Stange PTR-records in Reverse Lookup Zone goldfinger 5/14/2007 1:34:01 PM We use dynamic updates to single-label DNS zones. (KB300684) One Forest three domains. AD-Server: W2k3R2, Forest/Domainlevel w2k3 External(No-MS) DNS Server. Now we have PTR records without hostname in the reverse lookup zone. 192.168.100.10 <domainname>. <----- What's this? 192.168.100.10 <hostname>.<domainname>. I didn't saw this behavior before. Because of the doubled entries we have problems with kerberos and some Unix clients. Has everyone seen this entries (with an external DNS Server), too? Any solutions?

Re: Stange PTR-records in Reverse Lookup Zone "Kevin D. Goodknecht Sr. [MVP]" <admin[ at ]nospam.WFTX.US> 5/15/2007 2:50:50 AM Read inline please. In news:3208CD31-221A-46D9-A57E-ED5A0E5FAB79[ at ]microsoft.com, goldfinger <goldfinger[ at ]discussions.microsoft.com> typed: [Quoted Text] > We use dynamic updates to single-label DNS zones. (KB300684) > One Forest three domains. > AD-Server: W2k3R2, > Forest/Domainlevel w2k3 > External(No-MS) DNS Server. > > Now we have PTR records without hostname in the reverse lookup zone. > 192.168.100.10 <domainname>. <----- What's this? Sounds like someone manually added the LDAP IP Address record, and created a matching PTR record. The netlogon service on Domain Controllers register two A records, one in the root of its domain, referred to as the LdapIpAddress record, the other in gc._msdcs.ADDomain, referred to as the GCIPAddress record. But the Netlogon service does not attempt PTR registrations for these records. The LDAPIpAddress record is registereed by all Domain Controllers and must be associated with NICs that have file sharing enabled on them. The GcIpAddress record is only registered by domain controllers which are also Global Catalog Servers. The fact being, reverse lookup PTR records have no real purpose in Active Directory, which is why they are not registered by the netlogon service, and their importance is highly overstated. As far as that goes, I have had one client that insisted that I make all IP address PTRs point to the same fictionalized name. I did this by creating a Wildcard domain for the fourth octet of the reverse lookup zone (E.G. *.1.168.192.in-addr.arpa.), then created a PTR without an IP number with a fictionalized server name. -- Best regards, Kevin D. Goodknecht Sr. [MVP] Hope This Helps Send IM: http://www.icq.com/people/webmsg.php?to=296095728 =================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue, to respond directly to me remove the nospam. from my email address. =================================== http://www.lonestaramerica.com/ http://support.wftx.us/ http://message.wftx.us/ =================================== Use Outlook Express?... Get OE_Quotefix: It will strip signature out and more http://home.in.tum.de/~jain/software/oe-quotefix/ =================================== Keep a back up of your OE settings and folders with OEBackup: http://www.oehelp.com/OEBackup/Default.aspx ===================================

Re: Stange PTR-records in Reverse Lookup Zone goldfinger 5/15/2007 2:28:02 PM Thanks Kevin. Today we analysed the network. As you state before the DC's netlogon wants to register three A records (host, root domain and GC). The PTR pointers will be generated automatically by the external DNS product (Nortel netid).