Workstations getting faulty session - DNS / PTR record issue

Discussion in 'Windows Small Business Server' started by Nick, May 18, 2008.

  1. Nick

    Nick Guest

    I have an intermittent problem which occasionally affect various of our
    workstations:

    Normally workstations are listed in Sessions page in Local Computer /
    Computer
    as Computer.domail.local, but some days one or two are listed by their short
    computer name instead, any ideas why?

    Our workstations are all use fixed IP numbers, DHCP allocated from MAC
    address reservations.
    DHCP console - DNS tab - "Always dynamically update DNS A and PTR records"
    is already enabled.

    This definately feels like a DNS / PTR record issue but I cannot see what,
    each workstation does have a PTR record it is just that sometimes they don't
    appear to get used properly.

    Thx,
    Nick
     
    Nick, May 18, 2008
    #1
    1. Advertisements

  2. Nick

    davidgold Guest

    Normally workstations are listed in Sessions page in Local Computer /
    not sure where exactly you are talking about, perhaps Computer Management
    under Shared Folders/Sessions?
    assuming your are using SBS and there is only one domain why is it relevant?
    I mean, it's always going to be the same anyway whether it's spelled out or
    not.
     
    davidgold, May 19, 2008
    #2
    1. Advertisements

  3. Nick

    Nick Guest

    DavidGold,
    Server Management - Shares - View Connected Users.
    What I didn't explain was that this started with a problem wereeby some
    would appear as their IP number instead which caused server manager to
    lock-up. That problem has been solved by DHCP console - DNS tab - "Always
    dynamically update DNS A and PTR records" but things are obviously still not
    working perfectly. I agree that this is not causing us any apparent
    problems but would like to get to the bottom of the problem before it does.

    Just had the same thing on one workstation and found a clue this time.
    DNS - Reverse lookup zones - 192.168.16.x Subnet - PTR record for the
    machine with faulty session - Properties - Security
    Permissions for Computer account (domain\MachineXX) - unknown account!
    Should be domain\MachineXX - Write all properties, Read permissions &
    All validate writes

    Also find that DNS - Forward lookup zones - Host(A) record for machine -
    Update associated pointer (PTR) record is not enabled
    plus Permissions for the Computer account (domain\MachineXX) - unknown
    account!


    Any ideas why this is happening.

    Thx,
    Nick
     
    Nick, May 19, 2008
    #3
  4. Hello Nick,

    Thank you for posting here.

    According to your description, I understand that when you view the
    connected users under Server Management console -> Shares, some computers
    display as NetBIOS name but not FQDN. If I have misunderstood the problem,
    please don't hesitate to let me know.

    Based on my research, this is the issue of the PRT record of the
    problematic computers. The SBS detects shared folders connection thru IP
    address. If the IP could resolve to FQDN in DNS, the console will display
    as FQDN, or you will see IP address or just computer name. I suggest we try
    the following steps to see if we can resolve this issue:

    Suggestion 1: Create the PTR record for the problematic client computers:
    1. Click Start on SBS, click Run, type "dnsmgmt.msc" and click OK.

    2. Expand your server\Reverse Lookup Zones\<your local subnet>.Subnet.

    3. Can you see the PTR record for the unresolved IP address, if not, please
    add a PTR record for this IP address.

    Pointer (PTR) - For mapping a reverse DNS domain name based on the IP
    address of a computer that points to the forward DNS domain name of that
    computer.

    PTR records are used to support the reverse lookup process, based on zones
    created and rooted in the in-addr.arpa domain. These records are used to
    locate a computer by its IP address and resolve this information to the DNS
    domain name for that computer.

    PTR RRs can be added to a zone in several ways:

    - You can manually create a PTR RR for a static TCP/IP client computer
    using the DNS, either as a separate procedure or as part of the procedure
    for creating an A RR.

    - Computers use the DHCP Client service to dynamically register and update
    their PTR RR in DNS when an IP configuration change occurs.

    - All other DHCP-enabled client computers can have their PTR RRs registered
    and updated by the DHCP server if they obtain their IP lease from a
    qualified server. The Windows 2000 and Windows Server 2003 DHCP Server
    service provides this capability.

