I have a 2003 server using active directories. A hardware router does
the dhcp.

Its a small operation with about 50 users but usually about 10 on at
any time. (small school)

On one of the workstations (xp) people have said it takes a long time
to log on to the domain.

I have done some research and many comments seem to say that it is
related to dns issues.
I dont know much about dns so Im hopeing someone can me. One
comment on the net has you go through some steps to check some
things.

One is to type nslookup and then set q=rr_type.
Well right off there is a problem. Here are my results.
.................................................. ..............................................
C:\Documents and Settings\Administrator>nslookup
DNS request timed out.
timeout was 2 seconds.
*** Can't find server name for address 209.226.175.224: Timed out
Default Server: UnKnown
Address: 209.226.175.224

> set q=rr_type
unknown query type: rr_type
> set q=rr_type
.................................................. ................................................
I asume that the dns is wrong (this is the first dns entry in the nic
card.)

How do I know what the dns should be. (this machine also has a dns
server)

I saw another person set up their server with a dns entry of 127.0.0.1
as their first entry.
This would make the machine itself the dns server, should I do this ?
What about a second and third entry where should I get those numbers?

(any other advice would be full)
Thanks.

Read inline please.

In news:1181142701.571577.156620@a26g2000pre.googlegr oups.com,
steve <stevesemple@lycos.com> typed:
> I have a 2003 server using active directories. A hardware router does
> the dhcp.
>
> Its a small operation with about 50 users but usually about 10 on at
> any time. (small school)
>
> On one of the workstations (xp) people have said it takes a long time
> to log on to the domain.

This is probably because you have your ISP's or some other external DNS
server IP listed in TCP/IP properties. All members of an Active Directory
domain must use the internal DNS server that supports the AD domain _ONLY_.
This would normally be the internal IP address of the Domain Controller.

>
> I have done some research and many comments seem to say that it is
> related to dns issues.
> I dont know much about dns so Im hopeing someone can me. One
> comment on the net has you go through some steps to check some
> things.
>
> One is to type nslookup and then set q=rr_type.
> Well right off there is a problem. Here are my results.
> .................................................. .............................................
> C:\Documents and Settings\Administrator>nslookup
> DNS request timed out.
> timeout was 2 seconds.
> *** Can't find server name for address 209.226.175.224: Timed out
> Default Server: UnKnown
> Address: 209.226.175.224

This is the message nslookup gives you when it can't find the PTR for the
DNS server's IP address, and is not a message that means DNS is not working.
What is interesting to me is the IP address appears to be an ISP or external
DNS server's IP.
You should use the internal IP of the internal DNS server.

>
>> set q=rr_type
> unknown query type: rr_type
>> set q=rr_type

Your Syntax is all wrong here, the correct syntax is
set type=<rrtype> (A, CNAME, MX, NS, SOA, etc.)

> .................................................. ...............................................
> I asume that the dns is wrong (this is the first dns entry in the nic
> card.)
>
> How do I know what the dns should be. (this machine also has a dns
> server)
>
> I saw another person set up their server with a dns entry of 127.0.0.1
> as their first entry.
> This would make the machine itself the dns server, should I do this ?
> What about a second and third entry where should I get those numbers?

127.0.0.1 will work, but it is recommended to use the IP address of the
internal NIC. If this server is the only DNS server you have for your
internal Domain, it is the only DNS server you need or should use, Alternate
DNS servers are not required, but if you do use one, it must be able to
resolve your internal domain, too. If it can't, don't use it.



--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This s

===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oe.com/OEBackup/Default.aspx
===================================

> This is probably because you have your ISP's or some other external DNS
> server IP listed in TCP/IP properties. All members of an Active Directory
> domain must use the internal DNS server that supports the AD domain _ONLY_.
> This would normally be the internal IP address of the Domain Controller.
>
Im not there right now. I will have to check on this. The
configuration that I had used was to find the dns automatically.
Would this be ok also?


> > .................................................. ..............................................
> > C:\Documents and Settings\Administrator>nslookup
> > DNS request timed out.
> > timeout was 2 seconds.
> > *** Can't find server name for address 209.226.175.224: Timed out
> > Default Server: UnKnown
> > Address: 209.226.175.224

>
>
> >> set q=rr_type
> > unknown query type: rr_type
> >> set q=rr_type
>
> Your Syntax is all wrong here, the correct syntax is
> set type=<rrtype> (A, CNAME, MX, NS, SOA, etc.)
Oh - I was just reading what somone said I now recall using this
command a little in the past. Would you recomend any tests to check my
settings ?? And what would I look for?

