Weird DNS Issues
-
really i'm facing your very same problem exactly, before everything was fine (no DNS issues), but as soon as i add new DC into domain in my branch office, i start having those kind of problem as you mentioned, these days i'm having difficult time, the domain is not stable at all, i neither get additional working nor the domain stability i got before,
i hope these problems come to an end
-
Quick update...seems to be isolated to our file server...it has a physical name and a CNAME and when these certain users have the problems, they can only get to the server by IP Address. Like right now, I can access the file sever by both names. I have a single user (currently) who can only access it by IP address.
-
and you've tried ipconfig /release /renew /flushdns /registerdns on these that you were having probs with?
-
@Hubtech said:
and you've tried ipconfig /release /renew /flushdns /registerdns on these that you were having probs with?
All but RegisterDNS...I will try that. Currently, I have three users I cannot resatore.
And on my new DC/DNS server, this is what it shows under DNS Events:
From Yesterday: SERVERNAME 4015 Error Microsoft-Windows-DNS-Server-Service DNS Server 5/20/2014 7:39:14 AM The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
From Today: SERVERNAME 4013 Warning Microsoft-Windows-DNS-Server-Service DNS Server 5/21/2014 6:38:37 AM - The DNS server is waiting for Active Directory Domain Services (AD DS) to signal that the initial synchronization of the directory has been completed. The DNS server service cannot start until the initial synchronization is complete because critical DNS data might not yet be replicated onto this domain controller. If events in the AD DS event log indicate that there is a problem with DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet Protocol properties of this computer. This event will be logged every two minutes until AD DS has signaled that the initial synchronization has successfully completed.
And Again, this is only happening to the DNS (CNAME) of our FILESERVER...all other DNS name resolutions are working fine. I wanted to avoid rebooting the file server but wonder if it could help?
-
So on a user's system when it is failing, what is an nslookup of the A and CNAMEs returning?
-
@scottalanmiller said:
So on a user's system when it is failing, what is an nslookup of the A and CNAMEs returning?
What is the preferred syntax to check the A and CNAME with NSLOOKUP? Thanks....
-
Even more simple than an NSLookup... what does IPconifg /all return on a computer that is having problems?
-
@Dashrender said:
Even more simple than an NSLookup... what does IPconifg /all return on a computer that is having problems?
Even though DHCP is off on old and new DC/DNS server, it does contain info there...
One of the PC's that cannot resolve the name to the FILESERVER shows:
DHCP Server: Old DC
DNS Server: New DC
Primary WINS Server: Old PCOn my PC (Which is on Windows 8.1), doesn't return DHCP or WINS server info...and I've never had the DNS problem.
Keep in mind, this PC and resolve all other server and PC names EXCEPT the FILESERVER.
-
@garak0410 said:
@Dashrender said:
Even more simple than an NSLookup... what does IPconifg /all return on a computer that is having problems?
Even though DHCP is off on old and new DC/DNS server, it does contain info there...
One of the PC's that cannot resolve the name to the FILESERVER shows:
DHCP Server: Old DC
DNS Server: New DC
Primary WINS Server: Old PCOn my PC (Which is on Windows 8.1), doesn't return DHCP or WINS server info...and I've never had the DNS problem.
Keep in mind, this PC and resolve all other server and PC names EXCEPT the FILESERVER.
Also, on a PC that is working and where I manually set the preferred DNS to the new DC and made the alternate the old DC, he also shows DHCP from the OLD DC.
I've really had no real solutions...just Band-Aids to get people up.
-
@garak0410 said:
@scottalanmiller said:
So on a user's system when it is failing, what is an nslookup of the A and CNAMEs returning?
What is the preferred syntax to check the A and CNAME with NSLOOKUP? Thanks....
Just....
nslookup aname
nslookup CNAMEWhere aname and CNAME are the host names. There is no further syntax.
-
Did I see that you have two DHCP servers running? There should be only one.
-
@scottalanmiller said:
@garak0410 said:
@scottalanmiller said:
So on a user's system when it is failing, what is an nslookup of the A and CNAMEs returning?
What is the preferred syntax to check the A and CNAME with NSLOOKUP? Thanks....
Just....
nslookup aname
nslookup CNAMEWhere aname and CNAME are the host names. There is no further syntax.
On PC's that had no problem or had a problem, they either NSLOOKUP ANAME or CNAME to the old or new DNS server...and they all end with can't find cname: Non-existent domain (same with aname)
-
I noticed on the new DC/DNS server, under the reverse lookup ZONE properties, under NAME SERVERS, the new DC/DNS server shows UNKNOWN...OK to update it?
-
@garak0410 said:
@scottalanmiller said:
@garak0410 said:
@scottalanmiller said:
So on a user's system when it is failing, what is an nslookup of the A and CNAMEs returning?
What is the preferred syntax to check the A and CNAME with NSLOOKUP? Thanks....
