My domain controller cannot ping the workstations by FQDN. On the
workstations there are no
problems:

On workstation pc001:

ping dc1 // OK
ping dc1.mycompany.com // OK

On domain controller dc1:

ping pc001 // OK
ping pc001.mycompany.com // Ping request could not find host...

Where's the rub?

Regards

R.

In news:47923ff2$0$4246$bf4948fe@news.tele2.nl,
Rik. G. <q@q.nl> typed:
> My domain controller cannot ping the workstations by FQDN. On the
> workstations there are no
> problems:
>
> On workstation pc001:
>
> ping dc1 // OK
> ping dc1.mycompany.com // OK
>
> On domain controller dc1:
>
> ping pc001 // OK
> ping pc001.mycompany.com // Ping request could not find host...
>
> Where's the rub?
>
> Regards
>
> R.

Rik. G.,

The "rub" can be a number of factors starting with if there is actuall a
'pc001' host created under the mycompany.com zone. However this is
extremeley *difficult* to tell with no configuration informaiton provided.
We'll need additional information to come up with a 'rub'.

Here is a generic summarized list of possible causes (which many, if not
all, apply to your scenario):
1. Single label name.
2. SRV records missing.
3. Disjointed namespace.- AD domain name doesn't match the Primary DNS
Suffix and/or the zone name.
4. Using an ISP's DNS in IP properties of the DC and clients.
5. DHCP Client service disabled.
6. DCs are possibly multihomed (more than one NIC not teamed)
7. 3rd party firewalls
8. Antivirus software blocking functionality
9. Antispyware blocking functionality
10. etc....


If you like to get specific to diagnose this issue, and to elimiante
guesswork on our part, for starters, please post the following information:
1. UNEDITED (please do not change anything in it) 'ipconfig /all' from your
DC, and a sample one of a client.
2. The exact zone name spellng in DNS and whether updates are allowed on the
zone.
3. The AD DNS domain name as it shows up in ADUC.
4. If the SRV records exist under your zone.
5. Any errors in the Event logs on the DC under System, Replication Service
and Directory Services (post the Event ID# and Source names please)
6. Dcdiag /v /fix > c:\dcdiag.txt (post the dcdiag.txt as an attachment)
7. Netdiag /v /fix > c:\netdiag.txt (post the dcdiag.txt as an attachment)
8. More than one subnet?
9. Forwarder(s) configured?

--
Regards,
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
MVP Microsoft MVP - Directory Services
Microsoft Certified Trainer

Infinite Diversities in Infinite Combinations

"Ace Fekay [MVP]" <PleaseAskMe@SomeDomain.com> wrote in message
news:#DDGVsvWIHA.1208@TK2MSFTNGP03.phx.gbl...
> In news:47923ff2$0$4246$bf4948fe@news.tele2.nl,
> Rik. G. <q@q.nl> typed:
> > My domain controller cannot ping the workstations by FQDN. On the
> > workstations there are no
> > problems:
> >
> > On workstation pc001:
> >
> > ping dc1 // OK
> > ping dc1.mycompany.com // OK
> >
> > On domain controller dc1:
> >
> > ping pc001 // OK
> > ping pc001.mycompany.com // Ping request could not find host...
> >
> > Where's the rub?
> >
> > Regards
> >
> > R.
>
> Rik. G.,
>
> The "rub" can be a number of factors starting with if there is actuall a
> 'pc001' host created under the mycompany.com zone. However this is
> extremeley *difficult* to tell with no configuration informaiton provided.
> We'll need additional information to come up with a 'rub'.
>
> Here is a generic summarized list of possible causes (which many, if not
> all, apply to your scenario):
> 1. Single label name.
> 2. SRV records missing.
> 3. Disjointed namespace.- AD domain name doesn't match the Primary DNS
> Suffix and/or the zone name.
> 4. Using an ISP's DNS in IP properties of the DC and clients.
> 5. DHCP Client service disabled.
> 6. DCs are possibly multihomed (more than one NIC not teamed)
> 7. 3rd party firewalls
> 8. Antivirus software blocking functionality
> 9. Antispyware blocking functionality
> 10. etc....
>
>
> If you like to get specific to diagnose this issue, and to elimiante
> guesswork on our part, for starters, please post the following
information:
> 1. UNEDITED (please do not change anything in it) 'ipconfig /all' from
your
> DC, and a sample one of a client.
> 2. The exact zone name spellng in DNS and whether updates are allowed on
the
> zone.
> 3. The AD DNS domain name as it shows up in ADUC.
> 4. If the SRV records exist under your zone.
> 5. Any errors in the Event logs on the DC under System, Replication
Service
> and Directory Services (post the Event ID# and Source names please)
> 6. Dcdiag /v /fix > c:\dcdiag.txt (post the dcdiag.txt as an attachment)
> 7. Netdiag /v /fix > c:\netdiag.txt (post the dcdiag.txt as an attachment)
> 8. More than one subnet?
> 9. Forwarder(s) configured?
>
> --
> Regards,
> Ace
>
> This posting is provided "AS-IS" with no warranties or guarantees and
> confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
> MVP Microsoft MVP - Directory Services
> Microsoft Certified Trainer
>
> Infinite Diversities in Infinite Combinations
>
>

