Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, December 6, 2016 6:49 PM
Hi,
I have a few Windows 7 computers that I found to be missing DNS entries. When I look at reverse, they exist. When I look at my DHCP, they are there. We have two DHCP servers and three DNS servers. All Windows 2012 R2. These problematic workstations are online even after reboot so users never noticed the issue on their end.
ipconfig /registerdns - Resolves the issue however I have seen the problem comes back. The machine will create an entry in the DNS Forward but later on disappear (within several hours or at least later - that the machine I just registered will lost all DNS forward entries).
I tested registerdns one computer. I see that all our DNS servers will create an entry on each server eventually. Some immediately. Some within minutes apart. However, I have also seen that one DNS server did not create an entry after 20 minutes. But it wasn't consistent because this DNS server can also create an entry immediately.
What could it be? We are using scavenging as well. Below is our setting for DHCP.
Scavenging setting we have:
Questions
1. What do you think is the problem?
2. Could it be possibly be related to the Dynamic Update user? The account has not changed but we have upgraded our servers from 2008 to Windows 2012. Are we suppose to re-select this and re-apply if we upgraded to Windows 2012 (new server but same server name and IP Address)? I got the idea here but I dont know if this is related at all. https://community.spiceworks.com/topic/213284-dns-server-not-resolving-host-names-host-a-records-missing
Pls. help me figure this out. Thanks!
All replies (17)
Wednesday, December 7, 2016 2:56 AM
Hi Swiss,
Please try to uncheck Discard A and PTR records when lease is deleted, and then check Dynamically update DNS A and PTR records only if requested by the DHCP clients.
Could you please tell me how long address lease that you configured?
Please check the article below for further understanding:
Understanding Aging and Scavenging
https://technet.microsoft.com/en-us/library/cc771677(v=ws.11).aspx
Best Regards
John
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Wednesday, December 7, 2016 7:34 PM
Hi John,
The address lease we have is 8 days. I haven't uncheck the Discard A and PTR records... is that should be the default setting?
Thanks for your reply.
Thursday, December 8, 2016 8:22 AM
Hi Swiss,
Please configure sum of No-refresh time and refresh time to be smaller than DHCP lease.
Best Regards
John
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Thursday, December 8, 2016 5:22 PM
Hi John,
Just want to make sure I understand. So based on my setting we should be setting from 7+7 to 3+3 (for example) the No Refresh and Refresh time?
Thank you!
Friday, December 9, 2016 5:53 AM | 1 vote
Hi Swiss,
Yes.
No-Refresh interval +refresh interval < DHCP Lease.
Please check the article below for further understanding:
Understanding Aging and Scavenging
https://technet.microsoft.com/en-us/library/cc771677(v=ws.11).aspx
Best Regards
John
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Tuesday, January 10, 2017 7:51 PM
Hi John,
I followed your advise and it seems to fix our DNS scavenging issue. I did 15 days DHCP lease with the No-Refresh interval +refresh interval (7+7).
Thanks!
Wednesday, January 11, 2017 7:59 AM
Hi Swiss,
I am glad to hear that your issue has been resolved.
Best Regards
John
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Thursday, January 19, 2017 11:55 PM
Hi John,
I have to re-open this post again. I noticed that last night... When I rebooted all of our workstations, I still got some machines that didn't create DNS host after a reboot. I thought it was resolved already because I noticed that I didn't have as much (problematic machines). I will only have couple of computers who will be missing DNS host. When I ipconfig /registerdns them and they will be fixed and the problem does not appear to re-occur.
The difference now is that I force to reboot all computers. Now, I do have quite a few computers who did not create dns host after a reboot. Therefore the problem still remains.
We changed our DHCP lease to 15 days. Kept our Refresh + No Refresh to defult 7 + 7.
I also run dcdiag. Result is no error.
Any suggestion or advice? Anyone?
The problem appears to be that some machines loses their DNS host record after a reboot or a shutdown. DNS host record should be recreated when the machine power on or upon restart. The only way to get the DNS host entry back is to "ipconfig /registerdns". User doesn't appear to be affected. They can continue to use their computers. They machine is online but dns host entry is missing. Reverse entry is *not* missing. Only forward.
