[ActiveDir] Found bug in Active Directory DNS (integrated)
Ok, this is the scenario.I needed to create 123 DNS entries really quick so I decided to use DNSCMD. It ended it being a big mistake. The mandatory parameters for DNSCMD /RECORDADD are the following: servername /RecordAdd Zone NodeName RRType RRData [command parameters] So I typed in the following: (entered it on different lines for easy readibiltiy). ncdc01 /RecordAdd myDomain.com hostA.myDomain.com A 192.168.1.2 The command completes with a "Command Completed Successfuly". Great. Only one problem. It does not show up in the DNS management console. I can see it in the directory but not in the DNS snapin. When I do a NsLookup on that record it comes up as hostA.myDomain.com.myDomain.com. Ok so I figured out that you do not need to specify the domain name for the NodeName parameter of the command. I go ahead and delete the entry in ADUC because I can't see it in DNS console, clear the DNS cache on the server and clear the cache on my client. When I run NsLookup on the host again it shows up as hostA.myDomain.com.myDomain.com. That is impossible right? The only way I was able to clear this entry from the server cache was to restart DNS on the DC. Not a feasible solution when you have 20 DC across the country. Has anyone seen this before? Thanks Yves
RE: [ActiveDir] Found bug in Active Directory DNS (integrated)
You're sure that it wasn't your client cache returning the value after the initial query? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of ADSent: Wednesday, December 07, 2005 7:36 AMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Found bug in Active Directory DNS (integrated) Ok, this is the scenario.I needed to create 123 DNS entries really quick so I decided to use DNSCMD. It ended it being a big mistake. The mandatory parameters for DNSCMD /RECORDADD are the following: servername /RecordAdd Zone NodeName RRType RRData [command parameters] So I typed in the following: (entered it on different lines for easy readibiltiy). ncdc01 /RecordAdd myDomain.com hostA.myDomain.com A 192.168.1.2 The command completes with a "Command Completed Successfuly". Great. Only one problem. It does not show up in the DNS management console. I can see it in the directory but not in the DNS snapin. When I do a NsLookup on that record it comes up as hostA.myDomain.com.myDomain.com. Ok so I figured out that you do not need to specify the domain name for the NodeName parameter of the command. I go ahead and delete the entry in ADUC because I can't see it in DNS console, clear the DNS cache on the server and clear the cache on my client. When I run NsLookup on the host again it shows up as hostA.myDomain.com.myDomain.com. That is impossible right? The only way I was able to clear this entry from the server cache was to restart DNS on the DC. Not a feasible solution when you have 20 DC across the country. Has anyone seen this before? Thanks Yves
RE: [ActiveDir] Found bug in Active Directory DNS (integrated)
Your NodeName is incorrect... NodeName -- name of node for which a record will be added - FQDN of a node (name with a '.' at the end) OR - node name relative to the ZoneName OR - "@" for zone root node OR - service name for SRV only (e.g. _ftp._tcp) The FQDN of the node in your example below should be "hostA." (note the . at the end of the name) not "hostA.myDomain.com" ... Essentially, you added a host to the sub-domain myDomain.com.myDomain.com instead, which is why it doesn't show up in the GUI where expected. Joe Pochedley A computer terminal is not some clunky old television with a typewriter in front of it. It is an interface where the mind and body can connect with the universe and move bits of it about. -Douglas Adams From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of ADSent: Wednesday, December 07, 2005 9:36 AMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Found bug in Active Directory DNS (integrated) Ok, this is the scenario.I needed to create 123 DNS entries really quick so I decided to use DNSCMD. It ended it being a big mistake. The mandatory parameters for DNSCMD /RECORDADD are the following: servername /RecordAdd Zone NodeName RRType RRData [command parameters] So I typed in the following: (entered it on different lines for easy readibiltiy). ncdc01 /RecordAdd myDomain.com hostA.myDomain.com A 192.168.1.2 The command completes with a "Command Completed Successfuly". Great. Only one problem. It does not show up in the DNS management console. I can see it in the directory but not in the DNS snapin. When I do a NsLookup on that record it comes up as hostA.myDomain.com.myDomain.com. Ok so I figured out that you do not need to specify the domain name for the NodeName parameter of the command. I go ahead and delete the entry in ADUC because I can't see it in DNS console, clear the DNS cache on the server and clear the cache on my client. When I run NsLookup on the host again it shows up as hostA.myDomain.com.myDomain.com. That is impossible right? The only way I was able to clear this entry from the server cache was to restart DNS on the DC. Not a feasible solution when you have 20 DC across the country. Has anyone seen this before? Thanks Yves
RE: [ActiveDir] Found bug in Active Directory DNS (integrated)
I concur. I understand why it does not show up in the gui but I do not understand why the server is still caching it. Deleting the object, clearing the pc cache and the server DNS cache does not get rid of the A record. I was hoping someone can try it in their environment and see if they get the same results. Y From: Joe PochedleySent: Wed 07/12/2005 10:34 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Found bug in Active Directory DNS (integrated) Your NodeName is incorrect... NodeName -- name of node for which a record will be added - FQDN of a node (name with a '.' at the end) OR - node name relative to the ZoneName OR - "@" for zone root node OR - service name for SRV only (e.g. _ftp._tcp) The FQDN of the node in your example below should be "hostA." (note the . at the end of the name) not "hostA.myDomain.com" ... Essentially, you added a host to the sub-domain myDomain.com.myDomain.com instead, which is why it doesn't show up in the GUI where expected. Joe Pochedley A computer terminal is not some clunky old television with a typewriter in front of it. It is an interface where the mind and body can connect with the universe and move bits of it about. -Douglas Adams From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of ADSent: Wednesday, December 07, 2005 9:36 AMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Found bug in Active Directory DNS (integrated) Ok, this is the scenario.I needed to create 123 DNS entries really quick so I decided to use DNSCMD. It ended it being a big mistake. The mandatory parameters for DNSCMD /RECORDADD are the following: servername /RecordAdd Zone NodeName RRType RRData [command parameters] So I typed in the following: (entered it on different lines for easy readibiltiy). ncdc01 /RecordAdd myDomain.com hostA.myDomain.com A 192.168.1.2 The command completes with a "Command Completed Successfuly". Great. Only one problem. It does not show up in the DNS management console. I can see it in the directory but not in the DNS snapin. When I do a NsLookup on that record it comes up as hostA.myDomain.com.myDomain.com. Ok so I figured out that you do not need to specify the domain name for the NodeName parameter of the command. I go ahead and delete the entry in ADUC because I can't see it in DNS console, clear the DNS cache on the server and clear the cache on my client. When I run NsLookup on the host again it shows up as hostA.myDomain.com.myDomain.com. That is impossible right? The only way I was able to clear this entry from the server cache was to restart DNS on the DC. Not a feasible solution when you have 20 DC across the country. Has anyone seen this before? Thanks Yves
