Solved

What I know is a simple DNS problem I cannot find the fix

Posted on 2011-02-14
15
350 Views
Last Modified: 2012-05-11
I have a few clients that are still running Windows Server 2003. I installed Spiceworks recently in 2 of them to help me track inventory and monitor software installs and changes. Anyway, I got a bunch of errors in SW telling me that IP address did not have mapping machine names in DNS.

So, I went into DNS on server and sure enough, there are Reverse Zones setup but there is no data in them except server info. I know in the past I have had this zone full of all machines on the network. I logged into others clients I have and this is the same. A Reverse Zone is there but no data is in it so this is obviously something I have done along the way but I cannot figure out what.
The domain has only 1 server. DHCP and DNS is running from server as well as AD.

What I've done so far:
I have removed the Zone.
Create a new Reverse Zone.
Make it AD connected.
Set it to allow all updates secure and non-secure
DNS is set to point to only server in DHCP
Server DNS uses itself ONLY!
Forwarders are setup on server for outside requests.
NsLookUp shows server name as server.
It will also search any and all names or numbers successfully without errors.
If I go into the Forward lookup zone, it is filled with local machine information.
If I right click one of the listings, the check box near the bottom is checked for Update Associated Pointer Record.


What am I missing? How do I get the Reverse Zone list populated??
0
Comment
Question by:Luuker
  • 8
  • 3
  • 2
  • +2
15 Comments
 
LVL 3

Accepted Solution

by:
Richard2k4 earned 500 total points
ID: 34893642
within your DHCP settings have you configure your server to update dns and pointer records?

 DHCPDNS settings
0
 
LVL 2

Expert Comment

by:gtfiji
ID: 34899218
You might want to check the Start of Authority record in the reverse lookup zone.  Make sure that the name of the Primary Server referred to in the SOA record matches an Address record in a forward lookup zone, and that Address record points to the DNS server.  If the SOA or the "glue" A record are not configured right, dynamic updates will fail, even if everything else you describes is configured correctly.

Also, make sure you have created a reverse lookup zone that can "catch" all of the records that are being created.  For instance, if you have IP addresses of 10.0.0.x and 10.0.1.x, and you use the wizard to create a reverse zone with three fields poplated, like 10.0.0 , only PTR records corresponding to addresses with a zero in the third octet can be stored in your zone.  Any other records will fail to be created, whether you try to create records manually or have them dynamically registered.  If you have 10.x.x.x addresses, it's probably best to create a single zone with just the 10 typed in to the wizard (leaving two fields blank).  Note that it is COMPLETELY irrelevant what subnet mask you are using when you choose what to type in to the wizard there. . .all you are doing is choosing how many buckets to put all of the PTR records into.  If you want a bunch of little buckets that you can replicate to specific DNS servers, by all means create zones of 10.0.0.x, 10.0.1.x, 10.0.2.x, etc.  But if you want to create a big bucket that can handle the widest variety of addresses, create one reverse lookup zones with all 10.x.x.x addresses.
0
 

Author Comment

by:Luuker
ID: 34910802
Rickard2K4 - The DHCP option is already turned on. I even have it set to ALWAYS update.
0
 

Author Comment

by:Luuker
ID: 34910855
qtfiji - I checked the SOA record in the reverse zone and it is pointing to the right server. Also the records in the forward zone are correct with the server listed on all the right catagories.
Our internal IP scheme is 192.168.1.x so when I created the reverse zone I used the entire 3 octets. There are only about 40 machines in here so there was no need for anything fancy. I am pretty sure the zone itself is set up correctly.
0
 
LVL 3

Expert Comment

by:Richard2k4
ID: 34911010
if you do an IPCONFIG /REGISTERDNS   does it show up?
0
 

Author Comment

by:Luuker
ID: 34911162
Nope, tried that. I was going to write it into the logon script if it did.
0
 
LVL 5

Expert Comment

by:rdhoore108
ID: 34932742
Do you see any related errors in the dns event log of the server running DNS?
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 

Author Comment

by:Luuker
ID: 34934633
No errors at all, only success.
0
 
LVL 5

Expert Comment

by:rdhoore108
ID: 34936267
Could it be that on the clients of that server, there more DNS servers defined than only that server? If so, it is almost impossible to predict which one your client will be using to register itself in the DNS.

Apart from that, I had a quick read a bit here and there, and came across the following article, which seems to say that only a DHCP server is able to automatically set the PTR records in DNS, so you might want to check the DHCP service configuration:

http://www.windowsreference.com/dns/how-to-create-dns-reverse-lookup-zone-in-windows-server-2003/
0
 

Author Comment

by:Luuker
ID: 34947732
Everything pointed out in these instructions have already been done.
0
 
LVL 5

Expert Comment

by:rdhoore108
ID: 34949236
But are the clients using DHCP, or do they have fixed IP addresses?

Are you able to create a reverse address manually? I would find it very strange that you can do it, but the DHCP server cannot...
0
 

Author Comment

by:Luuker
ID: 34949270
The clients are using DHCP. I am also able to create the records manually without a problem. Like I said, this isn't making any sense.
The DHCP server is also the domain DNS server as well. This is a single server network.
I also have some machines set with static addresses assigned using the DHCP server. The reservations are active and even they do not have ptr records.
0
 
LVL 3

Expert Comment

by:Suryanarayan Balakrishnan Iyer
ID: 34949294
Guess this is something to do with the register this dns suffix -- which can be found in the properties of LAN setting. I am not sure about it, but I guess this could be one option to check on along with the IP provided on the primary and secondary DNS option in LAN setiing or N/W card properties.

Thanks & Regards.
0
 

Author Comment

by:Luuker
ID: 34949395
So the thought process could be workstation NIC issues. Well, the server is 2003 std. And the workstations are all WIN 7 PRO. I will check whatever properties I can find on the machine NIC's and see if I can adjust anything there. I will know tomorrow after 3 est.
0
 

Author Closing Comment

by:Luuker
ID: 35842696
Nothing really worked. There was no way to force the issue that I could find. Some of the records are right and some are not there. Every machine is setup the same on both networks. There isn't a reason for this to not be working. I chose this solution because technically, this would be the right way to fix the problem, it just didn't work in this case.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
This video discusses moving either the default database or any database to a new volume.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now