One of the Domain Controller DNS entries pointing to wrong IP Address (resolving with the wrong IP address) which is affected Active Directory authentication and other services. This is a unique issue which I have come across
It’s a single forest with multiple child domains as the architecture, when try to resolve one of the child Domain’s Domain Controller from other child domain, it resolve to incorrect value and after sometime the DNS servers will resolve with the correct IP addresses
Affected Domain Controller configured with Correct IP and no issues with DNS resolution with in same domain, issue seen if we resolve from other child domain and was very intermittent, sometime resolves correct IP and sometime not
Root Cause:
Cross Domain DNS resolution through DNS zone delegation (not through DNS forwarder /conditional forwarder), found the wrong IP configured on the NS record from DNS zone delegation for child domain on root Domain
Domain Controllers on all child domains are configured with DNS forwarder to root Domain and DNS zone delegation configured for all child domains on root Domain, will able to resolve any Domain DNS from All the Domains
Solution:
DNS zone delegation with manual NS record that causes the issue, if we change the Domain Controller IP address, need to change the NS record IP address on DNS zone delegation to avoid this issue
Or
Need to configure conditional forwarder on all DNS servers for each Domain with multiple IP address for redundancy
When Windows2016 will release
Nice blogs. Thank you
Extra ordinary stuffs, excellent ! Thank You. This tutorial helped me to crack L3 AD interview in short span
Posted blogs content is really meaningful simple and fantastic.
Thanks for posting so much information.
thank you sir
Nice and Good
Good Source of learning