Just....
nslookup aname
nslookup CNAMEWhere aname and CNAME are the host names. There is no further syntax.
On PC's that had no problem or had a problem, they either NSLOOKUP ANAME or CNAME to the old or new DNS server...and they all end with can't find cname: Non-existent domain (same with aname)
Sounds like you don't have your search domains defined and you are skipping the FQDN and are trying to use short names.
-
I agree with Scott, you're using short name instead of FQDN (Fully Qualified Domain Names). It's something that started back in the NT days with NetBIOS. You really should replace all \servername\sharename with \severname.domainname.com\sharename
for your nslookup try 'nslookup olddc.domainname.com' or nslookup newdc.domainname.com
-
Would you please post the exact output from ipconfig /all from a working and non working machine
should look like the follwing (you can change the same things I did if you want to hide your domain from us).
U:>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : om1290d2
Primary Dns Suffix . . . . . . . : domainname.net <- changed to protect
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domainname.net <- changed to protectEthernet adapter Tripwire Tunnel Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Tripwire TAP Network Adapter
Physical Address. . . . . . . . . : 00-FF-CD-xx-xx-xx ** <- changed to protect**
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : YesEthernet adapter vEthernet (New Virtual Switch):
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter #2
Physical Address. . . . . . . . . : F0-92-1C-xx-xx-xx <- changed to protect
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4d7d:7ce2:b72c:eb60%9(Preferred)
IPv4 Address. . . . . . . . . . . : 172.16.1.9(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.16.1.254
DHCPv6 IAID . . . . . . . . . . . : 183538204
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-7B-00-80-F0-92-1C-DD-55-A8DNS Servers . . . . . . . . . . . : 172.16.1.19
172.16.1.245
NetBIOS over Tcpip. . . . . . . . : EnabledTunnel adapter isatap.{F24F29C3-326D-xxxx-xxxx-xxxxxxxxxxxx}: <- changed to protect
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes -
This is from a PC that never lost it's naming to the FILESERVER:
Windows IP Configuration
Host Name . . . . . . . . . . . . : accounting01
Primary Dns Suffix . . . . . . . : domainname.local
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domainname.localEthernet adapter Local Area Connection:
Connection-specific DNS Suffix . : pinnstr.local
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-30-67-xx-xx-xx
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d80:7b35:xx(Preferred)
IPv4 Address. . . . . . . . . . . : xx.xx.xx.xx(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, May 21, 2014 8:00:34 AM
Lease Expires . . . . . . . . . . : Thursday, May 29, 2014 8:00:01 AM
Default Gateway . . . . . . . . . : 10.xx.xx.xx (our firewall)
DHCP Server . . . . . . . . . . . : 10.xx.xx.xx (old DC/DNS server)
DHCPv6 IAID . . . . . . . . . . . : 234893415
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-8D-07-0C-00-30-67-61-63-9CDNS Servers . . . . . . . . . . . : 10.xx.xx.xx (new DC/DNS Server)
10.xx.xx.xx (old DC/DNS server)
Primary WINS Server . . . . . . . : 10.xx.xx.xx (old DC/DNS server)
NetBIOS over Tcpip. . . . . . . . : EnabledTunnel adapter isatap.domainname.local:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : domainname.local
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : YesFrom a PC I had problems with today (and still do):
Windows IP Configuration
Host Name . . . . . . . . . . . . : estimating02
Primary Dns Suffix . . . . . . . : domainname.local
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domainname.localEthernet adapter Local Area Connection:
Connection-specific DNS Suffix . : domainname.local
Description . . . . . . . . . . . : Intel(R) 82566DM-2 Gigabit Network Connec
tion
Physical Address. . . . . . . . . : 00-1E-4F-xx-xx-xx
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3156:295c:xx(Preferred)
IPv4 Address. . . . . . . . . . . : 10.xx.xx.xx(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, May 13, 2014 3:14:11 PM
Lease Expires . . . . . . . . . . : Thursday, May 29, 2014 9:55:01 AM
Default Gateway . . . . . . . . . : 10.xx.xx.xx (firewall)
DHCP Server . . . . . . . . . . . : 10.0.0.16 (old DC/DNS server)
DHCPv6 IAID . . . . . . . . . . . : 234888783
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-61-xx-xx-xx-xx-xx-xx-xx-xxDNS Servers . . . . . . . . . . . : 10.xx.xx.xx(new DC/DNS server)
Primary WINS Server . . . . . . . : 10.xx.xx.xx (old DC/DNS server)
NetBIOS over Tcpip. . . . . . . . : EnabledTunnel adapter isatap.domainname.local:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : domainname.local
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes -
See the search name in the working one? That is missing in the not working one I think.
-
@scottalanmiller said:
See the search name in the working one? That is missing in the not working one I think.
I see it in both.
Is there any clue as to why this is ONLY name resolution problems to the fileserver and nothing else?
-
Can't think of anything. If every setting is the same.