• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 675
  • Last Modified:

DNS and Nslookup question Active Directory

Hi,

I have just type nslookup 'AD domain name' and it returned a list of DC's
but also a strange IP of a subnet.

For example:

Name: gb.vo.local
Addresses: 192.168.21.4
192.168.21.0 (what is this?)
192.168.21.1  - this is DC1
192.168.21.2  - this is DC2

In DNS:

(same as parent folder) - 192.168.21.0

This is 192.168.21.0 the IP of a subnet (what is this?)

I am having the same problem but pointing to a different IP.

http://forums.techarena.in/active-directory/1205416.htm

Why this happens? Any ideas?
0
llarava
Asked:
llarava
  • 11
  • 6
1 Solution
 
SteveeBCommented:
192.168.21.0 is not a valid IP address. It  is used in routing tables and by the Internet Protocol internally to identify the 192.168.21.x network as a whole
0
 
BDoellefeldCommented:
Are you using a 24 bit subnet? What is the subnet mask that is set?
0
 
SteveeBCommented:
Are you having any DNS problems on the LAN?

(same as parent folder) - 192.168.21.0 this is not good, it should be
(same as parent folder) - 192.168.21.x (x= IP that you want the root of the domain to point to)

so for example if all you have in your dns is (same as parent folder) - 192.168.21.0, and your DNS zone is company.com, if someone will try to ping company.com it will not work.

If you are hosting a website, typically you would point (same as parent folder) - 192.168.21.x to IP of your website so that users can browse the site using company.com
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
llaravaAuthor Commented:
Basically a third party app that was using AD authentication was failing to authenticate because sometimes the query was going to the subnet IP instead of the DC.

I don't know why the IP was registered there...how could you create (same as parent folder) record?

0
 
SteveeBCommented:
On the domain controller, go to the DNS MMC plugin, look at my screenshot

You can double click on that record and change the 0 to something else.

Is your subnet mask 255.255.255.0 ?
SampleDNS.JPG
0
 
SteveeBCommented:
It can be created by just creating new (A) record, input the IP in lower portion, leave top portion empty.
0
 
llaravaAuthor Commented:
You can double click on that record and change the 0 to something else.  --> What is this?

Is your subnet mask 255.255.255.0 ? yes
0
 
SteveeBCommented:
See the 3rd record from the top in screenshot, you can double click on it, on your DNS server and change the 192.168.21.0 to something else like 192.168.21.1
0
 
SteveeBCommented:
sorry 4th record from top in my screenshot
0
 
llaravaAuthor Commented:
Right, the problem is that the record was created there and I don't know why that happened.

My DC's are all good in DNS but somehow this record showed up there...

How do you create a new (same as parent folder) record.
0
 
SteveeBCommented:
to create a new one, just create a new (A) record, input the IP in lower portion, leave top portion empty.
0
 
llaravaAuthor Commented:
input the IP in lower portion, leave top portion empty - Can you please give an example of this?
0
 
SteveeBCommented:
You have access to the domain controller server? If so do you know how to get to the DNS console?
0
 
llaravaAuthor Commented:
Yes I am in the console. I just don't understand the "IP in lower portion, leave top portion empty"
0
 
SteveeBCommented:
right click and choose create new (A) record, in window that pop-s up, leave the Name field blank and just put in an IP address, click add host, this will create a new

(same as parent folder) record.
NewDNS.JPG
0
 
llaravaAuthor Commented:
The question is why would you create (same as parent folder) record?

Thank you!
0
 
SteveeBCommented:
so that if a client device, lets say IE browser, if you type in url company.com unless there is a (same as parent folder) record it will not be able to resolve to IP address. now usually I know there is a www record but my point is what if you don't use www. in the URL, you need the root record.

Think of it like this as an example
ns1.company.com - 192.168.1.1
ns2.company.com - 192.168.1.2
www.company.com - 192.168.1.6
ftp.company.com - 192.168.1.7
mail.company.com 192.168.1.8
company.com ?

0
 
SteveeBCommented:
In active directory dns zone this record should point to ip of domain controller
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 11
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now