Not everyone active in WINS is in DNS

[James W. Long]

Hi All:

I enabled dhcp to register my 78 some odd clients
in wins and checked "use wins forward lookup"
in my DNS server on the forward zone of our domain,
but I don't see {in DNS} everyone that WINS sees.

I know I have active win98 clients
that arent showing up in DNS.

I can now ping them by name, but still not
showing in up DNS.

What am I missing?

Thank you,
James W. Long

 

[Ace Fekay [MVP]]

In

Hi All:

I enabled dhcp to register my 78 some odd clients
in wins and checked "use wins forward lookup"
in my DNS server on the forward zone of our domain,
but I don't see {in DNS} everyone that WINS sees.

I know I have active win98 clients
that arent showing up in DNS.

I can now ping them by name, but still not
showing in up DNS.

What am I missing?

Thank you,
James W. Long

Have you forced updates for clients that cannot register into DNS under DHCP
properties, DNS tab? Are the clients ONLY using the internal DNS or is there
a mixture of ISP's and internal DNS?


--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[Kevin D. Goodknecht Sr. [MVP]]

In

Hi All:

I enabled dhcp to register my 78 some odd clients
in wins and checked "use wins forward lookup"
in my DNS server on the forward zone of our domain,
but I don't see {in DNS} everyone that WINS sees.

I know I have active win98 clients
that arent showing up in DNS.

I can now ping them by name, but still not
showing in up DNS.

What am I missing?

James, the records won't appear in the zone if they are coming from a WINS
lookup. DNS searches WINS for the hosts, I don't even think DNS caches the
WINS lookups.

 

[Ace Fekay [MVP]]

In

James, the records won't appear in the zone if they are coming from a
WINS lookup. DNS searches WINS for the hosts, I don't even think DNS
caches the WINS lookups.

IIRC, when a record under DNS doesn't exist, and a lookup forces DNS to look
at WINS, the record gets registered.

Ace

 

[James W. Long]

"Ace Fekay [MVP]"

In

Have you forced updates for clients that cannot register into DNS under DHCP
properties, DNS tab?

sorry, you lost me on that one. I havent done a thing on any clients.


Are the clients ONLY using the internal DNS or is there

a mixture of ISP's and internal DNS?

unfortunately there IS a mix which I will be correcting next week.

 

[James W. Long]

hmm thats interesting,
so I can ping a client who is in wins by name,
and they dont show up in DNS?

I have to look two place to find {client} then I guess.

 

[Ace Fekay [MVP]]

In

hmm thats interesting,
so I can ping a client who is in wins by name,
and they dont show up in DNS?

I have to look two place to find {client} then I guess.

That is if the client didn't register, yes.

Ace

 

[Ace Fekay [MVP]]

In

sorry, you lost me on that one. I havent done a thing on any clients.

That's not done on the clients. That's done in DHCP properties, DNS tab.

Are the clients ONLY using the internal DNS or is there

unfortunately there IS a mix which I will be correcting next week.

Did we at one time discuss this in the past in this newsgroup? That's a
cardinal rule with AD and DNS. Here's a repost I use often to help
understand AD and it's reliance on DNS, specifically the internal DNS only.
I hope it helps out...

-------------------------------------
AD & DNS:
If you have your ISP's DNS addresses in your IP configuration (DCs and
clients), they need to be REMOVED. This is what is
causing the whole problem.

Just a little background: AD uses DNS. DNS stores AD's resource and service
locations in the form of SRV records, hence how everything that is part of
the domain will find resources in the domain. If the ISP's DNS is configured
in the any of the internal AD member machines' IP properties, (including all
client machines and DCs), the machines will be asking the ISP's DNS 'where
is the domain controller for my domain?", whenever it needs to perform a
function, (such as a logon request, replication request, querying and
applying GPOs, etc). Unfortunately, the ISP's DNS does not have that info.

If this is the current scenario, it is highly suggested and recommended to
only use the internal DNS servers on the network that is hosting the AD zone
name. This applies to all machines, (DCs and clients). Believe me, Internet
resolution will still work with the use of the Root hints (as long as the
root zone doesn't exist).

