Solved

DNS Server not functioning properly

Posted on 2016-10-20
9
47 Views
Last Modified: 2016-11-09
Ever since I changed my DHCP-DNS server and changed IP addresses it has not been able to get to the internet effectively.  I get a unable to connect to DNS error, if I refresh it a couple of time it will eventually come up. The Domain Controllers seem to be working correctly and I get no errors from them.  I have manually deleted all the old IP addresses from the forward Lookup Zones.  I know it's DNS problem because if I change the DNS to 8.8.8.8 on a local station it works fine.  

I have run the command _ldap._tcp.noam.reskit.com SRV service location:
and everything looks great, found both DNS server.  

The DNS Server is connected to my domain and active directory.  It worked fine until I moved the FSMO roles and changed the IP address of the DNS server
0
Comment
Question by:lcfrederickson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 10

Expert Comment

by:Muhammad Mulla
ID: 41852265
Check your forwarders. Have you changed ISP? it could be that you still have your old ISP's Forwarders setup in your DNS.

Get the DNS forwarders from your current ISP. Even if you haven't changed, it could be that they have changed their forwarder addresses and you might have missed the communication from them. Click on Edit and delete, add and reorder forwarding servers as required.
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 41852311
Use nslookup on a PC to see if the DNS servers are responding correctly (obviously, enter a few domain names to see if it looks up quickly, for both domain related, as well as internet based)
0
 

Author Comment

by:lcfrederickson
ID: 41852342
NS Lookup works fine.  My ISP has not changed but I probably should have mentioned that I have a SonicWall TZ600 SonicWall for a firewall between the ISP and my local network
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 26

Assisted Solution

by:DrDave242
DrDave242 earned 100 total points (awarded by participants)
ID: 41852366
What are you using for forwarders on your DNS server? Since 8.8.8.8 works when your internal machines use it as a DNS server, you can remove your existing forwarders and use it (and 8.8.4.4) as forwarders instead. Alternatively, you can remove all of your forwarders and use root hints.

Also, is there any chance your firewall is configured to only pass outbound DNS traffic from certain addresses? This is somewhat unusual, but I've run across it before in environments where strict control of external name resolution is needed.
0
 

Author Comment

by:lcfrederickson
ID: 41852614
The forward lookup zones are the Active Directory-integraged Primary, and standard primary for my domain.  The firewall configuration hasn't changed.

I added the 8.8.8.8 and 8.8.4.4 to the forwarders and removed the ip addresses of my DNS server.  How will that affect the group policy assignments on my domain?
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 41852693
How will that affect the group policy assignments on my domain?
I'm not sure what you mean. Changing the forwarders won't affect Group Policy at all, since that's processed inside the domain. The forwarders only come into play for resolving queries for names outside the domain.
0
 
LVL 10

Accepted Solution

by:
Muhammad Mulla earned 400 total points (awarded by participants)
ID: 41853573
Your own DNS servers shouldn't be in the Forwarders. As DrDave242 mentioned, Forwarders are not used for names inside the domain, hence your internal DNS servers don't need to be in there.
0
 

Author Comment

by:lcfrederickson
ID: 41853712
Thanks!!!  It seem to be working great!
0
 
LVL 10

Expert Comment

by:Muhammad Mulla
ID: 41880251
Author accepted answer.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question