Thanks!
Monday, January 23, 2017 5:56 AM
Hi Swiss,
>>When I ipconfig /registerdns them and they will be fixed and the problem does not appear to re-occur.
Did record of computer not exist before you reboot computer?
>>The problem appears to be that some machines loses their DNS host record after a reboot or a shutdown.
Please check if this client has sent register request to DNS server, and you could check TCP/IP configuration to check if computer is configured dynamically register record.
Best Regards
John
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Wednesday, February 8, 2017 12:46 AM
Hi John,
To answer your question:
Did record of computer not exist before you reboot computer? Yes. the problematic computers won't have a DNS entry. It has suddenly disappeared after a reboot or if it was shutdown for a long time. This is the original main issue of my post. The entry will just disappear randomly or after a long shutdown. Reverse entries are OK. So our users don't notice the issue. The computer will continue to work online. If you ping the IP address it is online. If you ping the name, it will say host not found. The only fix is to do ipconfig /registerdns. But problem do come back from time to time. It only happens on some computers. All our computers are Windows 7. This happens regardless it's x86 or x64.
Pls. advise. Thanks!
Wednesday, February 8, 2017 7:16 AM
Hi Swiss,
Did all of computer join domain or workgroup?
If there is client belong to workgroup, please ensure suffix on client is correct, you could follow steps below to view it.
And open computer properties, click change on computer name tab, on computer name panel please click More.., and then you could enter suffix.
Please reference picture below for further understanding:
Please check if DNS client service function properly.
Have you checked if client has enabled Register this connection's addresses in DNS?
Best Regards
John
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Wednesday, February 8, 2017 4:25 PM
Hi John,
All our domain computers and yes, "Register this connection... " is enabled.
I reviewed this article from Microsoft, "List of reasons that DNS records disappear..." and I went through one by one of the reasons and I think our issue is #8 but it is not clear to me how to resolve as per article? Maybe you have an input?
Thursday, February 9, 2017 7:34 AM
Hi Swiss,
>>but it is not clear to me how to resolve as per article? Maybe you have an input?
As link above mentioned, please check if there is related information about DNS registration failures, you could post it to here for further troubleshooting.
Please catch traffic on client to check if DNS client has queried SOA record, and send registration request to DNS server, you need to renew client's ip address before perform this operation.
Here is link about network monitor for your reference:
https://www.microsoft.com/en-sg/download/details.aspx?id=4865
Best Regards
John
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Thursday, February 9, 2017 5:25 PM
Hi John,
Thanks for the suggestion. I turned on verbose Netlogon logging on client workstation and maybe this will help.
CASE:
- Windows7 has disappearing DNS record. I ipconfig /registerdns the workstation and that fixes the problem. Then I reboot the computer. It loses again the DNS host entry.
- Below is what's on the Netlogon on the client. I already filtered all the CRITICAL lines for easier reading of the log:
Line 55: 02/09 08:38:36 [CRITICAL] Address list changed since last boot. (Forget DynamicSiteName.)
Line 63: 02/09 08:38:36 [CRITICAL] C:\WINDOWS\system32\config\netlogon.ftj: Unable to open. 2
Line 74: 02/09 08:38:36 [CRITICAL] NetpDcGetDcNext: _ldap._tcp.dc._msdcs.MyDomain.org.: Cannot Query DNS. 1460 0x5b4
Line 75: 02/09 08:38:36 [CRITICAL] NetpDcGetNameIp: MyDomain.org.: No data returned from DnsQuery.
Line 78: 02/09 08:38:36 [CRITICAL] NlBrowserSendDatagram: No transports available
Line 79: 02/09 08:38:36 [CRITICAL] NetpDcGetNameNetbios: MyDomain.org.: Cannot NlBrowserSendDatagram. (1C) 53
Line 81: 02/09 08:38:36 [CRITICAL] NetpDcGetName: MyDomain.org.: IP and Netbios are both done.
