Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, November 19, 2009 11:26 PM
When using nslookup to resolve server names, I get Server Failed message unless I specify the FQDN.
Default Server: ad.mayekawausa.local
Address: 192.168.1.184
> ad
Server: ad.mayekawausa.local
Address: 192.168.1.184
*** ad.mayekawausa.local can't find ad: Server failed
> ad.mayekawausa.local
Server: ad.mayekawausa.local
Address: 192.168.1.184
Name: ad.mayekawausa.local
Address: 192.168.1.184
>
If I use nslookup on the server itself, everything works fine:
Default Server: ad.mayekawausa.local
Address: 192.168.1.184
> ad
Server: ad.mayekawausa.local
Address: 192.168.1.184
Name: ad.mayekawausa.local
Address: 192.168.1.184
>
As far as I know, I have everything configured correctly in the namespace.
Thanks,
Mike K
All replies (2)
Friday, November 20, 2009 12:08 AM âś…Answered
Most likely the DNS Search Order List is different on these servers. Check the TCP/IP DNS settings as shown in the article below.
How the Client DNS Settings work to resolve DNS names
http://networkadminkb.com/kb/Knowledge%20Base/DNS/How%20the%20Client%20DNS%20Settings%20work%20to%20resolve%20DNS%20names.aspx
Using NSLookup type the "Set all" command to list the DOMAIN an SRCHLIST on both servers.
> set all
Default Server: home
Address: 192.168.1.254
Set options:
nodebug
defname
search
recurse
nod2
novc
noignoretc
port=53
type=A
class=IN
timeout=2
retry=1
root=A.ROOT-SERVERS.NET.
domain=domain1.com
MSxfr
IXFRversion=1
srchlist=domain1.net/domain2.com/domain3.net
Thursday, November 19, 2009 11:59 PM
On the computer that NSLOOKUP fails on when not using the FQDN check to see if its configured with a domain suffix. You can check by Right Clicking My Computer, Properties, Computer Name tab. The Fully Qualified name will be listed there. If its not, then, the suffix is not configured. Click on Change, then More. Type in the Primary DNS Suffix name for the computer. If the computer is joined to the domain, this would be configured automatically. If this is OK, check the Network Card IP Properties, DNS tab. It is possible to set a connection specific domain suffix there. If the suffix listed there is something other than the name of the domain hosted on your DNS server, the NSLOOKUP will fail if you do not fully qualify the query.
The reason is because Windows will automatically append the DNS suffix to your query (if you do not specify one) and if that domain is not hosted on your DNS, it will fail.
For example, if your computer is configured with a Primary Suffix and/or a Connection specific suffix of mayekawausa.com then when you are querying just AD from your computer, then DNS will try to resolve AD.mayekawausa.com and of course, that will fail because you are not hosting that zone.
Visit my blog: anITKB.com, an IT Knowledge Base.