• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1633
  • Last Modified:

Internal DNS not working right

Got a wierd one here...

All my clients (win xp, and non-windows Xerox printer) cannot access the network shares through the domain Alias.

Here is my structure:
The NAS("Storage1") has an IP assigned to it in DNS Manager.
Also in DNS Manager, there is another Alias (CNAME) called "Shares" pointing to "Storage1".
(Windows Server 2008)

Clients can ping the IP address of the NAS. They can also ping (AND ACCESS!) the NAS through the "Storage1" name, but when they try to access "Shares" they get an error message stating:
Could not find the domain controller to this domain.

The big thing I changed was I added a RODC to the network, but since these problems occurred, I have stopped all the services that are running on that RODC

any ideas?
0
jumpassociates
Asked:
jumpassociates
1 Solution
 
IT-FactoryCommented:
cname only works with fqdn.

try ping to shares.domain.tld of your local lan domain.
0
 
jumpassociatesAuthor Commented:
thanks for the quick answer, but ping doesn't work for either name.

Could I provide any more info for you?
0
 
Hypercat (Deb)Commented:
Make sure that in the CNAME record, you have entered the FQDN of the TARGET server properly, i.e.:  storage1.domain.com.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
jumpassociatesAuthor Commented:
yes, that is confirmed...I browsed for the appropriate machine to point to, and it automatically populated the full name
0
 
IT-FactoryCommented:
how is your cname record created? Did you specify the complete name ending with a . ?
0
 
jumpassociatesAuthor Commented:
I just checked and it does have the . It's wierd, it was all (multiple CNAMEs) working fine up until I made the RODC. After that, no one could access it anymore.

since then, i've stopped all the services on the RODC (like dns, and AD) to see if it would help, but I dont' know what to do now..

Thanks in advance for the help...
0
 
IT-FactoryCommented:
tried ipconfig /flushdns ?

what if you use another name for the storage device instead of "Shares". See if another name works. If yes delete the cname shares and see if you can ping the hostname shares. Maybe the name shares is reserved , i don't know.
0
 
jumpassociatesAuthor Commented:
I dont think the issue is with the CNAMEs..they have been working for months previous to setting up this RODC. After the RODC was created, I ran into these issues.

I'm considering turning off the RODC for now, but how do you make sure that after turning off the server, all the settings are reverted back. I think there may be a conflict with this new server and DNS issues.

Thanks!
0
 
jumpassociatesAuthor Commented:
So after doing some more research, it looks like I can't ping STATIC PTR records only. All the host records ping fine, but I get no response from the static ones...

any ideas?
0
 
IT-FactoryCommented:
what is your ip /  subnet?
0
 
jumpassociatesAuthor Commented:
172.20.1.1 /16
0
 
IT-FactoryCommented:
are static ones grouped ? if so how?
0
 
jumpassociatesAuthor Commented:
well, if I go into DNS manager, I will see a mix of Static Timestamped entries, belonging to the Host type as well as the Alias type.

All of the other entries that do not have a Static timestamp are pingable.
0
 
Bruno PACIIT ConsultantCommented:
Hi,

Making an alias in DNS to create a secondary nalme for a Windows server is not enoughb to allow users to access the server via this new name ! SMB protocols is not a simple IP protocol and it checks the NetBIOS name used to acces the shared ressource to ensure that it is the real name of the server.

To be more clear, even if you make things in DNS so that IP traffic reach the good server, the SMB protocol will fail because the NetBIOS name used in the UNC path is not matching the name of the server.

There is a way to give additional NetBIOS names to a Windows server. You'll need to modify some registry keys and then restart your server.

This article explains all you need to do in the registry : http://thelazyadmin.com/blogs/thelazyadmin/archive/2006/07/18/Configuring-Additional-NetBIOS-Names.aspx


I've already successfully done that on a Windows 2003 R2 server and on a Windows 2008 server.


Have a good day.
0
 
jumpassociatesAuthor Commented:
I guess I should re-ask my question since there has been a lot of back and forth now. Thanks for all those who have offered help!

A couple of days ago, I attempted to set up an RODC that had the DNS role to it. Since then, my users were unable to access the Network Shared Drive (let's call it SharedFolder). Furthermore, they were unable to ping SharedFolder.

After some troubleshooting, I found that SharedFolder was just a CNAME record to my NAS Device (let's call this Storage1), and that Storage1, itself had a host record pointing to a specific IP Address.
Trying to ping that, I was successful in both pinging the IP address directly, as well as the Storage1 name. If I tried to ping higher up to SharedFolder, it would come back unresponsive.

After this, I started to ping every other entry that had a Static Timestamp (which was a mix of Host records and CNAME records), but they all failed.

After that, I removed the DNS role from my RODC, thinking that this was causing the issue, but now I am still stuck...

I hope I was able to clear it up, and thanks again for the input!
0
 
dosdet2Commented:
Just my 2¢.
I would point `Shares' to the IP address as well.  The way you have it is has to do a double dns look-up and I think that is what is causing problems.  Just a thought.
0
 
jumpassociatesAuthor Commented:
turns out that the DNS server wasn't looking up it own internal DNS
0
 
jumpassociatesAuthor Commented:
just wasn't really clear and I didn't get much help from the community
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now