However, for more effcient Internet resolution, it's HIGHLY recommended to
configure a forwarder. If the forwarding option is grayed out, delete the
Root zone (looks like a period). If not sure how to preform these two tasks,
please follow one of the two articles listed below, depending on your
operating system. They show a step by step on how to perform these tasks:

323380 - HOW TO Configure DNS for Internet Access in Windows Server 2003 :
http://support.microsoft.com/?id=323380

300202 - HOW TO Configure DNS for Internet Access in Windows Server 2000 :
http://support.microsoft.com/?id=300202


Some additional reading that may help:

825036 - Best practices for DNS client settings in Windows 2000 Server and
in Windows Server 2003:
http://support.microsoft.com/default.aspx?scid=kb;en-us;825036

DNS and AD (Windows 2000 & 2003) FAQ:
http://support.microsoft.com/?id=291382

Domain Controller's Domain Name System Suffix Does Not Match Domain Name:
http://support.microsoft.com/?id=257623

Clients cannot dynamically register DNS records in a single-label forward
lookup zone:
http://support.microsoft.com/?id=826743

__________________________

Ace

 

[James W. Long]

Yes I know the cardinal rule, and why.
However when I was hired here, thats how it was.
It has taken some time to get to implementing
that change here. Of course since we had our
discussions before, my domain at home is
in 100% fine shape in that respect.
If ya's can't find the SRV record via ldap/dns
ya aren't gettin in too well.
..


"Ace Fekay [MVP]"

 

[James W. Long]

Dear Ace:

ok, I need to back up.
I thought when I added the wins server and
node type into our dhcp server paramaters
thats what I was doing, forcing them to register.
what did I miss, or how can I make them register?

Thanks,

James W. Long

"Ace Fekay [MVP]"

 

[Ace Fekay [MVP]]

In

Yes I know the cardinal rule, and why.
However when I was hired here, thats how it was.
It has taken some time to get to implementing
that change here. Of course since we had our
discussions before, my domain at home is
in 100% fine shape in that respect.
If ya's can't find the SRV record via ldap/dns
ya aren't gettin in too well.
.

Ok, I thought you had changed that at work. Well, I guess you know how to
fix it!


Glad to hear your home system is working fine.

Ace

 

[Ace Fekay [MVP]]

In

Dear Ace:

ok, I need to back up.
I thought when I added the wins server and
node type into our dhcp server paramaters
thats what I was doing, forcing them to register.
what did I miss, or how can I make them register?

Thanks,

James W. Long

A few things dictate registration for W2k, XP and W2k3 clients:

1. Primary DNS must match the zone name
2. Zone needs to allow updates
3. Point to the internal DNS only

For other operating systems (including MAC, Linux and Unix), DHCP
properties, DNS tab, force registration for clients that cannot update
themselves.

WINS wouldn't have anything to do with dynamic registration, but the way
WINS works, it should update the record for the TTL period of the WINS
record. It's been awhile since I've messed with this, but I remember when
using this heavily with NT4, using WINS resolution for DNS will update the
record into the DNS zone that you have WINS resolution enabled.

But PLEASE, do keep in mind, this has gone by the wayside due to the
introduction of DNS Dynamic Updates, which is pretty much a standard now. If
the clients are registered into DNS, (either by a W2k, XP or W2k3 server
updating it's own records, or by DHCP forcing updates for non MS clients or
legacy Win9x, NT4 and ME clients, then the use for WINS and DNS integration
has dwindled to the point it's not being used as prevalent as years ago
prior to DNS Dynamic UPdates. Now, if you have NT4 DNS, then I can see the
necessity of DNS/WINS integration.

I looked this up for you, and I hope it helps:
Integrating DNS with WINS:
http://www.microsoft.com/technet/prodtechnol/winntas/deploy/confeat/integrat.asp


Ace

 

[James W. Long]

Dear Ace:
Thank you for all the great info!
I think its the dns servers problem #3 below, everyting else appears ok.
I'll let you know how it goes when I can change it. Sort of in a lockdown
for changes during holiday season here.

