[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

DNS Issue???

Posted on 2011-04-20
53
Medium Priority
?
959 Views
Last Modified: 2013-02-09
I'm trying to do a DNS lookup from several workstations on my domain... I'm getting weldc001.domain can't find workstation x: Server Failed.  I've restarted DNS on my Domain Controller.  If  launch NSLookup from DNS it resolves fine.  I'm not sure what's going on.  I've searched the event viewer and nothing is there.
0
Comment
Question by:WellingtonIS
  • 30
  • 14
  • 7
  • +1
53 Comments
 
LVL 17

Expert Comment

by:Sikhumbuzo Ntsada
ID: 35432929
Try setting up 1 PC with Static IP address and make sure to use your DNS server as primary and then try again.
0
 

Author Comment

by:WellingtonIS
ID: 35432962
We use static IP's. I just noticed taht there is a query error 6268 I wonder if this is causing my issue.
0
 
LVL 17

Expert Comment

by:Sikhumbuzo Ntsada
ID: 35432984
The solution could be here:
http://support.microsoft.com/kb/2003485
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 

Author Comment

by:WellingtonIS
ID: 35433046
I did that but I still can't do nslookup it's failing.
0
 

Author Comment

by:WellingtonIS
ID: 35433062
Interesting it's failing on my Domain Controller now.
0
 
LVL 17

Expert Comment

by:Sikhumbuzo Ntsada
ID: 35433109
Did you stop and start your DNS service afterwards?
0
 

Author Comment

by:WellingtonIS
ID: 35433114
Stranger still.  If I do an NSlookup on the IP address it resolved however is I do and NSLookup on the name it fails???
0
 

Author Comment

by:WellingtonIS
ID: 35433127
Yes I stopped DNS and started it again.  It's working on my DC again both ways - name and IP but not on the workstations.
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 35433142
If it's failing on your DC then consider that there are serious problems with your DNS Server.
Have your run any diagnostics?
dcdiag would be a start.

Otherwise consider the following articles.
http://technet.microsoft.com/en-us/library/cc731991.aspx
http://technet.microsoft.com/en-us/library/bb726934.aspx
0
 

Author Comment

by:WellingtonIS
ID: 35433160
No not failing on the DC anymore - just on the workstations.  I can ping names I can nslookup IP addresses but I can't nslookup names from the workstations.  These workstations have static IP's
0
 

Author Comment

by:WellingtonIS
ID: 35433183
I ran DCdiag and no problems everything passed.
0
 
LVL 17

Expert Comment

by:Sikhumbuzo Ntsada
ID: 35433187
Do you have reverse lookup zone configured?
0
 

Author Comment

by:WellingtonIS
ID: 35433222
Yes many of them and I have 127 255 and 0 too.
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 35433226
Run IPCONFIG /ALL on the workstation to confirm what IP Address it has set as it's DNS server.

Next run just NSLOOKUP on the workstation, don't do nslookup <<name/IP>>
Check the server is it the same as the one in the NIC?
Is it the correct one that it should be pointing to?

Querying the DNS Server directly should confirm if i you can do name resolution from each server.

If you have another DNS Server, then try changing it on that workstation and test it.
0
 
LVL 17

Expert Comment

by:Sikhumbuzo Ntsada
ID: 35433282
please post the properties of the IP settings of your workstation.
0
 

Author Comment

by:WellingtonIS
ID: 35433294
Just tried NSLOOKUP and it returned the Domain Controller correctly.  I have both DNS servers listed in DNS and they too are correct.
0
 
LVL 17

Expert Comment

by:Sikhumbuzo Ntsada
ID: 35433328
is it working now?
0
 

Author Comment

by:WellingtonIS
ID: 35433392
no I still can't do NSLOOKUP

nslookup-error.png
0
 
LVL 17

Expert Comment

by:Sikhumbuzo Ntsada
ID: 35433479
If you have DNS, try putting one workstaion on DHCP so the server can recreate a new record for that PC and do nslookup, also update DNS records, Scavange stale records, clear cache.
0
 

Author Comment

by:WellingtonIS
ID: 35433509
cleared cache, scavanged stale records and flushdns on the workstation.  On DHCP I got the same error.
0
 
LVL 26

Expert Comment

by:Pber
ID: 35433846
Does it resolve other names in dns from the client?

