Weird DNS Issues



  • I started having weird DNS issues today. Those who have helped me here know that I went through a solo migration recently. Due to my time needed on other projects, I've yet to complete the final steps on our Domain Controller / DNS server migration. But I do plan on accelerating that to later this week or weekend.

    Here's what is going on. I get calls this morning about users who could log in, get POP3 email and internet but all of their drive mappings were dead. Several users were able to reconnect after a few reboots.

    When I got to the office, I went to someone who was yet reconnected. He was able to go to the IP address of the server but not the DNS name. I went into his network settings and set his preferred DNS server to the new Domain Controller / DNS Server, rebooted and he was fine.

    Keep in mind on this next step that we do not currently use DHCP (but plan to.) Some users have static IP's due to some past frequent IP conflicts. And much of those users had this problem today. Their preferred DNS server was the old server. So I changed it to the new server and rebooted. Still no drive connections, so I am guessing replication hadn't taken place? (I assuming they replicate in their current shared state (though the new DC is the primary DC now.) So, on these users and I took them off a static, set the DNS to the new server, rebooted and they were fine.

    So, what is going on at the moment? I've never had a DNS issue of this magnitude. I am assuming it is because the old server is still the primary DNS server.

    Thanks everyone...



  • Did you power off the old DNS server?



  • Yes. Having the old machine as the DNS primary could introduce fragility if replication had an issue.



  • @garak0410 said:

    So, on these users and I took them off a static, set the DNS to the new server, rebooted and they were fine.

    So, what is going on at the moment? I've never had a DNS issue of this magnitude. I am assuming it is because the old server is still the primary DNS server.

    You took them off Static IPs, but then put them back on a static DNS ? why? isn't your DHCP server giving out the new DNS server as the primary?

    If you powered down the old server, and your client machines that were statically assigned did not have a secondary address of a working DNS server, then yes, those clients would have problems.



  • @garak0410 said:

    When I got to the office, I went to someone who was yet reconnected. He was able to go to the IP address of the server but not the DNS name. I went into his network settings and set his preferred DNS server to the new Domain Controller / DNS Server, rebooted and he was fine.

    That's good news

    ... Their preferred DNS server was the old server. So I changed it to the new server and rebooted.

    When you say no drive connections, did you try pinging the name of the server and see if you received any resolution?
    Also, how are the drives mapped? GPO, logon script, manually?



  • really i'm facing your very same problem exactly, before everything was fine (no DNS issues), but as soon as i add new DC into domain in my branch office, i start having those kind of problem as you mentioned, these days i'm having difficult time, the domain is not stable at all, i neither get additional working nor the domain stability i got before,

    i hope these problems come to an end



  • Quick update...seems to be isolated to our file server...it has a physical name and a CNAME and when these certain users have the problems, they can only get to the server by IP Address. Like right now, I can access the file sever by both names. I have a single user (currently) who can only access it by IP address.



  • and you've tried ipconfig /release /renew /flushdns /registerdns on these that you were having probs with?



  • @Hubtech said:

    and you've tried ipconfig /release /renew /flushdns /registerdns on these that you were having probs with?

    All but RegisterDNS...I will try that. Currently, I have three users I cannot resatore.

    And on my new DC/DNS server, this is what it shows under DNS Events:

    From Yesterday: SERVERNAME 4015 Error Microsoft-Windows-DNS-Server-Service DNS Server 5/20/2014 7:39:14 AM The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.

    From Today: SERVERNAME 4013 Warning Microsoft-Windows-DNS-Server-Service DNS Server 5/21/2014 6:38:37 AM - The DNS server is waiting for Active Directory Domain Services (AD DS) to signal that the initial synchronization of the directory has been completed. The DNS server service cannot start until the initial synchronization is complete because critical DNS data might not yet be replicated onto this domain controller. If events in the AD DS event log indicate that there is a problem with DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet Protocol properties of this computer. This event will be logged every two minutes until AD DS has signaled that the initial synchronization has successfully completed.

    And Again, this is only happening to the DNS (CNAME) of our FILESERVER...all other DNS name resolutions are working fine. I wanted to avoid rebooting the file server but wonder if it could help?



  • So on a user's system when it is failing, what is an nslookup of the A and CNAMEs returning?



  • @scottalanmiller said:

    So on a user's system when it is failing, what is an nslookup of the A and CNAMEs returning?

    What is the preferred syntax to check the A and CNAME with NSLOOKUP? Thanks....



  • Even more simple than an NSLookup... what does IPconifg /all return on a computer that is having problems?



  • @Dashrender said:

    Even more simple than an NSLookup... what does IPconifg /all return on a computer that is having problems?