James

"Ace Fekay [MVP]"

 

[Ace Fekay [MVP]]

In

Dear Ace:
Thank you for all the great info!
I think its the dns servers problem #3 below, everyting else appears
ok. I'll let you know how it goes when I can change it. Sort of in a
lockdown for changes during holiday season here.

James

Well, you always knew that if not following #3, can cause NUMEROUS issues!

Happy Holidays!!

Ace

 

[James W. Long]

Dear Ace

I changed it today in dhcp and made sure my forwarders were right
and I will see tomorrow how it went, and If more clients show up in DNS.

"Ace Fekay [MVP]"

 

[James W. Long]

Dear Ace:

I just realized some of things you asked me about:

1. Everything located in the DHCP server in Properties on the DNS tab.

(Like - always update DNS)

We aren't running MS DHCP. DHCP
is currently running on an AS400.
We cant apply those settings because
dhcp and dns dont both run on win2k,
only DNS. The fix would be to install DHCP
on win2k instead.

2. DHCP Option 81, Client FQDN

again, we arent running MS DHCP so we dont
have that option either, its stops at option 80.

But somehow the clients primary DNS suffix
is being populated as our domain name anyway.
That part is good.

James

 

[Ace Fekay [MVP]]

In

Dear Ace:

I just realized some of things you asked me about:

1. Everything located in the DHCP server in Properties on the DNS
tab.

(Like - always update DNS)

We aren't running MS DHCP. DHCP
is currently running on an AS400.
We cant apply those settings because
dhcp and dns dont both run on win2k,
only DNS. The fix would be to install DHCP
on win2k instead.

2. DHCP Option 81, Client FQDN

again, we arent running MS DHCP so we dont
have that option either, its stops at option 80.

But somehow the clients primary DNS suffix
is being populated as our domain name anyway.
That part is good.

James

I see, I thought you were using MS DHCP. Option 081 is actually the DNS tab
under the MS DHCP server's properties page. It doesn't sound like AS400
supports 081. Windows 2000 and newer machines will self-register into DNS by
default. When you had your ISP's addresses in there, the machines were
trying to regsiter to them too.

Ace

 

[James W. Long]

Dear Ace:

Well that is fixed!
There is only ONE, count them UNO,
references to a DNS server on every
client in the company, the address
is our Internal DNS server. Whew.
and the forwarder are our ISP
and one other, 4.2.2.2


Amazing.
All off a sudden since the change,
the DNS cache zone
is finally showing up with all the
internet domains they all go to!
heh heh I can get a grip on this
now...who needs to go to wild tangent?
nobody!

group will work reliably.

no undue internet traffic attempting to register
with our ISP instead of US.

Its getting to be much better around here.

still, because of AS400 Dhcp, I dont get any win98 boxes into MS dns.
I am running MS wins as you know,
I wonder If I can can go to each of those 98 boxes and manually do
something on them which would force them to register
to our DNS?

Thank you again for your excellent help, Ace!

James W. Long




"Ace Fekay [MVP]"

 

[Ace Fekay [MVP]]

In

Dear Ace:

Well that is fixed!
There is only ONE, count them UNO,
references to a DNS server on every
client in the company, the address
is our Internal DNS server. Whew.
and the forwarder are our ISP
and one other, 4.2.2.2


Amazing.
All off a sudden since the change,
the DNS cache zone
is finally showing up with all the
internet domains they all go to!
heh heh I can get a grip on this
now...who needs to go to wild tangent?
nobody!

group will work reliably.

no undue internet traffic attempting to register
with our ISP instead of US.

Its getting to be much better around here.

still, because of AS400 Dhcp, I dont get any win98 boxes into MS dns.
I am running MS wins as you know,
I wonder If I can can go to each of those 98 boxes and manually do
something on them which would force them to register
to our DNS?

Thank you again for your excellent help, Ace!

James W. Long

You are welcome!

As for legacy clients (Win9x, WinME, NT4, etc) registering, you can create a
user defined class option, if AS400's DHCP allows that option. If not (and I
kind of doubt it offers that), the only other way is to move to MS DHCP. I
know how much you want control of your network and want things to "work",
and you are getting closer, so my suggestion for your final step is to move
DHCP to your WIndows machine to get the full benefits.

Ace