JA Network
asked on
Internal DNS not working right
Got a wierd one here...
All my clients (win xp, and non-windows Xerox printer) cannot access the network shares through the domain Alias.
Here is my structure:
The NAS("Storage1") has an IP assigned to it in DNS Manager.
Also in DNS Manager, there is another Alias (CNAME) called "Shares" pointing to "Storage1".
(Windows Server 2008)
Clients can ping the IP address of the NAS. They can also ping (AND ACCESS!) the NAS through the "Storage1" name, but when they try to access "Shares" they get an error message stating:
Could not find the domain controller to this domain.
The big thing I changed was I added a RODC to the network, but since these problems occurred, I have stopped all the services that are running on that RODC
any ideas?
All my clients (win xp, and non-windows Xerox printer) cannot access the network shares through the domain Alias.
Here is my structure:
The NAS("Storage1") has an IP assigned to it in DNS Manager.
Also in DNS Manager, there is another Alias (CNAME) called "Shares" pointing to "Storage1".
(Windows Server 2008)
Clients can ping the IP address of the NAS. They can also ping (AND ACCESS!) the NAS through the "Storage1" name, but when they try to access "Shares" they get an error message stating:
Could not find the domain controller to this domain.
The big thing I changed was I added a RODC to the network, but since these problems occurred, I have stopped all the services that are running on that RODC
any ideas?
ASKER
thanks for the quick answer, but ping doesn't work for either name.
Could I provide any more info for you?
Could I provide any more info for you?
Make sure that in the CNAME record, you have entered the FQDN of the TARGET server properly, i.e.: storage1.domain.com.
ASKER
yes, that is confirmed...I browsed for the appropriate machine to point to, and it automatically populated the full name
how is your cname record created? Did you specify the complete name ending with a . ?
ASKER
I just checked and it does have the . It's wierd, it was all (multiple CNAMEs) working fine up until I made the RODC. After that, no one could access it anymore.
since then, i've stopped all the services on the RODC (like dns, and AD) to see if it would help, but I dont' know what to do now..
Thanks in advance for the help...
since then, i've stopped all the services on the RODC (like dns, and AD) to see if it would help, but I dont' know what to do now..
Thanks in advance for the help...
tried ipconfig /flushdns ?
what if you use another name for the storage device instead of "Shares". See if another name works. If yes delete the cname shares and see if you can ping the hostname shares. Maybe the name shares is reserved , i don't know.
what if you use another name for the storage device instead of "Shares". See if another name works. If yes delete the cname shares and see if you can ping the hostname shares. Maybe the name shares is reserved , i don't know.
ASKER
I dont think the issue is with the CNAMEs..they have been working for months previous to setting up this RODC. After the RODC was created, I ran into these issues.
I'm considering turning off the RODC for now, but how do you make sure that after turning off the server, all the settings are reverted back. I think there may be a conflict with this new server and DNS issues.
Thanks!
I'm considering turning off the RODC for now, but how do you make sure that after turning off the server, all the settings are reverted back. I think there may be a conflict with this new server and DNS issues.
Thanks!
ASKER
So after doing some more research, it looks like I can't ping STATIC PTR records only. All the host records ping fine, but I get no response from the static ones...
any ideas?
any ideas?
what is your ip / subnet?
ASKER
172.20.1.1 /16
are static ones grouped ? if so how?
ASKER
well, if I go into DNS manager, I will see a mix of Static Timestamped entries, belonging to the Host type as well as the Alias type.
All of the other entries that do not have a Static timestamp are pingable.
All of the other entries that do not have a Static timestamp are pingable.
Hi,
Making an alias in DNS to create a secondary nalme for a Windows server is not enoughb to allow users to access the server via this new name ! SMB protocols is not a simple IP protocol and it checks the NetBIOS name used to acces the shared ressource to ensure that it is the real name of the server.
To be more clear, even if you make things in DNS so that IP traffic reach the good server, the SMB protocol will fail because the NetBIOS name used in the UNC path is not matching the name of the server.
There is a way to give additional NetBIOS names to a Windows server. You'll need to modify some registry keys and then restart your server.
This article explains all you need to do in the registry : http://thelazyadmin.com/blogs/thelazyadmin/archive/2006/07/18/Configuring-Additional-NetBIOS-Names.aspx
I've already successfully done that on a Windows 2003 R2 server and on a Windows 2008 server.
Have a good day.
Making an alias in DNS to create a secondary nalme for a Windows server is not enoughb to allow users to access the server via this new name ! SMB protocols is not a simple IP protocol and it checks the NetBIOS name used to acces the shared ressource to ensure that it is the real name of the server.
To be more clear, even if you make things in DNS so that IP traffic reach the good server, the SMB protocol will fail because the NetBIOS name used in the UNC path is not matching the name of the server.
There is a way to give additional NetBIOS names to a Windows server. You'll need to modify some registry keys and then restart your server.
This article explains all you need to do in the registry : http://thelazyadmin.com/blogs/thelazyadmin/archive/2006/07/18/Configuring-Additional-NetBIOS-Names.aspx
I've already successfully done that on a Windows 2003 R2 server and on a Windows 2008 server.
Have a good day.
ASKER
I guess I should re-ask my question since there has been a lot of back and forth now. Thanks for all those who have offered help!
A couple of days ago, I attempted to set up an RODC that had the DNS role to it. Since then, my users were unable to access the Network Shared Drive (let's call it SharedFolder). Furthermore, they were unable to ping SharedFolder.
After some troubleshooting, I found that SharedFolder was just a CNAME record to my NAS Device (let's call this Storage1), and that Storage1, itself had a host record pointing to a specific IP Address.
Trying to ping that, I was successful in both pinging the IP address directly, as well as the Storage1 name. If I tried to ping higher up to SharedFolder, it would come back unresponsive.
After this, I started to ping every other entry that had a Static Timestamp (which was a mix of Host records and CNAME records), but they all failed.
After that, I removed the DNS role from my RODC, thinking that this was causing the issue, but now I am still stuck...
I hope I was able to clear it up, and thanks again for the input!
A couple of days ago, I attempted to set up an RODC that had the DNS role to it. Since then, my users were unable to access the Network Shared Drive (let's call it SharedFolder). Furthermore, they were unable to ping SharedFolder.
After some troubleshooting, I found that SharedFolder was just a CNAME record to my NAS Device (let's call this Storage1), and that Storage1, itself had a host record pointing to a specific IP Address.
Trying to ping that, I was successful in both pinging the IP address directly, as well as the Storage1 name. If I tried to ping higher up to SharedFolder, it would come back unresponsive.
After this, I started to ping every other entry that had a Static Timestamp (which was a mix of Host records and CNAME records), but they all failed.
After that, I removed the DNS role from my RODC, thinking that this was causing the issue, but now I am still stuck...
I hope I was able to clear it up, and thanks again for the input!
Just my 2¢.
I would point `Shares' to the IP address as well. The way you have it is has to do a double dns look-up and I think that is what is causing problems. Just a thought.
I would point `Shares' to the IP address as well. The way you have it is has to do a double dns look-up and I think that is what is causing problems. Just a thought.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
just wasn't really clear and I didn't get much help from the community
try ping to shares.domain.tld of your local lan domain.