DNS Solution

  • Thread starter Thread starter Dale
  • Start date Start date
D

Dale

First thanks to everyone who helped with this problem!!!
I thought I'd share my problem and solution to help
others since so many helped me!!!

Problem: I had a client who was setup by someone from
Sprint with the following: 1 Server, AD DC with DNS, 3
WIN2K Pro clients, 1 Linksys router(with DHCP enabled),
Sprint DSL.

1.) Clients take between 1 and 3 minutes to login to
domain.
2.) Recieving errors 11151 and 11161 on Clients. (which
is The system failed to register adapter with settings
from DNS server list.)
3.) Recieving error 5781 on Server. (whhich is Dynamic
registration or deregistration of one or more DNS records
failed.)
4.) Users even though they belong to the enterprise admin
group and local admin group on each machine do not have
rights to install programs.

Whew...what a mess.

First the Server:
Problems: DNS was setup to be the root (.)
Only 1 host record showed for any computers
and it had the wrong IP address

Solution: Deleted the root. Set Dynamic updates to yes.
removed invalid host record and added the other
2 computers. Set forwarder to the ISP DNS
server. Set Server to point to itself as both
primary and secondary DNS server.(secondary was
set to ISP address originally.
Second the clients:
Problems found: Since the clients where receiving DHCP
from the router, they also recieved the ISP
DNS address. (Best fix would have been to setup
DHCP on Server and set option 006 to make local
server DNS server) This caused excessive login
times.
Solution: Kept DHCP but set primary and secondary DNS to
local server. Bingo, 3 to 5 second login now!
This also seemed to clear up the rights issue.
Now users could install programs! All error
messages gone and the internet was even faster!

Whew...hope I didn't forget anything!!! Once again,
thanks to all who helped!!!

Dale
 
In
posted their thoughts said:
First thanks to everyone who helped with this problem!!!
I thought I'd share my problem and solution to help
others since so many helped me!!!

Problem: I had a client who was setup by someone from
Sprint with the following: 1 Server, AD DC with DNS, 3
WIN2K Pro clients, 1 Linksys router(with DHCP enabled),
Sprint DSL.

1.) Clients take between 1 and 3 minutes to login to
domain.
2.) Recieving errors 11151 and 11161 on Clients. (which
is The system failed to register adapter with settings
from DNS server list.)
3.) Recieving error 5781 on Server. (whhich is Dynamic
registration or deregistration of one or more DNS records
failed.)
4.) Users even though they belong to the enterprise admin
group and local admin group on each machine do not have
rights to install programs.

Whew...what a mess.

First the Server:
Problems: DNS was setup to be the root (.)
Only 1 host record showed for any computers
and it had the wrong IP address

Solution: Deleted the root. Set Dynamic updates to yes.
removed invalid host record and added the other
2 computers. Set forwarder to the ISP DNS
server. Set Server to point to itself as both
primary and secondary DNS server.(secondary was
set to ISP address originally.
Second the clients:
Problems found: Since the clients where receiving DHCP
from the router, they also recieved the ISP
DNS address. (Best fix would have been to setup
DHCP on Server and set option 006 to make local
server DNS server) This caused excessive login
times.
Solution: Kept DHCP but set primary and secondary DNS to
local server. Bingo, 3 to 5 second login now!
This also seemed to clear up the rights issue.
Now users could install programs! All error
messages gone and the internet was even faster!

Whew...hope I didn't forget anything!!! Once again,
thanks to all who helped!!!

Dale
Click to expand...

Glad that our suggestions were helpful. :-)

On the note of letting someone else set it up; many IT folks who are not
familiar with AD and it's requirements of DNS is the normal cause. Usually,
I've found, as a trainer, that many admins with many prior years experience
with NT4 and other directory services, just haven't read up on the info, not
familiar with it, or it wasn't clear on how to setup such as system. The
docs do say to use your own DNS, etc, but it was always unclear on how to
make Internet resolution work. Linksys routers, as many admins, including
some cable companies when they install a system and use the Linksys router
as their solution, are not aware of the effect with AD.

Glad you got it working. I would still suggest to use your own DHCP and
disable it on the router. Not sure why you;'re getting long logon times
using your own DHCP. That should not have happened. Maybe didn't release and
renew at the client first? A good advantage of using W2k DHCP is that it
will register backward level clients and their PTRs for you into DNS.

I hope others learn from your post.

Thanks for posting your solution.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
Ace,

The excessive logons I believe were due to the fact the
local clients, who were pointed to the ISP DNS in TCP as
both their primary and secondary addresses were trying to
dynamically register with the ISP's DNS servers. This
was taking quite some time to come back. It also gave me
the impression that the clients weren't really logged
into the local domain(maybe they were but they sure
didn't have any rights). Once I set this to the local
server...bang!!! 3 seconds was the longest login time!!

I agree with the DHCP...I never use the router except for
small workgroups that don't require AD and DNS.

Also, there was one real strange thing...The server's IP
address was 192.168.2.103...but the primary DNS address
was listed as 192.168.1.99. I looked at the router
setup, everything but that address didn't exist...So I
called Sprint and guess what...that belonged to their DSL
box. I removed that from the mix and everything seemed
to speed up.

Thanks for your help!!!
Dale
 
In
posted their thoughts said:
Ace,

The excessive logons I believe were due to the fact the
local clients, who were pointed to the ISP DNS in TCP as
both their primary and secondary addresses were trying to
dynamically register with the ISP's DNS servers. This
was taking quite some time to come back. It also gave me
the impression that the clients weren't really logged
into the local domain(maybe they were but they sure
didn't have any rights). Once I set this to the local
server...bang!!! 3 seconds was the longest login time!!

I agree with the DHCP...I never use the router except for
small workgroups that don't require AD and DNS.

Also, there was one real strange thing...The server's IP
address was 192.168.2.103...but the primary DNS address
was listed as 192.168.1.99. I looked at the router
setup, everything but that address didn't exist...So I
called Sprint and guess what...that belonged to their DSL
box. I removed that from the mix and everything seemed
to speed up.

Thanks for your help!!!
Dale
Click to expand...

No problem for the help, and glad you got it all working. You can say this
is an experience you won;t forget.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
Back
Top