Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

DNS problems with Windows Server 2008 R2

Posted on 2010-08-16
8
Medium Priority
?
1,570 Views
Last Modified: 2012-06-21
I know troubleshooting DNS problems may be tricky, but my configuration is so simple it just should work - but it doesn't.


Here's my setup (all machines are Windows Server 2008 R2):
MachineA has been made a domain controller and DNS-server, following the instructions on http://www.elmajdal.net/win2k8/setting_up_your_first_domain_controller_with_windows_server_2008.aspx.
The only exception is that MachineA has a dynamic IP-address. This gave me a warning somewhere during the promotion, but I (perhaps incorrectly) ignored it.
The IP-address of MachineA is 192.168.0.195, and been reserved in the router. The router's IP-address is 192.168.0.1
The network controller's primary DNS has been set to 127.0.0.1 (this was done by the promotion wizard, not me).

Now, when I try to join MachineB to the domain, I get an error (see last for the entire message). It is very easy to work around, by hard-coding the primary DNS to point to MachineA (192.168.0.195). But the fact that I have to do this makes me feel uneasy, I guess this could bite me later. Also, I will install more machines, and having to hard-code the primary DNS is awkward and error-prone.

So, any ideas what could be wrong?

Thanks!
/Fredrik

Here's the error message:

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "jooba.local":

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.radionet.local

Common causes of this error include the following:

- The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:

192.168.0.1

- One or more of the following zones do not include delegation to its child zone:

jooba.local
local
. (the root zone)

 
0
Comment
Question by:gunman69
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 27

Expert Comment

by:DrDave242
ID: 33449961
You mentioned having to hard-code the DNS server address.  What was it set to before you did that?
I would not recommend using a DHCP address on a domain controller.  If you've got a reservation configured, then everything should work, but I personally prefer static addresses where DCs are concerned.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33449970
All DCs should have static IPs addresses they should not be using Dynamic at all. So, setup a static IP address for  your DC.

In your TCP\IP settings on the DC point the DC to itself for DNS only by using the actualy IP address not the 127.0.0.1 IP then run ipconfig /flushdns, ipconfig /registerdns, and dcdiag /fix.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33449984
Well looks like your system is pointing to your router for DNS 192.168.0.1 if you look in the error log.

Make sure all systems point to the DC for DNS only in their TCP\IP settings make sure your DHCP server is setup properly.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 16

Expert Comment

by:Bruno PACI
ID: 33450474
Hi,

It looks like your routeur is also the DHCP server of your network and then it gives bad DNS address to your computers. The good DNS address should be 192.168.0.195 and no other !

You then have 2 choice :

1) You modify DHCP properties on yoru routeur so that it gives 192.168.0.195 instead of 192.168.0.1 as the primary DNS server, and no secondary DNS server. You add a DNS forwarder in the DNS server settings of your MachineA computer so that DNS request for unknown DNS zones are pushed to 192.168.0.1.

2) You disable DHCP functionality on your routeur and you install DHCP Server service on your MachineA computer. You create the same DHCP range and you configure the DHCP option to give 192.168.0.195 as primary DNS server.

I suppose there is no need TO REPEAT that YOU SHOULD NOT have dynamic IP addresses configured on your DCs ! YOU SHOULD configure fully static IP settings on MachineA !!!!!


Have a good day.

0
 

Author Comment

by:gunman69
ID: 33460070
PaciB: That makes a lot of sense, thanks!

Embarrassingly enough, I cannot get it option 1 to work... Our D-Link DIR-635 router does not seem to have a way to change the primary DNS-server :-(

Or am I missing something? If you have time to browse through the manual, that would be awesome!
ftp://ftp.dlink.co.uk/dir_products/dir-635/DIR-635_manual_10.pdf
0
 
LVL 27

Assisted Solution

by:DrDave242
DrDave242 earned 664 total points
ID: 33460092
Some routers don't allow you to change the DNS settings that they give out via DHCP.  You're probably better off going with option 2 (disable DHCP on the router and install it on your server) anyway.  You'll have much greater control over DHCP that way.
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 668 total points
ID: 33460293
Very weird doesn't seem like you can change the DNS setting in the router's configuration first time I have seen this but you should not use the router as a DHCP server in a domain environment anyways.

Uncheck the DHCP option in you router.

http://support.dlink.com/emulators/dir635/109/Basic_Network.html

Here is an artical on setting up DHCP server on Windows 2008 server.

http://www.windowsnetworking.com/articles_tutorials/How-to-Install-Configure-Windows-Server-2008-DHCP-Server.html
0
 
LVL 16

Assisted Solution

by:Bruno PACI
Bruno PACI earned 668 total points
ID: 33470277
Hi,

Ok... It's hard to believe but it seems like some lazzy constructors forgot to implement DHCP options !

So, if you really want to ignore all experts good advices about not using dynamic IP configuration on DCs, your better choice is to disable DHCP on the router and install DHCP service on one of your internal server. By the way, the DHCP server MUST use a static IP address. So you can avoid to have at least one server with static IP.

With your own DHCP server you'll be able to configure all options easily.

Have a good day.
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

783 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question