6

I have a Win2k domain that has recently started having problems with clients connecting to network shares. I attempted to disjoin/rejoin a client and have not been able to get it reconnected. At this point I noticed DNS was having problems. From the client I am not able to resolve the servers host name but I am able to hit it by FQDN:

C:\Documents and Settings\Administrator>nslookup
Default Server: sh-server.domain
Address: 10.71.40.100


^ sh-server *************************unsuccessful when querying host name
Server: sh-server.domain
Address: 10.71.40.100
*** sh-server.domain can't find sh-server: Server failed

^ sh-server.domain *************successful when querying FQDN
Server: sh-server.domain
Address: 10.71.40.100

^ yahoo.com
Server: sh-server.domain
Address: 10.71.40.100
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to sh-server.domain timed-out

2 Answers2

6

On the clients, under TCP/IP properties/Advanced/DNS, ensure that "Append primary and connection specific DNS suffixes" is selected and also that "Append parent suffixes of the primary DNS suffix" is checked.

Also, for the FQDN in System Properties, ensure that "change primary DNS suffix when domain membership changes" is checked.

Maximus Minimus
  • 8,937
  • 1
  • 22
  • 36
5

Make sure "domain" is in the client's DNS suffix list. If you're only using DNS resolution in your network (i.e. no WINS), then the client needs to know how to fully qualify hostnames. Without a DNS suffix defined, it has no way of knowing that "sh-server" and "sh-server.domain" are the same thing, and your DNS server will always assume that "sh-server" is fully qualified.

On the other hand, if you're using WINS, nslookup won't help you because it only deals with DNS. One easy way to verify WINS resolution (since there isn't a standard "winslookup" type utility) is to ping the target host:

ping sh-server

James Sneeringer
  • 6,755
  • 23
  • 27
  • +1 - the DNS suffix needs to be set either in Control Panel, System, Computer Name, under More; or per-TCP connection in Network Connections. – crb Jul 22 '09 at 14:51
  • That worked for part of my problem, I am now able to resolve by host name, it still does not solve my larger issue that the DNS server is failing both simple and recursive queries AND I am still unable to join the client back into the domain, it fails with the following error: –  Jul 22 '09 at 14:57
  • DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain domain: The query was for the SRV record for _ldap._tcp.dc._msdcs.domain The following domain controllers were identified by the query: sh-server.domain Common causes of this error include: - Host (A) records that map the name of the domain controller to its IP addresses are missing or contain incorrect addresses. - Domain controllers registered in DNS are not connected to the network or are not running. For information about correcting this problem, click Help. –  Jul 22 '09 at 14:58
  • 2
    Please note that there *IS* a nslookup type utility for WINS, it is called nblookup and comes from the Windows Server Resource Kit I believe. – Ryan Fisher Jul 22 '09 at 15:36
  • Right, I just meant it isn't typically installed on a stock Windows system, and ping works just as well for a simple host-to-IP lookup. – James Sneeringer Jul 22 '09 at 16:25
  • And when ping doesn't resolve... what to do for debugging? – Áxel Costas Pena Dec 07 '18 at 19:38
  • @ÁxelCostasPena - Your question is too broad to answer here. If you have a specific question or problem, I suggestion [posting it as a new question](https://serverfault.com/questions/ask) with as much detail as possible about what you're trying to do (commands run, errors received, platform details, etc.). If you just wanted to discuss DNS troubleshooting in general, you may want to try the [Server Fault chat area](https://chat.stackexchange.com/?tab=site&host=serverfault.com). – James Sneeringer Dec 07 '18 at 20:06