    The pointer (PTR) resource record is used only in reverse lookup zones to
    support reverse lookup.

    Suggestion 2: Please also perform the following steps to make DNS can
    update PTR record automatic:

    In dnsmgmt, right-click <your local subnet>.Subnet and click Properties. On
    General tab, in "Dynamic updates" please select "Nonsecure and secure".
    Click Aging button, do not tick "Scavenge stale resource records".

    Then monitor for one day (waiting for auto update).

    Suggestion 3: Ensure every client computer join SBS domain, and logon
    domain when access the shared folders. Otherwise, the SBS may unable to
    recognize the client.

    I hope these steps will give you some help.

    Thanks and have a nice day!

    Best regards,

    Terence Liu (MSFT)

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    =====================================================
    This newsgroup only focuses on SBS technical issues. If you have issues
    regarding other Microsoft products, you'd better post in the corresponding
    newsgroups so that they can be resolved in an efficient and timely manner.
    You can locate the newsgroup here:
    http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

    When opening a new thread via the web interface, we recommend you check the
    "Notify me of replies" box to receive e-mail notifications when there are
    any updates in your thread. When responding to posts via your newsreader,
    please "Reply to Group" so that others may learn and benefit from your
    issue.

    Microsoft engineers can only focus on one issue per thread. Although we
    provide other information for your reference, we recommend you post
    different incidents in different threads to keep the thread clean. In doing
    so, it will ensure your issues are resolved in a timely manner.

    For urgent issues, you may want to contact Microsoft CSS directly. Please
    check http://support.microsoft.com for regional support phone numbers.

    Any input or comments in this thread are highly appreciated.
    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    | From: "Nick" <>
    | References: <#>
    <>
    | Subject: Re: Workstations getting faulty session - DNS / PTR record issue
    | Date: Mon, 19 May 2008 11:06:55 +0100
    | Lines: 92
    | X-Priority: 3
    | X-MSMail-Priority: Normal
    | X-Newsreader: Microsoft Outlook Express 6.00.3790.2929
    | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
    | X-RFC2646: Format=Flowed; Original
    | Message-ID: <e$>
    | Newsgroups: microsoft.public.windows.server.sbs
    | NNTP-Posting-Host: host86-136-136-109.range86-136.btcentralplus.com
    86.136.136.109
    | Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP05.phx.gbl
    | Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:108302
    | X-Tomcat-NG: microsoft.public.windows.server.sbs
    |
    | DavidGold,
    |
    | > not sure where exactly you are talking about, perhaps Computer
    Management
    | > under Shared Folders/Sessions?
    |
    | Server Management - Shares - View Connected Users.
    |
    | > assuming your are using SBS and there is only one domain why is it
    | > relevant?
    | > I mean, it's always going to be the same anyway whether it's spelled
    out
    | > or
    | > not.
    |
    | What I didn't explain was that this started with a problem wereeby some
    | would appear as their IP number instead which caused server manager to
    | lock-up. That problem has been solved by DHCP console - DNS tab -
    "Always
    | dynamically update DNS A and PTR records" but things are obviously still
    not
    | working perfectly. I agree that this is not causing us any apparent
    | problems but would like to get to the bottom of the problem before it
    does.
    |
    | Just had the same thing on one workstation and found a clue this time.
    | DNS - Reverse lookup zones - 192.168.16.x Subnet - PTR record for the
    | machine with faulty session - Properties - Security
    | Permissions for Computer account (domain\MachineXX) - unknown account!
    | Should be domain\MachineXX - Write all properties, Read permissions &
    | All validate writes
    |
    | Also find that DNS - Forward lookup zones - Host(A) record for machine -
    | Update associated pointer (PTR) record is not enabled
    | plus Permissions for the Computer account (domain\MachineXX) -
    unknown
    | account!
    |
    |
    | Any ideas why this is happening.
    |
    | Thx,
    | Nick
    |
    |
    |
    | | >> Normally workstations are listed in Sessions page in Local Computer /
    | >> Computer
    | >
    | > not sure where exactly you are talking about, perhaps Computer
    Management
    | > under Shared Folders/Sessions?
    | >
    | >> as Computer.domail.local, but some days one or two are listed by their
    | >> short
    | >> computer name instead, any ideas why?
    | >
    | > assuming your are using SBS and there is only one domain why is it
    | > relevant?
    | > I mean, it's always going to be the same anyway whether it's spelled
    out
    | > or
    | > not.
    | >
    | >
    | >
    | >
    | >
    | > "Nick" wrote:
    | >
    | >> I have an intermittent problem which occasionally affect various of our
    | >> workstations:
    | >>
    | >> Normally workstations are listed in Sessions page in Local Computer /
    | >> Computer
    | >> as Computer.domail.local, but some days one or two are listed by their
    | >> short
    | >> computer name instead, any ideas why?
    | >>
    | >> Our workstations are all use fixed IP numbers, DHCP allocated from MAC
    | >> address reservations.
    | >> DHCP console - DNS tab - "Always dynamically update DNS A and PTR
    | >> records"
    | >> is already enabled.
    | >>
    | >> This definately feels like a DNS / PTR record issue but I cannot see
    | >> what,
    | >> each workstation does have a PTR record it is just that sometimes they
    | >> don't
    | >> appear to get used properly.
    | >>
    | >> Thx,
    | >> Nick
    | >>
    | >>
    | >>
    |
    |
    |
     
