
"Look into DNS for dynamic updates registration credentials.
The registering DHCP server owns the DNS record so the new DHCP servers did not have permision to change it. I created a new user account and made it a member of DnsUpdateProxy group. Then I set the dns dynamic updates registration credentials on both of the new DHCP servers to that user. After that I deleted all the DNS records from the old DHCP server.

To test I released and renewed the IP using IPCONFIG /release and IPCONFIG /renew, after which I saw the entry was added to DNS. So I stopped the DHCP service on the server with that scope then released and renewed the IP. The DNS entry was updated for the new scope. After restarting the DHCP service I'm done."
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 22921027
No I don't have a DHCP installed in my organization...

Please any help?
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
LVL 3

Assisted Solution

by:ggoossens
ggoossens earned 1160 total points
ID: 22921160
Did you have the option to register into the DNS server (in the client TCP/IP properties)? And what is the security set on the DNS server zones? Check with the option advanced on the forward lookup zone. Does authenticated users have create child object permissions and system full control (for example)?
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 22921711
Hello ggoossens,

Yes the option to register into the DNS server in the TCP/IP propreties is selected.
Yes and the security permission in the forward lookup zone for authenticated users and system are correct.
Please see the attach file.

Weird why the compyters are registered in my DNS?
I used ipconfig /flushdns and ipconfig /registerdns

Please any help?




DNS.jpg
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 22921744
*[Are not registered in my DNS]*
0
 
LVL 3

Assisted Solution

by:ggoossens
ggoossens earned 1160 total points
ID: 22921880
Just checking: your domain is ISCADKC.
The error you get is normal because you use ISCADKC and not for ex. ISCADKC.LOCAL as domain name (error can be ignored).
Clients are member of the domain ISCADKC?
If you carry out a nslookup from a client and look for the name of the server, do you get a response?
I am not completely sure, but it seems like something is missing in your DNS...
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 22923753
Yes ggoossens...
My Domain is ISCADKC without (.com or .local...)
Yes clients are memeber of the domain ISCADKC...
This is my nslookup from a client:
C:\Users\administrator.ISCADKC>nslookup
Default Server:  domain.iscadkc
Address:  172.16.20.9

Please nay help?

Thank you in advance,
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 22923933
Do you think the clients are not registered automatically in the DNS because of my domain is ISADKC and not for Ex: ISADKC.LOCAL ??
0
 
LVL 1

Author Comment

by:ISC-IT-Admin
ID: 22928131
Hello ggoossens...
So is there any solution to add to my domain exp: .LOCAL
Because I Think this is the problem of my clients registration in my domain...

Please any help?

Thank you in advance,
0
 
LVL 3

Assisted Solution

by:ggoossens
ggoossens earned 1160 total points
ID: 22928562
I am not sure this is the root cause. I can imagine that your FQDN and Netbios domain name is the same now ISADKC... Maybe there is some conflict? Do you have a Wins server? Does the registration is ok? If not, can you setup a WINS and try + send me the results?
Thanks.
0
 
LVL 1

Accepted Solution

by:
ISC-IT-Admin earned 0 total points
ID: 22928598
No I don't have WINS installed...

But I found a solution to automatically register all my clients by applying a GPO on computers:
Administrative Templates
Network/DNS Client
Policy                                                  Setting
Update Top Level Domain Zones       Enabled

Update Top Level Domain Zones
Now all clients records appear in my DNS...
 

Thank you for your help...

0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have a multi-homed DNS setup in windows, you can have issues with connectivity to the server that hosts the DNS services (or even member servers of your domain if this same DNS server is a DC). This is because windows registers all of its IPs…
Resolve DNS query failed errors for Exchange
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month14 days, 4 hours left to enroll

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question