Domain controller is registering additional network interface IP into DNS

We have a Windows 2003 R2 Domain controller which has two network cards.  One network card goes to the LAN (10.30.0.0/16), and the other goes to a SAN (192.168.10.0/24).  For some reason, the IP address for the second network adapter is registering in DNS.

On the server, I have opened DNS management console and configured the server to only listen on the LAN interface.  I have also configured the SAN network connection to not register the connection's address in DNS.

What else am I missing?  The IP address for the SAN interface keeps appearing in DNS as an A record for the domain.  I manually delete it but it re-appears after a day or so.  When it shows up in DNS, client computers sometimes will not run logon scripts etc.  Any ideas?
LVL 1
BBG-BBGMAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

KenMcFCommented:
Go into the DNS setting for the second NIC and uncheck register DNS

DCs should not have multiple NICs one them. I would recomend to disable the second one.
BBG-BBGMAuthor Commented:
As I said in my description:  "I have also configured the SAN network connection to not register the connection's address in DNS."
Also, sometimes it is necessary to have a second connection on a DC.  This should not be a problem.
InterframeGapCommented:
1) is dhcp involved with one of the nics?
2) Have you reloaded the problem server (sometimes that just fixes the problem)
3) are you allowing DDNS registration on the problem server (on by default I believe)?
4) Are you allowing DDNS to be received on the DNS Server from the problem server?
5) If you look into the logs or debug of the dns server you may find out what is being registered and by which interface and NIC/MAC (ie., is it the DHCP client name, is it the DDNS entry?)

Douglas

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Become a Microsoft Certified Solutions Expert

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

KenMcFCommented:
Sorry missed that. Do you have DNS servers in the TCP\IP properties on the second NIC?
Adam BrownSenior Systems AdminCommented:
Dual NIC DCs are usually a bad idea because of what you've described. You have to make a bunch of configuration changes to fix the issue. From what I've read, the problem is caused by the fact that DCs use different methods for updating DNS records than Workstations, and that method doesn't respect the removal of the option to register the connection in DNS. This thread: http://forums.techarena.in/active-directory/1206965.htm has a lot of information on fixing the error. There are some configuration changes and modifications you need to make in DNS and some registry tweaks that need to be done to get things working right. I've also seen a hotfix for some issues with Dual Homed DCs, but that hotfix should be included in the most recent service pack for windows 2003 (If you don't have that yet, get it if you can do so without breaking services on your site). http://kbalertz.com/Feedback.aspx?kbNumber=832478 has info and a request link for the hotfix if you need it.
Adam BrownSenior Systems AdminCommented:
As a note, this problem has existed since Windows 2000 and still exists in Windows 2008 (Dealing with it on my test network, since I have a second NIC dedicated to a Hyper-V for SBS 2008 testing. I just configured the second NIC not to register in DNS, so I'll find out if the lack of respect for that setting still happens in Win 2008).
InterframeGapCommented:
2008 is a different beast, would be interested in your thought about w08.  As for the question above, I guess we need to have more information or more precisely more diag information (logs, etc) to give a good answer to the problem or find the problem.
Adam BrownSenior Systems AdminCommented:
Windows 2008 does it to, apparently.
BBG-BBGMAuthor Commented:
Thanks for the replies, everybody.  I just spoke to the rest of my team and we decided to use this problem as an excuse to build a new (2008  R2) domain controller which is single-homed and then demote this dual-homed machine.

We do in fact have another domain controller in another site which is dual homed and is NOT demonstrating this behavior but it is noted that it could happen in the future so we will be prepared.

Adam BrownSenior Systems AdminCommented:
Probably your best bet. Dual NIC DCs are a pain.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS

From novice to tech pro — start learning today.