What are some likely causes to domain member PC losing contact to domain controller?DNS lookup fails when with all the Mac workstationsMS DNS lookup issueServer 2003, XP Clients, DNS issuesDNS can't resolve hostname; nslookup canHow to configure bind9 to be a local DNS only with no internet access?Windows 2003 - dns doesn't respond to workstationsUnreliable DNS resolving for external domains using Windows Server 2008What are all the possible causes of the “An Active Directory Domain Controller (AD DC) for the domain …” error message?Bind Server issue: Can not nslookup from client when DNS Master is down, but still can connect to InternetWindows DNS server randomly responds/times out

Find the identical rows in a matrix

Restricting the options of a lookup field, based on the value of another lookup field?

How do I produce this Greek letter koppa: Ϟ in pdfLaTeX?

Is there a word for the censored part of a video?

"Whatever a Russian does, they end up making the Kalashnikov gun"? Are there any similar proverbs in English?

How exactly does Hawking radiation decrease the mass of black holes?

"The cow" OR "a cow" OR "cows" in this context

What does "function" actually mean in music?

Work requires me to come in early to start computer but wont let me clock in to get paid for it

Are there moral objections to a life motivated purely by money? How to sway a person from this lifestyle?

How bug prioritization works in agile projects vs non agile

How do I check if a string is entirely made of the same substring?

Is there any pythonic way to find average of specific tuple elements in array?

Is there metaphorical meaning of "aus der Haft entlassen"?

Will I lose my paid in full property

Is there really no use for MD5 anymore?

Can a level 2 Warlock take one level in rogue, then continue advancing as a warlock?

Why didn't the Space Shuttle bounce back into space as many times as possible so as to lose a lot of kinetic energy up there?

Why is the underscore command _ useful?

What is the best way to deal with NPC-NPC combat?

Can a stored procedure reference the database in which it is stored?

Multiple options vs single option UI

Which big number is bigger?

What is this word supposed to be?



What are some likely causes to domain member PC losing contact to domain controller?


DNS lookup fails when with all the Mac workstationsMS DNS lookup issueServer 2003, XP Clients, DNS issuesDNS can't resolve hostname; nslookup canHow to configure bind9 to be a local DNS only with no internet access?Windows 2003 - dns doesn't respond to workstationsUnreliable DNS resolving for external domains using Windows Server 2008What are all the possible causes of the “An Active Directory Domain Controller (AD DC) for the domain …” error message?Bind Server issue: Can not nslookup from client when DNS Master is down, but still can connect to InternetWindows DNS server randomly responds/times out






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;








5















Several of our client Windows 10 client PC suddenly lost their connection to mapped drives against shared folders located on a domain controller (DC) called SBS2011 running Windows SBS Server.



I have verified that the DC can be ping (via IP & host names) from the client PC & vice versa.



NSlookup shows it cannot resolve the SBS2011 DC since :



PS C:UsersAdmin> nslookup sbs2011
Server: UnKnown
Address: 10.1.1.2



*** UnKnown can't find sbs2011: Non-existent domain



So it looks like a DNS issue to me.



Could having external DNS servers (eg. OpenDNS servers) in the DNS Scope Options (see attached) cause client PC issues in resolving IP of their local DC server ?



My initial thinking is that since the client PCs are being handed (via DHCP) DNS server settings that point to both the DC & the internet OpenDNS servers - that this would lead to the client PC trying to resolve internal name of the DC by heading out into the internet.



IPConfig /all on a client PC will show:



DHCP Enabled: Yes



IPv4 Address: 10.1.1.73(Preferred)



Subnet Mask: 255.0.0.0



Default Gateway: 10.1.1.1



DHCP Server : 10.1.1.2



DNS Servers : 10.1.1.2 | 208.67.222.222 | 208.67.220.220



enter image description here



An experienced system administrator's advice below made me think that this may be the cause :



[99.999% of the time it is an improper configuration on your network card settings, pointing to a dns server out on the web and not the dc as your dns server. also your server can only be the dns, there cannot be any internet dns servers setup on your nic cards of both the server and the workstations. the server needs to point to itself, and the workstations need to point to the server for all dns resolution. the dns service on the server will determine where to send the clients/server when it does a look up ]










share|improve this question



















  • 1





    If you configure a DNS server, it will use it.

    – eckes
    Apr 21 at 16:31











  • The experienced sysadmin is correct - you cannot direct your Windows domain clients to use public DNS servers or you will cause a lot of problems for those clients.

