none
NetLogon service registering wrong IP address

    Frage

  • We are facing problem for which we haven't found remedy. Problem is that on two of four domain controllers Netlogon service is registering IP address from Backup NIC even dynamic updates are disabled on network interface, also HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{Interface_ID}\ "DisableDynamicUpdate"=dword:00000001.

    Tested with nltest.exe /server:DC1 /dsgetdc:company.com and only situation when backup ip address isn't registred is when backup nic is disabled.

    Freitag, 19. April 2013 08:05

Alle Antworten

  • Hello,

    so on the NIC "Register this connection's addresses in DNS" is NOT checked? In the mentioned registry in should be the key "RegistrationEnabled" set to 1 or 0?


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Freitag, 19. April 2013 08:36
  • Hi,

    "RegistrationEnabled"  is set to 0. Still NetLogon is registering \\[backup_nic_ip]

    Freitag, 19. April 2013 16:37
  • Hi

    Check the NIC binding order, set DC's private IP NIC on top and backup NIC at down.
    How to set/view the NIC bind order in Windows
    http://theregime.wordpress.com/2008/03/04/how-to-setview-the-nic-bind-order-in-windows/

    Also verify/set following:
    On DC NIC: Check the box for "Register this connection's address in DNS" Advanced TCP/IP Settings for a network interface.
    On backup NIC: Uncheck the box for "Register this connection's address in DNS" Advanced TCP/IP Settings for a network interface.

    Also set DNS listning IP address in DNS console:

    • Start the DNS Management Microsoft Management Console (MMC).
    • Right-click the DNS server, and then click Properties.
    • Click the Interfaces tab.
    • Under Listen on, click to select the Only the following IP addresses check box.
    • Type the IP addresses that you want the server to listen on. Include only the IP addresses of the interfaces for which you want a host A record registered in DNS.
    • Click OK, and then quit the DNS Management MMC.

    Once done with above, run this command on all problem DC:
    net stop netlogon & net stop DNS & ipconfig /flushdns & net start dns & net start netlogon & ipconfig /registerdns & nbtstat -R & nbtstat -RR


    Best regards,

    Abhijit Waikar.
    MCSA | MCSA:Messaging | MCITP:SA | MCC:2012
    Blog: http://abhijitw.wordpress.com
    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees and confers no rights.

    Freitag, 19. April 2013 19:23
  • Hello, I had same concerns about NICs order and DNS running only on correct interface but even those steps didn't help.

    As false hope I also tried to change through WMI property DomainControllerAddress of domain instance at win32_ntdomain but after error I found this property as Read-Only.

    I'm curious about algorithm which is NetLogon is using for registration of DomainControllerAddress.

    BrAL

    Samstag, 20. April 2013 11:21
  • I'll ask an obvious question, you're deleting the records and then running a /registerdns to ensure they're not being updated correct?

    MCITP-EA | "You don't understand anything until you learn it more than one way" | Hope This Helps!

    Samstag, 20. April 2013 12:13
  • Hi, DC doesn't register Backup IP address in DNS, only NetLogon service register Backup IP address. We have other domain controllers running on similar hardware with same Windows Server 2008 r2 configuration and they are not troubled by this issue.
    Samstag, 20. April 2013 12:32
  • Re-installation of affected Domain Controller solve the issue but root cause is still unknown.  Let say it wasn't worth of doing RCA.
    Samstag, 11. Mai 2013 08:17