    Even though DHCP is off on old and new DC/DNS server, it does contain info there...

    One of the PC's that cannot resolve the name to the FILESERVER shows:

    DHCP Server: Old DC
    DNS Server: New DC
    Primary WINS Server: Old PC

    On my PC (Which is on Windows 8.1), doesn't return DHCP or WINS server info...and I've never had the DNS problem.

    Keep in mind, this PC and resolve all other server and PC names EXCEPT the FILESERVER.



  • @garak0410 said:

    @Dashrender said:

    Even more simple than an NSLookup... what does IPconifg /all return on a computer that is having problems?

    Even though DHCP is off on old and new DC/DNS server, it does contain info there...

    One of the PC's that cannot resolve the name to the FILESERVER shows:

    DHCP Server: Old DC
    DNS Server: New DC
    Primary WINS Server: Old PC

    On my PC (Which is on Windows 8.1), doesn't return DHCP or WINS server info...and I've never had the DNS problem.

    Keep in mind, this PC and resolve all other server and PC names EXCEPT the FILESERVER.

    Also, on a PC that is working and where I manually set the preferred DNS to the new DC and made the alternate the old DC, he also shows DHCP from the OLD DC.

    I've really had no real solutions...just Band-Aids to get people up.



  • @garak0410 said:

    @scottalanmiller said:

    So on a user's system when it is failing, what is an nslookup of the A and CNAMEs returning?

    What is the preferred syntax to check the A and CNAME with NSLOOKUP? Thanks....

    Just....

    nslookup aname
    nslookup CNAME

    Where aname and CNAME are the host names. There is no further syntax.



  • Did I see that you have two DHCP servers running? There should be only one.



  • @scottalanmiller said:

    @garak0410 said:

    @scottalanmiller said:

    So on a user's system when it is failing, what is an nslookup of the A and CNAMEs returning?

    What is the preferred syntax to check the A and CNAME with NSLOOKUP? Thanks....

    Just....

    nslookup aname
    nslookup CNAME

    Where aname and CNAME are the host names. There is no further syntax.

    On PC's that had no problem or had a problem, they either NSLOOKUP ANAME or CNAME to the old or new DNS server...and they all end with can't find cname: Non-existent domain (same with aname)



  • I noticed on the new DC/DNS server, under the reverse lookup ZONE properties, under NAME SERVERS, the new DC/DNS server shows UNKNOWN...OK to update it?



  • @garak0410 said:

    @scottalanmiller said:

    @garak0410 said:

    @scottalanmiller said:

    So on a user's system when it is failing, what is an nslookup of the A and CNAMEs returning?

    What is the preferred syntax to check the A and CNAME with NSLOOKUP? Thanks....

    Just....

    nslookup aname
    nslookup CNAME

    Where aname and CNAME are the host names. There is no further syntax.

    On PC's that had no problem or had a problem, they either NSLOOKUP ANAME or CNAME to the old or new DNS server...and they all end with can't find cname: Non-existent domain (same with aname)

    Sounds like you don't have your search domains defined and you are skipping the FQDN and are trying to use short names.



  • I agree with Scott, you're using short name instead of FQDN (Fully Qualified Domain Names). It's something that started back in the NT days with NetBIOS. You really should replace all \servername\sharename with \severname.domainname.com\sharename

    for your nslookup try 'nslookup olddc.domainname.com' or nslookup newdc.domainname.com



  • Would you please post the exact output from ipconfig /all from a working and non working machine

    should look like the follwing (you can change the same things I did if you want to hide your domain from us).

    U:>ipconfig /all

    Windows IP Configuration

    Host Name . . . . . . . . . . . . : om1290d2
    Primary Dns Suffix . . . . . . . : domainname.net <- changed to protect
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : domainname.net <- changed to protect

    Ethernet adapter Tripwire Tunnel Connection:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Tripwire TAP Network Adapter
    Physical Address. . . . . . . . . : 00-FF-CD-xx-xx-xx ** <- changed to protect**
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Ethernet adapter vEthernet (New Virtual Switch):

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter #2
    Physical Address. . . . . . . . . : F0-92-1C-xx-xx-xx <- changed to protect
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    Link-local IPv6 Address . . . . . : fe80::4d7d:7ce2:b72c:eb60%9(Preferred)
    IPv4 Address. . . . . . . . . . . : 172.16.1.9(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 172.16.1.254
    DHCPv6 IAID . . . . . . . . . . . : 183538204
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-7B-00-80-F0-92-1C-DD-55-A8

    DNS Servers . . . . . . . . . . . : 172.16.1.19
    172.16.1.245
    NetBIOS over Tcpip. . . . . . . . : Enabled