Line 82: 02/09 08:38:36 [CRITICAL] MyDomain: NlDiscoverDc: Cannot find DC.
Line 83: 02/09 08:38:36 [CRITICAL] MyDomain: NlSessionSetup: Session setup: cannot pick trusted DC
Line 164: 02/09 08:38:45 [CRITICAL] NetpDcGetDcNext: _kerberos._tcp.dc._msdcs.MyDomain.org.: Cannot Query DNS. 1460 0x5b4
Line 165: 02/09 08:38:45 [CRITICAL] NetpDcGetNameIp: MyDomain.org.: No data returned from DnsQuery.
Line 168: 02/09 08:38:45 [CRITICAL] NlBrowserSendDatagram: No transports available
Line 169: 02/09 08:38:45 [CRITICAL] NetpDcGetNameNetbios: MyDomain.org.: Cannot NlBrowserSendDatagram. (1C) 53
Line 171: 02/09 08:38:45 [CRITICAL] NetpDcGetName: MyDomain.org.: IP and Netbios are both done.
Line 179: 02/09 08:38:46 [CRITICAL] NetpDcGetDcNext: _ldap._tcp.MyDomain.org.: Cannot Query DNS. 1460 0x5b4
Line 180: 02/09 08:38:46 [CRITICAL] NetpDcGetNameIp: MyDomain.org.: No data returned from DnsQuery.
Line 183: 02/09 08:38:46 [CRITICAL] NlBrowserSendDatagram: No transports available
Line 184: 02/09 08:38:46 [CRITICAL] NetpDcGetNameNetbios: MyDomain.org.: Cannot NlBrowserSendDatagram. (1C) 53
Line 186: 02/09 08:38:46 [CRITICAL] NetpDcGetName: MyDomain.org.: IP and Netbios are both done.
Line 190: 02/09 08:38:46 [CRITICAL] NetpDcGetDcNext: _ldap._tcp.MyDomain.org.: Cannot Query DNS. 1460 0x5b4
Line 191: 02/09 08:38:46 [CRITICAL] NetpDcGetNameIp: MyDomain.org.: No data returned from DnsQuery.
Line 194: 02/09 08:38:46 [CRITICAL] NlBrowserSendDatagram: No transports available
Line 195: 02/09 08:38:46 [CRITICAL] NetpDcGetNameNetbios: MyDomain.org.: Cannot NlBrowserSendDatagram. (1C) 53
Line 197: 02/09 08:38:46 [CRITICAL] NetpDcGetName: MyDomain.org.: IP and Netbios are both done
Please help! Thanks!
Friday, February 10, 2017 6:54 AM
Hi Swiss,
Please try to fix issue by following link below:
Client computer uses site-less SRV records after you restart the computer in Windows 7 or in Windows Server 2008 R2
Best Regards
John
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Friday, February 10, 2017 5:05 PM
Hi John,
Thanks! I applied the fix and I get a message "Not applicable to my machine".
Now what is interesting is that in the middle of the night, this computer suddenly registers itself and works. This confirms that it registers/deregisters itself intermittently. This is the reason why I would have small number of incidents like this where the machines who were OK yesterday will not be OK tomorrow.
Now, I did run DCDIAG on one of my DC and found this? Is this normal? Or maybe you can find something odd in this log that possibly causing the issue?
Root zone on this DC/DNS server was not found
* TEST: Delegations (Del)*
* No delegations were found in this zone on this DNS server*
DNS TEST
***
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
* Verifying that the local machine DC1, is a Directory Server.
