|
Thanks for your assistance Dean. On a DC, it seems that without that reg change, the machine
will register all of its addresses in DNS regardless of the status of certain
check boxes in the rrasmgmt.msc. The result (at least we have seen) is that
workstations get confused about what address they need to find the local domain
controller. The problem turned out to be that the admin had changed the
password at only one end of the PPTP connection so the other DCs could not
replicate to the new one. Once that was fixed, everything seemed to work fine. Thanks again. -- nme From: Dean Wells
[mailto:[EMAIL PROTECTED] I have a similar setup at home and have
merely used the RRASMGMT snap in to disable DNS registration for any
undesirable NIC without issue (PPPoE etc) ... please further explain your RRAS
configuration as I confess I'm not understanding the problem at this point. -- From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Noah Eiger Yes. It kills me, but a DC at each site
also runs RRAS in order to terminate PPTP connections. I have explained this
over and over to the client’s management. There is, arguably, now a plan
(or at least a thought) to move this to a router or at least another Winbox.
So, yes, I am aware that it is cludgey and bad and all of those things…. That said, until installing this DC we had
finally reached a servicable steady state (thanks, in part to Deji) where VPN connections were happening,
replication was moving pretty well, and only the local interface was
registering in DNS. In other news, now DC2 is kicking out tons
of NetBT errors claiming that the IP address is being used by another name.
Could there have been something in the promotion process that caused this not
to register properly? I did not do that part of the process and am not sure
that the guy did knew what he was doing. -- nme From: Dean Wells
[mailto:[EMAIL PROTECTED] May I ask why a DC has PPP
interfaces? -- From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Noah Eiger Thanks, Dean. That did not
seem to do it either. Ah, but now I see what happened. We have set HKLM\System\CurrentControlSet\Services\Netlogon\Parameters\RegisterDnsARecords
to value = 1 (meaning, don’t register – as per MSKB 246804). We had
to do this to prevent RRAS PPP connections from registering in DNS and
confusing local workstations. As soon as I change this value to 0, the host
record shows up; as soon as I set it back to 1, the host disappears.
Unfortunately, the PPP interfaces also register. We don’t seem to have
this problem at other sites. Any further thoughts? -- nme From: Dean Wells
[mailto:[EMAIL PROTECTED] Locate the NETLOGON.* set
of files within %windir%\system32\config ... stop the NETLOGON service, delete
the NETLOGON.DNB and NETLOGON.DNS files. Configure the AD representative
DNS zone to allow non-secure updates and restart NETLOGON on the errant DC ...
if the entry still does not appear, reboot the DC. Post back the results. -- From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Noah Eiger Thanks but that did not
seem to do it. Any other thoughts? -- nme From: TIROA YANN
[mailto:[EMAIL PROTECTED] hello, Try to do a "netstop netlogon" and a
"netstart netlogon" in the DC that did not registered it SRV records,
and finally restart your dns server in dns manager. Regards, Yann De:
[EMAIL PROTECTED] de la part de Noah Eiger Hi – I have added a DC (let’s call it DC2) to a site
where it will eventually be the sole DC for that site. Currently, it is running
AD-integrated DNS and appears to be replicating with the other sites and DCs
(including the FSMO role holders). In DNS, DC2’s IP address never appears with a
(Same As Parent Folder) record. All other DCs seem to have this. For example,
dc2.company.com shows up in company.com\_msdcs\gc\_sites\site1\_tcp\ with the
SRV record by name. But it does not show up under _msdcs\gc with an A record
for (same as parent folder). It seems like the new DC never fully registered itself
in DNS. What can I do to force this now? Thanks. -- nme |
