Announcement

Collapse
No announcement yet.

Losing DNS records in a domain

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Losing DNS records in a domain

    Every week I get a call from the Help Desk asking me to look at a server which they can no longer PING. I find that I cannot access the server via DNS but IP is OK and find that if I issue an "IPCONFIG /REGISTERDNS" on the server, DNS "kicks-in" and all is good again.

    I checked the DNS server and the record looks like this:

    Host: MyServer
    FQDN: MyServer.MyDomain.Com
    IP Address: 10.0.0.55
    Update associated pointer record (PTR): Checked
    Delete this record when it becomes stale: UnChecked
    TTL: 0:0:20:0 (DDDDD:HH:MM:SS)

    Happens randomly to about one server a week, never the same one.

    Can anyone suggest why this would be happening?

    Domain Controllers are Win2K8 R2. Servers are mostly Win2K3 SP2.
    |
    +-- JDMils
    |
    +-- Regional Systems Engineer, DotNet programmer & Jack of all trades
    |

  • #2
    Re: Losing DNS records in a domain

    I'm not sure if this is related, but I got these errors in the System event log about the same time we lost the DNS connection to the server:

    Event Type: Warning
    Event Source: BROWSER
    Event Category: None
    Event ID: 8021
    Date: 4/27/2015
    Time: 2:12:28 AM
    User: N/A
    Computer: MyServer
    Description:
    The browser service was unable to retrieve a list of servers from the browser master \\MyServer2 on the network \Device\NetBT_Tcpip_{5AB3D173-77F2-402F-8303-001950F7EF1E}.

    Browser master: \\MyServer2
    Network: \Device\NetBT_Tcpip_{5AB3D173-77F2-402F-8303-001950F7EF1E}

    This event may be caused by a temporary loss of network connectivity. If this message appears again, verify that the server is still connected to the network. The return code is in the Data text box.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 35 00 00 00 5...
    Event Type: Error
    Event Source: BROWSER
    Event Category: None
    Event ID: 8032
    Date: 4/27/2015
    Time: 2:13:57 AM
    User: N/A
    Computer: MyServer
    Description:
    The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{5AB3D173-77F2-402F-8303-001950F7EF1E}. The backup browser is stopping.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 35 00 00 00 5...
    Event Type: Warning
    Event Source: LSASRV
    Event Category: SPNEGO (Negotiator)
    Event ID: 40960
    Date: 4/27/2015
    Time: 2:24:11 AM
    User: N/A
    Computer: MyServer
    Description:
    The Security System detected an authentication error for the server MyServer.MyDomain.com. The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request.
    (0xc000005e)".

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 5e 00 00 c0 ^..
    |
    +-- JDMils
    |
    +-- Regional Systems Engineer, DotNet programmer & Jack of all trades
    |

    Comment


    • #3
      Re: Losing DNS records in a domain

      Have you Googled the Event Id errors?
      1 1 was a racehorse.
      2 2 was 1 2.
      1 1 1 1 race 1 day,
      2 2 1 1 2

      Comment


      • #4
        Your issue is Event ID 40960 IMO

        http://www.eventid.net/display-event...08-phase-1.htm

        Comment


        • #5
          Servers should always have fixed IPs and static DNS entries, just so this sort of thing doesn't happen. It may take a little time to enter in, but as long as DNS is running, you should never have resolution issues against your servers list. You only do it once, then forget it.
          *RicklesP*
          MSCA (2003/XP), Security+, CCNA

          ** Remember: credit where credit is due, and reputation points as appropriate **

          Comment


          • #6
            All our servers have static IPs.
            |
            +-- JDMils
            |
            +-- Regional Systems Engineer, DotNet programmer & Jack of all trades
            |

            Comment


            • #7
              But, are the entries in your DNS listing for the servers showing as 'static' or do they have date-time stamps against them? Because DNS is so central to Active Directory and other services, the DNS entries for your servers should be static as well, meaning you enter them in, manually, when you fix the IP on the respective server's NIC. Takes all the guesswork out of clients being able to 'find' a server, which sounds exactly what you're experiencing.
              *RicklesP*
              MSCA (2003/XP), Security+, CCNA

              ** Remember: credit where credit is due, and reputation points as appropriate **

              Comment

              Working...
              X