Home Server = DC1
* Connecting to directory service on server DC1.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=CONTOSO,DC=COM,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=OFFSITE1,CN=Sites,CN=Configuration,DC=CONTOSO,DC=COM
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=OFFSITE2,CN=Sites,CN=Configuration,DC=CONTOSO,DC=COM
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=OFFSITE3,CN=Sites,CN=Configuration,DC=CONTOSO,DC=COM
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=OFFSITE4,CN=Sites,CN=Configuration,DC=CONTOSO,DC=COM
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=OFFSITE5,CN=Sites,CN=Configuration,DC=CONTOSO,DC=COM
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=OFFSITE6,CN=Sites,CN=Configuration,DC=CONTOSO,DC=COM
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=OFFSITE7,CN=Sites,CN=Configuration,DC=CONTOSO,DC=COM
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=OFFSITE8,CN=Sites,CN=Configuration,DC=CONTOSO,DC=COM
Getting ISTG and options for the site
Looking at base site object: CN=NTDS Site Settings,CN=MAINSITE,CN=Sites,CN=Configuration,DC=CONTOSO,DC=COM
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=CONTOSO,DC=COM,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=DC3,CN=Servers,CN=MAINSITE,CN=Sites,CN=Configuration,DC=CONTOSO,DC=COM
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=DC2,CN=Servers,CN=MAINSITE,CN=Sites,CN=Configuration,DC=CONTOSO,DC=COM
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=DC1,CN=Servers,CN=MAINSITE,CN=Sites,CN=Configuration,DC=CONTOSO,DC=COM
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 3 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: MAINSITE\DC1
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
* Active Directory RPC Services Check
......................... DC1 passed test Connectivity
Doing primary tests
Testing server: MAINSITE\DC1
Test omitted by user request: Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Test omitted by user request: FrsEvent
Test omitted by user request: DFSREvent
Test omitted by user request: SysVolCheck
Test omitted by user request: KccEvent
Test omitted by user request: KnowsOfRoleHolders
Test omitted by user request: MachineAccount
Test omitted by user request: NCSecDesc
Test omitted by user request: NetLogons
Test omitted by user request: ObjectsReplicated
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: Replications
Test omitted by user request: RidManager
Test omitted by user request: Services
Test omitted by user request: SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: VerifyReferences
Test omitted by user request: VerifyReplicas
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
See DNS test in enterprise tests section for results
......................... DC1 passed test DNS
Running partition tests on : ForestDnsZones
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running partition tests on : DomainDnsZones
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running partition tests on : Schema
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running partition tests on : Configuration
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running partition tests on : CONTOSO
Test omitted by user request: CheckSDRefDom
Test omitted by user request: CrossRefValidation
Running enterprise tests on : CONTOSO.COM
Starting test: DNS
Test results for domain controllers:
DC: DC1.CONTOSO.COM
Domain: CONTOSO.COM
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
The OS
Microsoft Windows Server 2012 R2 Standard (Service Pack level: 0.0)
is supported.
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter
[00000016] Microsoft Network Adapter Multiplexor Driver:
MAC address is 00:xx:00:00:xx:00
IP Address is static
IP address: 192.1xx.xx.xxx, fexx::xxxx:xx2f:xxxx:xxxx
DNS servers:
192.1xx.xx.xxx (DC2) [Valid]
192.1xx.xx.xxx (DC3) [Valid]
192.1xx.xx.xxx (DC1) [Valid]
The A host record(s) for this DC was found
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found primary
Root zone on this DC/DNS server was not found
TEST: Delegations (Del)
No delegations were found in this zone on this DNS server
Summary of test results for DNS servers used by the above domain
controllers:
DNS server: 192.1xx.xx.xxx (DC2)
All tests passed on this DNS server
Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered
DNS server: 192.1xx.xx.xxx (DC3)
All tests passed on this DNS server
Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered
DNS server: 192.1xx.xx.xxx (DC1)
All tests passed on this DNS server
Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
_________________________________________________________________
Domain: CONTOSO.COM
DC1 PASS PASS n/a PASS n/a n/a n/a
......................... CONTOSO.COM passed test DNS
Test omitted by user request: LocatorCheck
Test omitted by user request: Intersite
Monday, February 13, 2017 5:45 AM
Hi Swiss,
>>Now, I did run DCDIAG on one of my DC and found this? Is this normal?
Yes, this is normal.
>>This confirms that it registers/deregisters itself intermittently.
Did you mean that its record will be discarded sometimes?
Best Regards
John
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].