    Terence Liu [MSFT], May 20, 2008
    #4
  5. Nick

    Nick Guest

    Terrence, thanks for your suggestions.

    PTR records already exist for all computers.

    DNS - ServerName -
    Forward Lookup zones - Domain.local - Dynamic updates was 'Secure only',
    now changed to 'Nonsecure and secure'
    Aging button - "Scavenge stale resource records" already tyurned Off.
    Is this safe - there is a warning on screen about 'Allowing
    nonsecure dynamic updates is a significant security vulerability...'
    Should I also do the same in Reverse lookup zones - 192.168.16.x as
    that is currently set to Secure only?
    Also what about Forward Lookup zones - _msdcs.domain.local is same
    necessary there?

    Will monitor and report back status.
    Not quite sure I understand what you are asking here. All workstations are
    part of the domain.

    With regard to the PTR record something I have noticed:
    This morning I have one workstation displaying as NetBIOS rather than FQDN.
    Looking up Permissions for PTR record for this machine in Reverse lookup
    zones shows that this PTR record does not have a permissions entry for the
    Machine Name, all others have a permisions entry for:
    Domain\MachineX$: Write all properties, Read Permissions, All validated
    writes.
    Any thoughts as to why this is? Who should be the owner of the PTR record,
    System or Computer account? Am I perhaps missing some permission somewhere
    which is causing this.

    With regards,
    Nick
     
    Nick, May 20, 2008
    #5
  6. Hello Nick,

    Thank you for your update.

    1. Dynamic updates of the zone

    a. You can set the Reverse lookup zones - 192.168.16.x as 'Nonsecure and
    secure', but do not change any settings on Forward Lookup zones -
    _msdcs.domain.local. It is used for AD resource name resolution.

    b. You can tick the option "Scavenge stale resource records" for Forward
    Lookup zones - Domain.local and Reverse lookup zones - 192.168.16.x, but
    not Forward Lookup zones - _msdcs.domain.local.

    c. Please ignore the warning of 'Allowing nonsecure dynamic updates is a
    significant security vulnerability...'

    2. For the client computers, we need to join them to SBS domain. When
    access the shared folders, ensure the clients use the domain accounts to
    logon computers.

    3. For the PTR record permission, the owner should be 'Administrator' and
    'Administrators'. Meanwhile, you need to ensure 'Everyone' has 'Read'
    permission of each record.

    4. Please wait one day or two to monitor this issue. The records update
    need a period of time. You may also need to restart clients and SBS to make
    the them resolve names with new settings.

    If we cannot resolve the issue after we perform the above steps, please
    help me collect some information for further investigation:

    1. Please open Forward Lookup zones - Domain.local and Reverse lookup zones
    - 192.168.16.x properties, select general tab, and capture screenshots on
    the windows and send the pictures to me at

    2. Right click Forward Lookup zones - Domain.local and Reverse lookup zones
    - 192.168.16.x, select 'Export List', save the lists to text files and send
    to me.

    I hope these steps will give you some help.

    Thanks and have a nice day!

    Best regards,

    Terence Liu (MSFT)

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    =====================================================
    This newsgroup only focuses on SBS technical issues. If you have issues
    regarding other Microsoft products, you'd better post in the corresponding
    newsgroups so that they can be resolved in an efficient and timely manner.
    You can locate the newsgroup here:
    http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

    When opening a new thread via the web interface, we recommend you check the
    "Notify me of replies" box to receive e-mail notifications when there are
    any updates in your thread. When responding to posts via your newsreader,
    please "Reply to Group" so that others may learn and benefit from your
    issue.

    Microsoft engineers can only focus on one issue per thread. Although we
    provide other information for your reference, we recommend you post
    different incidents in different threads to keep the thread clean. In doing
    so, it will ensure your issues are resolved in a timely manner.

    For urgent issues, you may want to contact Microsoft CSS directly. Please
    check http://support.microsoft.com for regional support phone numbers.