Thanks for the extensive reply, Ace. And apologies for not providing config
info.

I've found where the "rub" was though. My DC has no DHCP service running. I
use the router for that. This means the client workstations did not register
properly in the DC's DNS. Checking "Use this connection's DNS suffix in DNS
registration" on the workstations did the trick. The clients now properly
register in the DC's DNS.

My next question now is which Group Policy can force this option on the
clients? The documentation (clicking with the question mark on this
checkbox) says there should be a Group Policy which overrides the local
setting, so I know this can be forced using Group Policy.

Regards

R.

Rick,
the settings you are referring to reside in the Computer
Configuration\Administrative Templates\Network\DNS Client group policy node
("Connection-Specific DNS Suffix" and "Register DNS records with
connection-specific DNS suffix"). Note that these require XP Pro clients and
will apply across all connections on multihomed computers.
Could you clarify what's the primary DNS suffix on your clients? By default,
this should match your domain name and should be used by your clients for
both DNS name registration and resolution...

hth
Marcin

In news:47937383$0$5247$bf4948fe@news.tele2.nl,
Rik G. <q@q.nl> typed:

> Thanks for the extensive reply, Ace. And apologies for not providing
> config info.
>
> I've found where the "rub" was though. My DC has no DHCP service
> running. I use the router for that. This means the client
> workstations did not register properly in the DC's DNS. Checking "Use
> this connection's DNS suffix in DNS registration" on the workstations
> did the trick. The clients now properly register in the DC's DNS.
>
> My next question now is which Group Policy can force this option on
> the clients? The documentation (clicking with the question mark on
> this checkbox) says there should be a Group Policy which overrides
> the local setting, so I know this can be forced using Group Policy.
>
> Regards
>
> R.

You are welcome, Rik. The DHCP service I mentioned was the client service on
the DC. Despite it's name, it's actually the resolver service and if
disabled, the DC can't even resolve DNS names.

Good taht you changed to the DC's DHCP server service for DHCP services for
your clients. The router's is very limited in terms of certain features,
such as Dynamic Updates (actually called Option 081 that routers do not
support).

Marcin has the answer for your GPO question. If you have any more questions,
don't hesitate to post.

Ace

The workstation is not registering itself in DNS.

"Rik. G." <q@q.nl> wrote in message
news:47923ff2$0$4246$bf4948fe@news.tele2.nl...
> My domain controller cannot ping the workstations by FQDN. On the
> workstations there are no
> problems:
>
> On workstation pc001:
>
> ping dc1 // OK
> ping dc1.mycompany.com // OK
>
> On domain controller dc1:
>
> ping pc001 // OK
> ping pc001.mycompany.com // Ping request could not find host...
>
> Where's the rub?
>
> Regards
>
> R.
>
>
>

In news:6765E148-D499-4D61-AA67-8D973DAB039E@microsoft.com,
patrick@iQor.com <patrick@iQor.com> typed:
> The workstation is not registering itself in DNS.

But why isn't it registering (the 'rub') is what Rik implied he was looking
for.

Ace