Re: Clients not registering in AD integrated DNS
- From: v-kzhao@xxxxxxxxxxxxxxxxxxxx ("Ken Zhao [MSFT]")
- Date: Thu, 14 Jun 2007 05:42:44 GMT
Hello,
Thank you for using newsgroup!
Also I'd like to thanks Herb Martin for his great help and suggestions
sharing.
Thanks & Regards,
Ken Zhao
Microsoft Online Support
Microsoft Global Technical Support Center
Get Secure! - www.microsoft.com/security <http://www.microsoft.com/security>
====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: "Herb Martin" <news@xxxxxxxxxxxxxx>
| References: <7D3DFE24-04D8-4F19-8C57-06E86EE58F66@xxxxxxxxxxxxx>
<OL0Z2DfrHHA.3284@xxxxxxxxxxxxxxxxxxxx>
<A0CEA758-3A27-46E5-B933-01909B432C11@xxxxxxxxxxxxx>
<ukQHu7frHHA.3448@xxxxxxxxxxxxxxxxxxxx>
<77BD334F-F8F6-4774-93D4-0E16E8A2B1EC@xxxxxxxxxxxxx>
| Subject: Re: Clients not registering in AD integrated DNS
| Date: Wed, 13 Jun 2007 18:59:42 -0500
| Lines: 208
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.3790.3959
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.3959
| X-RFC2646: Format=Flowed; Original
| Message-ID: <#LDZqbhrHHA.4992@xxxxxxxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.dns
| NNTP-Posting-Host: cpe-72-177-48-225.austin.res.rr.com 72.177.48.225
| Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP05.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.dns:3562
| X-Tomcat-NG: microsoft.public.windows.server.dns
|
|
| "JohnS" <NNTPAlias@xxxxxxxxxxxxx> wrote in message
| news:77BD334F-F8F6-4774-93D4-0E16E8A2B1EC@xxxxxxxxxxxxxxxx
| > Herb,
| > Thanks for the quick replies. It's reassuring to know that it is indeed
| > supposed to work the way I thought it should. Manually changing the DNS
| > Server Search Order on the client to point to DNS servers in
sub1.domB.com
| > is
| > the next step. I'll follow up with the level of success...
|
| If this fixes the problem then you do NOT have a reliable or true
solution.
|
| You can NEVER DEPEND on the order of DNS servers on the client --
| you must presume that the client will contact and use ANY ONE of those
| DNS servers listed.
|
| It is fine to replace the DNS settings as a test but do not consider that
if
| the mere order is helpful that the problem is fixed (it's not.)
|
| --
| Herb Martin, MCSE, MVP
| http://www.LearnQuick.Com
| (phone on web site)
|
| > --
| > John S
| >
| > It's an OS, not a religion.
| >
| >
| > "Herb Martin" wrote:
| >
| >>
| >> "JohnS" <NNTPAlias@xxxxxxxxxxxxx> wrote in message
| >> news:A0CEA758-3A27-46E5-B933-01909B432C11@xxxxxxxxxxxxxxxx
| >> > Let's try this again...
| >> >
| >> > See my comments embedded below.
| >> >
| >> > --
| >> > John S
| >> >
| >> > It's an OS, not a religion.
| >> >
| >> >
| >> > "Herb Martin" wrote:
| >> >
| >> >>
| >> >> "JohnS" <NNTPAlias@xxxxxxxxxxxxx> wrote in message
| >> >> news:7D3DFE24-04D8-4F19-8C57-06E86EE58F66@xxxxxxxxxxxxxxxx
| >> >> >I have an issue where new clients, upon joining the domain, are not
| >> >> > registering in DNS. Further, they do not register in DNS at any
| >> >> > point
| >> >> > thereafter.
| >> >>
| >> >> DNS Clients must use STRICTLY the set of (internal) DNS servers
which
| >> >> can find the DNS servers for their own Domain AND ALL other domains
| >> >> internally and externall.
| >> >>
| >> >> The most common error is to mix DNS Servers (sets) on the DNS client
| >> >> NIC->IP properties -- i.e, putting DNS servers in there which cannot
| >> >> find everything the clients will ever need.
| >> >>
| >> >> DNS Clients believe that EVERY DNS server will return the same and
| >> >> the correct answers.
| >> >>
| >> >
| >> > The DNS servers known to the client are technically not mixed, they
| >> > just
| >> > aren't part of sub1.domB.com. The are both part of domA.com.
| >>
| >> As long as every DNS Server (e.g., in domA.com) can FIND the Primary
| >> DNS server for the zone where the clients need to register (e.g,
| >> sub1.domB.com)
| >> then this should not be the problem.
| >>
| >> This makes it more likely that the DNS Clients don't know their own
| >> Primary
| >> DNS Suffix.
| >>
| >> >> > My environment consists of 2 separate AD forests/domains
(domA.com
| >> >> > and
| >> >> > sub1.domB.com), each having their own AD integrated DNS (Dynamic
| >> >> > updates =
| >> >> > Secure only). The DNS servers for domA.com have a domain specific
| >> >> > Forwarder
| >> >> > record for sub1.domB.com.
| >> >> >
| >> >> > There are also a number of other DNS zones hosted on BIND servers
| >> >> > (e.g.