You can try some debug.
Run:
 nslookup
  set d2


...this will turn debug on.  Now you can just enter the names you want to try and resolve and look at the output.  Try both known working lookups as well as the failing one.
Try just the name, fully qualified as well as fully qualified plus a "." at the end.

See this as well:
http://www.process.com/techsupport/multinet/787/44.html
0
 

Author Comment

by:WellingtonIS
ID: 35433958
here's a "stupid" question for you.  My dc is one of many in a Forest.  I have a top domain located in my Corp office in another location.  I'm starting to wonder if there's a bigger issue?
0
 

Author Comment

by:WellingtonIS
ID: 35433996
I'm quite sure how to run that command nslookup set d2 is this on one line?  or nslookup (enter) then set d2?
0
 

Author Comment

by:WellingtonIS
ID: 35434049
OK here' s what I got..

:\Users\wrmrosnei>nslookup
Default Server:  weldc001.wellington.uhsinc.biz
Address:  10.75.153.4

> set d2
> nslookup wrmdisdtest
------------
SendRequest(), len 29
    HEADER:
        opcode = QUERY, id = 2, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        wrmdisdtest, type = A, class = IN

------------
------------
Got answer (29 bytes):
    HEADER:
        opcode = QUERY, id = 2, rcode = SERVFAIL
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        wrmdisdtest, type = A, class = IN

------------
------------
SendRequest(), len 29
    HEADER:
        opcode = QUERY, id = 3, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        wrmdisdtest, type = AAAA, class = IN

------------
------------
Got answer (29 bytes):
    HEADER:
        opcode = QUERY, id = 3, rcode = SERVFAIL
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        wrmdisdtest, type = AAAA, class = IN

------------
*** Can't find address for server wrmdisdtest: Server failed
>
0
 
LVL 26

Expert Comment

by:Pber
ID: 35434215
You indicated you launched nslookup from the dns server and it resolves the wrmdisdtest record?  Is that the same server that this client is pointing to for dns?  i.e. weldc001

Have you tried doing an nslookup of:
wrmdisdtest.wellington.uhsinc.biz

Can you confrm that the record for wrmdisdtest actually exists in the zone via the DNS Management console?
0
 

Author Comment

by:WellingtonIS
ID: 35434339
Yes I have that record and I just  nslookup wrmdisdtest.wellington.uhsinc.biz and that worked?
0
 
LVL 26

Expert Comment

by:Pber
ID: 35434399
So
nslookup wrmdisdtest
doesn't work

nslookup wrmdisdtest.wellington.uhsinc.biz
does work?

If so, on the client you need to add a dns suffix to the TCP/IP properties of the client (if you are statically assigning the addresses) or you need to add the DNS name option in your DHCP (if you are using DHCP).
0
 

Author Comment

by:WellingtonIS
ID: 35434436
I have that too. in options Append these suffixes (in order)
Wellington.uhsinc.biz
corp.uhsinc.biz
uhsinc.biz
last two are my corp office.
also have both boxes checked register this connection's address in DNS
use this connection's DNS suffix in DNS Registration.
0
 
LVL 26

Expert Comment

by:Pber
ID: 35434457
What do you get when you do an ipconfig /all on the client?  What do you get for primary dns suffix and dns suffix search list?

Funny thing, when you did the debug output of the nslookup, you should have seen it trolling through all the different zones and we didn't.
0
 

Author Comment

by:WellingtonIS
ID: 35434539
The only one that appears if I do ipconfig /all is wellington.uhsinc.biz.
0
 
LVL 26

Expert Comment

by:Pber
ID: 35434549
Is this same behaviour happening on multple workstations, but always works when you do the same from the dns server itself?
0
 
LVL 26

Expert Comment

by:Pber
ID: 35434588
Just curious, when if you set the client TCP/IP (temporily) DNS Suffix for this connection to: wellington.uhsinc.biz

...and set the option to Append Primary and connection specific?

Can you resolve now?
0
 

Author Comment

by:WellingtonIS
ID: 35434626
No that doesn't work either
0
 
LVL 26

Expert Comment

by:Pber
ID: 35434653
Can you revert it back.

