Lead Image © Fernando Gregory, 123RF.com
Resolving problems with DNS, Active Directory, and Group Policy
Escaping the Trap
Incorrect name resolution and network connectivity are the most common problems on networks. Therefore, if a service on one or more computers fails or if connectivity and performance problems occur, always check first whether name resolution and the connection between the servers and clients is working optimally. At the command prompt, nslookup checks to see whether the name of the server can still be resolved on the computers involved, which can often help delimit errors. All participating servers – and clients – need to be able to resolve one anothers' addresses.
Name Resolution and Network Connectivity
Name resolution plays an important role: The nslookup command must return the server IP address correctly. However, this does not work in nested structures until you have configured Domain Name System (DNS) servers for the subdomain on the subdomain controller and the DNS server has registered. To use other DNS servers for name resolution on the local machine, run nslookup <host> <server> at the command line as follows:
nslookup dc02.microsoft.com dc01.contoso.com
Here, nslookup attempts to resolve host dc02.microsoft.com
using server dc01.contoso.com
. Instead of the second entry, you could specify the IP address.
If you enter a DNS server with its fully qualified domain name (FQDN) as the service entry, it requires the DNS server used by the local computer to resolve the server dc01.contoso.com , but not the host dc02.microsoft.com . The DNS server dc01.contoso.com in turn can then resolve the host dc02.microsoft.com , and you will not see an error.
In other words, you can use the nslookup tool to reveal in great detail the weak points of your DNS resolution. To query multiple hosts one after another, use
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
US / Canada
UK / Australia
Related content
-
Policy-based DNS in Windows Server 2016
Inflexible DNS name resolution was solved in Windows Server 2016, thanks to policy-based DNS. -
Setting up and managing IPv6 on Windows Server 2016
Windows Server 2016 automatically prefers IPv6 addresses, if available, but the manual configuration steps differ from IPv4 and necessitate new tools. Here's how to approach IPv6 in your daily admin work. -
11 Tricks for Windows servers
A number of techniques applied in PowerShell or other management tools can run Windows servers more effectively, harden them, and improve their performance. -
Solving the security problems of encrypted DNS
DNS encryption offers WiFi users good protection in public spaces; however, in the enterprise, it prevents the evaluation and filtering of name resolution. -
Managing Active Directory sites and subnets
Active Directory domains distributed across multiple physical locations with IP subnetting and network configuration allows for replication and universal user logins.