Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How do I locate all DNS servers?

Posted on 2013-01-08
20
Medium Priority
?
317 Views
Last Modified: 2013-01-08
While adding a new 2008 R2 DC the message displayed during my DNS and Global Catalog choices that there were 2 DNS servers in our Domain.  However, that isn't the case.  The new DC that I'm building actually re-building was previously a DNS server, however it was properly demoted and removed from the domain before re-build.  

I ran a scan using WSPing Pro and it only shows 1 DNS server.

So is the Windows message and error or do I have a rogue DNS server?  How do I verify?
0
Comment
Question by:J.R. Sitman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 11
  • 3
  • 3
  • +3
20 Comments
 
LVL 3

Expert Comment

by:costanos
ID: 38755747
What shows up when you run NSlookup in CMD?
0
 
LVL 10

Expert Comment

by:George Khairallah
ID: 38755749
Perhaps you can try doing it with nslookup?
nslookup
Set type=NS
contoso.com

Open in new window

0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 38755752
You can use nslookup


nslookup
set type = NS
Your domain name

Look on the name servers tab in DNS and look for entries for the old box in DNS.

Thanks

Mike
0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 

Author Comment

by:J.R. Sitman
ID: 38755781
when I run NSlookup I get "default server unknown 172.17.1.30".  which was the old DNS server that was removed but has now been added back in with the same IP and it is now a DNS server again
0
 

Author Comment

by:J.R. Sitman
ID: 38755790
if I run it from the new DNS server I get the same results but with the ip address of the other DNS server.
0
 
LVL 10

Expert Comment

by:George Khairallah
ID: 38755798
Is your DNS configuration of that server correct?
Have you verified that this DNS server is functioning?
What is your ipconfig on your workstation like? are you able to resolve (forward and reverse) the name/IP of that server from your workstation?
If you can't, then you need to address that issue to make sure that is working.
0
 
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 38755966
make sure you have setup DNS correctly in your env follow below best practices

Best practices for DNS client settings on DC and domain members.
http://abhijitw.wordpress.com/2012/03/03/best-practices-for-dns-client-settings-on-domain-controller/

Also run dcdiag /test:dns to check the DNS issue on the dc
0
 

Author Comment

by:J.R. Sitman
ID: 38755967
DNS settings verified.
Yes DNs is working.  No problems
ipconfig from the workstation shows the proper DNS servers and DHCP server

So as far as I can tell there isn't a problem, that I can see
0
 

Author Comment

by:J.R. Sitman
ID: 38755989
OK.  I'll post later.  Got to get to a meeting
0
 

Author Comment

by:J.R. Sitman
ID: 38756949
when I run dcdiag /test:dns I get unrecognized command.  I get the same thing if I run ipconfig /flushdns
0
 
LVL 27

Expert Comment

by:DrDave242
ID: 38756994
You get "unrecognized command" when you run ipconfig /flushdns?  If that's the case, something's gone very wrong.

Wait, you're not still in nslookup, are you?  If so, type exit and try again from the normal command prompt.
0
 
LVL 10

Expert Comment

by:George Khairallah
ID: 38757025
Also, when you're doing these commands, you might want to open the command prompt with elevated privileges.
ipconfig /flushdns will work with normal privilege, but, ipconfig /registerdns won't.
0
 

Author Comment

by:J.R. Sitman
ID: 38757109
yep was still in nslookup.  Attached are the results.  It is trying to find a DNS server that has been gone at least 2 years spcala02
dnsfail.jpg
0
 
LVL 27

Expert Comment

by:DrDave242
ID: 38757177
Open the DNS console on one of your DNS servers, right-click your domain's forward lookup zone, and select Properties.  What's listed in the Name Servers tab?  (Check any other forward lookup zones you've got too.)
0
 

Author Comment

by:J.R. Sitman
ID: 38757207
There are 3 forward lookup zones.  see attached.  In all three the only DNS server listed is the one that was removed two weeks ago and then added back today.  I used the same server name and IP address when adding it back to the domain
dnsforward.jpg
0
 

Author Comment

by:J.R. Sitman
ID: 38757251
I just did ipconfig /all from a workstation and it has all the correct servers. DNS/DHCP
0
 
LVL 27

Accepted Solution

by:
DrDave242 earned 1600 total points
ID: 38757263
I just noticed that the failure occurs in the Delegations test.  Given your zone setup, there's probably only one delegation present, and that's for the _msdcs.LASPCA.CORP zone.  However, the delegation record itself will be inside the LASPCA.CORP forward lookup zone.  Open that zone and look for a record named _msdcs.  It should look like a grayed-out folder.  Right-click that record and select Properties.  In the Name Servers tab of the properties window, I'm guessing the bogus server will be listed.  If so, remove it from the list.
0
 

Author Comment

by:J.R. Sitman
ID: 38757273
yep it was.  I'll rerun the test.
0
 

Author Comment

by:J.R. Sitman
ID: 38757291
The initial rogue DNS server is gone but the other errors are still there.  I'll award the points for this and open a new case.  Please watch for it.  You obviously know what you're doing.

Thanks
0
 

Author Closing Comment

by:J.R. Sitman
ID: 38757294
thanks
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question