DNS problems

  • Thread starter Thread starter Mostro
  • Start date Start date
M

Mostro

here is my situation

at one time, when everything was working right my network was like this

at home office I have domain A (win2k AD) that consists of about 10 servers
all on the 192.168.1.* network and everything works great

at small remote office, I have domain B (win2k) with one server on net
192.168.2.0

domain A and B are linked via via a VPN device on both ends, and a 2 way
trust was established

one day the single and only server at domain B crashed, and I fixed the
server and set up things new, I used the same domain name and everything,
but later I realized that this might be a problem

so at domain A I had to clean up AD, to remove traces of the dead domain B,
now my trusts work ok

DNS at domain B is all screwy, the cached lookups folder does not appear,
and workstations all register event id: 1054 thats says that domain B cannot
be found, but yet they manage to authenticate just really really slow
 
Mostro said:
here is my situation

at one time, when everything was working right my network was like this

at home office I have domain A (win2k AD) that consists of about 10 servers
all on the 192.168.1.* network and everything works great

at small remote office, I have domain B (win2k) with one server on net
192.168.2.0

domain A and B are linked via via a VPN device on both ends, and a 2 way
trust was established

one day the single and only server at domain B crashed, and I fixed the
server and set up things new, I used the same domain name and everything,
but later I realized that this might be a problem

so at domain A I had to clean up AD, to remove traces of the dead domain B,
now my trusts work ok

DNS at domain B is all screwy, the cached lookups folder does not appear,
Click to expand...

Not really important but turn on View->Advanced.
and workstations all register event id: 1054 thats says that domain B cannot
be found, but yet they manage to authenticate just really really slow
Click to expand...

DC and all other machines must be STRICTLY set to use the Internnal DNS
only.

Likely you forgot to set the NIC of the DC (or other machines) to use this
internal DNS server OR you also tried to put th "ISP DNS" there too.

Or you don't have Dynamic DNS enabled.

DNS for AD
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) If you have more than one Domain, every DNS server must
be able to resolve ALL domains (either directly or indirectly)

netdiag /fix

....or maybe:

dcdiag /fix

(Win2003 can do this from Support tools):
nltest /dsregdns /server:DC-ServerNameGoesHere
http://support.microsoft.com/kb/q260371/

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.

Single Label domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]
 
Back
Top