Solved

Where are A records store for Non domain joined computers in server 2008?

Posted on 2014-03-06
8
343 Views
Last Modified: 2014-03-12
Hi there,
I was recently troubleshooting an issue with DHCP not doing dynamic updates and with help from here fixed it!
While I was troubleshooting it occurred to me I don't know where A records are store in server 2008 DNS for non domain joined devices.  Such as phones, apply computers etc.  
I have looked through DNS and am not sure these records are even just cached locally.  I was looking at my computer from home's A record and couldn't find it when it occurred to me that I was looking in the company zone.  Anybody know where they are?
0
Comment
Question by:shaunwoy
  • 3
  • 3
  • 2
8 Comments
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39911403
It all depends on how you've configured DHCP to handle dynamic updates. The DHCP client may handle dynamic updates, or the DHCP server. Or nothing, in which case no A records would be created automatically and thus would not be "stored" anywhere.

DHCP and DNS are completey independent services. Don't confuse the two. While they are complementary when it comes to system management, neither has a dependency on the other, and ultimately DNS records only exist if someone/something creates them. So by user, or by dynamic updates, or by another automated process (scripting, etc). But DNS records (A or otherwise) won't just appear. Their creation is initiated by another process. Always.

-Cliff
0
 

Author Comment

by:shaunwoy
ID: 39911564
Thanks for your comment Cliff.
When we bring in non domain laptops and phones, they get a DHCP allocated IP address.  When I bring my laptop in, I can ping it from company devices by name and it resolves to IP.

So there is an A record somewhere.

We do have dynamic updates configured in DHCP, and it does create A records for Domain joined devices in the Domain zone.  So where would I find my non domain joined laptops A record?  It isn't in the company's domain forward lookup zone.  I wouldn't have thought it would be, but where is it?
Thanks,
Shaun
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 39911575
Ping does not verify that there is an A record. Use nslookup to check for that. Your ping can still be successful because DNS is not the only method windows will use.NetBIOS broadcasts, WINS, or even IPv6 can all explain a successful ping without a DNS record in sight.
0
 

Author Comment

by:shaunwoy
ID: 39911654
Thanks for the reply Cliff.
But I don't really get how to test where the name to IP resolution is coming from still.
I had already tried nslookup, using the default domain controller and it doesn't know about my laptop name for example. Are you saying that is proof there are no A records in our domain other than the domain joined device A records or at least for that particular laptop?  Are there likely to be A records for anything else in Microsoft Server 2008 DNS? If so, where are they?
If my non domain joined laptop name is being resolved by NetBIOS or WINS then how would I prove that? If I can then I can further troubleshoot why dynamic updates in DHCP isn't giving my laptop an A record in DNS as I am hoping for.
Thanks,
Shaun
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 35

Expert Comment

by:Mahesh
ID: 39911655
Active directory integrated DNS is accepting only secure or non secure dynamic updates

DHCP can register host (A) records and PTR  records on behalf of client computers that supports dynamic update and also can register host (A) records for hosts that do not support dynamic registration of Host(A) and PTR records (Ex: WinNT, Win98)

The DHCP and DNS is closely integrated with each other

DHCP advanced DNS options
Remember those machines who authenticates with active directory will get their Host(A) records and PTR records registered in DNS, that's how ad integrated DNS works
This applicable to static and dynamic IP both
If you are using dynamic IP, then DHCP can take care of that

Incase of devices (Printers, scanners, IP Phones) which getting dynamic IP from DHCP but do not authenticate with active directory won't get register their host (A) records in DNS

Check below link for more details
http://www.experts-exchange.com/Networking/Protocols/DNS/Q_28379478.html
http://www.experts-exchange.com/Networking/Protocols/DHCP/Q_28375413.html

Mahesh
0
 
LVL 56

Accepted Solution

by:
Cliff Galiher earned 250 total points
ID: 39911671
If nslookup is not returning results then yes, barring a botched command typo, it means your DNS server has no matching record. Thus another lookup type is returning the address that ping is using, such as netbt or hosts/lambasts file, Just to stress again, ping is NOT intended to test DNS, or lookups at all. It is meant to test connectivity.

You can see if NetBIOS is responsible for your IP lookup succeeding with the nbtstat command. But to me, this would be more for peace of mind than anything, you've already used nslookup AND looked at your DNS server and haven't seen these rogue records, so it seems all that is as expected..
0
 
LVL 35

Assisted Solution

by:Mahesh
Mahesh earned 250 total points
ID: 39911742
if you ping your laptop hostname which is non domain joined, I guess it will be just resolved to IP and it will be not resolved to laptop FQDN 1st

In contrast, if you ping any computer that is domain joined, it will 1st resolves to its DNS host(A) record FQDN and then you will get ping reply

What important is when you hit ping, 1st query goes to your preferred DNS server, if it found matching host(A) record, it will resolve to that

The former name resolution is due to NetBIOS broad cast within same VLAN \ same network where NetBIOS broadcasting is allowed.
But if you cross your network boundary, from remote site you will probably do not get name resolution for single label names in your network unless you have Host(A) record registered in DNS

Mahesh
0
 

Author Closing Comment

by:shaunwoy
ID: 39925245
Thanks heaps for that Cliff and Mahesh.  That answers it and I have had a go too. Thanks,
Shaun
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Recently, I was asked to look into SCCM 2007 by my employer, having a degree of experience of earlier versions of SMS and some previous SCCM knowledge I didn't expect the procedure to involve to much time. I read a number of guides concerning it…
A procedure for exporting installed hotfix details of remote computers using powershell
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now