    Any input or comments in this thread are highly appreciated.
    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    | From: "Nick" <>
    | References: <#>
    <>
    <e$>
    <>
    | Subject: Re: Workstations getting faulty session - DNS / PTR record issue
    | Date: Tue, 20 May 2008 11:25:34 +0100
    | Lines: 281
    | X-Priority: 3
    | X-MSMail-Priority: Normal
    | X-Newsreader: Microsoft Outlook Express 6.00.3790.2929
    | X-RFC2646: Format=Flowed; Original
    | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
    | Message-ID: <OH$>
    | Newsgroups: microsoft.public.windows.server.sbs
    | NNTP-Posting-Host: host81-154-197-37.range81-154.btcentralplus.com
    81.154.197.37
    | Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP05.phx.gbl
    | Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:108477
    | X-Tomcat-NG: microsoft.public.windows.server.sbs
    |
    | Terrence, thanks for your suggestions.
    |
    | PTR records already exist for all computers.
    |
    | DNS - ServerName -
    | Forward Lookup zones - Domain.local - Dynamic updates was 'Secure
    only',
    | now changed to 'Nonsecure and secure'
    | Aging button - "Scavenge stale resource records" already tyurned Off.
    | Is this safe - there is a warning on screen about 'Allowing
    | nonsecure dynamic updates is a significant security vulerability...'
    | Should I also do the same in Reverse lookup zones - 192.168.16.x
    as
    | that is currently set to Secure only?
    | Also what about Forward Lookup zones - _msdcs.domain.local is
    same
    | necessary there?
    |
    | Will monitor and report back status.
    |
    | > Suggestion 3: Ensure every client computer join SBS domain, and logon
    | > domain when access the shared folders. Otherwise, the SBS may unable to
    | > recognize the client.
    |
    | Not quite sure I understand what you are asking here. All workstations
    are
    | part of the domain.
    |
    | With regard to the PTR record something I have noticed:
    | This morning I have one workstation displaying as NetBIOS rather than
    FQDN.
    | Looking up Permissions for PTR record for this machine in Reverse lookup
    | zones shows that this PTR record does not have a permissions entry for
    the
    | Machine Name, all others have a permisions entry for:
    | Domain\MachineX$: Write all properties, Read Permissions, All
    validated
    | writes.
    | Any thoughts as to why this is? Who should be the owner of the PTR
    record,
    | System or Computer account? Am I perhaps missing some permission
    somewhere
    | which is causing this.
    |
    | With regards,
    | Nick
    |
    |
    | | > Hello Nick,
    | >
    | > Thank you for posting here.
    | >
    | > According to your description, I understand that when you view the
    | > connected users under Server Management console -> Shares, some
    computers
    | > display as NetBIOS name but not FQDN. If I have misunderstood the
    problem,
    | > please don't hesitate to let me know.
    | >
    | > Based on my research, this is the issue of the PRT record of the
    | > problematic computers. The SBS detects shared folders connection thru IP
    | > address. If the IP could resolve to FQDN in DNS, the console will
    display
    | > as FQDN, or you will see IP address or just computer name. I suggest we
    | > try
    | > the following steps to see if we can resolve this issue:
    | >
    | > Suggestion 1: Create the PTR record for the problematic client
    computers:
    | > 1. Click Start on SBS, click Run, type "dnsmgmt.msc" and click OK.
    | >
    | > 2. Expand your server\Reverse Lookup Zones\<your local subnet>.Subnet.
    | >
    | > 3. Can you see the PTR record for the unresolved IP address, if not,
    | > please
    | > add a PTR record for this IP address.
    | >
    | > Pointer (PTR) - For mapping a reverse DNS domain name based on the IP
    | > address of a computer that points to the forward DNS domain name of that
    | > computer.
    | >
    | > PTR records are used to support the reverse lookup process, based on
    zones
    | > created and rooted in the in-addr.arpa domain. These records are used to
    | > locate a computer by its IP address and resolve this information to the
    | > DNS
    | > domain name for that computer.
    | >
    | > PTR RRs can be added to a zone in several ways:
    | >
    | > - You can manually create a PTR RR for a static TCP/IP client computer
    | > using the DNS, either as a separate procedure or as part of the
    procedure
    | > for creating an A RR.
    | >
    | > - Computers use the DHCP Client service to dynamically register and
    update
    | > their PTR RR in DNS when an IP configuration change occurs.
    | >
    | > - All other DHCP-enabled client computers can have their PTR RRs
    | > registered
    | > and updated by the DHCP server if they obtain their IP lease from a
    | > qualified server. The Windows 2000 and Windows Server 2003 DHCP Server
    | > service provides this capability.
    | >
    | > The pointer (PTR) resource record is used only in reverse lookup zones
    to
    | > support reverse lookup.
    | >
    | > Suggestion 2: Please also perform the following steps to make DNS can
    | > update PTR record automatic:
    | >
    | > In dnsmgmt, right-click <your local subnet>.Subnet and click
    Properties.
    | > On
    | > General tab, in "Dynamic updates" please select "Nonsecure and secure".
    | > Click Aging button, do not tick "Scavenge stale resource records".
    | >
    | > Then monitor for one day (waiting for auto update).
    | >
    | > Suggestion 3: Ensure every client computer join SBS domain, and logon
    | > domain when access the shared folders. Otherwise, the SBS may unable to
    | > recognize the client.
    | >
    | > I hope these steps will give you some help.
    | >
    | > Thanks and have a nice day!
    | >
    | > Best regards,
    | >
    | > Terence Liu (MSFT)
    | >
    | > Microsoft CSS Online Newsgroup Support
    | >
    | > Get Secure! - www.microsoft.com/security
    | >
