Solved

nslookup for internal domain name returns invalid IP address

Posted on 2014-01-03
5
1,341 Views
Last Modified: 2014-05-08
After upgrading our domain from Windows 2003 to Windows 2008, nslookup returns the correct IP addresses of our domain controllers, but also one invalid IP (10.22.60.0) which is the network ID for an entire class C private subnet at our data center.

There is also a Host (A) record with the same IP address in DNS called (same as parent folder) and a Timestamp of 'static'.

Has anyone seen this before?  Can it be corrected by merely deleting the Host (A) record from DNS?
0
Comment
Question by:PankowIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 6

Assisted Solution

by:insidetech
insidetech earned 167 total points
ID: 39754058
If I understand this correctly, you do have an A record with this invalid IP?

Yes you can delete it and also flush the DNS.
0
 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 166 total points
ID: 39754147
We had the exact same issue in our environment a couple years back. Not sure how it got there but it was creating issues when we were doing ldap queries using the FQDN rather than point to an individual DC. The issue at the time was it was timing out because the query would work from top to bottom 192.168.1.0 was at the top.

Make sure that it does not resolve to anything and then you can simply delete it. This is also stating "same as parent folder" because it is listed as a Name server.

Will.
0
 
LVL 17

Accepted Solution

by:
WORKS2011 earned 167 total points
ID: 39755031
from an elevated command prompt run dcdiag /test:DNS and post the results.

Can it be corrected by merely deleting the Host (A) record from DNS?
short answer yes, to be safe run the test above first.
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39755538
You can take backup of DNS and delete the invalid record. Restart the dns and netlogon service and run ipconfig /flushdns and ipconfig /registerdns and check. You also need to ensure correct dns setting as below.

Best practices for DNS client settings on DC and domain members.
http://abhijitw.wordpress.com/2012/03/03/best-practices-for-dns-client-settings-on-domain-controller/

For DNS backup see this
http://social.technet.microsoft.com/Forums/windowsserver/en-US/6409b8d5-da43-41f6-83ba-f706a6422dcc/dns-manual-backup?forum=winserverDS
0
 

Author Comment

by:PankowIT
ID: 39765617
Here are results of the dcdiag /test:DNS


Directory Server Diagnosis
Performing initial setup:
   Trying to find home server...
   Home Server = norcal-dc1
   * Identified AD Forest.
   Done gathering initial info.
Doing initial required tests
   Testing server: AreaZero\NORCAL-DC1
      Starting test: Connectivity
         ......................... NORCAL-DC1 passed test Connectivity
Doing primary tests
   Testing server: AreaZero\NORCAL-DC1
      Starting test: DNS
         DNS Tests are running and not hung. Please wait a few minutes...
         ......................... NORCAL-DC1 passed test DNS
   Running partition tests on : ForestDnsZones
   Running partition tests on : DomainDnsZones
   Running partition tests on : Schema
   Running partition tests on : Configuration
   Running partition tests on : pankow
   Running enterprise tests on : pankow.com
      Starting test: DNS
         Test results for domain controllers:
            DC: norcal-dc1.pankow.com
            Domain: pankow.com
               TEST: Dynamic update (Dyn)
                  Warning: Failed to delete the test record dcdiag-test-record in zone pankow.com
               norcal-dc1                   PASS PASS PASS PASS WARN PASS n/a  
         ......................... pankow.com passed test DNS
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question