    – Todd Wilcox
    Apr 22 at 13:22











  • @ToddWilcox - so is it best practice to avoid handing out public DNS servers via DHCP to Windows clients & instead use DNS Forwarder option to specify public DNS servers for those queries that your local DNS server are unable to resolve ?

    – Tickle Me
    Apr 22 at 17:41

















5















Several of our client Windows 10 client PC suddenly lost their connection to mapped drives against shared folders located on a domain controller (DC) called SBS2011 running Windows SBS Server.



I have verified that the DC can be ping (via IP & host names) from the client PC & vice versa.



NSlookup shows it cannot resolve the SBS2011 DC since :



PS C:UsersAdmin> nslookup sbs2011
Server: UnKnown
Address: 10.1.1.2



*** UnKnown can't find sbs2011: Non-existent domain



So it looks like a DNS issue to me.



Could having external DNS servers (eg. OpenDNS servers) in the DNS Scope Options (see attached) cause client PC issues in resolving IP of their local DC server ?



My initial thinking is that since the client PCs are being handed (via DHCP) DNS server settings that point to both the DC & the internet OpenDNS servers - that this would lead to the client PC trying to resolve internal name of the DC by heading out into the internet.



IPConfig /all on a client PC will show:



DHCP Enabled: Yes



IPv4 Address: 10.1.1.73(Preferred)



Subnet Mask: 255.0.0.0



Default Gateway: 10.1.1.1



DHCP Server : 10.1.1.2



DNS Servers : 10.1.1.2 | 208.67.222.222 | 208.67.220.220



enter image description here



An experienced system administrator's advice below made me think that this may be the cause :



[99.999% of the time it is an improper configuration on your network card settings, pointing to a dns server out on the web and not the dc as your dns server. also your server can only be the dns, there cannot be any internet dns servers setup on your nic cards of both the server and the workstations. the server needs to point to itself, and the workstations need to point to the server for all dns resolution. the dns service on the server will determine where to send the clients/server when it does a look up ]










share|improve this question



















  • 1





    If you configure a DNS server, it will use it.

    – eckes
    Apr 21 at 16:31











  • The experienced sysadmin is correct - you cannot direct your Windows domain clients to use public DNS servers or you will cause a lot of problems for those clients.

    – Todd Wilcox
    Apr 22 at 13:22











  • @ToddWilcox - so is it best practice to avoid handing out public DNS servers via DHCP to Windows clients & instead use DNS Forwarder option to specify public DNS servers for those queries that your local DNS server are unable to resolve ?

    – Tickle Me
    Apr 22 at 17:41













5












5








5


1






Several of our client Windows 10 client PC suddenly lost their connection to mapped drives against shared folders located on a domain controller (DC) called SBS2011 running Windows SBS Server.



I have verified that the DC can be ping (via IP & host names) from the client PC & vice versa.



NSlookup shows it cannot resolve the SBS2011 DC since :



PS C:UsersAdmin> nslookup sbs2011
Server: UnKnown
Address: 10.1.1.2



*** UnKnown can't find sbs2011: Non-existent domain



So it looks like a DNS issue to me.



Could having external DNS servers (eg. OpenDNS servers) in the DNS Scope Options (see attached) cause client PC issues in resolving IP of their local DC server ?



My initial thinking is that since the client PCs are being handed (via DHCP) DNS server settings that point to both the DC & the internet OpenDNS servers - that this would lead to the client PC trying to resolve internal name of the DC by heading out into the internet.



IPConfig /all on a client PC will show:



DHCP Enabled: Yes



IPv4 Address: 10.1.1.73(Preferred)



Subnet Mask: 255.0.0.0



Default Gateway: 10.1.1.1



DHCP Server : 10.1.1.2



DNS Servers : 10.1.1.2 | 208.67.222.222 | 208.67.220.220



enter image description here



An experienced system administrator's advice below made me think that this may be the cause :



[99.999% of the time it is an improper configuration on your network card settings, pointing to a dns server out on the web and not the dc as your dns server. also your server can only be the dns, there cannot be any internet dns servers setup on your nic cards of both the server and the workstations. the server needs to point to itself, and the workstations need to point to the server for all dns resolution. the dns service on the server will determine where to send the clients/server when it does a look up ]










share|improve this question
















Several of our client Windows 10 client PC suddenly lost their connection to mapped drives against shared folders located on a domain controller (DC) called SBS2011 running Windows SBS Server.



I have verified that the DC can be ping (via IP & host names) from the client PC & vice versa.



NSlookup shows it cannot resolve the SBS2011 DC since :



PS C:UsersAdmin> nslookup sbs2011
Server: UnKnown
Address: 10.1.1.2



*** UnKnown can't find sbs2011: Non-existent domain



So it looks like a DNS issue to me.



