Jim Metcalf
asked on
nslookup not working properly
Active Directory Integrated DNS. 2 windows 2003 dc's.
when on a workstation joined to the domain the error message i get is
Can't find server name for address 10.100.1.1 (ip address of dns server) Non-existent domain
Can't find server name for address 10.100.1.2 (ip address of other dns server) Non-existent domain
Default SErver: Unknown
Address 10.100.1.1
whats interesting is that it still resolves names when i punch in a computer name at the nslookup prompt
when on a workstation joined to the domain the error message i get is
Can't find server name for address 10.100.1.1 (ip address of dns server) Non-existent domain
Can't find server name for address 10.100.1.2 (ip address of other dns server) Non-existent domain
Default SErver: Unknown
Address 10.100.1.1
whats interesting is that it still resolves names when i punch in a computer name at the nslookup prompt
ASKER
im looking at the reverse dns zones and something seems a little strange.
my network is a 10.100.0.0\16
the reverse zone is 0.100.10.in-addr.arpa
shouldnt the reverse zone be
100.10.in-addr.arpa
my network is a 10.100.0.0\16
the reverse zone is 0.100.10.in-addr.arpa
shouldnt the reverse zone be
100.10.in-addr.arpa
hi jamesmetcalf74,
When you ping the faulty machine from another computer, do you get a reply?
Secondly, kindly open the DNS console and check for the A records in the forward lookup zone for the said machine and the PTR records in the reverse lookup zone
Thirdly, have you set "Register this connection's address in DNS" under DNS in the Advanced properties of TCP/IP of the LAN connection?
B Rgds,
Mkeiwua
When you ping the faulty machine from another computer, do you get a reply?
Secondly, kindly open the DNS console and check for the A records in the forward lookup zone for the said machine and the PTR records in the reverse lookup zone
Thirdly, have you set "Register this connection's address in DNS" under DNS in the Advanced properties of TCP/IP of the LAN connection?
B Rgds,
Mkeiwua
Yeah it should be.
I don't think so because the Reverse Lookup Wizard normally tells you to enter the first three octects of the IP Address e.g
A.B.C and then it sets up the name of the Reverse Lookup Zone as : C.B.A.in-addr.arpa
B Rgds,
Mkeiwua
see attached
Reverse.Lookup.png
A.B.C and then it sets up the name of the Reverse Lookup Zone as : C.B.A.in-addr.arpa
B Rgds,
Mkeiwua
see attached
Reverse.Lookup.png
But he's got a 16-bit subnet mask, so it should indeed be 100.10.in-addr.arpa.
Yes but as per attached diagram, doesn't the reverse lookup wizard need all three octects and as it says
"If you use a zero in the network ID, it will appear in the zone name......."
i.e. 10.100.0.0/16 would become 0.100.10.in-addr.arpa?
Or am i missing something?
B Rgds,
Mkeiwua
"If you use a zero in the network ID, it will appear in the zone name......."
i.e. 10.100.0.0/16 would become 0.100.10.in-addr.arpa?
Or am i missing something?
B Rgds,
Mkeiwua
IT seems that the first part of DNS look up itself is getting failed. First you must need to focus on right DNS server configuration on the properties of you LAN card on workstation.
mkeiwua: you are correct, reverse lookup zone are listed with the octets reversed. Actually the screenshot above gives an example of 10.0 being listed as 0.10...
yes nole, i think with the author's consent we can go back to solving the problem....as in his reverse lookup zone is okay as it is.
make sure that the subnet mask on the network adapter is /16.
Even though the reverse lookup zone wizard provides blanks for three octets, you do not have to fill them all in, and with a 16-bit mask, you should leave the last blank empty. This will create the 100.10.in-addr.arpa reverse lookup zone, which is the correct zone for this network. 0.100.10.in-addr.arpa is definitely not correct.
Totally missed that! He should then be having DNS resolution issues on the other machines/network as well.
B Rgds,
Mkeiwua
B Rgds,
Mkeiwua
The clients should get the same "Can't find server name for address..." error when they first run nslookup, but all that error signifies is that nslookup wasn't able to resolve the server's IP address to a hostname using reverse lookup; it doesn't indicate any kind of failure beyond that, which is why forward lookups are still working normally.
I don't like that error message, personally. It makes you think something is really wrong, when in actuality everything except reverse lookup could be working just fine...and aside from mail servers, how often does anyone use reverse lookup in day-to-day operations anyway? :)
I don't like that error message, personally. It makes you think something is really wrong, when in actuality everything except reverse lookup could be working just fine...and aside from mail servers, how often does anyone use reverse lookup in day-to-day operations anyway? :)
yeah, i agree. i had initially thought that it was just one machine with the problem, thats why was quick to look away from the reverse lookup suggestion...
Thanks Dave.
B Rgds,
Mkeiwua
Thanks Dave.
