Hi, we have an on and off problem where certain users stop being able to reach certain systems like our network shares and SQL server. After some troubleshooting, we found out that they are able to ping affected systems and access them through their IPs instead of their DNS. The issue will come and go, affected users are often the same and will see the problem fixed in a couple hours. Any leads ? We had found the following error message and tried linked reg key change without success.
10 Spice ups
Can you verify that the DNS servers configured on the NIC of your domain controller include the IP address of another DC in the network (if available), 127.0.0.1, and no non-AD DNS servers?
(If this is your only DC, then 127.0.0.1 should be the only DNS server listed.)
If you are using a Comcast modem as your primary gateway/firewall (please don’t), be aware that turning off DHCPv6 is not possible. This will set the modem as an IPv6 DNS server on all DHCPv6 devices including your DC, and that will create all sorts of chaos with Active Directory networks because the modem doesn’t know about your AD infrastructure.
Problem was related to an old DNS suffix entry on affected computers. @jonathanjohnson0724 Thanks for the lead, I’ve looked it up and both our DNS servers are there. I’m not sure if that’s related, but an old decommissioned AD DC is still trying to replicate, per the active AD DC logs. Would you say that could cause a problem ?
How many active DCs do you have ?? Are their DNS server IPs in their IP address config round-robin ?
Is your old DC completely nuked from the DCs
- look under Domain user & computer
- look in Domain sites & services
2 active DCs. I could not find any entry for the decommissioned one in the DNS config, though it is still on there in both domain user & computer and sites & services.
