Sign in with
Sign up | Sign in
Your question

Active Directory DNS Servers Returning Incorrect or Blank ..

Tags:
  • Domain
  • Servers
  • DNS
  • Active Directory
  • Windows
Last response: in Windows 2000/NT
Share
Anonymous
November 16, 2004 10:14:02 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

My client has a domain with 8 major sites, each site has two active directory
controllers each of which is also a DNS server. They host the primary DNS
zone for the Domain they control, local.company, all are Windows Server 2003.

There are two additional Windows Server 2003 DNS servers in a separate
workgroup, with no domain membership, which host an old, secondary DNS zone,
whose primary is an even older Bind4.0 DNS server. The domain DNS servers use
the workgroup DNS servers to do forward lookups for legacy systems.

The problem we are experiencing is that sometimes, and it appears to be
almost random, the domain DNS servers return incorrect, or more often blank,
IP addresses for hosts held in the secondary zone by the workgroup DNS
servers. A quick check will confirm that the A records in the legacy DNS zone
are correct, and that the zones are running as expected.

This behaviour is only exhibited at most by two servers at any one time, and
then only very intermittently. Clearing local DNS cache and re-registering
the client has no discernable effect. The only way known to fix the problem
is to stop and start the DNS server service on the affecting Domain DNS
server(s).

More about : active directory dns servers returning incorrect blank

Anonymous
November 17, 2004 1:31:30 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

Is there a reason your W2K3 DNS servers are forwarding to the legascy
secondary DNS servers rather than the legacy primary bind server?

This sounds like the secondary zone has expired.
Windows DNS zones have a 24 hour default lifetime after which any secondary
zones will be invalidated if they have not successfully updated their zone
file from the primary DNS server. (Not sure what the BIND zone lifetime is)
I suggest you turn up debug logging on your DNS secondaries for
"queries/transfers" and "notifications", incoming, outgoing, UPD, TCP,
request and response.

When you get into this situation, review the debug log, looking at the DNS
response, and the last time the server received an transfer.
Also, look at your DNS event log, as I suspect the DNS server will log an
event when it invalidates its zone do to expiration.


--
Glenn L

CCNA, MCSE (2000,2003) + Security
"Keith Williams" <Keith Williams@discussions.microsoft.com> wrote in message
news:F6AF7A9A-2943-441B-B337-B36CE2F41494@microsoft.com...
> My client has a domain with 8 major sites, each site has two active
> directory
> controllers each of which is also a DNS server. They host the primary DNS
> zone for the Domain they control, local.company, all are Windows Server
> 2003.
>
> There are two additional Windows Server 2003 DNS servers in a separate
> workgroup, with no domain membership, which host an old, secondary DNS
> zone,
> whose primary is an even older Bind4.0 DNS server. The domain DNS servers
> use
> the workgroup DNS servers to do forward lookups for legacy systems.
>
> The problem we are experiencing is that sometimes, and it appears to be
> almost random, the domain DNS servers return incorrect, or more often
> blank,
> IP addresses for hosts held in the secondary zone by the workgroup DNS
> servers. A quick check will confirm that the A records in the legacy DNS
> zone
> are correct, and that the zones are running as expected.
>
> This behaviour is only exhibited at most by two servers at any one time,
> and
> then only very intermittently. Clearing local DNS cache and re-registering
> the client has no discernable effect. The only way known to fix the
> problem
> is to stop and start the DNS server service on the affecting Domain DNS
> server(s).
!