Beginner DNS Problems

Discussion in 'Hardware' started by new_to_networks, Nov 4, 2011.

  1. new_to_networks

    new_to_networks Private E-2

    I’m very new to all this. A lot of my understanding here probably sounds really stupid, so bear with me. I’m building a small virtual network using VMware. I’m doing this to practice and learn about subdomains, group policy, and security. When I try to enforce group policy on clients from either the parent domain or the subdomain dcs- nothing happens. I took down all the firewalls, made sure all the “accept connections” settings are checked on everything, but still no group policy. When I run dcdiag from the parent domain dc I get this:

    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation. All rights reserved.

    C:\Users\Administrator>dcdiag

    Directory Server Diagnosis

    Performing initial setup:
    Trying to find home server...
    Home Server = WIN-HQKARU70IMV
    * Identified AD Forest.
    Done gathering initial info.

    Doing initial required tests

    Testing server: Default-First-Site-Name\WIN-HQKARU70IMV
    Starting test: Connectivity
    ......................... WIN-HQKARU70IMV passed test Connectivity

    Doing primary tests

    Testing server: Default-First-Site-Name\WIN-HQKARU70IMV
    Starting test: Advertising
    ......................... WIN-HQKARU70IMV passed test Advertising
    Starting test: FrsEvent
    ......................... WIN-HQKARU70IMV passed test FrsEvent
    Starting test: DFSREvent
    There are warning or error events within the last 24 hours after the
    SYSVOL has been shared. Failing SYSVOL replication problems may cause
    Group Policy problems.
    ......................... WIN-HQKARU70IMV failed test DFSREvent
    Starting test: SysVolCheck
    ......................... WIN-HQKARU70IMV passed test SysVolCheck
    Starting test: KccEvent
    ......................... WIN-HQKARU70IMV passed test KccEvent
    Starting test: KnowsOfRoleHolders
    ......................... WIN-HQKARU70IMV passed test
    KnowsOfRoleHolders
    Starting test: MachineAccount
    ......................... WIN-HQKARU70IMV passed test MachineAccount
    Starting test: NCSecDesc
    ......................... WIN-HQKARU70IMV passed test NCSecDesc
    Starting test: NetLogons
    ......................... WIN-HQKARU70IMV passed test NetLogons
    Starting test: ObjectsReplicated
    ......................... WIN-HQKARU70IMV passed test
    ObjectsReplicated
    Starting test: Replications
    ......................... WIN-HQKARU70IMV passed test Replications
    Starting test: RidManager
    ......................... WIN-HQKARU70IMV passed test RidManager
    Starting test: Services
    ......................... WIN-HQKARU70IMV passed test Services
    Starting test: SystemLog
    A warning event occurred. EventID: 0x000003F6
    Time Generated: 11/02/2011 09:25:48
    Event String:
    Name resolution for the name _ldap._tcp.Default-First-Site-Name._sit
    es.batman.wilsonsdomain.net timed out after none of the configured DNS servers r
    esponded.
    A warning event occurred. EventID: 0x000003F6
    Time Generated: 11/02/2011 09:55:41
    Event String:
    Name resolution for the name 1.10.168.192.in-addr.arpa timed out aft
    er none of the configured DNS servers responded.
    A warning event occurred. EventID: 0x00001695
    Time Generated: 11/02/2011 09:55:51
    Event String:
    Dynamic registration or deletion of one or more DNS records associat
    ed with DNS domain 'wilsonsdomain.net.' failed. These records are used by other
    computers to locate this server as a domain controller (if the specified domain
    is an Active Directory domain) or as an LDAP server (if the specified domain is
    an application partition).
    ......................... WIN-HQKARU70IMV passed test SystemLog
    Starting test: VerifyReferences
    ......................... WIN-HQKARU70IMV passed test VerifyReferences


    Running partition tests on : ForestDnsZones
    Starting test: CheckSDRefDom
    ......................... ForestDnsZones passed test CheckSDRefDom
    Starting test: CrossRefValidation
    ......................... ForestDnsZones passed test
    CrossRefValidation

    Running partition tests on : DomainDnsZones
    Starting test: CheckSDRefDom
    ......................... DomainDnsZones passed test CheckSDRefDom
    Starting test: CrossRefValidation
    ......................... DomainDnsZones passed test
    CrossRefValidation

    Running partition tests on : Schema
    Starting test: CheckSDRefDom
    ......................... Schema passed test CheckSDRefDom
    Starting test: CrossRefValidation
    ......................... Schema passed test CrossRefValidation

    Running partition tests on : Configuration
    Starting test: CheckSDRefDom
    ......................... Configuration passed test CheckSDRefDom
    Starting test: CrossRefValidation
    ......................... Configuration passed test CrossRefValidation

    Running partition tests on : wilsonsdomain
    Starting test: CheckSDRefDom
    ......................... wilsonsdomain passed test CheckSDRefDom
    Starting test: CrossRefValidation
    ......................... wilsonsdomain passed test CrossRefValidation

    Running enterprise tests on : wilsonsdomain.net
    Starting test: LocatorCheck
    ......................... wilsonsdomain.net passed test LocatorCheck
    Starting test: Intersite
    ......................... wilsonsdomain.net passed test Intersite

    C:\Users\Administrator>



    To check my roles I used netdom query fsmo:

    C:\Users\Administrator>netdom query fsmo
    Schema master WIN-HQKARU70IMV.wilsonsdomain.net
    Domain naming master WIN-HQKARU70IMV.wilsonsdomain.net
    PDC WIN-HQKARU70IMV.wilsonsdomain.net
    RID pool manager WIN-HQKARU70IMV.wilsonsdomain.net
    Infrastructure master WIN-HQKARU70IMV.wilsonsdomain.net
    The command completed successfully.


    C:\Users\Administrator>



    I think that looks right so I figure it’s something with my DNS based on the Dcdiag errors. (Again, sorry if I sound stupid.) This is the way I have my IPs and DNS setup:

    wilsonsdomain.net (parent domain) dc-

    IP 192.168.10.1
    Subnet Mask 255.255.255.0
    Default Gateway 192.168.10.3
    Preferred DNS 192.168.10.1
    Alternate DNS Blank

    batman.wilsonsdomain.net (child domain) dc-

    IP 192.168.10.2
    Subnet Mask 255.255.255.0
    Default Gateway 192.168.10.3
    Preferred DNS 192.168.10.1
    Alternate DNS Blank

    joker.batman.wilsonsdomain.net (client of child domain)-

    IP 192.168.10.5
    Subnet Mask 255.255.255.0
    Default Gateway 192.168.10.3
    Preferred DNS 192.168.10.2
    Alternate DNS Blank

    Any help you could give me would be much appreciated.
     
    new_to_networks, Nov 4, 2011
    #1
  2. LordOlives

    LordOlives Private First Class

    You could try using nslookup to query the DNS server for a specific record.
    (e.g. c:\> nslookup 'host_name' or 'ip_address')

    If you get an error the DNS server is either having issues or not responding. If this happens try pinging the DNS server by it's ip address to make sure it's online.

    If .2 is acting as a DNS server you may want to point to itself first (primary) then use .1 (secondary). The DNS request may be getting forwarded to the parent domain DNS server when the record is hosted by the child domain DNS server.
     
    LordOlives, Nov 27, 2011
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds