Windows Sever 2003 : Troubleshooting Name Resolution

11/6/2012 1:06:49 AM
DNS name resolution failure is one of the common causes of Internet access problems. On a network running Windows Server 2003 servers, the inability to resolve DNS names can bring client activities to a standstill because Active Directory relies on DNS and is responsible for controlling all client access to Windows server resources. When a client’s attempts to resolve DNS names fail, there are usually two possible causes: either the client is incorrectly configured, or the DNS server itself is inaccessible or not functioning properly.

Troubleshooting Client Configuration Problems

When a client reports a failure to access a TCP/IP resource, such as a “Name Not Found” error message, the first order of business is to determine whether the computer has any TCP/IP connectivity at all. Once you have determined that the computer is connected to the network and that it can access TCP/IP resources, the usual method for isolating a name resolution problem is to try accessing a server using its IP address instead of its DNS name. If the computer can access the server using the IP address, you know that the problem is related to the name resolution process.

The next order of business is to check the client computer’s TCP/IP configuration parameters. Assuming that the client is running Windows 2000 or Windows XP, display a Command Prompt window, type ipconfig /all at the prompt, and press ENTER. The resulting display contains all the computer’s TCP/IP settings, including the IP addresses of the DNS servers it is configured to use.

Check to see that the IP addresses listed under DNS Servers in the Ipconfig.exe display are correct for a computer on the client’s network. If they are not correct, you can modify them using Network Connections in Control Panel. If the IP addresses of the DNS servers are correct, use the Ping.exe tool at the command prompt to determine whether the client computer can contact them. You do this by using the following syntax, where ipaddress is the address of the DNS server:

ping ipaddress

If the ping test fails, you know that either the DNS server is not running at all or a network connectivity problem is preventing the client from accessing the DNS server. If you have already checked the client computer’s general network connectivity, there might be a problem with the router or other connection device that provides access to the network on which the DNS server is located. If this is the case, follow the protocol established at your organization for troubleshooting a network connectivity problem. This protocol might require you to escalate the incident to another technician or to begin the troubleshooting process yourself. In either case, if the client’s computer can access the network and is configured with the correct DNS server addresses, you can be sure the problem lies elsewhere in the network.

Troubleshooting DNS Server Problems

If a client computer is able to access the network and you have ruled out other network connectivity problems, the cause of the name resolution failures lies in the DNS server itself. A variety of conditions can prevent DNS servers from fulfilling their functions, as described in the following sections.

Nonfunctioning DNS Servers

If a client is unable to ping a DNS server and there is no client configuration or network connectivity problem, the DNS server itself might not be functioning or might be suffering from its own configuration or connectivity problem. Assuming the server is turned on and the operating system is running as it should, you should begin by checking the server’s own TCP/IP client configuration parameters.

DNS and TCP/IP Configuration

Windows Server 2003 DNS servers should have static IP addresses. If the server is configured to obtain its IP address from DHCP, make sure that the DHCP server is manually allocating the address so that it never changes, and that the DNS server is actually using the IP address the DNS clients are configured to use. You can use the same ipconfig /all command to view the DNS server’s IP address and other TCP/IP settings, whether or not they are assigned by DHCP.

If clients are able to ping the DNS server but are not receiving replies to name resolution requests, the problem could be that the DNS Server service is not running. Display the Services console, and check to see that its status is Started. In nearly all cases, the Startup Type selector for the DNS Server service should be set to Automatic. If the Startup Type selector is set to Manual, it is likely that the server restarted and no one manually started the DNS Server service. If the Startup Type selector for the DNS Server service is Automatic and the service is not running, either someone stopped it deliberately or a problem caused it to stop. Check the logs in the Event Viewer console for any indication of a problem, and check with your colleagues to see whether someone is working on the server and has stopped it for a reason.

If you can find no reason for the DNS Server service to have stopped, you can try to start it again. Then test it carefully to see whether it is functioning properly.


To test the functionality of a Windows Server 2003 DNS server, display the server’s Properties dialog box in the DNS console and then click the Monitoring tab. Choose whether you want to perform a simple (iterative) query or a recursive query test, and then click Test Now. Windows Server 2003 also includes a tool called Nslookup.exe, which you can use to test the functionality of a specific DNS server from any location on the network.

Troubleshooting Incorrect Name Resolutions

In some cases, client computers are able to complete the DNS name resolution process, but the DNS server supplies them with outdated or incorrect information. If the clients are attempting to resolve names for which the DNS server is the authoritative source, it is possible that the DNS server has bad information in its resource records. This could be attributable to any of the following causes:

  • Incorrect resource records If your DNS servers rely on administrators to manually create and modify resource records, the possibility of typographical errors always exists. If this is the case, the only solution is to manually check and correct the resource records on the server.

  • Dynamic updates failed to occur If you have configured your DNS servers to use dynamic updates and those updates have not occurred for any reason, the server’s resource records could contain incorrect or outdated IP addresses. In this event, you can correct the resource records manually, or you can trigger a new dynamic update by traveling to the computer whose resource record is wrong and typing ipconfig /registerdns at a command prompt. This causes the DNS client on the computer to re-register its IP address with the DNS server. If dynamic updates still fail to occur, check to see whether the server supports them and is configured to accept them.

