Dual NIC problems with Netlogon and DNS
Dual NIC problems with Netlogon and DNS
Here is an very interesting blog from Andy on Dual NIC problems on DELL Servers
Original Source can be found at ; http://cameron-webb.com/blog/archive/2004/04/15/165.aspx
There's a long-standing issue with domain controllers with multiple network interfaces and DNS.
On a normal workstation, or member server, the DHCP Client service is responsible for performing dynamic DNS registrations for the machine. On each network properties page, there is a checkbox “register this connection in DNS” that controls the DNS registration such that you can have a dedicated monitoring or backup/restore LAN that is not used for normal traffic and is not listed in DNS.
On a domain controller, however, the Netlogon service is responsible for making the DNS registrations and it does not respect the setting of the “register this connection in DNS” checkbox. This is normally something you can work around through careful configuration of the secondary network addresses, but it still results in extra records in the AD (_msdcs) that can be confusing and increase replication. There is a specific issue that does not have an obvious solution though - Dell servers with the DRAC cards enabled have a virtual network interface for the remote console VNC session connectivity. The address of this interface is 192.168.234.235 on /all/ Dell servers. This causes problems with all the servers on the network because when DNS queries are made for network logons, group policies, etc. one of the results of the query is the 192.168.234.235 address, which is a valid local address!
There are two possible resolutions to this problem:
1. There is now a hotfix available from Microsoft for Windows 2003 that corrects the Netlogon service to properly respect the “register this connection in DNS” checkbox on the network properties. KB 832478. To make this work for the DRAC problem, there's one further trick once the hotfix is installed. You must open the racdun.pbk file (double click it) which has the network properties of the DRAC virtual interface and uncheck the “register this connection in DNS“ checkbox.
note that if you don't need the remote VNC connection to the console via the DRAC, you can simply disable the DRAC PPP device in Device Manager
2. The racadm utility from Dell can be used to change the IP address of the DRAC virtual interface.
"racadm config -g cfgRacTuning -o cfgRacTuneMnNwIpAddrBase xxx.xxx.xxx.xxx"
Set HKU\.DEFAULT\Software\Dell Computer Corporation\OpenManage\RacWinVnc3\HostIPAddress to be the next IP after xxx.xxx.xxx.xxx on the same network (class C)
restart the server
Comments