Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 363
  • Last Modified:

What I know is a simple DNS problem I cannot find the fix

I have a few clients that are still running Windows Server 2003. I installed Spiceworks recently in 2 of them to help me track inventory and monitor software installs and changes. Anyway, I got a bunch of errors in SW telling me that IP address did not have mapping machine names in DNS.

So, I went into DNS on server and sure enough, there are Reverse Zones setup but there is no data in them except server info. I know in the past I have had this zone full of all machines on the network. I logged into others clients I have and this is the same. A Reverse Zone is there but no data is in it so this is obviously something I have done along the way but I cannot figure out what.
The domain has only 1 server. DHCP and DNS is running from server as well as AD.

What I've done so far:
I have removed the Zone.
Create a new Reverse Zone.
Make it AD connected.
Set it to allow all updates secure and non-secure
DNS is set to point to only server in DHCP
Server DNS uses itself ONLY!
Forwarders are setup on server for outside requests.
NsLookUp shows server name as server.
It will also search any and all names or numbers successfully without errors.
If I go into the Forward lookup zone, it is filled with local machine information.
If I right click one of the listings, the check box near the bottom is checked for Update Associated Pointer Record.


What am I missing? How do I get the Reverse Zone list populated??
0
Luuker
Asked:
Luuker
  • 8
  • 3
  • 2
  • +2
1 Solution
 
Richard2k4Commented:
within your DHCP settings have you configure your server to update dns and pointer records?

 DHCPDNS settings
0
 
gtfijiCommented:
You might want to check the Start of Authority record in the reverse lookup zone.  Make sure that the name of the Primary Server referred to in the SOA record matches an Address record in a forward lookup zone, and that Address record points to the DNS server.  If the SOA or the "glue" A record are not configured right, dynamic updates will fail, even if everything else you describes is configured correctly.

Also, make sure you have created a reverse lookup zone that can "catch" all of the records that are being created.  For instance, if you have IP addresses of 10.0.0.x and 10.0.1.x, and you use the wizard to create a reverse zone with three fields poplated, like 10.0.0 , only PTR records corresponding to addresses with a zero in the third octet can be stored in your zone.  Any other records will fail to be created, whether you try to create records manually or have them dynamically registered.  If you have 10.x.x.x addresses, it's probably best to create a single zone with just the 10 typed in to the wizard (leaving two fields blank).  Note that it is COMPLETELY irrelevant what subnet mask you are using when you choose what to type in to the wizard there. . .all you are doing is choosing how many buckets to put all of the PTR records into.  If you want a bunch of little buckets that you can replicate to specific DNS servers, by all means create zones of 10.0.0.x, 10.0.1.x, 10.0.2.x, etc.  But if you want to create a big bucket that can handle the widest variety of addresses, create one reverse lookup zones with all 10.x.x.x addresses.
0
 
LuukerAuthor Commented:
Rickard2K4 - The DHCP option is already turned on. I even have it set to ALWAYS update.
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
LuukerAuthor Commented:
qtfiji - I checked the SOA record in the reverse zone and it is pointing to the right server. Also the records in the forward zone are correct with the server listed on all the right catagories.
Our internal IP scheme is 192.168.1.x so when I created the reverse zone I used the entire 3 octets. There are only about 40 machines in here so there was no need for anything fancy. I am pretty sure the zone itself is set up correctly.
0
 
Richard2k4Commented:
if you do an IPCONFIG /REGISTERDNS   does it show up?
0
 
LuukerAuthor Commented:
Nope, tried that. I was going to write it into the logon script if it did.
0
 
rdhoore108Commented:
Do you see any related errors in the dns event log of the server running DNS?
0
 
LuukerAuthor Commented:
No errors at all, only success.
0
 
rdhoore108Commented:
Could it be that on the clients of that server, there more DNS servers defined than only that server? If so, it is almost impossible to predict which one your client will be using to register itself in the DNS.

Apart from that, I had a quick read a bit here and there, and came across the following article, which seems to say that only a DHCP server is able to automatically set the PTR records in DNS, so you might want to check the DHCP service configuration:

http://www.windowsreference.com/dns/how-to-create-dns-reverse-lookup-zone-in-windows-server-2003/ 
0
 
LuukerAuthor Commented:
Everything pointed out in these instructions have already been done.
0
 
rdhoore108Commented:
But are the clients using DHCP, or do they have fixed IP addresses?

Are you able to create a reverse address manually? I would find it very strange that you can do it, but the DHCP server cannot...
0
 
LuukerAuthor Commented:
The clients are using DHCP. I am also able to create the records manually without a problem. Like I said, this isn't making any sense.
The DHCP server is also the domain DNS server as well. This is a single server network.
I also have some machines set with static addresses assigned using the DHCP server. The reservations are active and even they do not have ptr records.
0
 
Suryanarayan Balakrishnan IyerSenior ConsultantCommented:
Guess this is something to do with the register this dns suffix -- which can be found in the properties of LAN setting. I am not sure about it, but I guess this could be one option to check on along with the IP provided on the primary and secondary DNS option in LAN setiing or N/W card properties.

Thanks & Regards.
0
 
LuukerAuthor Commented:
So the thought process could be workstation NIC issues. Well, the server is 2003 std. And the workstations are all WIN 7 PRO. I will check whatever properties I can find on the machine NIC's and see if I can adjust anything there. I will know tomorrow after 3 est.
0
 
LuukerAuthor Commented:
Nothing really worked. There was no way to force the issue that I could find. Some of the records are right and some are not there. Every machine is setup the same on both networks. There isn't a reason for this to not be working. I chose this solution because technically, this would be the right way to fix the problem, it just didn't work in this case.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 8
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now