question

NiklasAker-4505 avatar image
0 Votes"
NiklasAker-4505 asked DSPatrick commented

Server 2019 DNS cant resolve sites on Windows 10

Hello,

I have a domain with two 2019 AD Servers with DNS activated. Added to a 2008 R2 domain, i still have one 2008 R2 server in domain (to be be retiered) soo the Domain level is 2008 R2.

Some sites on "all browsers" on windows 10 cant be resolved (timed out), i can run the sites on the server.

Info:

Fotwarders are applied on ip v4 and can be resolved.
No ip v6 revers zone activated.
DNS servers DNS points to own and other DNS server.

Regars.

windows-server-2019windows-dhcp-dns
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered DSPatrick commented

EHLMDC005 should have own static ip address (192.168.1.5) listed for DNS then do ipconfig /flushdns, ipconfig /registerdns, restart the netlogon service

EHLMDC006 should have own static ip address (192.168.1.6) listed for DNS also remove the public DNS (8.8.4.4) then do ipconfig /flushdns, ipconfig /registerdns, restart the netlogon service

EHLMDC003 should have own static ip address (192.168.1.3) listed for DNS then do ipconfig /flushdns, ipconfig /registerdns, restart the netlogon service

Something may be broken with windows time service, needs investigated. There is time skew between servers
https://blogs.technet.microsoft.com/nepapfe/2013/03/01/its-simple-time-configuration-in-active-directory/

" Unable to connect to the NETLOGON share!" Are sysvol / netlogon shares present on all three domain controllers?

"The DFS Replication service encountered an error communicating with partner EHLMDC006 for replication" I'd check the event logs for more details about this one

EHLMVP01 DHCP subnet mask seems a little odd 255.0.0.0



--please don't forget to Accept as answer if the reply is helpful--












· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello, you found the problem. It was a simple human error (my error), when i created the DHCP scope i created the ip range wrong (marathon 2019 migration, all nighter) therefore mask 255.0.0.0. Now when i recreated it right its working. Thanks a lot for the help, sometimes its right before you but you cant see it! I have also implemented your other rekommendations.

0 Votes 0 ·

Glad to hear, you're welcome.


0 Votes 0 ·
SunnyQi-MSFT avatar image
0 Votes"
SunnyQi-MSFT answered NiklasAker-4505 commented

Hi,

Thanks for posting in Q&A platform.

My understanding is there are 2 Windows 2019 server with AD DS and DNS roles in your environment. And forwarders have been configured on these 2 DNS servers. The site can be accessed from server 2019 side but cannot be accessed from Windows 10 client side. Please correct if my understanding is wrong. What about the role of windows 2008 R2, is it also a DNS server in the same domain?

May I know how do we configure the DNS servers on Windows 10 client?

Kindly share the results of DSPatrick's recommendation for further troubleshooting.

Best Regards,
Sunny


If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

There are 3 dns servers:

1 2008 R2 (to be retiered after this problem has been solved)
2 20019 added to the "2008 R2" domain, and DNS activated while 2008 R2 still in place.

All 3 servers have same forwarders with status OK. But takes long time to resolve.
AD level is till 2008 R2

All windows clients points to new 2019 DNS:es. and cant resolve some sites, same sites can be resolved on DNS severs.

Niklas

0 Votes 0 ·
DSPatrick avatar image
0 Votes"
DSPatrick answered

Do you want me to run the commands on the DC/DNS?

Three DC's and problem workstation.





5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered NiklasAker-4505 commented

Please run;

Dcdiag /v /c /d /e /s:%computername% >c:\dcdiag.log
repadmin /showrepl >C:\repl.txt
ipconfig /all > C:\dc1.txt
ipconfig /all > C:\dc2.txt
ipconfig /all > C:\dc3.txt
ipconfig /all > C:\problemworkstation.txt

then put unzipped text files up on OneDrive and share a link.





· 5
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello, its on all workstations, soo it is within the DNS "forrest" since its the same on both 2019 DNS/AD servers. Do you want me to run the commands on the DC/DNS?

Niklas

0 Votes 0 ·

Please let me know when you have downloaded the zipped file so i can remove the "public" link.

Niklas

0 Votes 0 ·

please do not zip the files.


0 Votes 0 ·
Show more comments