Bayt.com

Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

You installed a new AD domain and the new (and first) DC has not registered its SRV records in DNS. Name a few possible causes.

Windows Server 2008 MCSE
user-image
Question added by TARIQ MUHAMMAD ISMAIL MEMON , IT Team Leader , Saudi National Bank (Microland)
Date Posted: 2013/12/10
Upvote (3) Views (22) Followers (2) Answers (11) Report Question
Write an Answer
Register now or log in to answer.
Anas Jalal Yahya
by Anas Jalal Yahya , Service Delivery Manager - Project Manager , Diyar Middle East

Hi

 

Ensure that this option "Register this connection's addresses in DNS" checkbox is not cleared, to check this:

- Right click on the network adpater of your DC and select propeties

- Double click on the TCP/IP V4

- Click Advanced

- Click DNS Tab, you will see this option at the bottom of this tab.

 

If the above steps not helped you than surely you have incorrectly configured your TCP/IP settings of your DC or DNS servers

 

HTH

Best Regards,

Don Cheriyan
by Don Cheriyan , Service Delivery Manager , Symantec Software Private Limited

1. Well firstly i'd use the command line tools :

Netdiag and dcdiag to understand if there is a break.

Check DNS pointing as in if the DNS server is pointing to itself as Preferred and the other DC as secondary.

Check physical connectivity between the two.

3rd party firewalls might block, but the best way to test is to run either "netmon" or "wireshark" and look at network traces while reproducing the issue. You will almost certainly get an idea of what's happening.

Restart both netlogon and DNS services using the start and stop commands via command line (even from services console should work).

2. If you are having an Active Directory Integrated DNS zone, check replication between the2 DNS/DC servers.

Checking dynamic updates.

3. If you are not using ADI zones, check port TCP53 (transfers) and UDP53 (name updates)

Mudassar Karim
by Mudassar Karim , System Administrator , JS BANK Ltd

Please check your DNS secure update and as well as Firewall option, beacuse it also block connections.

kayum khaja
by kayum khaja , Telecommunication Engineer , Etisalat

Possibly DNS  wont register the local computer srv records of its own where it is running.

 

Ahmed Sami
by Ahmed Sami , IT Infrastructure Assistant Manager , Network International Payment Solutions

Well I find this is a Very good Question.

And the answer is:

 

This behavior occurs when the following conditions exist:

 

The DNS server is configured as a Dynamic Host Configuration Protocol (DHCP) client.

 

The DNS zone has a name other than your Active Directory domain name.

 

The zone is not enabled to allow dynamic updates.

 

--------------------------------------------------------------------------------------------

 

To resolve this issue, verify that all of the following conditions exist:

 

Configure your DNS server to use a static Internet Protocol (IP) address.

 

Create a forward lookup zone named after your Active Directory.

 

Enable your domain zone to allow dynamic updates.

 

NOTE: If all of these conditions exist and you still do not see your SRV records, stop and start the Netlogon service. This action forces the domain controller to re-register the appropriate SRV records.

 

Using the DCdiag /fix command on the domain controller will verify that all SRV records that are in the Netlogon.dns file are registered on the primary DNS server.

 

Also i think you should restart the Netlogn service

Ram Vilas Pal
by Ram Vilas Pal , Meddium , Millennium Automation & System Ltd.

i thisk its windows firewall . turnoff firewall

 

 

Jose Jr Dagohoy
by Jose Jr Dagohoy , System Operator , The Shared Electronic Banking Services Incorporated (KNET Kuwait)

Registration of SRV records may not work if the following conditions exist:

  • During the Dcpromo.exe process on the first domain controller for a child domain, that domain controller points to the Active Directory-integrated DNS server in the parent domain as a primary DNS server.
  • The Allow dynamic updates setting on the parent Active Directory-integrated DNS server is set to Only Secure Updates.

JAYENDRA PARMAR
by JAYENDRA PARMAR , Support Engineers , Dunia finance LLC

Accroding to me only two possiblity1. might be make mistaks in creating record during AD configuration or simply restart requierd.

 

This possiblity for intranet network not internet..

mohamed mustafa mohamed abrahim
by mohamed mustafa mohamed abrahim , System Administrator , Abdul Aziz Saleh Al-Rashed

Registration of SRV records may not work if the following conditions exist:

  • During the Dcpromo.exe process on the first domain controller for a child domain, that domain controller points to the Active Directory-integrated DNS server in the parent domain as a primary DNS server.
  • The Allow dynamic updates setting on the parent Active Directory-integrated DNS server is set to Only Secure Updates.
  • To resolve this issue:
    1. In the parent domain, start the DNS snap-in.
    2. Open the Forward Lookup zone, right-click your domain name, and then click Properties.
    3. On the General tab, make sure that Allow dynamic updates is set to Yes. By default, this is set to Only Secure Updates.
    4. Stop and then restart the DNS service. At a command prompt, type the following lines, pressing ENTER after each line:net stop dnsnet start dns
    5. On the child domain controller, stop and then restart the Netlogon service. This registers SRV records. At a command prompt, type the following lines, pressing ENTER after each line:
    6. net stop netlogon
    7. net start netlogon

Khalid Kamal
by Khalid Kamal , IT Administrator , Petrofac Saudi Arabia

May be you not enter corrent DNS Address or Netbios name.

Abbas Sa'ad
by Abbas Sa'ad , Senior System Engineer , Ministry of Digital Economy and Entrepreneurship / National Information Technology Center

I think its Windows Firewall . need to turnoff it or except DNS Services 

Write Your Answer
More Questions Like This