Could having external DNS servers (eg. OpenDNS servers) in the DNS Scope Options (see attached) cause client PC issues in resolving IP of their local DC server ?



My initial thinking is that since the client PCs are being handed (via DHCP) DNS server settings that point to both the DC & the internet OpenDNS servers - that this would lead to the client PC trying to resolve internal name of the DC by heading out into the internet.



IPConfig /all on a client PC will show:



DHCP Enabled: Yes



IPv4 Address: 10.1.1.73(Preferred)



Subnet Mask: 255.0.0.0



Default Gateway: 10.1.1.1



DHCP Server : 10.1.1.2



DNS Servers : 10.1.1.2 | 208.67.222.222 | 208.67.220.220



enter image description here



An experienced system administrator's advice below made me think that this may be the cause :



[99.999% of the time it is an improper configuration on your network card settings, pointing to a dns server out on the web and not the dc as your dns server. also your server can only be the dns, there cannot be any internet dns servers setup on your nic cards of both the server and the workstations. the server needs to point to itself, and the workstations need to point to the server for all dns resolution. the dns service on the server will determine where to send the clients/server when it does a look up ]







windows domain-name-system






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Apr 21 at 16:20







Tickle Me

















asked Apr 21 at 16:13









Tickle MeTickle Me

265




265







  • 1





    If you configure a DNS server, it will use it.

    – eckes
    Apr 21 at 16:31











  • The experienced sysadmin is correct - you cannot direct your Windows domain clients to use public DNS servers or you will cause a lot of problems for those clients.

    – Todd Wilcox
    Apr 22 at 13:22











  • @ToddWilcox - so is it best practice to avoid handing out public DNS servers via DHCP to Windows clients & instead use DNS Forwarder option to specify public DNS servers for those queries that your local DNS server are unable to resolve ?

    – Tickle Me
    Apr 22 at 17:41












  • 1





    If you configure a DNS server, it will use it.

    – eckes
    Apr 21 at 16:31











  • The experienced sysadmin is correct - you cannot direct your Windows domain clients to use public DNS servers or you will cause a lot of problems for those clients.

    – Todd Wilcox
    Apr 22 at 13:22











  • @ToddWilcox - so is it best practice to avoid handing out public DNS servers via DHCP to Windows clients & instead use DNS Forwarder option to specify public DNS servers for those queries that your local DNS server are unable to resolve ?

    – Tickle Me
    Apr 22 at 17:41







1




1





If you configure a DNS server, it will use it.

– eckes
Apr 21 at 16:31





If you configure a DNS server, it will use it.

– eckes
Apr 21 at 16:31













The experienced sysadmin is correct - you cannot direct your Windows domain clients to use public DNS servers or you will cause a lot of problems for those clients.

– Todd Wilcox
Apr 22 at 13:22





The experienced sysadmin is correct - you cannot direct your Windows domain clients to use public DNS servers or you will cause a lot of problems for those clients.

– Todd Wilcox
Apr 22 at 13:22













@ToddWilcox - so is it best practice to avoid handing out public DNS servers via DHCP to Windows clients & instead use DNS Forwarder option to specify public DNS servers for those queries that your local DNS server are unable to resolve ?

– Tickle Me
Apr 22 at 17:41





@ToddWilcox - so is it best practice to avoid handing out public DNS servers via DHCP to Windows clients & instead use DNS Forwarder option to specify public DNS servers for those queries that your local DNS server are unable to resolve ?

– Tickle Me
Apr 22 at 17:41










2 Answers
2






active

oldest

votes


















5














The best method is to set the DNS to just the DC in the clients, and to set your DNS fowarder with the public’s one.



The way DNS work is not at 100% like you wrote, as the PC will use its first DNS resolver for all query, if the DNS don’t answer, because the server is off or other reasons, the PC switch to the other DNS server listed and will stick to it, and will use that one unless it fail too.



So as you can guess if the PC use the public DNS, all your domain query will fail as unknown, but the PC don’t try on the other DNS, as it got an answer, an unknown answer, but he got one.






share|improve this answer























  • Presumably to allow some redundancy you could add multiple DCs as DNS servers?

    – Harry Johnston
    Apr 22 at 2:23












  • @yagmoth555 - if I remove the 2 OpenDNS servers from the DHCP Scope Options so that the client PC get assigned just the DC only, where do I specify the OpenDNS servers so that the DNS service can forward all external queries ?

