DNS & DC

  • Thread starter Thread starter Tihana
  • Start date Start date
T

Tihana

Hi.
I have Win2k3 network in which we added two new DC's (let's call them 1 and
2), and the time has come to remove the original DC (call him 0) from the
domain. We transfered all FSMO roles to DC 1, GC also. DC 1 is now also DHCP
and DNS.
But, when we shut down (not demote, just shut it down) DC 0, half of our
hosts in domain can only access Internet using IP addresses (no DNS
resolving). In their network settings they "see" new DNS server and
everything seems fine.However...
DNS problem? We're not sure, because on new DNS everything seems ok
(forwarder's), and some hosts can access Internet "normally" (DNS resolves).
When we remove the computer that has this problem from domain and than add
it again (while DC 0 shut down), after that - it works. But we don't want to
remove and add all hosts in domain one by one once again..

Has anyone perhaps had similar problem?
Thanx for any advice.

T.
 
if the client resolves if you just restart the comp or DNS client svc?
this is to ensure the local DNS cache of the comp does not cause any
issue.
Does nslookup works from the clients where you face issues?
 
No, it doesn't resolve. We tried dnsflush, disabling it's network
connection, restarting the comp, it simply will not resolve.
Nslookup doesn't work, aldo in network settings picked up from DHCP hosts
registers correct DNS..
But we found something that might be causing the problem..

In AD, users and computers, we have one group - Computers, with Default
group policy applied (hosts that are in this group have no trouble with DNS
resolving), and bunch of other groups organized as Projects, with no
policies (every Project has subgroups Computers and Users - and hosts in
these Computers subgroups have problem). But when I try to drag&drop comp
from Projects to Computers it doesn't help, neither does applying default
policy settings. Only thing that helped was rejoyning every host to domain,
which is to redicilous to do again..
clueless..
 
Both servers should be dns servers and both should have the Global Catalog
for failover.

DNS sounds like its misconfigured and/or you have workstations not pointing
to your MS DNS but the ISP's dns servers.

How dns should be configured is as follows;
wsksts get dhcp ip from server which have the ms dns server listed for dns.
MS dns has the ISPs dns entries in the forwarders tab [not to be confused
with forward lookup zone].
 
Back
Top