|
|
Computers at my remote sites are unable to update their DNS A records
properly, the below error occurs on all the remote site computers:
The system failed to register host (A) resource records (RRs) for network
adapter
with settings:
Adapter Name : {E7631098-2C24-424E-A3C3-91EDFB03776A}
Host Name : LBC-MUS002
Primary Domain Suffix : larne.gov.local
DNS server list :
192.168.10.5, 192.168.10.6
Sent update to server : 192.1.1.1
IP Address(es) :
192.168.60.10
These remote sites get their IP addresses from the local router on site.
All clients Win XP SP2/ SP3.
All servers Win 2003 SP2.
At our m ain site there are no reported issues.
All help appreciated.
|
|
"Ally" <Ally[ at ]discussions.microsoft.com> wrote in message
news:261F4A74-6F80-4541-B25C-0913475C3135[ at ]microsoft.com...
[Quoted Text] > Computers at my remote sites are unable to update their DNS A records
> properly, the below error occurs on all the remote site computers:
>
> The system failed to register host (A) resource records (RRs) for network
> adapter
> with settings:
>
> Adapter Name : {E7631098-2C24-424E-A3C3-91EDFB03776A}
> Host Name : LBC-MUS002
> Primary Domain Suffix : larne.gov.local
> DNS server list :
> 192.168.10.5, 192.168.10.6
> Sent update to server : 192.1.1.1
> IP Address(es) :
> 192.168.60.10
>
> These remote sites get their IP addresses from the local router on site.
And there lies the problem. They need to *stop* getting their DCHP config
from that. They either need to get their DHCP config from an Active
Directory Authorized DHCP Service in their own Site or they need to be
statically assigned on all the TCP/IP specs.
--
Phillip Windell
www.wandtv.com
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
|
|
are the computers in the remote site using the dns server at the main site as
their dns server? If so how do they know to do this have you configured the
clients manually or configured the dhcp scope on the remote site router to
tell them to do this?
James.
--
James Yeomans, BSc, MCSE
Ask me directly at: http://www.justaskjames.co.uk
"Ally" wrote:
[Quoted Text] > Computers at my remote sites are unable to update their DNS A records
> properly, the below error occurs on all the remote site computers:
>
> The system failed to register host (A) resource records (RRs) for network
> adapter
> with settings:
>
> Adapter Name : {E7631098-2C24-424E-A3C3-91EDFB03776A}
> Host Name : LBC-MUS002
> Primary Domain Suffix : larne.gov.local
> DNS server list :
> 192.168.10.5, 192.168.10.6
> Sent update to server : 192.1.1.1
> IP Address(es) :
> 192.168.60.10
>
> These remote sites get their IP addresses from the local router on site.
>
> All clients Win XP SP2/ SP3.
> All servers Win 2003 SP2.
>
> At our m ain site there are no reported issues.
>
> All help appreciated.
>
|
|
Clients get dns from the configured dhcp scope including IP, Subnet mask and
two DNS servers.
There are no problems with clients obtaining dns info such as MX and A
records, it's just them not being able to register their dns info with the
DNS server.
"James Yeomans BSc, MCSE" wrote:
[Quoted Text] > are the computers in the remote site using the dns server at the main site as > their dns server? If so how do they know to do this have you configured the > clients manually or configured the dhcp scope on the remote site router to > tell them to do this? > James. > -- > James Yeomans, BSc, MCSE > Ask me directly at: http://www.justaskjames.co.uk> > > "Ally" wrote: > > > Computers at my remote sites are unable to update their DNS A records > > properly, the below error occurs on all the remote site computers: > > > > The system failed to register host (A) resource records (RRs) for network > > adapter > > with settings: > > > > Adapter Name : {E7631098-2C24-424E-A3C3-91EDFB03776A} > > Host Name : LBC-MUS002 > > Primary Domain Suffix : larne.gov.local > > DNS server list : > > 192.168.10.5, 192.168.10.6 > > Sent update to server : 192.1.1.1 > > IP Address(es) : > > 192.168.60.10 > > > > These remote sites get their IP addresses from the local router on site. > > > > All clients Win XP SP2/ SP3. > > All servers Win 2003 SP2. > > > > At our m ain site there are no reported issues. > > > > All help appreciated. > > |
|
So the dns server the clients are using is the dns server at the main site?
i.e. the same dns server that the clients at the main site use? Are they also
part of the same domain? Can they ping the dns server at the main site ok? by
name and ip?
Cheers
James.