    | > =====================================================
    | > This newsgroup only focuses on SBS technical issues. If you have issues
    | > regarding other Microsoft products, you'd better post in the
    corresponding
    | > newsgroups so that they can be resolved in an efficient and timely
    manner.
    | > You can locate the newsgroup here:
    | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
    | >
    | > When opening a new thread via the web interface, we recommend you check
    | > the
    | > "Notify me of replies" box to receive e-mail notifications when there
    are
    | > any updates in your thread. When responding to posts via your
    newsreader,
    | > please "Reply to Group" so that others may learn and benefit from your
    | > issue.
    | >
    | > Microsoft engineers can only focus on one issue per thread. Although we
    | > provide other information for your reference, we recommend you post
    | > different incidents in different threads to keep the thread clean. In
    | > doing
    | > so, it will ensure your issues are resolved in a timely manner.
    | >
    | > For urgent issues, you may want to contact Microsoft CSS directly.
    Please
    | > check http://support.microsoft.com for regional support phone numbers.
    | >
    | > Any input or comments in this thread are highly appreciated.
    | > =====================================================
    | >
    | > This posting is provided "AS IS" with no warranties, and confers no
    | > rights.
    | >
    | > --------------------
    | > | From: "Nick" <>
    | > | References: <#>
    | > <>
    | > | Subject: Re: Workstations getting faulty session - DNS / PTR record
    | > issue
    | > | Date: Mon, 19 May 2008 11:06:55 +0100
    | > | Lines: 92
    | > | X-Priority: 3
    | > | X-MSMail-Priority: Normal
    | > | X-Newsreader: Microsoft Outlook Express 6.00.3790.2929
    | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
    | > | X-RFC2646: Format=Flowed; Original
    | > | Message-ID: <e$>
    | > | Newsgroups: microsoft.public.windows.server.sbs
    | > | NNTP-Posting-Host: host86-136-136-109.range86-136.btcentralplus.com
    | > 86.136.136.109
    | > | Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP05.phx.gbl
    | > | Xref: TK2MSFTNGHUB02.phx.gbl
    microsoft.public.windows.server.sbs:108302
    | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
    | > |
    | > | DavidGold,
    | > |
    | > | > not sure where exactly you are talking about, perhaps Computer
    | > Management
    | > | > under Shared Folders/Sessions?
    | > |
    | > | Server Management - Shares - View Connected Users.
    | > |
    | > | > assuming your are using SBS and there is only one domain why is it
    | > | > relevant?
    | > | > I mean, it's always going to be the same anyway whether it's spelled
    | > out
    | > | > or
    | > | > not.
    | > |
    | > | What I didn't explain was that this started with a problem wereeby
    some
    | > | would appear as their IP number instead which caused server manager to
    | > | lock-up. That problem has been solved by DHCP console - DNS tab -
    | > "Always
    | > | dynamically update DNS A and PTR records" but things are obviously
    still
    | > not
    | > | working perfectly. I agree that this is not causing us any apparent
    | > | problems but would like to get to the bottom of the problem before it
    | > does.
    | > |
    | > | Just had the same thing on one workstation and found a clue this time.
    | > | DNS - Reverse lookup zones - 192.168.16.x Subnet - PTR record for the
    | > | machine with faulty session - Properties - Security
    | > | Permissions for Computer account (domain\MachineXX) - unknown
    | > account!
    | > | Should be domain\MachineXX - Write all properties, Read
    permissions
    | > &
    | > | All validate writes
    | > |
    | > | Also find that DNS - Forward lookup zones - Host(A) record for
    machine -
    | > | Update associated pointer (PTR) record is not enabled
    | > | plus Permissions for the Computer account (domain\MachineXX) -
    | > unknown
    | > | account!
    | > |
    | > |
    | > | Any ideas why this is happening.
    | > |
    | > | Thx,
    | > | Nick
    | > |
    | > |
    | > |
    | > | | > | >> Normally workstations are listed in Sessions page in Local
    Computer /
    | > | >> Computer
    | > | >
    | > | > not sure where exactly you are talking about, perhaps Computer
    | > Management
    | > | > under Shared Folders/Sessions?
    | > | >
    | > | >> as Computer.domail.local, but some days one or two are listed by
    | > their
    | > | >> short
    | > | >> computer name instead, any ideas why?
    | > | >
    | > | > assuming your are using SBS and there is only one domain why is it
    | > | > relevant?
    | > | > I mean, it's always going to be the same anyway whether it's spelled
    | > out
    | > | > or
    | > | > not.
    | > | >
    | > | >
    | > | >
    | > | >
    | > | >
    | > | > "Nick" wrote:
    | > | >
    | > | >> I have an intermittent problem which occasionally affect various
    of
    | > our
    | > | >> workstations:
    | > | >>
    | > | >> Normally workstations are listed in Sessions page in Local
    Computer /
    | > | >> Computer
    | > | >> as Computer.domail.local, but some days one or two are listed by
    | > their
    | > | >> short
    | > | >> computer name instead, any ideas why?
    | > | >>
    | > | >> Our workstations are all use fixed IP numbers, DHCP allocated from
    | > MAC
    | > | >> address reservations.
    | > | >> DHCP console - DNS tab - "Always dynamically update DNS A and PTR
    | > | >> records"
    | > | >> is already enabled.
    | > | >>
    | > | >> This definately feels like a DNS / PTR record issue but I cannot
    see
    | > | >> what,
    | > | >> each workstation does have a PTR record it is just that sometimes
    | > they
    | > | >> don't
    | > | >> appear to get used properly.
    | > | >>
    | > | >> Thx,
    | > | >> Nick
    | > | >>
    | > | >>
    | > | >>
    | > |
    | > |
    | > |
    | >
    |
    |
    |
     
