Re: NS Record dynamically updates wrong?

Read inline please.

In news:334F0831-A30A-41B8-A344-608B8BEEFAF1@xxxxxxxxxxxxx,
SteveD <tech@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
I have a single domain.local domain.

The main DC is a DNS and DHCP Server also.

Main DC has a single IP of 192.168.0.6
Second DC is 192.168.0.9
Third DC is 192.168.0.18

There are two NS Records, one for lessrv1.domain.local (the main DC)
and there is one NS record for domain.local.

Every so often, the third DC ip address of 192.168.0.18 shows up in
the nameserver tab for domain.local. The second DC never shows up. I
remove it and it comes back.

This is causing some authentication problems for an Exchange 2007
server I am setting up, as well as causing some other authentication
issues from workstations. When I remove the 192.168.0.18 address,
things go back to the way they should be as the 192.168.0.6 is the
correct IP for the domain.

DCDiag passes all tests


Am I missing something here?

Can someone point me in the right direction so that the 192.168.0.18
address does not appear in the NS record?


I've posted the DNSDiag below.

NS records are not used in Authentication process, so I'm not sure what is
going on there. Unless it is for some reason affecting the Autodiscover
record lookup for Outlook over the internet.
That said, to keep a DC from creating NS records, you'll need to uninstall
DNS from it or put the zone in a Replication partition that doesn't
replicate to the DC. A DC will Automatically create an NS record in Each ADI
zone it holds.

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps

===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================


.

Relevant Pages

  • Re: Domain authentication problem
    ... configuration of Dynamic DNS, hence updates now enabled. ... restarting DHCP server restores this as default after I ... modern Windows versions where clients can register their own IP ...
    (microsoft.public.windows.server.networking)
  • Re: Constant "Acquiring Network Address" status; No IP address fro
    ... Look at the DHCP server event log for more info on this error" ... Nothing in the logs show ... "Mathieu CHATEAU" wrote: ... DNS update may file if there is a dns ownership issue. ...
    (microsoft.public.windows.server.networking)
  • AD 2003 Replication Failure/Authentication Failure
    ... Kerberos authentication is failing between the parent and children DCs. ... Parent DC: SEIDLER-ROOT ... The Security System could not establish a secured connection with the server ... The dynamic registration of the DNS record ...
    (microsoft.public.windows.server.active_directory)
  • Re: Domain Users into Local Admins
    ... checked the DNS is correct and made sure both ... > 3) User or machine is not in the container to which the GPO is linked. ... > 6) The user is a member of a group which is being filtered from the effect ... Kerberos authentication may not work. ...
    (microsoft.public.windows.server.security)
  • RE: Guidence required in the low level workings of Domain Trusts
    ... some time making sure DNS is working properly in your environment. ... How to optimize pass-through authentication of user accounts after you ... How Domain Controllers Are Located in Windows ...
    (microsoft.public.windows.server.active_directory)