Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, December 8, 2009 4:39 PM
Just recently we had an issue with not being able to access our fileserver. We have two domain controllers, both with DNS, one is a backup. DHCP is setup so the router is the gateway and DC1/DC2 are the DNS servers. We have several different Subdomains within the main domain, but the only domain at our location is xx.domain.local.
DC1: 10.158.1.35
DC2: 10.158.1.33
Fileserver: 10.158.1.37
In DNS on DC1(main DC/DNS), there was a HostA record that had our Fileserver pointing to the wrong IP address. Also there was no PTR in Reverse Lookup Zones. I deleted the incorrect entry and added the correct HostA and PTr record(FileServer 10.158.1.37).
My Workstation ipconfig /all
C:\Windows\System32>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Workstation
Primary Dns Suffix . . . . . . . : xx.domain.local
domain.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : xx.domain.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : xx.domain.local
Description . . . . . . . . . . . : Intel(R) PRO/1000 PM Network Connection
Physical Address. . . . . . . . . : 00-19-D1-90-E2-5F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::74b5:6814:5c7d:ec04%8(Preferred)
IPv4 Address. . . . . . . . . . . : 10.158.1.130(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, December 08, 2009 07:56:08 AM
Lease Expires . . . . . . . . . . : Wednesday, December 16, 2009 07:56:09 AM
Default Gateway . . . . . . . . . : 10.158.1.1
DHCP Server . . . . . . . . . . . : 10.158.1.35
DHCPv6 IAID . . . . . . . . . . . : 201333201
DNS Servers . . . . . . . . . . . : 10.158.1.35
10.158.1.33
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Local Area Connection* 6:
Connection-specific DNS Suffix . : xx.domain.local
Description . . . . . . . . . . . : isatap.xx.domain.local
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:10.158.7.130%15(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.158.1.35
10.158.1.33
NetBIOS over Tcpip. . . . . . . . : Disabled
When I try to ping Fileserver I get:
C:\Windows\System32>ping Fileserver
Pinging Fileserver.xx.domain.local [10.158.1.33] with 32 bytes of data:
Reply from 10.158.1.33: bytes=32 time=21ms TTL=128
Reply from 10.158.1.33: bytes=32 time<1ms TTL=128
Reply from 10.158.1.33: bytes=32 time<1ms TTL=128
Reply from 10.158.1.33: bytes=32 time<1ms TTL=128
NSLookup, wrong ip and domain:
C:\Windows\System32>nslookup Fileserver
Server: DC1.xx.domain.local
Address: 10.158.1.35:53
Non-authoritative answer:
Name: Fileserver.domain.local
Address: 10.158.1.33
When I ping the FQDN I get the correct IP and subdomain:
C:\Windows\System32>ping Fileserver.xx.domain.local
Pinging Fileserver.xx.domain.local [10.158.1.37] with 32 bytes of data:
Reply from 10.158.1.37: bytes=32 time=20ms TTL=128
Reply from 10.158.1.37: bytes=32 time=1ms TTL=128
Reply from 10.158.1.37: bytes=32 time=1ms TTL=128
Reply from 10.158.1.37: bytes=32 time=1ms TTL=128
Same with NSLookup:
C:\Windows\System32>nslookup Fileserver.xx.domain.local
Server: DC1.xx.domain.local
Address: 10.158.1.35:53
Name: Fileserver.xx.domain.local
Address: 10.158.1.37
When Users use the UNC path \fileserver it resolves to the correct server(Fileserver 10.158.1.37). But whenever I Ping, NSLookup, or remote desktop into the UNC: Fileserver, it resolves to the wrong IP 10.158.1.33 and domain domain.local. If I am at the Fileserver itself and run 'ping Fileserver' or 'nslookup Fileserver', it resolves the correct IP.
So, both DNS servers currently have the correct HostA and PTR records for Fileserver.xx.domain.local 10.158.1.37. I have cleared the cache on the DNS servers, Reloaded the DNS Lookup Zones, and ran the Scavenging for stale records. Lastly, I ran ipconfig /registerdns from the Fileserver and did not get any errors in the EventViewer. On the Client have flushed the DNS on my workstation.Anybody have any suggestions on where to look next?
All replies (3)
Tuesday, December 8, 2009 7:07 PM âś…Answered
There are two components here.
First, your system is set up to search across two domains.
DNS Suffix Search List. . . . . . : xx.domain.local
domain.local
Next, your first post shows that your DNS server in the subdomain is pulling information from the parent domain since it provided a (non-authoritative answer). The non-authoritative answer means that it got its answer from another DNS server (I assume its a DNS server in the parent domain). IF there is no record in the parent domain, is it set up to cross-reference against WINS? If so, that may be the reason. If you do have WINS, check the WINS record as it may be incorrect.
C:\Windows\System32>nslookup Fileserver
Server: DC1.xx.domain.local
Address: 10.158.1.35:53
**Non-authoritative answer:
**Name: Fileserver.domain.local
Address: 10.158.1.33
Visit my blog: anITKB.com, an IT Knowledge Base.
Tuesday, December 8, 2009 4:56 PM
it appears that when you ran the NSLOOKUP command without fully qualifying the host name FILESERVER, the DNS server responded with the answer located in the host record located in the "domain.local" which has the incorrect IP. When you fully qualified the request, you got your answer from the "xx.domain.local" domain which has the correct answer.
That would lead me to beleive that the computer that you ran the query from is configured (in the TCP/IP properties/DNS tab) to check the parent domain for the answer. If the record exists, it will return it.
So, you either need to delete the record "FILESERVER" from the parent domain "domain.local" or have that record updated to the correct IP.
When you manage multiple domains and you have clients in multiple domains, you will continue to experience these issues unless you always qualify your queries and/or keep the "duplicate" records in the various zones with the same information.
Tuesday, December 8, 2009 5:10 PM
The Primary DNS Suffix is the subdomain, I typed it wrong in my first post. I don't see any records pointing the Fileserver to the parent domain(domain.local). Everything in DNS on DC1/DC2 are set to Fileserver.xx.domain.local. I don't see where it is finding Fileserver.domain.local
C:\Windows\System32>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Workstation
Primary Dns Suffix . . . . . . . : xx.domain.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : xx.domain.local
domain.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : xx.domain.local
Description . . . . . . . . . . . : Intel(R) PRO/1000 PM Network Connection
Physical Address. . . . . . . . . : 00-19-D1-90-E2-5F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::74b5:6814:5c7d:ec04%8(Preferred)
IPv4 Address. . . . . . . . . . . : 10.158.1.130(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, December 08, 2009 07:56:08 AM
Lease Expires . . . . . . . . . . : Wednesday, December 16, 2009 07:56:09 AM
Default Gateway . . . . . . . . . : 10.158.1.1
DHCP Server . . . . . . . . . . . : 10.158.1.35
DHCPv6 IAID . . . . . . . . . . . : 201333201
DNS Servers . . . . . . . . . . . : 10.158.1.35
10.158.1.33
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Local Area Connection* 6:
Connection-specific DNS Suffix . : xx.domain.local
Description . . . . . . . . . . . : isatap.xx.domain.local
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:10.158.7.130%15(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 10.158.1.35
10.158.1.33
NetBIOS over Tcpip. . . . . . . . : Disabled