• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 242
  • Last Modified:

Problems with DNS and DC at another location

Hi,

I have some trouble with our DNS-servers and DC's.

We have two locations (A and B). Location A contains 3 DC/DNS servers and this is the primary location. Location B has 1 RODC/DNS and is our secondary site. These two locations are connected through a VPN tunnel.

When users from location A travels to location B and start up their laptop, they can't connect to any servers at location A and when I run the command "echo %logonserver%" I can see that they connect to a DC at location A.

I can ping all the servers at location A from the laptop at location B by IP, but not with the FQDN.

When I run a NSLOOKUP at location B against a server at location A, it gives me the FQDN and IP for the server. The DNS-servername is unknown though, but it gives me the IP of the DNS server at location B.

What is wrong?? :)
0
Sum Wum
Asked:
Sum Wum
1 Solution
 
ChrisCommented:
have you got any reverse zones setup for that IP range that will sort out the server name part

how it the DNS server in site B setup?

is it just part of the DNS zone.
check the recursive test on it to make sure that it can resolve name.

you can then enable debugging on there to to start seeing any error on the DNS lookups
0
 
Jeremy WeisingerSenior Network Consultant / EngineerCommented:
Have you run any nslookup queries against your RODC? If it's an AD-integrated zone, run repadmin /showrepl and verify the zone has been replicated successfully.
0
 
DrDave242Commented:
You may have more than one issue going on here.

...when I run the command "echo %logonserver%" I can see that they connect to a DC at location A.
Does this only affect traveling users whose "home base" is location A, or does it also affect users who are permanently at location B (if there are such users)? If everyone is affected, make sure your IP subnets are correctly associated with the corresponding site objects in AD Sites and Services. If only traveling users are affected, have you configured the Password Replication Policy to allow those users' credentials and the credentials of their laptops to be cached on the RODC? If not, they'll always use a writable DC for authentication.

Are you sure that nslookup resolves FQDNs correctly but ping does not when using the same DNS server? If so, that's certainly odd. Those two methods use different resolvers, but generally if one works, the other does too.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now