Problems registering new hosts

[Pedro L.]

Hi,

(I prevously submited this message to microsoft.public.win2000.dns newsgroup
and I've obtained no answers)

I have Win2K, 2 sites, DHCP dyn update DNS, clients WinXp SP2, one AD
domain, mixed mode. I have the same problem of duplicate (same IP) PTR
records, previously discussed in this newsgroup.

Since I don't know when (I suspect since WinXp SP2 upgd) it seems the PC's
stops registering in DNS. The result is when I ping 'myhost' the IP is
10.10.1.145, for example, and when I nslookup 'myhost' the returned ip
address is another. IPConfig returns the first one.

Adicionally, because duplicates PTR records, when I nslookup 10.10.1.145 the
name returned is another one.

Can I make use of scavenging without make any harm to my domain? Anyone
knows any solution for my problem?

Thanks.
Pedro L.

 

[Herb Martin]

Hi,

(I prevously submited this message to microsoft.public.win2000.dns newsgroup
and I've obtained no answers)

I have Win2K, 2 sites, DHCP dyn update DNS, clients WinXp SP2, one AD
domain, mixed mode. I have the same problem of duplicate (same IP) PTR
records, previously discussed in this newsgroup.

Since I don't know when (I suspect since WinXp SP2 upgd) it seems the PC's
stops registering in DNS.

That is usually for one of three reasons:

1) The zone is not dynamic (someone changed it)

2) The clients are not set STRICTLY to the internal DNS
server (set)

3) The server the clients use cannot find the primary (the
clients cannot find the primary) to actually register

And with DHCP doing the registration, DHCP can't find
the primary etc.

The result is when I ping 'myhost' the IP is
10.10.1.145, for example, and when I nslookup 'myhost' the returned ip
address is another. IPConfig returns the first one.

Adicionally, because duplicates PTR records, when I nslookup 10.10.1.145 the
name returned is another one.

Can I make use of scavenging without make any harm to my domain? Anyone
knows any solution for my problem?

Probably -- especially in the reverse zone, but be
very careful about scavenging forward zones over
a WAN -- if you scavenge the DCs while they are
"out of contact" (e.g., WAN down) they can lose
DNS and then AD connectivity.

BTW, why do you care about reverse zones?
(Most people don't have much need, although I have
mine just because I can.)

 

[Pedro L.]

Herb,

Thank you for your response. But I still have some questions and
informations.

First, the DNS is still dynamic, I remember that DNS registered hosts until
I don't know when. I verified Properties of the zone, Active Directory
Integrated with Dynamic updates set to Secure Only. I also verified the DNS
options in DHCP server scope options to confirm that everything is set to
dynamic.

Second, the DNS servers configured in the clients are DHCP distributed and
is only one, the DC ip. I also distribute the gateway address and Wins
address (is diferent). I don't activate forwarders because I configued the
domain directly root dependent (I have to solve it in short). So, I think
the clients are set strictly to internal DNS.

Third, I don't understand what you want to say. But, for your information,
the DHCP and DNS servers are the same (DC) and the primary DNS is himself.

Is there any possibility that the problem comes from Windows Xp SP2? Or, for
any reason, the DNS server are full and needs a cleaning? Or, how about
clean DNS wrong records, one by one? I just confirm that making DHCP
reservations don't solve the problem.

Thank you for your help.
Pedro L.

 

[Herb Martin]

Herb,

Thank you for your response. But I still have some questions and
informations.

First, the DNS is still dynamic, I remember that DNS registered hosts until
I don't know when. I verified Properties of the zone, Active Directory
Integrated with Dynamic updates set to Secure Only.

I should also have indicated that with this setting, a
failure to authenticate will cause registration to fail.

And a failure to authenticate is usually a DNS error
(if the network seems to be basically functional.)

I also verified the DNS
options in DHCP server scope options to confirm that everything is set to
dynamic.

Remember that the reverse zones are separate from
the forward zone, so each zone's properties must be
checked separately.

Second, the DNS servers configured in the clients are DHCP distributed and
is only one, the DC ip.

Ok. (Doing that wrong is very common.)

I also distribute the gateway address and Wins
address (is diferent). I don't activate forwarders because I configued the
domain directly root dependent (I have to solve it in short). So, I think
the clients are set strictly to internal DNS.

Sounds like it. (As for WINS, only because you mention
it here, you must also set the NODE-type if you use DHCP.
This is NOT likely related to your problem though.)

Third, I don't understand what you want to say. But, for your information,
the DHCP and DNS servers are the same (DC) and the primary DNS is himself.

On a client NIC it is not called "primary" but rather PREFERRED.
(Primary is a server concept and unrelated to the clients except
when they are Registering which they FIND if necessary.)

Every machine internal to you network is a DNS client. This
includes DCs and the DNS server(s) themselves (even if they
are or are not the same machine.)

This means that all "client" NICs are set as we described (to
the internal DNS strictly.)

Is there any possibility that the problem comes from Windows Xp SP2?

Possible but unlikely since that is mostly about allowing
the WinXP to be a "server" (HTTP, file, etc.)

It is more likely that you have an "extra" firewall that
needs to be set properly -- some third party firewall.

Or, for
any reason, the DNS server are full and needs a cleaning?

They don't get 'full' or need cleaning in general.

You can scavenge but more people cause problems
with that than solve them.

Or, how about
clean DNS wrong records, one by one?

It won't hurt to do that -- it is just tedious if it
is more than a dozen or so.

I just confirm that making DHCP
reservations don't solve the problem.

There is no reason it would.