    – Tickle Me
    Apr 22 at 6:21











  • @TickleMe In your DNS console in sbs2011, right click your server name and click option, forwarder will be listed there. Check there for example; mcmcse.com/microsoft/guides/70-410/dns_forwarding.shtml, the first picture is where the forwarder are configured

    – yagmoth555
    Apr 22 at 10:49



















0














You should never use external DNS, but the actual problem here is your DC/DNS server is either not responding or no longer has a record registered for SBS2011.



Sometimes when a DC crashes, the DNS server may no longer be listening on the specified IP address. This would be in dnsmgmt.msc, server properties > Interfaces > Listen on. If this occurs, the DC may unregister it's own A record.






share|improve this answer























    Your Answer








    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "2"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f963978%2fwhat-are-some-likely-causes-to-domain-member-pc-losing-contact-to-domain-control%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    2 Answers
    2






    active

    oldest

    votes








    2 Answers
    2






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    5














    The best method is to set the DNS to just the DC in the clients, and to set your DNS fowarder with the public’s one.



    The way DNS work is not at 100% like you wrote, as the PC will use its first DNS resolver for all query, if the DNS don’t answer, because the server is off or other reasons, the PC switch to the other DNS server listed and will stick to it, and will use that one unless it fail too.



    So as you can guess if the PC use the public DNS, all your domain query will fail as unknown, but the PC don’t try on the other DNS, as it got an answer, an unknown answer, but he got one.






    share|improve this answer























    • Presumably to allow some redundancy you could add multiple DCs as DNS servers?

      – Harry Johnston
      Apr 22 at 2:23












    • @yagmoth555 - if I remove the 2 OpenDNS servers from the DHCP Scope Options so that the client PC get assigned just the DC only, where do I specify the OpenDNS servers so that the DNS service can forward all external queries ?

      – Tickle Me
      Apr 22 at 6:21











    • @TickleMe In your DNS console in sbs2011, right click your server name and click option, forwarder will be listed there. Check there for example; mcmcse.com/microsoft/guides/70-410/dns_forwarding.shtml, the first picture is where the forwarder are configured

      – yagmoth555
      Apr 22 at 10:49
















    5














    The best method is to set the DNS to just the DC in the clients, and to set your DNS fowarder with the public’s one.



    The way DNS work is not at 100% like you wrote, as the PC will use its first DNS resolver for all query, if the DNS don’t answer, because the server is off or other reasons, the PC switch to the other DNS server listed and will stick to it, and will use that one unless it fail too.



    So as you can guess if the PC use the public DNS, all your domain query will fail as unknown, but the PC don’t try on the other DNS, as it got an answer, an unknown answer, but he got one.






    share|improve this answer























    • Presumably to allow some redundancy you could add multiple DCs as DNS servers?

      – Harry Johnston
      Apr 22 at 2:23












    • @yagmoth555 - if I remove the 2 OpenDNS servers from the DHCP Scope Options so that the client PC get assigned just the DC only, where do I specify the OpenDNS servers so that the DNS service can forward all external queries ?

      – Tickle Me
      Apr 22 at 6:21











    • @TickleMe In your DNS console in sbs2011, right click your server name and click option, forwarder will be listed there. Check there for example; mcmcse.com/microsoft/guides/70-410/dns_forwarding.shtml, the first picture is where the forwarder are configured

      – yagmoth555
      Apr 22 at 10:49














    5












    5








    5







    The best method is to set the DNS to just the DC in the clients, and to set your DNS fowarder with the public’s one.



    The way DNS work is not at 100% like you wrote, as the PC will use its first DNS resolver for all query, if the DNS don’t answer, because the server is off or other reasons, the PC switch to the other DNS server listed and will stick to it, and will use that one unless it fail too.



    So as you can guess if the PC use the public DNS, all your domain query will fail as unknown, but the PC don’t try on the other DNS, as it got an answer, an unknown answer, but he got one.






    share|improve this answer













    The best method is to set the DNS to just the DC in the clients, and to set your DNS fowarder with the public’s one.



    The way DNS work is not at 100% like you wrote, as the PC will use its first DNS resolver for all query, if the DNS don’t answer, because the server is off or other reasons, the PC switch to the other DNS server listed and will stick to it, and will use that one unless it fail too.



    So as you can guess if the PC use the public DNS, all your domain query will fail as unknown, but the PC don’t try on the other DNS, as it got an answer, an unknown answer, but he got one.







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered Apr 21 at 16:33









    yagmoth555yagmoth555

    12.4k31842




    12.4k31842












    • Presumably to allow some redundancy you could add multiple DCs as DNS servers?

