• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1565
  • Last Modified:

Correct DNS settings for SBS 2003

I think I screwed up some of my DNS settings on our SBS 2003 box. It is the DC.

Workstations (XP Pro) are exhibiting a couple of problems, and I think all are tied to a DNS configuration problem. Workstations are not getting the GPO settings, cannot ping the FQDN (server.localdomain.com, server.localdomain).

When I run "ipconfig /registerdns", the included error goes to the Event Viewer (System). The workstations receive IPs by DHCP. On the DNS tab of the DHCP server options, I have selected all checkboxes, and "always dynamically update DNS A and PTR records".

On the DNS console on the SBS server, there is one forward lookup zone. There are 9 records (SOA, NS, CNAME, and A) and 6 folders. There are about 30 workstations -- shouldn't there be an entry for each workstation?

On my workstation LAN connection properties > TCP/IP > Advanced, the settings are: Append primary and connection specific DNS suffixes, append parent suffixes, and register this connections address in DNS.

I'm a n00b on DNS... what am I doing wrong?


The system failed to register host (A) resource records (RRs) for network adapter
with settings:
 
   Adapter Name : {FB98825B-28D9-450C-94FB-07CC17B64328}
   Host Name : bgn
   Primary Domain Suffix : localdomain.com
   DNS server list :
     	85.255.114.103, 85.255.112.93
   Sent update to server : <?>
   IP Address(es) :
     10.0.0.161
 
 The reason the system could not register these RRs was because the DNS server contacted refused the update request. The reasons for this might be (a) you are not allowed to update the specified DNS domain name, or (b) because the DNS server authoritative for this name does not support the DNS dynamic update protocol.
 
 To register the DNS host (A) resource records using the specific DNS domain name and IP addresses for this adapter, contact your DNS server or network systems administrator.
 
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Open in new window

0
pixelchef
Asked:
pixelchef
  • 8
  • 3
1 Solution
 
techno-wizCommented:
Your primary DNS server on the workstations needs to be pointing to the SBS server. It looks like they may be pointing to a public DNS server.
0
 
pixelchefAuthor Commented:
Ipconfig /all on the workstation points to the local server for DNS
0
 
techno-wizCommented:
Those 85.255 addresses are public addresses. If you do nslookup localdomain.com what IP address does it give you?
0
Get quick recovery of individual SharePoint items

Free tool – Veeam Explorer for Microsoft SharePoint, enables fast, easy restores of SharePoint sites, documents, libraries and lists — all with no agents to manage and no additional licenses to buy.

 
pixelchefAuthor Commented:
hi techno-wiz.

nslookup localdomain.com returns:
Server:  lamarcadc.localdomain.com
Address:  10.0.0.5

Name:    localdomain.com
Address:  10.0.0.5

the DNS section of ipconfig /all is:
DNS Servers . . . . . . . . . . . : 10.0.0.5
                                    209.253.113.18
                                    209.253.113.10

Thanks for your help. Any other ideas? I can run "ping localserver". I think it is using netbios there -- when I disable netbios, it can't resolve that.
0
 
pixelchefAuthor Commented:
just for clarification, 'lamarcadc' is what I have been masking as 'localserver'.
0
 
techno-wizCommented:
You mentioned you can't ping the fqdn of the server. When you try does it resolve to the correct IP address? Is there a firewall running on your server that could be blocking the ping? Are you able to ping from the server to the workstations?
0
 
pixelchefAuthor Commented:
It doesn't resolve the server FQDN.

Possibly interesting note: researching on my own, I read a description of the option on the forward lookup zone to "allow dynamic updates". I changed it to allow secure and nonsecure updates. It was set to only secure updates. Workstations are now beginning to populate the list in the window for the forward lookup zone. Is this option set correctly now?

I can ping my own workstation's FQDN.

I can ping the hostname of a computer that *now* has an A record in this forward lookup zone. I disabled netbios on my workstation, and I can still ping it. However, I can't ping the FQDN of that computer.
0
 
pixelchefAuthor Commented:
Another interesting tidbit:

the SOA, NS, and a CNAME record (CNAME for companyweb) have a trailing dot (.) after them. So, NS is "server.domain.com." Is this correct?
0
 
pixelchefAuthor Commented:
I left my computer on overnight. When I unlocked it this morning, I could not ping the hostname of the server, access shared network drives, or connect to Exchange via Outlook. Finally, it worked when I ran "ipconfig /registerdns". Is that a related issue? Thanks for your help.
0
 
pixelchefAuthor Commented:
Alright, it appears to be losing the DNS 'registration' more than just once -- I just had to do it again in order to access the server.
0
 
pixelchefAuthor Commented:
I was seeing some other strange things, like when I tried to open C:\ in My Computer, an error about C:\Resycled\ntldr.com is not valid... Google said that was a virus... so I formatted, reloaded, and now I can ping the FQDN of the domain controller.

I'm still getting an error in the system event log, "There are currently no logon servers available to service the logon request." (event ID 5719). I'm going to start a new question about that.

Thanks for your advice.
0

Featured Post

Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

  • 8
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now