AD and DNS entries

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

We have a new AD domain and DNS server. AD wont seem to create the 4
directories in DNS: "MSDCS, Sites, TCP, UDP"
Anyone know why or how to force it to do this?
 
Greg said:
We have a new AD domain and DNS server. AD wont seem to create the 4
directories in DNS: "MSDCS, Sites, TCP, UDP"
Anyone know why or how to force it to do this?
Click to expand...

Check the following...

DNS for AD
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) If you have more than one Domain, every DNS server must
be able to resolve ALL domains (either directly or indirectly)

netdiag /fix

....or maybe:

dcdiag /fix

(Win2003 can do this from Support tools):
nltest /dsregdns /server:DC-ServerNameGoesHere
http://support.microsoft.com/kb/q260371/

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.

Single Label domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]
 
In
Greg said:
We have a new AD domain and DNS server. AD wont seem to
create the 4 directories in DNS: "MSDCS, Sites, TCP, UDP"
Anyone know why or how to force it to do this?
Click to expand...

Several possibilities.
1. You named your AD DNS name a single label name.
826743 - Clients cannot dynamically register DNS records in a single-label
forward lookup zone:
http://support.microsoft.com/?id=826743&sd=RMVP

2. You don't have your local DNS server listed in TCP/IP properties. (The
local DNS should be the only DNS, never use an ISP's DNS in TCP/IP
properties.
825036 - Best practices for DNS client settings in Windows 2000 Server and
in Windows Server 2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;825036&sd=RMVP

3. You have a disjointed namespace, where your domain controllers Primary
DNS suffix does not match your AD domain name.
257623 Domain Controller's Domain Name System Suffix Does Not Match Domain
Name
http://support.microsoft.com/?id=257623&sd=RMVP

4. You have disabled dynamic updates on the zone.
Set "Allow dynamic updates to "Yes" or "Only secure updates"

A fifth possibility is your AD DNS zone name does not match your AD domain
name and your Primary DNS Suffix. All three of these names MUST match.
 
Back
Top