| >> >> > domB.com, sub2.domB.com, sub3.domB.com, etc). The DNS zones
| >> >> > associated
| >> >> > with
| >> >> > domB.com represent a company that acquired the company that
| >> >> > originally
| >> >> > owned
| >> >> > domA.com.
| >> >> >
| >> >> > I am trying to add clients to sub1.domB.com and I would like for
| >> >> > them
| >> >> > to
| >> >> > register themselves in DNS in sub1.domB.com.
| >> >>
| >> >> The DNS Server(s) these clients use must be either IN sub1.domB.com
or
| >> >> able
| >> >> to FIND sub1.domB.com. No exeptions.
| >> >>
| >> >
| >> > The DNS servers in use by the client can consistently resolve
| >> > sub1.domB.com
| >> > as well as all hostnames within sub1.domB.com.
| >> >
| >> >> Clients should also have their Primary DNS suffix set in the SYSTEM
| >> >> Control
| >> >> Panel.
| >> >>
| >> >
| >> > I should have specifically included this info before. Upon joining
| >> > sub1.domB.com, the Primary DNS suffix of this computer is
successfully
| >> > set.
| >> > In addition, Change primary DNS suffix when domain membership
changes =
| >> > {checked}.
| >>
| >> The former is important (and good) and the latter is not an issue in
this
| >> case but
| >> is useful if you want to avoid having to reset this value when the
client
| >> changes
| >> domain (if ever.)
| >>
| >> >> > The clients are newly built XP SP2 with default TCP/IP properties:
| >> >> > Obtain an IP address automatically
| >> >> > Obtain DNS server address automatically
| >> >> > Append primary and connection specific DNS suffixes
| >> >> > Append parent suffixes of the primary DNS suffix = {unchecked}
| >> >> > DNS suffix for this connection = {blank}
| >> >> > Register this connection's addresses in DNS = {checked}
| >> >> > Use this connection's DNS suffix in DNS registration =
{unchecked})
| >> >>
| >> >> DHCP should also give out the correct DNS name for these clients if
at
| >> >> all possible.
| >> >>
| >> >
| >> > I can't do this yet since the DHCP scope was not set up for and is
not
| >> > specific to the destination domain.
| >>
| >> Yes, I suspected that was part of the problem since you have multiple
| >> domains.
| >>
| >> Try setting the IP manually for one of these clients to the "home DNS
| >> server"
| >> for their domain (only) and see if it then registers.
| >>
| >> This should NOT be necessary but it will allow you to remove a bunch of
| >> variables
| >> and perpaps reduce the possibilities of where the problem might be
| >> originating.
| >>
| >> >> > The clients start out as workgroup machines. They obtain their
| >> >> > TCP/IP
| >> >> > info
| >> >> > via a DHCP server that is a member of domA.com. The DHCP client
| >> >> > service
| >> >> > is
| >> >> > running on the client.
| >> >>
| >> >> When they switch to domain machines the Primary DNS suffix needs to
be
| >> >> added to them as part of this change.
| >> >>
| >> >
| >> > Answered above.
| >> >
| >> >> > On the DHCP server, the primary and secondary DNS servers are DNS
| >> >> > servers
| >> >> > in
| >> >> > domA.com. Scope option 006 includes only DNS servers for
domA.com.
| >> >> > Scope
| >> >> > option 015 is set to domA.com. The DHCP server is also set to
| >> >> > register
| >> >> > clients in DNS:
| >> >> > Automatically update DHCP client information in DNS = {checked}
| >> >> > Always update DNS
| >> >> > Discard forward (name-to-address) lookups when lease expires =
| >> >> > {checked}
| >> >> > Enable updates for DNS clients that do not support dynamic
update =
| >> >> > {checked}
| >> >> >
| >> >> > The clients successfully join the sub1.domB.com AD domain using
the
| >> >> > fqdn.
| >> >> > However, they do not register in the sub1.domB.com DNS domain.
Upon
| >> >> > reboot,
| >> >> > or upon using ipconfig /registerdns, they still do not register
in
| >> >> > the
| >> >> > sub1.domB.com DNS domain.
| >> >> >
| >> >> > Can anyone explain why the DNS registration does not work?
| >> >> >
| >> >> > --
| >> >> > John S
| >> >> >
| >> >> > It's an OS, not a religion.
| >> >>
| >> >>
| >> >>
| >>
| >>
| >>
|
|
|
.
- References:
- Re: Clients not registering in AD integrated DNS
- From: Herb Martin
- Re: Clients not registering in AD integrated DNS
- From: JohnS
- Re: Clients not registering in AD integrated DNS
- From: Herb Martin
- Re: Clients not registering in AD integrated DNS
- From: JohnS
- Re: Clients not registering in AD integrated DNS
- From: Herb Martin
- Re: Clients not registering in AD integrated DNS
- Prev by Date: Re: Zone Transfer between AD-I and non AD-I DNS
- Next by Date: DNS round robin and Apache Server
- Previous by thread: Re: Clients not registering in AD integrated DNS
- Next by thread: Re: Clients not registering in AD integrated DNS
- Index(es):
Relevant Pages
|
