DNS Records Problem Registration

Dear SIr,

I have a domain controller [ISCADKC] inmy company with DNS server installed.
I have 40 computers joined to this Domain with the right DNS configuration per workstation, but there is 4 records only in the Forward Lookup zone and the Reverse Lookup Zone.
No PTR and Host records for the others...
I have seen this Error in the Event Viewer: ID 6702

Event Type:      Error
Event Source:      DNS
Event Category:      None
Event ID:      6702
Date:            11/10/2008
Time:            8:43:47 AM
User:            N/A
Computer:      DOMAIN
Description:
DNS server has updated its own host (A) records.  In order to ensure that its DS-integrated peer DNS servers are able to replicate with this server, an attempt was made to update them with the new records through dynamic update.  An error was encountered during this update, the record data is the error code.
 
If this DNS server does not have any DS-integrated peers, then this error
should be ignored.
 
If this DNS server's Active Directory replication partners do not have the correct IP address(es) for this server, they will be unable to replicate with it.
 
To ensure proper replication:
1) Find this server's Active Directory replication partners that run the DNS server.
2) Open DnsManager and connect in turn to each of the replication partners.
3) On each server, check the host (A record) registration for THIS server.
4) Delete any A records that do NOT correspond to IP addresses of this server.
5) If there are no A records for this server, add at least one A record corresponding to an address on this server, that the replication partner can contact.  (In other words, if there multiple IP addresses for this DNS server, add at least one that is on the same network as the Active Directory DNS server you are updating.)
6) Note, that is not necessary to update EVERY replication partner.  It is only necessary that the records are fixed up on enough replication partners so that every server that replicates with this server will receive (through replication) the new data.

LVL 1
ISC-IT-AdminAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ggoossensCommented:
Is this a multihomed server? Only one A record pointing to its internal IP should be into the DNS... is this the case?
How are the DNS settings from the server? Is the DNS pointing to its own (internal) address?
0
ggoossensCommented:
Is this a possible solution? If you use DHCP...
"Look into DNS for dynamic updates registration credentials.
The registering DHCP server owns the DNS record so the new DHCP servers did not have permision to change it. I created a new user account and made it a member of DnsUpdateProxy group. Then I set the dns dynamic updates registration credentials on both of the new DHCP servers to that user. After that I deleted all the DNS records from the old DHCP server.

To test I released and renewed the IP using IPCONFIG /release and IPCONFIG /renew, after which I saw the entry was added to DNS. So I stopped the DHCP service on the server with that scope then released and renewed the IP. The DNS entry was updated for the new scope. After restarting the DHCP service I'm done."
0
ISC-IT-AdminAuthor Commented:
No I don't have a DHCP installed in my organization...

Please any help?
0
Introducing the "443 Security Simplified" Podcast

This new podcast puts you inside the minds of leading white-hat hackers and security researchers. Hosts Marc Laliberte and Corey Nachreiner turn complex security concepts into easily understood and actionable insights on the latest cyber security headlines and trends.

ggoossensCommented:
Did you have the option to register into the DNS server (in the client TCP/IP properties)? And what is the security set on the DNS server zones? Check with the option advanced on the forward lookup zone. Does authenticated users have create child object permissions and system full control (for example)?
0
ISC-IT-AdminAuthor Commented:
Hello ggoossens,

Yes the option to register into the DNS server in the TCP/IP propreties is selected.
Yes and the security permission in the forward lookup zone for authenticated users and system are correct.
Please see the attach file.

Weird why the compyters are registered in my DNS?
I used ipconfig /flushdns and ipconfig /registerdns

Please any help?




DNS.jpg
0
ISC-IT-AdminAuthor Commented:
*[Are not registered in my DNS]*
0
ggoossensCommented:
Just checking: your domain is ISCADKC.
The error you get is normal because you use ISCADKC and not for ex. ISCADKC.LOCAL as domain name (error can be ignored).
Clients are member of the domain ISCADKC?
If you carry out a nslookup from a client and look for the name of the server, do you get a response?
I am not completely sure, but it seems like something is missing in your DNS...
0
ISC-IT-AdminAuthor Commented:
Yes ggoossens...
My Domain is ISCADKC without (.com or .local...)
Yes clients are memeber of the domain ISCADKC...
This is my nslookup from a client:
C:\Users\administrator.ISCADKC>nslookup
Default Server:  domain.iscadkc
Address:  172.16.20.9

Please nay help?

Thank you in advance,
0
ISC-IT-AdminAuthor Commented:
Do you think the clients are not registered automatically in the DNS because of my domain is ISADKC and not for Ex: ISADKC.LOCAL ??
0
ISC-IT-AdminAuthor Commented:
Hello ggoossens...
So is there any solution to add to my domain exp: .LOCAL
Because I Think this is the problem of my clients registration in my domain...

Please any help?

Thank you in advance,
0
ggoossensCommented:
I am not sure this is the root cause. I can imagine that your FQDN and Netbios domain name is the same now ISADKC... Maybe there is some conflict? Do you have a Wins server? Does the registration is ok? If not, can you setup a WINS and try + send me the results?
Thanks.
0
ISC-IT-AdminAuthor Commented:
No I don't have WINS installed...

But I found a solution to automatically register all my clients by applying a GPO on computers:
Administrative Templates
Network/DNS Client
Policy                                                  Setting
Update Top Level Domain Zones       Enabled

Update Top Level Domain Zones
Now all clients records appear in my DNS...
 

Thank you for your help...

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.