--
James Yeomans, BSc, MCSE
Ask me directly at: http://www.justaskjames.co.uk
"Ally" wrote:
[Quoted Text] > Clients get dns from the configured dhcp scope including IP, Subnet mask and > two DNS servers. > > There are no problems with clients obtaining dns info such as MX and A > records, it's just them not being able to register their dns info with the > DNS server. > > "James Yeomans BSc, MCSE" wrote: > > > are the computers in the remote site using the dns server at the main site as > > their dns server? If so how do they know to do this have you configured the > > clients manually or configured the dhcp scope on the remote site router to > > tell them to do this? > > James. > > -- > > James Yeomans, BSc, MCSE > > Ask me directly at: http://www.justaskjames.co.uk> > > > > > "Ally" wrote: > > > > > Computers at my remote sites are unable to update their DNS A records > > > properly, the below error occurs on all the remote site computers: > > > > > > The system failed to register host (A) resource records (RRs) for network > > > adapter > > > with settings: > > > > > > Adapter Name : {E7631098-2C24-424E-A3C3-91EDFB03776A} > > > Host Name : LBC-MUS002 > > > Primary Domain Suffix : larne.gov.local > > > DNS server list : > > > 192.168.10.5, 192.168.10.6 > > > Sent update to server : 192.1.1.1 > > > IP Address(es) : > > > 192.168.60.10 > > > > > > These remote sites get their IP addresses from the local router on site. > > > > > > All clients Win XP SP2/ SP3. > > > All servers Win 2003 SP2. > > > > > > At our m ain site there are no reported issues. > > > > > > All help appreciated. > > > |
|
Yes, remotes sites that don't have a server onsite use the DNS server at the
main site through the VPN.
Also note each remote site is on it's own IP subnet.
Yes, all on same domain. and they can ping dns server using name and IP.
There are no DNS issues except for the clients not being able register their
own records.
Do you think it has anything to do with the the line 'Sent to 192.168.1.1'
in the error code I posted in my first post?
"Ally" wrote:
[Quoted Text] > Computers at my remote sites are unable to update their DNS A records
> properly, the below error occurs on all the remote site computers:
>
> The system failed to register host (A) resource records (RRs) for network
> adapter
> with settings:
>
> Adapter Name : {E7631098-2C24-424E-A3C3-91EDFB03776A}
> Host Name : LBC-MUS002
> Primary Domain Suffix : larne.gov.local
> DNS server list :
> 192.168.10.5, 192.168.10.6
> Sent update to server : 192.1.1.1
> IP Address(es) :
> 192.168.60.10
>
> These remote sites get their IP addresses from the local router on site.
>
> All clients Win XP SP2/ SP3.
> All servers Win 2003 SP2.
>
> At our m ain site there are no reported issues.
>
> All help appreciated.
>
|
|
"Ally" <Ally[ at ]discussions.microsoft.com> wrote in message
news:7DD998B5-3031-4107-B593-E43F40B4F341[ at ]microsoft.com...
[Quoted Text] > Yes, remotes sites that don't have a server onsite use the DNS server at
> the
> main site through the VPN.
>
> Also note each remote site is on it's own IP subnet.
>
> Yes, all on same domain. and they can ping dns server using name and IP.
>
> There are no DNS issues except for the clients not being able register
> their
> own records.
>
> Do you think it has anything to do with the the line 'Sent to 192.168.1.1'
> in the error code I posted in my first post?
Like I said in my first post. They either need to get their DHCP config
from an Active
Directory Authorized DHCP Service in their own Site or they need to be
statically assigned on all the TCP/IP specs. This will take care of their
registration into DNS
You also need to be sure:
1. All Hosts in the entire company needs to use the AD/DNS,...they should
never use any other DNS
2. The AD/DNS machines need to use the ISP's DNS as a Forwarder in the
Forwarders List within the config of the DNS Service. If you don't want to
use a Forwarder the AD/DNS machines should be able to simply default to
using Root Hints without any configuration.
3. The AD/DNS machines need to be allowed by the firewall to make outbound
DNS Queries.
--
Phillip Windell
www.wandtv.com
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
|
|
"Phillip Windell" <philwindell[ at ]hotmail.com> wrote in message
news:ub0NchHXJHA.760[ at ]TK2MSFTNGP02.phx.gbl...
[Quoted Text] > They either need to get their DHCP config from an Active Directory
> Authorized DHCP Service in their own Site
If you don't have (or refuse to have) an Active Directory Authorized DHCP
Service in their own Site,...then it is possible (sometimes,..with the right
equipment and correct WAN design) to have them get their config from the
DHCP at the Main Site, but that is a very big problem if the WAN link goes
down. In such a case you should statically assign the TCP/IP config of
those machines.
