Steps to avoid registering unwanted NIC(s) in DNS on a Mulithomed Domain Controller

Article ID: 2023004 - View products that this article applies to.
Expand all | Collapse all

Symptoms

 

On Domain Controllers with more than one NIC where each NIC is connected to separate Network, there is a possibility that the Host A DNS registration can occur for unwanted NIC(s).

If the client queries for DC’s DNS records and gets an unwanted record or the record of a different network which is not reachable to client, the client will fail to contact the DC causing authentication and many other issues.  

Cause

 

The DNS server will respond to the query in a round robin fashion. If the DC has multiple NICs registered in DNS. The DNS will serve the client with all the records available for that DC.

To prevent this, we need to make sure the unwanted NIC address is not registered in DNS.

Below are the services that are responsible for Host A record registration on a DC

  1. 1.       Netlogon service
  2. 2.      DNS server service (if the DC is running DNS server service)
  3. 3.      DHCP client /DNS client (2003/2008)

If the NIC card is configured to register the connection address in DNS, then the DHCP /DNS client service will

Register the record in DNS. Unwanted NIC should be configured not to register the connection address in DNS

 If the DC is running DNS server service, then the DNS service will register the interface Host A record that it has set to listen on. The Zone properties, “Name server” tab list out the IP addresses of interfaces present on the DC. If it has listed both the IPs, then DNS server will register Host A record for both the IP addresses.

 We need to make sure only the required interface listens for DNS and the zone properties, name server tab has required IP address information

Resolution

 

To avoid this problem perform the following 3 steps (It is important that you follow all the steps to avoid the issue).
1. Under Network Connections Properties:
On the Unwanted NIC TCP/IP Properties -> Advanced -> DNS - > Uncheck "Register this connections Address in DNS"

2. Open the DNS server console:  highlight the server on the left pane Action-> Properties and on the "Interfaces" tab select "listen on only the following IP addresses". Remove unwanted IP address from the list

3. On the Zone properties, select Name server tab. Along with FQDN of the DC, you will see the IP address associated with the DC. Remove unwanted IP address if it is listed.

 

After performing this delete the existing unwanted Host A record of the DC.

More Information

 

Hardware details: IBM servers with two NICs 

1. Ethernet NIC 

2. USB NIC ( can be considered for multiple Ethernet NICs also)
Note This is a "FAST PUBLISH" article created directly from within the Microsoft support organization. The information contained herein is provided as-is in response to emerging issues. As a result of the speed in making it available, the materials may include typographical errors and may be revised at any time without notice. See Terms of Use for other considerations.

Properties

Article ID: 2023004 - Last Review: April 12, 2010 - Revision: 1.0
APPLIES TO
  • Microsoft Windows Server 2003 R2 Enterprise Edition KN
  • Microsoft Windows Server 2003 R2 Enterprise Edition (32-Bit x86)
  • Microsoft Windows Server 2003 R2 Enterprise x64 Edition
  • Microsoft Windows Server 2003 R2 Standard Edition (32-bit x86)
  • Microsoft Windows Server 2003 Service Pack 1
  • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
  • Microsoft Windows Server 2003, Standard x64 Edition
  • Windows Server 2008 Enterprise
  • Windows Server 2008 R2 Enterprise
  • Windows Server 2008 Standard
Keywords: 
KB2023004

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com