Active Directory not updating my DNS

[Guest]

Server 2000 SP4 Domain Controller (bigorange.local)
Active Directory integrated DNS (forward and reverse)
Test Environment, not connected to the Internet
Server 2003, NT 4.0 and XP Pro Clients (1 each)

dcpromo created my dns and I deleted the root zone. I created my reverse
zone and added a forward zone bigorange.local - when I add computers to my
domain, DNS is not updated with their IP address and hostname. I do not
understand what I need to check, as I have never had this problem. Where
should I start?

TIA

 

[Kevin D. Goodknecht Sr. [MVP]]

In

Server 2000 SP4 Domain Controller (bigorange.local)
Active Directory integrated DNS (forward and reverse)
Test Environment, not connected to the Internet
Server 2003, NT 4.0 and XP Pro Clients (1 each)

dcpromo created my dns and I deleted the root zone. I
created my reverse zone and added a forward zone
bigorange.local - when I add computers to my domain, DNS
is not updated with their IP address and hostname. I do
not understand what I need to check, as I have never had
this problem. Where should I start?

TIA

Make sure both forward and reverse zones allow dynamic updates and that the
IP of the DDNS server is in the client TCP/IP properties.

 

[Guest]

both were set to secure only so i changed it to yes on both and restarted the
DNS service. My clients (not servers) are DHCP and have the dns server IP
listed as well as the primary domain bigorange.local - still not updating.

 

[Kevin D. Goodknecht Sr. [MVP]]

In

both were set to secure only so i changed it to yes on
both and restarted the DNS service. My clients (not
servers) are DHCP and have the dns server IP listed as
well as the primary domain bigorange.local - still not
updating.

Do the servers and clients have bigorange.local as the primary DNS suffix?
Is the DHCP client service running on all machines? (DHCP client service is
required for DNS registration, whether they are DHCP clients or not)

 

[Guest]

yes to both. bigorange.local is the primary dns for all servers/workstations
and DHCP client service is running on all clients.

Jelly.bigorange.local is my domain controller. I noticed on forward
zone/bigorange.local/properties/name servers/ that "jelly." is listed but ip
address is unknown. I added "jelly.bigorange.local" and was able to resolve
that. It seems to me that something is registered somewhere that does not
need to be - but I do not know how to find or fix it.

TIA

 

[Kevin D. Goodknecht Sr. [MVP]]

In

yes to both. bigorange.local is the primary dns for all
servers/workstations and DHCP client service is running
on all clients.

Jelly.bigorange.local is my domain controller. I noticed
on forward zone/bigorange.local/properties/name servers/
that "jelly." is listed but ip address is unknown. I
added "jelly.bigorange.local" and was able to resolve
that. It seems to me that something is registered
somewhere that does not need to be - but I do not know
how to find or fix it.

Let's take a look at something you stated in your original post
"dcpromo created my dns and I deleted the root zone. I created my reverse
zone and added a forward zone bigorange.local -"
You said you "added a forward zone bigorange.local", that zone should have
been created by dcpromo, if that is the name of your AD domain. What zones
are in DNS?
What is the domain name in ADU&C?
Can you post an ipconfig /all for the DC?

 

[Guest]

Kevin,

I decided to dcpromo my server and remove AD. I removed DNS and WINS and
DHCP. Rebooted. I then followed the steps in article 237675, where I set up
my dns before running dcpromo. I followed this article exactly as it is
written.

http://support.microsoft.com/default.aspx?scid=kb;en-us;237675

Now I made sure the DHCP client service is running on all machines (by the
way, the servers have never been a problem only my clients) and it is. I
flushed the dns (ipconfig /flushdns) and after configuring a completely new
DHCP scope, renewed my clients (ipconfig /renew). I am able to join the
domain and see my clients in AD.

The only thing I did after following the aforementioned article is uncheck
zone transfers because it is my only DNS server and I deleted the "." (root)
zone, because I am not on the Internet. I changed my zones to Active
Directory integrated and restarted the netlogon service (net stop netlogon &
net start netlogon). I noticed that after deleting the root zone, when I
look at the "name server" tab, jelly. shows up and it is unable to resolve
the IP. I add jelly.bigorange.local and it resolves the IP. However after
10-15 minutes jelly. shows back up, still unresolved.

I also get event errors 5781 (netlogon), 1126 (NTDS) and others that say
cannot connect to global catalog or service principal name unknown (?). Here
is my ipconfig /all from the domain controller as it is now:

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : JELLY
Primary DNS Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No


Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . : bigorange.local
Description . . . . . . . . . . . : Intel(R) PRO/100+ PCI Adapter
Physical Address. . . . . . . . . : 00-C0-0D-00-A7-95

DHCP Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 172.16.5.1

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 172.16.5.254

DNS Servers . . . . . . . . . . . : 172.16.5.1

TIA

 

[Kevin D. Goodknecht Sr. [MVP]]

In

Kevin,

I decided to dcpromo my server and remove AD. I removed
DNS and WINS and DHCP. Rebooted. I then followed the
steps in article 237675, where I set up my dns before
running dcpromo. I followed this article exactly as it
is written.

http://support.microsoft.com/default.aspx?scid=kb;en-us;237675

Now I made sure the DHCP client service is running on all
machines (by the way, the servers have never been a
problem only my clients) and it is. I flushed the dns
(ipconfig /flushdns) and after configuring a completely
new DHCP scope, renewed my clients (ipconfig /renew). I
am able to join the domain and see my clients in AD.

The only thing I did after following the aforementioned
article is uncheck zone transfers because it is my only
DNS server and I deleted the "." (root) zone, because I
am not on the Internet. I changed my zones to Active
Directory integrated and restarted the netlogon service
(net stop netlogon & net start netlogon). I noticed that
after deleting the root zone, when I look at the "name
server" tab, jelly. shows up and it is unable to resolve
the IP. I add jelly.bigorange.local and it resolves the
IP. However after 10-15 minutes jelly. shows back up,
still unresolved.

I also get event errors 5781 (netlogon), 1126 (NTDS) and
others that say cannot connect to global catalog or
service principal name unknown (?). Here is my ipconfig
/all from the domain controller as it is now:

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : JELLY
Primary DNS Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Connection-specific DNS Suffix . : bigorange.local

Here is the problem, the DC has no primary DNS suffix, this causes a
disjointed namespace as the DC doesn't really know what its name is or where
to register Netlogon records. Follow this KB article and use the included
script to change the Primary DNS suffix to bigorange.local. It will not
register the Netlogon records based on the connection specific DNS suffix.

257623 Domain Controller's Domain Name System Suffix Does Not Match Domain
Name
http://support.microsoft.com/?id=257623&sd=RMVP

 

[Guest]

Thanks so much that worked. Since this was a fresh 2000 install and not an
upgrade, why do you think this occurred?

Thanks!

 

[Kevin D. Goodknecht Sr. [MVP]]

In

Thanks so much that worked. Since this was a fresh 2000
install and not an upgrade, why do you think this
occurred?

You didn't set the primary DNS suffix before you promoted it to a DC. IIRC,
this was fixed in one of the Service Packs, and it would set the primary DNS
suffix during Dcpromo. Did you apply any service packs before DCpromo?

 

[Guest]

Yep. SP4, however I am not connected to the Internet so I cannot get anything
else - well with any great ease.