  • Zone transfers failed to occur If the DNS server is incorrectly resolving names from a secondary zone, it is possible that a zone transfer has failed to occur, leaving outdated information in the secondary zone database file. Try to manually trigger a zone transfer by right-clicking the secondary zone and choosing Transfer From Master. If the zone transfer still does not occur, the problem might be due to incompatible DNS server implementations, such as different compression formats or unsupported resource record types. If this is the case, you might have to update the secondary zone’s resource records manually, until you can update one or both servers to compatible DNS software implementations.

If the DNS server supplying incorrect information is not the authority for the names it is resolving, it is possible that the server’s cache contains incorrect or outdated information. The best solution for this problem is to clear the cache, which you do in Windows Server 2003 by clicking the server’s icon in the DNS console and, from the Action menu, selecting Clear Cache.


DNS servers supplying incorrect information, whether from their own zones or from the cache, might be doing so because an unauthorized user has planted the incorrect information or polluted the cache. 

Troubleshooting Outside Name Resolution Failures

In some cases, you might discover that a DNS server can successfully resolve names for which it is the authority but fails to resolve names in other domains. This problem is typically due to a recursion failure, meaning that the server either is not forwarding queries for other domains to the appropriate place or is not forwarding queries at all.

One possible cause of recursion failures is that the server is configured with incorrect root hints. Root hints are a DNS server’s list of root name server addresses, which it uses to resolve names outside its domain. If the server cannot contact one of the root name servers, it cannot discover the IP addresses of the authoritative servers for the domain that contains the name it is trying to resolve. The DNS server in Windows Server 2003 comes preconfigured with root hints for the Internet root name servers, as shown in Figure 1.

Figure 1. The Root Hints tab in a DNS server’s Properties dialog box

Off the Record

The addresses of the Internet root name servers rarely change, and it is not likely that a Windows DNS server would be unable to contact even one of these servers, unless someone modifies the root hints. It is more common for a network connectivity problem to be affecting the server’s communication with the root name servers.

Incorrect root hints are more likely to cause problems in a DNS namespace that is isolated from the Internet and contains its own internal root. If this is the case, the person who initially configured the DNS server probably either forgot to add the internal root name server to the list of root hints or typed the root name server’s address incorrectly. Correcting the root hints in the DNS console should resolve the problem.

It is also possible that the server is configured not to use recursion at all. Windows Server 2003 DNS servers use recursion by default, but it is possible to prevent the server from using recursion by selecting the Disable Recursion (Also Disables Forwarders) check box under Server Options in the Advanced tab in the server’s Properties dialog box. You can also prevent recursion when configuring a Windows DNS server to use forwarders. When you display a DNS server’s Properties dialog box, you can select the Do Not Use Recursion For This Domain check box in the Forwarders tab. This prevents the server from using any recursion should the forwarder be unable to resolve a name. If you require the server to use recursion, be sure that these options are not selected.

Most View
Looking Good, Sounding Great (Part 1) : Q Acoustics Q7000i 5.1, Bowers & Wilkins MT-50, Canton Movie 1050
Booting on HP 9000 Servers (part 2) - The setboot Command, Boot Console Handler (BCH) and Processor Dependent Code (PDC)
Sony Xperia ZL Review - A Powerhouse Phone In An Amazingly Compact Chassis (Part 3)
Long Awaited Canon Super Telephoto Emerges From The Wild
Sling Media Slingbox Pro-HD
Ouya Gaming Machine Review - Founding Backer Version (Part 1)
Seasonic And Enhance Junior PSUs - Compact Power Supply (Part 5) : Enhance ENP-7025E
SQL Server 2008 : Common performance problems (part 1) - Procedure cache bloating
ECS Z77H2-A2X v1.0 - Golden LGA 1155 Mainboard From The Black Series (Part 6)
Booting on HP 9000 Servers (part 4) - HPUX Secondary System Loader (hpux)
Top 10
SQL Server 2012 : Consolidating Data Capture with SQLdiag - Getting Friendly with SQLdiag (part 2) - Using SQLdiag as a Service
SQL Server 2012 : Consolidating Data Capture with SQLdiag - Getting Friendly with SQLdiag (part 1) - Using SQLdiag as a Command-line Application
SQL Server 2012 : Consolidating Data Capture with SQLdiag - The Data Collection Dilemma, An Approach to Data Collection
SQL Server 2012 : Troubleshooting Methodology and Practices - Data Analysis, Validating and Implementing Resolution
SQL Server 2012 : Troubleshooting Methodology and Practices - Data Collection
SQL Server 2012 : Troubleshooting Methodology and Practices - Defining the Problem
SQL Server 2012 : Troubleshooting Methodology and Practices - Approaching Problems
Windows 8 : Accessing System Image Backup and Recovery Functionality with Windows Backup, Cloud Backup
Windows 8 : Using the Windows 8 Recovery Tools (part 2) - Push Button Reset
Windows 8 : Using the Windows 8 Recovery Tools (part 1) - Creating a System Recovery Disc, Booting to the Windows Recovery Environment