Guest DNS Resolution

  • Thread starter Thread starter Ryan
  • Start date Start date
R

Ryan

I have a small network that has a single windows 2000 DC serving DNS,
DHCP and Active Directory. I have 5 win 98 clients that are using the
domain and they all are working fine. They have proper DNS resolution
for both the internal domain and the external net.

Where I am running into an issue is when I hook up my laptop that is
registered to a different windows 2000 domain. I am able to receive a
DHCP address from the DC for their domain, I can ping an address both
internally and externally. I can surf the web by using the IP address.
However, when I use their DNS server as my lookup server...their DNS
will not answer my request.

I am assuming this is because I am not an actual part of their domain.
This will cause a problem in that their will be many visitors that
may need to be able to just hook up with their current hardware and
receive all necessary DHCP and DNS settings from this server. I was
wondering if unchecking the register this connection with DNS might
help or if there was some setting on the DNS server that might allow
guests to make queries.

Thanks for any help....

Ryan
 
In
Ryan said:
I have a small network that has a single windows 2000 DC serving DNS,
DHCP and Active Directory. I have 5 win 98 clients that are using the
domain and they all are working fine. They have proper DNS resolution
for both the internal domain and the external net.

Where I am running into an issue is when I hook up my laptop that is
registered to a different windows 2000 domain. I am able to receive a
DHCP address from the DC for their domain, I can ping an address both
internally and externally. I can surf the web by using the IP address.
However, when I use their DNS server as my lookup server...their DNS
will not answer my request.

I am assuming this is because I am not an actual part of their domain.
This will cause a problem in that their will be many visitors that
may need to be able to just hook up with their current hardware and
receive all necessary DHCP and DNS settings from this server. I was
wondering if unchecking the register this connection with DNS might
help or if there was some setting on the DNS server that might allow
guests to make queries.

Thanks for any help....

Ryan
Click to expand...

This may not necessarily be a DNS issue, but rather if they have a Proxy or
ISA server running. If you can connect by IP but not name, it maybe a Proxy
issue.

What DNS addresses show up when you get an ip from them? (Run an ipconfig
/all and post it here please).

Can you:
1. Ping by name, such as www.yahoo.com ?
If not, then they must be controlling access
by a Proxy or ISA server and DNS resolution
is restricted to the Proxy.

2. Tried using nslookup? Such as:
nslookup www.yahoo.com
If not, then the same as above.

If both do resolve, then something else is blocking it. Have you spoken to
their admins?
Changing do not register settings wouln't have anything to do with
resolution.



--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
Ace,

I have actually set up both networks. I have never had this problem
before. They are using a simple netgear router that is performing NAT
translation nothing more. They dont have any proxy settings. The
DHCP simply hands off the ip address and DNS info.
For the local clients...they receive a local address and a local
DNS...192.168.x.x

I can receive the same information, but when I make a dns request for
such as
ping yahoo.com...the command line just sits and times out.

However, if I say ping 66.80.222.57 it will work perfectly.

I have obviously, done something that I am not aware of.

I was just assuming that because I was never authenticated to their
domain... ad.fbclorena.org...but because my computer name is
computername.ad.ctcwaco.com that maybe their DC was not willing to
hand me off the information because of some DNS poisoining rule or
something like that?

Help?
Thanks
Ryan
 
In
Ryan said:
Ace,

I have actually set up both networks. I have never had this problem
before. They are using a simple netgear router that is performing NAT
translation nothing more. They dont have any proxy settings. The
DHCP simply hands off the ip address and DNS info.
For the local clients...they receive a local address and a local
DNS...192.168.x.x

I can receive the same information, but when I make a dns request for
such as
ping yahoo.com...the command line just sits and times out.

However, if I say ping 66.80.222.57 it will work perfectly.

I have obviously, done something that I am not aware of.

I was just assuming that because I was never authenticated to their
domain... ad.fbclorena.org...but because my computer name is
computername.ad.ctcwaco.com that maybe their DC was not willing to
hand me off the information because of some DNS poisoining rule or
something like that?

Help?
Thanks
Ryan
Click to expand...

Hmm, nah, DHCP will just give out an address. That's it. No discrimination
for what neighborhood you belong to. :-)

If you manually change the DNS IP to 4.2.2.2 (leave the rest as automatic),
are you able to resolve a name?



--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
Ace,

I wasn't thinking it was DHCP that was causing the issue. But the
Windows 2000 DNS server. Since it is the authoritative server for
their domain.

I do receive all of the proper information from their DHCP server. I
received all of the proper information from the DHCP server.
REsults from IP config:
IP add: 192.168.7.31
Sub: 255.255.255.0
Gateway: 192.168.7.1
DNS: 192.168.7.2

To answer your question:
If I change the DNS entries manually, so that:
IP config looks like:
IP add: 192.168.7.31
Sub: 255.255.255.0
Gateway: 192.168.7.1
DNS: Primary: 66.80.208.222
Secondary: 66.80.208.223 (I made up these numbers..I dont
remember what that the actual numbers I used were.)
If I use a configuration similar to this...everything works just fine.
This is what lead me to beleive that it was simply the DNS server
wasnt giving me the resolution.

However, the other 5 computers that are members of the domain have
settings like the first one, and they are able to get resolution just
fine.

Thanks for your help
Ryan
 
In Ryan <[email protected]> posted a question
Then Kevin replied below:

I don't know if it will make a difference, I've never tried to limit
resolution to certain users or computers. On the property sheet of my public
DNS servers, there is a Security tab, the everyone group has read access.
 
Back
Top