1

We have a bunch of XP machines that connect to a W2k3 SBS AD server. The server has a few static WINS bindings.

Normally this means the XP machines can go straight to "http://foo/" or whatever.

However, frequently the lookup of 'foo' results in a resolution failure on an XP client. A quick check on the server shows foo resolves just fine. On the client we must ipconfig /registerdns and we have to do this sometimes several times a day. The clients can continue to ping the AD server without loss.

All the XP machines are affected. Any clues what might be causing this? The only diagnostics I have read about so far are to interrogate the AD server - which is operating just fine.

James Green
  • 11
  • 1
  • not that familiar with sbs's version of ad but I suspect you've gone out of you way to make things difficult. Do you use dhcp if so why is it not registering the DNS names for you. In this enviro you should have DHCP updating DNS dynamicly, this would save a lot of work. – tony roth Dec 02 '10 at 16:07
  • @Tony Roth: Windows SBS uses the same Active Directory as all other Windows versions that have Active Directory. – Evan Anderson Dec 02 '10 at 17:43
  • @Evan Anderson - pretty much knew that but was not sure if there was some wierd restrictions foistered upon it! thanks – tony roth Dec 03 '10 at 15:06
  • @Tony Roth: The restrictions are enforced by a service running on the box rather than by changes to the AD code. Restrictions re: AD are: no trust relationships w/ other domains, single domain allowed in the forest, all forest FSMO roles held by the SBS Server, and the SBS Server must be a Global Catalog server. Fortunately, in terms of the objects you can create within the directory (users, computers, group policy objects, etc) there aren't restrictions. It acts like plain 'ol Active Directory in that regard. Most single domain environments would never notice that they're using SBS. – Evan Anderson Dec 03 '10 at 16:51

1 Answers1

1

I'm a bit lost in your question. You talk about WINS but then you bring "ipconfig /registerdns" into it. "ipconfig /registerdns" on a client won't do anything to affect the client's ability to resolve NetBIOS names.

I don't think you're actually solving your problem with the "ipconfig /registerdns" (especially because you say you have to do it several times a day). I suspect you're getting a bit of a placebo effect from running this.

The Right ThingTM to do, to me, would be to sniff the name resolution traffic coming out of a client when it can't resolve the "foo" name and see what it's trying to do. W/ Windows XP clients I would expect to see it querying its primary DNS server for "foo.primary.DNS.suffix" first, followed by all the suffixes in the "DNS Suffix Search List" (run "ipconfig /all" on the client to see this list). If it doesn't get back a satisfactory answer from DNS then it'll fall back to NetBIOS name resolution. You should see a request sent to its WINS server and then, assuming you're using "H-node" NetBIOS name resolution, a broadcast for the name.

Evan Anderson
  • 141,071
  • 19
  • 191
  • 328
  • Absolutely. Sniffing is the best way to figure out Windows name-resolution issues once you've verified everything *looks* correct in the network configs. – sysadmin1138 Dec 02 '10 at 15:07
  • I have now tested this. Wireshark shows a request going out to the correct AD server for our local machine "foo", and instantly receives a "Requested name does not exist" by reply. If I log on to the AD and ping "foo" it resolves fine. – James Green Dec 07 '10 at 16:24