I can tell you when i run dcdiag

Domain Controller Diagnosis

Performing initial setup:
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\WIN2003-07RNW0I
Starting test: Connectivity
WIN2003-07RNW0I's server GUID DNS name could not be resolved
to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(58fbbe9c-f80f-45e6-
b667-84a88f036b45._msdcs.GeorgeLittle.Public.School) couldn't be
resolved, the server name
(win2003-07rnw0i.GeorgeLittle.Public.School) resolved to the
IP address
(192.168.1.120) and was pingable. Check that the IP address
is
registered correctly with the DNS server.
......................... WIN2003-07RNW0I failed test
Connectivity

Which doesnt look good!!


> > I saw another person set up their server with a dns entry of 127.0.0.1
> > as their first entry.
> > This would make the machine itself the dns server, should I do this ?
> > What about a second and third entry where should I get those numbers?
>
> 127.0.0.1 will work, but it is recommended to use the IP address of the
> internal NIC. If this server is the only DNS server you have for your
> internal Domain, it is the only DNS server you need or should use, Alternate
> DNS servers are not required, but if you do use one, it must be able to
> resolve your internal domain, too. If it can't, don't use it.

Ok so the ip of this server is 192.168.1.20 and I should put this same
address in the first dns entry.

Thank you for your . I just want to confirm these things before I
make changes and get everyone upset with it not working.

Read inline please.

In news:1181163527.733254.249060@o11g2000prd.googlegr oups.com,
steve <stevesemple@lycos.com> typed:
>> This is probably because you have your ISP's or some other external
>> DNS
>> server IP listed in TCP/IP properties. All members of an Active
>> Directory
>> domain must use the internal DNS server that supports the AD domain
>> _ONLY_.
>> This would normally be the internal IP address of the Domain
>> Controller.
>>
> Im not there right now. I will have to check on this. The
> configuration that I had used was to find the dns automatically.
> Would this be ok also?

Only if DHCP assigns the internal DNS only.

> Ok so the ip of this server is 192.168.1.20 and I should put this same
> address in the first dns entry.

If this server's IP is 192.168.1.20 AND there is no other local DNS server
holding a zone for your internal domain, it should be the ONLY DNS server
you'll use. Do not use any external DNS in any position in TCP/IP of any
member of an AD domain.



--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This s

===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oe.com/OEBackup/Default.aspx
===================================

Very good thread, Kevin.
Thanks.

I just came from a client that has the DC with all the roles, pointing to
the loopback address for DNS.

LDAP queries and CRM are having big problems. (What a shock).

Thanks for giving me some backup to present to their "Networking Company."
/:>


"Kevin D. Goodknecht Sr. [MVP]" wrote:

> Read inline please.
>
> In news:1181163527.733254.249060@o11g2000prd.googlegr oups.com,
> steve <stevesemple@lycos.com> typed:
> >> This is probably because you have your ISP's or some other external
> >> DNS
> >> server IP listed in TCP/IP properties. All members of an Active
> >> Directory
> >> domain must use the internal DNS server that supports the AD domain
> >> _ONLY_.
> >> This would normally be the internal IP address of the Domain
> >> Controller.
> >>
> > Im not there right now. I will have to check on this. The
> > configuration that I had used was to find the dns automatically.
> > Would this be ok also?
>
> Only if DHCP assigns the internal DNS only.
>
> > Ok so the ip of this server is 192.168.1.20 and I should put this same
> > address in the first dns entry.
>
> If this server's IP is 192.168.1.20 AND there is no other local DNS server
> holding a zone for your internal domain, it should be the ONLY DNS server
> you'll use. Do not use any external DNS in any position in TCP/IP of any
> member of an AD domain.
>
>
>
> --
> Best regards,
> Kevin D. Goodknecht Sr. [MVP]
> Hope This s
>
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> http://support.wftx.us/
> http://message.wftx.us/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oe.com/OEBackup/Default.aspx
> ===================================
>
>
>