    Tunnel adapter isatap.{F24F29C3-326D-xxxx-xxxx-xxxxxxxxxxxx}: <- changed to protect

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes



  • This is from a PC that never lost it's naming to the FILESERVER:

    Windows IP Configuration

    Host Name . . . . . . . . . . . . : accounting01
    Primary Dns Suffix . . . . . . . : domainname.local
    Node Type . . . . . . . . . . . . : Broadcast
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : domainname.local

    Ethernet adapter Local Area Connection:

    Connection-specific DNS Suffix . : pinnstr.local
    Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
    Physical Address. . . . . . . . . : 00-30-67-xx-xx-xx
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    Link-local IPv6 Address . . . . . : fe80::d80:7b35:xx(Preferred)
    IPv4 Address. . . . . . . . . . . : xx.xx.xx.xx(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Lease Obtained. . . . . . . . . . : Wednesday, May 21, 2014 8:00:34 AM
    Lease Expires . . . . . . . . . . : Thursday, May 29, 2014 8:00:01 AM
    Default Gateway . . . . . . . . . : 10.xx.xx.xx (our firewall)
    DHCP Server . . . . . . . . . . . : 10.xx.xx.xx (old DC/DNS server)
    DHCPv6 IAID . . . . . . . . . . . : 234893415
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-8D-07-0C-00-30-67-61-63-9C

    DNS Servers . . . . . . . . . . . : 10.xx.xx.xx (new DC/DNS Server)
    10.xx.xx.xx (old DC/DNS server)
    Primary WINS Server . . . . . . . : 10.xx.xx.xx (old DC/DNS server)
    NetBIOS over Tcpip. . . . . . . . : Enabled

    Tunnel adapter isatap.domainname.local:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . : domainname.local
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    From a PC I had problems with today (and still do):

    Windows IP Configuration

    Host Name . . . . . . . . . . . . : estimating02
    Primary Dns Suffix . . . . . . . : domainname.local
    Node Type . . . . . . . . . . . . : Broadcast
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : domainname.local

    Ethernet adapter Local Area Connection:

    Connection-specific DNS Suffix . : domainname.local
    Description . . . . . . . . . . . : Intel(R) 82566DM-2 Gigabit Network Connec
    tion
    Physical Address. . . . . . . . . : 00-1E-4F-xx-xx-xx
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    Link-local IPv6 Address . . . . . : fe80::3156:295c:xx(Preferred)
    IPv4 Address. . . . . . . . . . . : 10.xx.xx.xx(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Lease Obtained. . . . . . . . . . : Tuesday, May 13, 2014 3:14:11 PM
    Lease Expires . . . . . . . . . . : Thursday, May 29, 2014 9:55:01 AM
    Default Gateway . . . . . . . . . : 10.xx.xx.xx (firewall)
    DHCP Server . . . . . . . . . . . : 10.0.0.16 (old DC/DNS server)
    DHCPv6 IAID . . . . . . . . . . . : 234888783
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-61-xx-xx-xx-xx-xx-xx-xx-xx

    DNS Servers . . . . . . . . . . . : 10.xx.xx.xx(new DC/DNS server)
    Primary WINS Server . . . . . . . : 10.xx.xx.xx (old DC/DNS server)
    NetBIOS over Tcpip. . . . . . . . : Enabled

    Tunnel adapter isatap.domainname.local:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . : domainname.local
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes



  • See the search name in the working one? That is missing in the not working one I think.



  • @scottalanmiller said:

    See the search name in the working one? That is missing in the not working one I think.

    I see it in both.

    Is there any clue as to why this is ONLY name resolution problems to the fileserver and nothing else?



  • Can't think of anything. If every setting is the same.



  • @garak0410 said:

    Is there any clue as to why this is ONLY name resolution problems to the fileserver and nothing else?

    Host files, LMHOST files If the other servers are answering to NetBIOS over IP calls where the new file server won't.

    My biggest guess is the last one.. Windows 2012 server might not be resolving NetBIOS names any more...



  • Assuming you didn't install WINS on your new AD server you should remove the WINS information from all clients and from the DHCP server so it's not handing out that information.
    This will also cause issues in some cases.



  • Oh good point. Don't want old WINS mucking about.



  • This post is deleted!


  • @Dashrender said:

    Assuming you didn't install WINS on your new AD server you should remove the WINS information from all clients and from the DHCP server so it's not handing out that information.
    This will also cause issues in some cases.

    Let me take a look at this.

    Now, I KNOW I checked this but I guess I overlooked it and I know it wouldn't just go away. There was no reverse lookup for the file server (services01 is its physical name). I just added it.


Log in to reply