Solved

How do I locate all DNS servers?

Posted on 2013-01-08
20
310 Views
Last Modified: 2013-01-08
While adding a new 2008 R2 DC the message displayed during my DNS and Global Catalog choices that there were 2 DNS servers in our Domain.  However, that isn't the case.  The new DC that I'm building actually re-building was previously a DNS server, however it was properly demoted and removed from the domain before re-build.  

I ran a scan using WSPing Pro and it only shows 1 DNS server.

So is the Windows message and error or do I have a rogue DNS server?  How do I verify?
0
Comment
Question by:J.R. Sitman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 3
  • 3
  • +3
20 Comments
 
LVL 3

Expert Comment

by:costanos
ID: 38755747
What shows up when you run NSlookup in CMD?
0
 
LVL 10

Expert Comment

by:George Khairallah
ID: 38755749
Perhaps you can try doing it with nslookup?
nslookup
Set type=NS
contoso.com

Open in new window

0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 38755752
You can use nslookup


nslookup
set type = NS
Your domain name

Look on the name servers tab in DNS and look for entries for the old box in DNS.

Thanks

Mike
0
Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

 

Author Comment

by:J.R. Sitman
ID: 38755781
when I run NSlookup I get "default server unknown 172.17.1.30".  which was the old DNS server that was removed but has now been added back in with the same IP and it is now a DNS server again
0
 

Author Comment

by:J.R. Sitman
ID: 38755790
if I run it from the new DNS server I get the same results but with the ip address of the other DNS server.
0
 
LVL 10

Expert Comment

by:George Khairallah
ID: 38755798
Is your DNS configuration of that server correct?
Have you verified that this DNS server is functioning?
What is your ipconfig on your workstation like? are you able to resolve (forward and reverse) the name/IP of that server from your workstation?
If you can't, then you need to address that issue to make sure that is working.
0
 
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 38755966
make sure you have setup DNS correctly in your env follow below best practices

Best practices for DNS client settings on DC and domain members.
http://abhijitw.wordpress.com/2012/03/03/best-practices-for-dns-client-settings-on-domain-controller/

Also run dcdiag /test:dns to check the DNS issue on the dc
0
 

Author Comment

by:J.R. Sitman
ID: 38755967
DNS settings verified.
Yes DNs is working.  No problems
ipconfig from the workstation shows the proper DNS servers and DHCP server

So as far as I can tell there isn't a problem, that I can see
0
 

Author Comment

by:J.R. Sitman
ID: 38755989
OK.  I'll post later.  Got to get to a meeting
0
 

Author Comment

by:J.R. Sitman
ID: 38756949
when I run dcdiag /test:dns I get unrecognized command.  I get the same thing if I run ipconfig /flushdns
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 38756994
You get "unrecognized command" when you run ipconfig /flushdns?  If that's the case, something's gone very wrong.

Wait, you're not still in nslookup, are you?  If so, type exit and try again from the normal command prompt.
0
 
LVL 10

Expert Comment

by:George Khairallah
ID: 38757025
Also, when you're doing these commands, you might want to open the command prompt with elevated privileges.
ipconfig /flushdns will work with normal privilege, but, ipconfig /registerdns won't.
0
 

Author Comment

by:J.R. Sitman
ID: 38757109
yep was still in nslookup.  Attached are the results.  It is trying to find a DNS server that has been gone at least 2 years spcala02
dnsfail.jpg
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 38757177
Open the DNS console on one of your DNS servers, right-click your domain's forward lookup zone, and select Properties.  What's listed in the Name Servers tab?  (Check any other forward lookup zones you've got too.)
0
 

Author Comment

by:J.R. Sitman
ID: 38757207
There are 3 forward lookup zones.  see attached.  In all three the only DNS server listed is the one that was removed two weeks ago and then added back today.  I used the same server name and IP address when adding it back to the domain
dnsforward.jpg
0
 

Author Comment

by:J.R. Sitman
ID: 38757251
I just did ipconfig /all from a workstation and it has all the correct servers. DNS/DHCP
0
 
LVL 26

Accepted Solution

by:
DrDave242 earned 400 total points
ID: 38757263
I just noticed that the failure occurs in the Delegations test.  Given your zone setup, there's probably only one delegation present, and that's for the _msdcs.LASPCA.CORP zone.  However, the delegation record itself will be inside the LASPCA.CORP forward lookup zone.  Open that zone and look for a record named _msdcs.  It should look like a grayed-out folder.  Right-click that record and select Properties.  In the Name Servers tab of the properties window, I'm guessing the bogus server will be listed.  If so, remove it from the list.
0
 

Author Comment

by:J.R. Sitman
ID: 38757273
yep it was.  I'll rerun the test.
0
 

Author Comment

by:J.R. Sitman
ID: 38757291
The initial rogue DNS server is gone but the other errors are still there.  I'll award the points for this and open a new case.  Please watch for it.  You obviously know what you're doing.

Thanks
0
 

Author Closing Comment

by:J.R. Sitman
ID: 38757294
thanks
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question