I want you to check the primary DNS suffix for this computer.  Tell me what it is:

To check (for XP):
Right click My Computer, select properties
Select the Computer Name tab
Click Change
Click More

For Vista/Windows 7
Right click computer, select properties
Click Change Settings (towards Bottom right)
Select the Computer Name tab
Click Change
Click More
0
 

Author Comment

by:WellingtonIS
ID: 35434723
wellington.uhsinc.biz  is the primary suffix DNs settings
0
 
LVL 26

Expert Comment

by:Pber
ID: 35435103
Can you post a debug (set d2) nslookup of the FQDN: wrmdisdtest.wellington.uhsinc.biz
0
 

Author Comment

by:WellingtonIS
ID: 35435539
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\wrmrosnei>nslookup wrmdisdtest.wellington.uhsinc.biz
Server:  weldc001.wellington.uhsinc.biz
Address:  10.75.153.4

Name:    wrmdisdtest.wellington.uhsinc.biz
Address:  10.75.152.249


C:\Users\wrmrosnei>nslookup wrmdisdtest
Server:  weldc001.wellington.uhsinc.biz
Address:  10.75.153.4

*** weldc001.wellington.uhsinc.biz can't find wrmdisdtest: Server failed

C:\Users\wrmrosnei>ipconfig /flushdns

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:\Users\wrmrosnei>ipconfig /registerdns

Windows IP Configuration

Registration of the DNS resource records for all adapters of this computer has b
een initiated. Any errors will be reported in the Event Viewer in 15 minutes.

C:\Users\wrmrosnei>nslookup wrmdisdtest
Server:  weldc001.wellington.uhsinc.biz
Address:  10.75.153.4

*** weldc001.wellington.uhsinc.biz can't find wrmdisdtest: Server failed

C:\Users\wrmrosnei>nslookup wrmdisdtest.wellington.uhsinc.biz
Server:  weldc001.wellington.uhsinc.biz
Address:  10.75.153.4

Name:    wrmdisdtest.wellington.uhsinc.biz
Address:  10.75.152.249


C:\Users\wrmrosnei>ipconfig /all |more

Windows IP Configuration

   Host Name . . . . . . . . . . . . : wrmdisd04
   Primary Dns Suffix  . . . . . . . : wellington.uhsinc.biz
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : wellington.uhsinc.biz

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controlle
r
   Physical Address. . . . . . . . . : 00-24-E8-3B-B7-40
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::458c:e7f3:54b:658c%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.75.152.34(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.254.0
   Default Gateway . . . . . . . . . : 10.75.152.254
   DHCPv6 IAID . . . . . . . . . . . : 234890472
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-94-51-F1-00-24-E8-3B-B7-40
   DNS Servers . . . . . . . . . . . : 10.75.153.4
                                       10.75.153.2
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{44C6F178-A0A8-40FC-951E-F1A90ACB180A}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes


C:\Users\wrmrosnei>nslookup
Default Server:  weldc001.wellington.uhsinc.biz
Address:  10.75.153.4

> set d2
> nslookup wrmdisdtest.wellington.uhsinc.biz
------------
SendRequest(), len 51
    HEADER:
        opcode = QUERY, id = 2, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        wrmdisdtest.wellington.uhsinc.biz, type = A, class = IN

------------
------------
Got answer (67 bytes):
    HEADER:
        opcode = QUERY, id = 2, rcode = NOERROR
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 1,  authority records = 0,  additional = 0

    QUESTIONS:
        wrmdisdtest.wellington.uhsinc.biz, type = A, class = IN
    ANSWERS:
    ->  wrmdisdtest.wellington.uhsinc.biz
        type = A, class = IN, dlen = 4
        internet address = 10.75.152.249
        ttl = 1200 (20 mins)

------------
------------
SendRequest(), len 51
    HEADER:
        opcode = QUERY, id = 3, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        wrmdisdtest.wellington.uhsinc.biz, type = AAAA, class = IN

------------
------------
Got answer (107 bytes):
    HEADER:
        opcode = QUERY, id = 3, rcode = NOERROR
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        wrmdisdtest.wellington.uhsinc.biz, type = AAAA, class = IN
    AUTHORITY RECORDS:
    ->  wellington.uhsinc.biz
        type = SOA, class = IN, dlen = 44
        ttl = 3600 (1 hour)
        primary name server = weldc001.wellington.uhsinc.biz
        responsible mail addr = hostmaster.wellington.uhsinc.biz
        serial  = 39387
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)

