DNS Operation refused event every 15 Minutes

Hello,

This environment has a three node SQL cluster running Server 2012.  There are also three resources on this cluster:
DTC
OLTP
SSAS

Every 15 minutes I am seeing event ID 1196 recorded for each resource:
(Cluster network name resource '...dtc' (oltp or ssas) failed registration of one or more associated DNS name(s) for the following reason:
DNS operation refused.

Ensure that the network adapters associated with dependent IP address resources are configured with at least one accessible DNS server.)

I have found several articles online regarding this but none have lead to a resolution.  So far I have tried the following:
- Set the DNS permissions for each cluster resource A record so that the resource, SQL service account, cluster node, and cluster accounts have full control.
- Set Authenticated Users to have Write permissions against the A record.
- Verified that the host server has the proper DNS servers configured for the interface team used for the cluster resource.
- Verified connectivity to the DNS servers from the interface listed above.

Any help is greatly appreciated.

Thanks!
LVL 4
advserverAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Kevin CrossConnect With a Mentor Chief Technology OfficerCommented:
Hi.  I suspect the issue is you are not allowing dynamic registrations but the network card is set to "Register this connection's addresses in DNS."  Open Properties of NIC > IP Properties > Advanced > DNS, uncheck the aforementioned option.
0
 
advserverAuthor Commented:
Thanks Kevin.  we did have dynamic registrations enabled so I did not want to just disable it on the nics because there had to be an underlining issue.

After further investigation I found that one of the DC's had a corrupt AD database.   it just so happened that each of the cluster nodes had this DC listed as the first DNS server.  I specified another DC to be the first DNS server and that resolved the errors in event viewer for each node.

Investigating the AD corruption I found that it went back several months so I decommissioned the DC and built a new system as a replacement.

I will still give you the points because of your help but that was not the resolution.

Thanks!
0
 
advserverAuthor Commented:
I've requested that this question be closed as follows:

Accepted answer: 0 points for advserver's comment #a39783472
Assisted answer: 500 points for mwvisa1's comment #a39779886

for the following reason:

Please see my note for the resolution.
0
 
Kevin CrossChief Technology OfficerCommented:
I am glad you found it.  In some shops, the dynamic registration is refused at the server on purpose; therefore, I started with that.  However, you are correct to seek a root cause on the DC if there was no explicit intent to refuse registrations.  Again, good find and thank you for sharing with others in case they run into the same situation.

Respectfully yours,

Kevin
0
All Courses

From novice to tech pro — start learning today.