I would never recommend you use DHCP over the WAN,...but for honesty's sake
I figured I would at least mention the possibility.
--
Phillip Windell
www.wandtv.com
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
|
|
But how can I get an AD authorised DHCP service for the remote site whilst
using a different IP subnet from the main site without installing a local DC/
DNS server?
Cheers
Alan
"Phillip Windell" wrote:
[Quoted Text] > "Phillip Windell" <philwindell[ at ]hotmail.com> wrote in message
> news:ub0NchHXJHA.760[ at ]TK2MSFTNGP02.phx.gbl...
>
> > They either need to get their DHCP config from an Active Directory
> > Authorized DHCP Service in their own Site
>
> If you don't have (or refuse to have) an Active Directory Authorized DHCP
> Service in their own Site,...then it is possible (sometimes,..with the right
> equipment and correct WAN design) to have them get their config from the
> DHCP at the Main Site, but that is a very big problem if the WAN link goes
> down. In such a case you should statically assign the TCP/IP config of
> those machines.
>
> I would never recommend you use DHCP over the WAN,...but for honesty's sake
> I figured I would at least mention the possibility.
>
> --
> Phillip Windell
> www.wandtv.com
>
> The views expressed, are my own and not those of my employer, or Microsoft,
> or anyone else associated with me, including my cats.
> -----------------------------------------------------
>
>
>
|
|
"Ally" <Ally[ at ]discussions.microsoft.com> wrote in message
news:B9C7F96E-4A62-4B19-A399-FDE2B5C751D3[ at ]microsoft.com...
[Quoted Text] > But how can I get an AD authorised DHCP service for the remote site whilst
> using a different IP subnet from the main site without installing a local
> DC/
> DNS server?
Because subnets are irrelevant.
The DHCP Service can run on any Windows Server that you have located within
that site.
The Server of course must be a Domain Member,...which means it already knows
how to find the DC,...which is the only requirement needed to "authorize"
the DHCP Service.
The best thing that you can do,...if you are willing to do it,...is to place
a Domain Controller at each Site. That DC can run DHCP as well (and WINS if
you need it). DCs do not have a heavey load and do not require expensive
fast hardware, although a RAID1 Mirror for the System Drive is a good thing
to have. You can use Tape Backups for protection but they are problmatic
with DCs when restoring,....it has to be done a certain way and I'm not
going into that here.
Then use Active Directory Sites and Services to manage the Replication over
the slow WAN link. A Subnet and a Site are kind of "married",...that is, a
Site is identified by the subnet,...therefore a Domain Controller (or any
machine) is a member of a particular Site by virtue of the IP Subnet it is
part of.
The cool thing here is that the Clients in the Site will always use the DC
that is in the same Active Directory Site that they are in. So their
authentication and their DHCP activity along with other things will happen
only within the site and will take a considerable load off of the WAN link.
The DC will then make periodic Replication updates over the WAN link
according to the trottling configured with in the Active Directory Sites and
Services MMC. This also means the WAN link can be undependable and can "go
down",...and the LAN within that site will remain fully functional apart
from not being able to reach resources across the down WAN link.
--
Phillip Windell
www.wandtv.com
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
|
|
Hi,
[Quoted Text] > DNS server list :
> 192.168.10.5, 192.168.10.6
> Sent update to server : 192.1.1.1
> IP Address(es) :
> 192.168.60.10
A real mixed (ip-) environment (!!!) , i would say
jk
|
|
In news:43B31447-86CE-400D-85BC-63396BB2A7B1[ at ]microsoft.com,
Ally <Ally[ at ]discussions.microsoft.com> requesting assistance, typed the
following:
[Quoted Text] > Clients get dns from the configured dhcp scope including IP, Subnet
> mask and two DNS servers.
>
> There are no problems with clients obtaining dns info such as MX and A
> records, it's just them not being able to register their dns info
> with the DNS server.
>
For any machine to register to any specific DNS server, the DNS server MUST
be set in it's IP properties. No way around that.
Are the clients in an AD domain? If so, they MUST be using AD's DNS servers
only. They cannot use any others unless the others being used have some sort
of reference to the AD zone name, such as with forwarding, delegation, or
stubs. Otherwise, besides registering into DNS, how are they supposed to
find AD resources, login, etc?
--Â
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCT
Microsoft Certified Trainer
For urgent issues, you may want to contact Microsoft PSS directly.
Please check http://support.microsoft.com for regional support phone
numbers.
|
|
Per my previous message, I need to find a way to provide DHCP services in
line with AD/DNS without installing a server locally at the site.
Finance, time and resources prevent severs being installed at remote sites
which only have 2-4 people.
