Reinstalling DNS for whole domain 1

[PaulGillespie]

Hi Guys, i have a dns issue with my 2003 domain. I'm not sure what's wrong as everything looks ok but it doesn't if you know what i mean.

DNS is cached in AD so if i uninstall DNS from my DNS servers and reinstall DNS will it pick up the same settings? ideally i'd like to start from fresh but without having to rebuild my whole AD structure.

Any advice?

Thanks
Paul

 

[58sniper]

If your DNS is AD integrated, and you're running DNS on each of the DCs, then as soon as you install DNS on another server, it would get a copy of the zone data from other DCs.

You'd be better off resolving the existing issues with DNS than trying to rip and replace.

Pat Richard MVP

 

[PaulGillespie]

That's what i was afraid of hearing.....

Right, i'm going to start another post once i've had a good long hard think.

Cheers

Paul

 

[58sniper]

It might be worth burning a call to PSS to help get it squared away if it's seriously impacting operations. Too many things are dependent on DNS.

Pat Richard MVP

 

[PaulGillespie]

It's not a serious issue that is effecting the daily operations but something is just not right. clients see no issues.

On the Main DC that holds the fsmo roles and is the DNS server, if i browse my network places i see no PCs. From other member servers who are looking to the DC for DNS they can see all the PCs through my network places.

If i do an NS Lookup for

http://www.google.com

i get

Server: UnKnown
Address: 192.168.0.2

Name:

http://www.l.google.com

Addresses: 66.102.9.99, 66.102.9.104, 66.102.9.147
Aliases:

http://www.google.com

The "Server: UnKnown" bit isn't right. I get the same response from the member servers.
The DNS server address is published via DHCP.

any ideas?

 

[Davetoo]

Is your DNS server pointing to itself in your NIC settings or to outside DNS servers? It should point to itself.

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.

There are no more PDC's! There are DC's with FSMO roles!

 

[PaulGillespie]

pointing to itself.

network has 2 DCs, one of which is a DNS server.
about 50 clients.

Thanks

 

[Davetoo]

What are your NIC and DHCP server settings?

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.

There are no more PDC's! There are DC's with FSMO roles!

 

[PaulGillespie]

The DCs NIC is:

IP: 192.168.0.2
SM: 255.255.255.0
DG: 192.168.0.254

DNS1: 192.168.0.2

DHCP Scope options
Router: 192.168.0.254
DNS Servers: 192.168.0.2
DNS domain name: companyname.office (.office is deliberate)
wins/nbns servers: 192.168.0.2
Wins/NBT node type: 0x8

The domain is a .office as we had a few macs a while back and some had an issue with .local domain names so we made the domain .office from day 1.

Thanks

Paul

 

[Davetoo]

Do you have your reverse DNS zone configured properly?

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.

There are no more PDC's! There are DC's with FSMO roles!

 

[Davetoo]

Sorry...reverse lookup zone in DNS...

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.

There are no more PDC's! There are DC's with FSMO roles!

 

[PaulGillespie]

Sorry, just noticed some info i left out.
When doing a NS lookup i get

*** Can't find server name for address 192.168.0.2: non-existent domain
Server: UnKnown
Address: 192.168.0.2

non-authoritive answer:
Name:

http://www.l.google.com

Addresses: 66.102.9.99, 66.102.9.104, 66.102.9.147
Aliases:

http://www.google.com

an internal nslookup for mailserver, i get:
*** Can't find server name for address 192.168.0.2: non-existent domain
Server: UnKnown
Address: 192.168.0.2


Name: mailserver
Addresses: 192.168.0.1

I get the same if i use the FQDN for mailserver.

 

[PaulGillespie]

This is where i fall short, i dont know....
under reverse lookup zones, the sub folders are:
0.168.192.in.addr.arpa
0.in-addr.arpa
127.in-addr.arpa
255.in-addr.arpa


first line doesn't look right to me?

 

[Davetoo]

Look in your DNS, is your server in there?

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.

There are no more PDC's! There are DC's with FSMO roles!

 

[PaulGillespie]

yeah, my server is listed in there.

 

[Davetoo]

Your Reverse is incorrect. The 0.in should be first, then you should have a 192.in which will break down all your reverse DNS for your zone.

Is that zone AD integrated? You can see that by clicking on the Reverse Lookup Zones.

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.

There are no more PDC's! There are DC's with FSMO roles!

 

[PaulGillespie]

My reverse lookup zone does not look right. in 0.168.192.in-addr.arpa i have lots of dns entries but they don't look right.
instead of seeing ipaddresses in the name field, i see just the last part of the ip address i.e. x.x.x.100 (i only see the 100).

I have checked this against another health domain at another site and in the same fieled i get the whole ip address and the folder is called 192.168.0.x subnet not 0.168.192.in-addr.arpa.

any hints?

Thanks
Paul.

 

[PaulGillespie]

Yes zone is AD integrated. Do you have any suggestions on how to fix this?

Thanks for you help with this.

Paul

 

[Davetoo]

You'll need to redo your reverse zone. Several good results on Google...one being

http://www.computerperformance.co.uk/w2k3/services/DNS_install_zones.htm

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.

There are no more PDC's! There are DC's with FSMO roles!

 

[Davetoo]

Sheesh...I just can't type today! Had the wrong link from what I intended...

http://support.microsoft.com/kb/323445

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.

There are no more PDC's! There are DC's with FSMO roles!