      – Harry Johnston
      Apr 22 at 2:23












    • @yagmoth555 - if I remove the 2 OpenDNS servers from the DHCP Scope Options so that the client PC get assigned just the DC only, where do I specify the OpenDNS servers so that the DNS service can forward all external queries ?

      – Tickle Me
      Apr 22 at 6:21











    • @TickleMe In your DNS console in sbs2011, right click your server name and click option, forwarder will be listed there. Check there for example; mcmcse.com/microsoft/guides/70-410/dns_forwarding.shtml, the first picture is where the forwarder are configured

      – yagmoth555
      Apr 22 at 10:49


















    • Presumably to allow some redundancy you could add multiple DCs as DNS servers?

      – Harry Johnston
      Apr 22 at 2:23












    • @yagmoth555 - if I remove the 2 OpenDNS servers from the DHCP Scope Options so that the client PC get assigned just the DC only, where do I specify the OpenDNS servers so that the DNS service can forward all external queries ?

      – Tickle Me
      Apr 22 at 6:21











    • @TickleMe In your DNS console in sbs2011, right click your server name and click option, forwarder will be listed there. Check there for example; mcmcse.com/microsoft/guides/70-410/dns_forwarding.shtml, the first picture is where the forwarder are configured

      – yagmoth555
      Apr 22 at 10:49

















    Presumably to allow some redundancy you could add multiple DCs as DNS servers?

    – Harry Johnston
    Apr 22 at 2:23






    Presumably to allow some redundancy you could add multiple DCs as DNS servers?

    – Harry Johnston
    Apr 22 at 2:23














    @yagmoth555 - if I remove the 2 OpenDNS servers from the DHCP Scope Options so that the client PC get assigned just the DC only, where do I specify the OpenDNS servers so that the DNS service can forward all external queries ?

    – Tickle Me
    Apr 22 at 6:21





    @yagmoth555 - if I remove the 2 OpenDNS servers from the DHCP Scope Options so that the client PC get assigned just the DC only, where do I specify the OpenDNS servers so that the DNS service can forward all external queries ?

    – Tickle Me
    Apr 22 at 6:21













    @TickleMe In your DNS console in sbs2011, right click your server name and click option, forwarder will be listed there. Check there for example; mcmcse.com/microsoft/guides/70-410/dns_forwarding.shtml, the first picture is where the forwarder are configured

    – yagmoth555
    Apr 22 at 10:49






    @TickleMe In your DNS console in sbs2011, right click your server name and click option, forwarder will be listed there. Check there for example; mcmcse.com/microsoft/guides/70-410/dns_forwarding.shtml, the first picture is where the forwarder are configured

    – yagmoth555
    Apr 22 at 10:49














    0














    You should never use external DNS, but the actual problem here is your DC/DNS server is either not responding or no longer has a record registered for SBS2011.



    Sometimes when a DC crashes, the DNS server may no longer be listening on the specified IP address. This would be in dnsmgmt.msc, server properties > Interfaces > Listen on. If this occurs, the DC may unregister it's own A record.






    share|improve this answer



























      0














      You should never use external DNS, but the actual problem here is your DC/DNS server is either not responding or no longer has a record registered for SBS2011.



      Sometimes when a DC crashes, the DNS server may no longer be listening on the specified IP address. This would be in dnsmgmt.msc, server properties > Interfaces > Listen on. If this occurs, the DC may unregister it's own A record.






      share|improve this answer

























        0












        0








        0







        You should never use external DNS, but the actual problem here is your DC/DNS server is either not responding or no longer has a record registered for SBS2011.



        Sometimes when a DC crashes, the DNS server may no longer be listening on the specified IP address. This would be in dnsmgmt.msc, server properties > Interfaces > Listen on. If this occurs, the DC may unregister it's own A record.






        share|improve this answer













        You should never use external DNS, but the actual problem here is your DC/DNS server is either not responding or no longer has a record registered for SBS2011.



        Sometimes when a DC crashes, the DNS server may no longer be listening on the specified IP address. This would be in dnsmgmt.msc, server properties > Interfaces > Listen on. If this occurs, the DC may unregister it's own A record.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered 2 days ago









        Greg AskewGreg Askew

        29.3k33770




        29.3k33770



























            draft saved

            draft discarded
















































            Thanks for contributing an answer to Server Fault!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f963978%2fwhat-are-some-likely-causes-to-domain-member-pc-losing-contact-to-domain-control%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            Sum ergo cogito? 1 nng

            三茅街道4182Guuntc Dn precexpngmageondP