B Rgds,
Mkeiwua
ASKER
sorry for the long delay.
you seem to have the symptons nailed.
all workstations on the domain have the same symptons.
im going to post the known symptons.
first attachment is the original error messages when i start nslookup.
it does resolve host names on our network.
the second is the dns event viewer which has a ton of erros that are identical except that they refer to different subnets on our network. (branch office vpns)
the reverse address circled in black is the one that was created by default.
the one circled in red is the one i created yesterday.
the address blackened out is our public ip address.... should that be in there?
nslookup-error-and-name-res.JPG
dns-event-viewer.JPG
you seem to have the symptons nailed.
all workstations on the domain have the same symptons.
im going to post the known symptons.
first attachment is the original error messages when i start nslookup.
it does resolve host names on our network.
the second is the dns event viewer which has a ton of erros that are identical except that they refer to different subnets on our network. (branch office vpns)
the reverse address circled in black is the one that was created by default.
the one circled in red is the one i created yesterday.
the address blackened out is our public ip address.... should that be in there?
nslookup-error-and-name-res.JPG
dns-event-viewer.JPG
ASKER
one more sympton
the reverse zone i created.
100.10i-addr.arpa is not in the other domain controller
neither is the 0.in.-addr.arpa
the reverse zone i created.
100.10i-addr.arpa is not in the other domain controller
neither is the 0.in.-addr.arpa
Run dcdiag then post results.
ASKER
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Site 1\SERVERNAME
Starting test: Connectivity
......................... SERVERNAME passed test Connectivity
Doing primary tests
Testing server: Site 1\SERVERNAME
Starting test: Replications
......................... SERVERNAME passed test Replications
Starting test: NCSecDesc
......................... SERVERNAME passed test NCSecDesc
Starting test: NetLogons
......................... SERVERNAME passed test NetLogons
Starting test: Advertising
......................... SERVERNAME passed test Advertising
Starting test: KnowsOfRoleHolders
......................... SERVERNAME passed test KnowsOfRoleHolders
Starting test: RidManager
......................... SERVERNAME passed test RidManager
Starting test: MachineAccount
Warning: Attribute userAccountControl of SERVERNAME is: 0x82020 = ( UF_PASSWD_NOTREQD | UF_SERVER_TRUST_ACCOUNT | UF_TRUSTED_FOR_DELEGATION )
Typical setting for a DC is 0x82000 = ( UF_SERVER_TRUST_ACCOUNT | UF_TRUSTED_FOR_DELEGATION )
This may be affecting replication?
......................... SERVERNAME passed test MachineAccount
Starting test: Services
......................... SERVERNAME passed test Services
Starting test: ObjectsReplicated
......................... SERVERNAME passed test ObjectsReplicated
Starting test: frssysvol
......................... SERVERNAME passed test frssysvol
Starting test: frsevent
......................... SERVERNAME passed test frsevent
Starting test: kccevent
......................... SERVERNAME passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x825A0011
Time Generated: 04/12/2010 15:20:12
(Event String could not be retrieved)
......................... SERVERNAME failed test systemlog
Starting test: VerifyReferences
......................... SERVERNAME passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : ci
Starting test: CrossRefValidation
......................... ci passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ci passed test CheckSDRefDom
Running enterprise tests on : "domain name"
Starting test: Intersite
......................... "domain name" passed test Intersite
Starting test: FsmoCheck
......................... "domain name" passed test FsmoCheck
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Site 1\SERVERNAME
Starting test: Connectivity
......................... SERVERNAME passed test Connectivity
Doing primary tests
Testing server: Site 1\SERVERNAME
Starting test: Replications
......................... SERVERNAME passed test Replications
Starting test: NCSecDesc
......................... SERVERNAME passed test NCSecDesc
Starting test: NetLogons
......................... SERVERNAME passed test NetLogons
Starting test: Advertising
......................... SERVERNAME passed test Advertising
Starting test: KnowsOfRoleHolders
......................... SERVERNAME passed test KnowsOfRoleHolders
Starting test: RidManager
......................... SERVERNAME passed test RidManager
Starting test: MachineAccount
Warning: Attribute userAccountControl of SERVERNAME is: 0x82020 = ( UF_PASSWD_NOTREQD | UF_SERVER_TRUST_ACCOUNT | UF_TRUSTED_FOR_DELEGATION )
Typical setting for a DC is 0x82000 = ( UF_SERVER_TRUST_ACCOUNT | UF_TRUSTED_FOR_DELEGATION )
This may be affecting replication?
......................... SERVERNAME passed test MachineAccount
Starting test: Services
......................... SERVERNAME passed test Services
Starting test: ObjectsReplicated
......................... SERVERNAME passed test ObjectsReplicated
Starting test: frssysvol
......................... SERVERNAME passed test frssysvol
Starting test: frsevent
......................... SERVERNAME passed test frsevent
Starting test: kccevent
......................... SERVERNAME passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x825A0011
Time Generated: 04/12/2010 15:20:12
(Event String could not be retrieved)
......................... SERVERNAME failed test systemlog
Starting test: VerifyReferences
......................... SERVERNAME passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : ci
Starting test: CrossRefValidation
......................... ci passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ci passed test CheckSDRefDom
Running enterprise tests on : "domain name"
Starting test: Intersite
......................... "domain name" passed test Intersite
Starting test: FsmoCheck
......................... "domain name" passed test FsmoCheck
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
repadmin /showrepl was successful for all tests on both dc's
there is 2 records in 0.in-addr.arpa
start of authority record and ns record
there is 2 records in 0.in-addr.arpa
start of authority record and ns record
Do you have PTR records in your reverse lookup zone.
Upon further review, the 0.in-addr.arpa and 255.in-addr.arpa zones normally show up in advanced-view mode (which you're in), so you can ignore them.
Make sure you are only pointing to internal DNS servers.