We do what you have described in your post for our larger remote sites.
"Phillip Windell" wrote:
[Quoted Text] > "Ally" <Ally[ at ]discussions.microsoft.com> wrote in message
> news:B9C7F96E-4A62-4B19-A399-FDE2B5C751D3[ at ]microsoft.com...
> > But how can I get an AD authorised DHCP service for the remote site whilst
> > using a different IP subnet from the main site without installing a local
> > DC/
> > DNS server?
>
> Because subnets are irrelevant.
> The DHCP Service can run on any Windows Server that you have located within
> that site.
> The Server of course must be a Domain Member,...which means it already knows
> how to find the DC,...which is the only requirement needed to "authorize"
> the DHCP Service.
>
> The best thing that you can do,...if you are willing to do it,...is to place
> a Domain Controller at each Site. That DC can run DHCP as well (and WINS if
> you need it). DCs do not have a heavey load and do not require expensive
> fast hardware, although a RAID1 Mirror for the System Drive is a good thing
> to have. You can use Tape Backups for protection but they are problmatic
> with DCs when restoring,....it has to be done a certain way and I'm not
> going into that here.
>
> Then use Active Directory Sites and Services to manage the Replication over
> the slow WAN link. A Subnet and a Site are kind of "married",...that is, a
> Site is identified by the subnet,...therefore a Domain Controller (or any
> machine) is a member of a particular Site by virtue of the IP Subnet it is
> part of.
>
> The cool thing here is that the Clients in the Site will always use the DC
> that is in the same Active Directory Site that they are in. So their
> authentication and their DHCP activity along with other things will happen
> only within the site and will take a considerable load off of the WAN link.
> The DC will then make periodic Replication updates over the WAN link
> according to the trottling configured with in the Active Directory Sites and
> Services MMC. This also means the WAN link can be undependable and can "go
> down",...and the LAN within that site will remain fully functional apart
> from not being able to reach resources across the down WAN link.
>
>
> --
> Phillip Windell
> www.wandtv.com
>
> The views expressed, are my own and not those of my employer, or Microsoft,
> or anyone else associated with me, including my cats.
> -----------------------------------------------------
>
>
>
|
|
192.168.10.0 is the subnet of the main, small remote sites the DNS servers
from here.
192.168.60.0 is the remote site.
192.168.1.1 - I don't know why updates are being sent to here, this IP is
not configured anywhere.
Looks like a good setup to me.
"Juergen Kluth" wrote:
[Quoted Text] > Hi,
> > DNS server list :
> > 192.168.10.5, 192.168.10.6
> > Sent update to server : 192.1.1.1
> > IP Address(es) :
> > 192.168.60.10
>
> A real mixed (ip-) environment (!!!) , i would say
>
> jk
>
>
>
|
|
In news:3583092D-CC67-4EBA-B619-513F41B43E09[ at ]microsoft.com,
Ally <Ally[ at ]discussions.microsoft.com> requesting assistance, typed the
following:
[Quoted Text] > Per my previous message, I need to find a way to provide DHCP
> services in line with AD/DNS without installing a server locally at
> the site.
>
> Finance, time and resources prevent severs being installed at remote
> sites which only have 2-4 people.
>
> We do what you have described in your post for our larger remote
> sites.
>
You can either setup a DHCP Relay Agent, which is a little more difficult to
setup, plus it involves configuring RRAS on a DC, which we normally do not
recommend, or simply change the DHCP options on the router at that location
to ONLY specify the DNS servers at the main site, and not the ISP's DNS
addresses. This way you will insure 1), they will register, and 2) they can
find AD resources, logon, etc.
Ace
|
|
Hi Ace,
The DHCP info being given to clients at the remote site by the router
doesn't include ISP IPs only the two internal DNS servers, the IP itself,
default gateway and domain suffix. All internal IPs.
I line in the error I thought was the problem was "Sent to 192.168.1.1".
What do you think?
Cheers
"Ace Fekay [Microsoft Certified Trainer]" wrote:
[Quoted Text] > In news:3583092D-CC67-4EBA-B619-513F41B43E09[ at ]microsoft.com, > Ally <Ally[ at ]discussions.microsoft.com> requesting assistance, typed the > following: > > Per my previous message, I need to find a way to provide DHCP > > services in line with AD/DNS without installing a server locally at > > the site. > > > > Finance, time and resources prevent severs being installed at remote > > sites which only have 2-4 people. > > > > We do what you have described in your post for our larger remote > > sites. > > > > You can either setup a DHCP Relay Agent, which is a little more difficult to > setup, plus it involves configuring RRAS on a DC, which we normally do not > recommend, or simply change the DHCP options on the router at that location > to ONLY specify the DNS servers at the main site, and not the ISP's DNS > addresses. This way you will insure 1), they will register, and 2) they can > find AD resources, logon, etc. > > Ace > > |
|
"Ally" <Ally[ at ]discussions.microsoft.com> wrote in message
news:3583092D-CC67-4EBA-B619-513F41B43E09[ at ]microsoft.com...