------------
Server:  wrmdisdtest.wellington.uhsinc.biz
Address:  10.75.152.249

------------
SendRequest(), len 26
    HEADER:
        opcode = QUERY, id = 4, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        nslookup, type = A, class = IN

------------
recvfrom: Result too large
SendRequest failed
------------
SendRequest(), len 26
    HEADER:
        opcode = QUERY, id = 5, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        nslookup, type = AAAA, class = IN

------------
recvfrom: Result too large
SendRequest failed
*** wrmdisdtest.wellington.uhsinc.biz can't find nslookup: No response from serv
er
>
0
 
LVL 26

Expert Comment

by:Pber
ID: 35435652
This seems to be totally client related.  When you supply the fqdn to the server, it works.  The client should be default append it's DNS suffixes when performing dns lookups.  I think we can defintely rule out the DNS server.  The client looks to be configured with DNS suffixes, but doesn't list them all in ipconfig as it should and is not appending when doing dns lookups.

Do you guys use IPv6?  Can that be unchecked from the TCP/IP bindings.  I don't think that is the issue, but if you aren't using, it couldn't hurt to unbind it.  Give that a try and test.

I'm leaning towards there may be something wrong with the TCP/IP stack for that NIC.  Why this same hehaviour would happen on multiple machines, I'm not sure why.  Possibly it the source image.  Once again I'm speculating.  

I would be tempted to just delete the NIC in device manager and then redetect and set it back up again and see if the problem persists.
0
 

Author Comment

by:WellingtonIS
ID: 35435750
All the clients???  I tried it on about 5 or 6 machines so far and the same thing.  Some are static IPs and some are DHCP.  It was working yesterday and today no.
No I don't use IP6 I'm actually the only one using windows 7.

Maybe I will try to delete the card on one machine and redo it.  Thanx for the advice.
0
 
LVL 26

Expert Comment

by:Pber
ID: 35435765
Any new domain policies implemented since yesterday?
Also are there any firewalls in play between your client and the dns server?
0
 

Author Comment

by:WellingtonIS
ID: 35436024
No new policies but windows updates humm pehaps that did it?  No firewall the domain controllers are here.
0
 
LVL 26

Expert Comment

by:Pber
ID: 35436155
0
 

Author Comment

by:WellingtonIS
ID: 35436212
the only thing is that registry entry for DNS client is Register Adapter Name and Search List, and default that entry isn't there.
0
 
LVL 26

Expert Comment

by:Pber
ID: 35436250
Can you run rsop.msc and look at the following locaiton:

Computer Configuration -> Administrative Templates -> Network -> DNS Client

Are there any settings controlled here be GPO?
0
 

Author Comment

by:WellingtonIS
ID: 35436252
Sorry about that, I added the entry with both the zero and the 1 - nothing is working.
0
 
LVL 26

Expert Comment

by:Pber
ID: 35440101
Any results from the rsop.msc?
0
 

Author Comment

by:WellingtonIS
ID: 35440118
Just about to run sorry.
0
 

Author Comment

by:WellingtonIS
ID: 35440139
the only thing that comes up with the DNS client is the search..
Primary DNS suffix: Wellington.uhsinc.biz
Search List:
wellington.uhsinc.biz, corp.uhsinc.biz, uhsinc.biz
Register DNS records with connection-specific DNS suffix enabled.
0
 
LVL 26

Expert Comment

by:Pber
ID: 35445176
So you have a GPO that controls the DNS suffixes?  If so, I wonder if you can prevent that computer from getting the GPO by moving to a different OU or however and see if a manually set DNS suffix works.  Bottom line  the client isn't appending the dns suffixes when it does a query to DNS.  If you use FQDN it works.  
0
 

Author Comment

by:WellingtonIS
ID: 35446905
OK I can set my test machine to a manual DNS suffix but should I set it to all 3?
0
 

Author Comment

by:WellingtonIS
ID: 35447012
Also and strange this happened 2 days ago.  Up until that point it was working fine.  I installed windows updates and rebooted the server.  Later that day it stopped working.
0
 

Accepted Solution

by:
WellingtonIS earned 0 total points
ID: 37796889
Please close as it's not resolved.
0
 

Author Closing Comment

by:WellingtonIS
ID: 38870813
please close this the issue is not resolved.
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question