[Quoted Text] > Per my previous message, I need to find a way to provide DHCP services in
> line with AD/DNS without installing a server locally at the site.
....and I have done that. Read the post. The way networks functions do not
care if you only have 2-4 people or if you have 50 people,...they work the
way they work.
The DC was an *extra* option that I said you only should do,...not must do.
If Ace's suggestion of using the AD/DNS on the firewall device for DNS
doesn't work,...then you will have to do it as I decribed.
The only other possible thing would to be what I do at two of our remote
sites where there is only 2 workstations at one and a single workstation at
the other (number of humans is irrelevant). For these I just flat out do
not use a Site-to-Site VPN. For these I use Remote Access VPN that is
activated by the user when they log into the workstation.
The workstations register with the AD/DNS using the IP# granted to them by
DHCP when the VPN is activated. The IP# they have locally when the VPN is
not active is just simply not important and irrelevant.
--
Phillip Windell
www.wandtv.com
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
|
|
In news:63199309-E309-4BF0-8C91-DF7821503EC0[ at ]microsoft.com,
Ally <Ally[ at ]discussions.microsoft.com> requesting assistance, typed the
following:
[Quoted Text] > Hi Ace,
>
> The DHCP info being given to clients at the remote site by the router
> doesn't include ISP IPs only the two internal DNS servers, the IP
> itself, default gateway and domain suffix. All internal IPs.
>
> I line in the error I thought was the problem was "Sent to
> 192.168.1.1".
>
> What do you think?
>
> Cheers
Hi Ally,
Re-reading your original post, I finally realized this is EventID 11197.
After searching around a bit, I found the following posted article
explaining this can be caused by line speed or the machines are overloaded
with some sort of network tasks when this occurs. Since you are saying that
it is happening on more than one machine, I would imagine the line speed has
something to do with it.
http://www.experts-exchange.com/Networking/Q_21262631.html
What is the line speed? Is there anything running on the machines that maybe
network intensive at the time the event IDs occur? Is there any entries
other than the defaults in the HOSTS file of the machines in question?
Is there any forwarders on any of your DNS servers configured to forward to
192.168.1.1?
In DNS, under the zone's properties, Nameservers tab, does 192.168.1.1 show
up anywhere?
If the above do not apply, try running the following on one of the machines
in question:
(Suggestion taken from
http://www.eventid.net/display.asp?eventid=11163&eventno=1746&source=DnsApi&phase=1)
NETSH WINSOCK RESET
NETDIAG /FIX
One more reference to the EventID:
http://www.eventid.net/display.asp?eventid=11163&eventno=1746&source=DnsApi&phase=1
Ace
|
|
In news:e9tHCC6XJHA.5020[ at ]TK2MSFTNGP03.phx.gbl,
Phillip Windell <philwindell[ at ]hotmail.com> requesting assistance, typed the
following:
[Quoted Text] > "Ally" <Ally[ at ]discussions.microsoft.com> wrote in message
> news:3583092D-CC67-4EBA-B619-513F41B43E09[ at ]microsoft.com...
>> Per my previous message, I need to find a way to provide DHCP
>> services in line with AD/DNS without installing a server locally at
>> the site.
>
> ...and I have done that. Read the post. The way networks functions
> do not care if you only have 2-4 people or if you have 50
> people,...they work the way they work.
>
> The DC was an *extra* option that I said you only should do,...not
> must do.
> If Ace's suggestion of using the AD/DNS on the firewall device for DNS
> doesn't work,...then you will have to do it as I decribed.
>
> The only other possible thing would to be what I do at two of our
> remote sites where there is only 2 workstations at one and a single
> workstation at the other (number of humans is irrelevant). For these
> I just flat out do not use a Site-to-Site VPN. For these I use
> Remote Access VPN that is activated by the user when they log into
> the workstation.
> The workstations register with the AD/DNS using the IP# granted to
> them by DHCP when the VPN is activated. The IP# they have locally
> when the VPN is not active is just simply not important and
> irrelevant.
Hi Phillip,
From reading up on it at various links, I'm starting to think it may have
something to do with the line speed. But I'm not sure!
Ace
|
|
|