    Terence Liu [MSFT], May 21, 2008
    #6
  7. Nick

    Nick Guest

    Hi Terrence,

    DNS changed as per your suggestions. All appears fine at the moment but
    will monitor for a few days and revert later.

    Many thanks,
    Nick
     
    Nick, May 22, 2008
    #7
  8. Hi Nick,

    Thank you for your update.

    I'm glad we make improvement on this issue.

    I hope everything is going well.

    If there's anything else about this issue I can do for you, please do not
    hesitate to let me know.

    Thank you and have a nice day,

    Best regards,

    Terence Liu (MSFT)

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    =====================================================
    This newsgroup only focuses on SBS technical issues. If you have issues
    regarding other Microsoft products, you'd better post in the corresponding
    newsgroups so that they can be resolved in an efficient and timely manner.
    You can locate the newsgroup here:
    http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

    When opening a new thread via the web interface, we recommend you check the
    "Notify me of replies" box to receive e-mail notifications when there are
    any updates in your thread. When responding to posts via your newsreader,
    please "Reply to Group" so that others may learn and benefit from your
    issue.

    Microsoft engineers can only focus on one issue per thread. Although we
    provide other information for your reference, we recommend you post
    different incidents in different threads to keep the thread clean. In doing
    so, it will ensure your issues are resolved in a timely manner.

    For urgent issues, you may want to contact Microsoft CSS directly. Please
    check http://support.microsoft.com for regional support phone numbers.

    Any input or comments in this thread are highly appreciated.
    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    | From: "Nick" <>
    | References: <#>
    <>
    <e$>
    <>
    <OH$>
    <>
    | Subject: Re: Workstations getting faulty session - DNS / PTR record issue
    | Date: Thu, 22 May 2008 14:09:17 +0100
    | Lines: 456
    | X-Priority: 3
    | X-MSMail-Priority: Normal
    | X-Newsreader: Microsoft Outlook Express 6.00.3790.2929
    | X-RFC2646: Format=Flowed; Original
    | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
    | Message-ID: <O98$>
    | Newsgroups: microsoft.public.windows.server.sbs
    | NNTP-Posting-Host: host86-158-150-228.range86-158.btcentralplus.com
    86.158.150.228
    | Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP02.phx.gbl
    | Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:108844
    | X-Tomcat-NG: microsoft.public.windows.server.sbs
    |
    | Hi Terrence,
    |
    | DNS changed as per your suggestions. All appears fine at the moment but
    | will monitor for a few days and revert later.
    |
    | Many thanks,
    | Nick
    |
    |
    | | > Hello Nick,
    | >
    | > Thank you for your update.
    | >
    | > 1. Dynamic updates of the zone
    | >
    | > a. You can set the Reverse lookup zones - 192.168.16.x as 'Nonsecure and
    | > secure', but do not change any settings on Forward Lookup zones -
    | > _msdcs.domain.local. It is used for AD resource name resolution.
    | >
    | > b. You can tick the option "Scavenge stale resource records" for Forward
    | > Lookup zones - Domain.local and Reverse lookup zones - 192.168.16.x, but
    | > not Forward Lookup zones - _msdcs.domain.local.
    | >
    | > c. Please ignore the warning of 'Allowing nonsecure dynamic updates is a
    | > significant security vulnerability...'
    | >
    | > 2. For the client computers, we need to join them to SBS domain. When
    | > access the shared folders, ensure the clients use the domain accounts to
    | > logon computers.
    | >
    | > 3. For the PTR record permission, the owner should be 'Administrator'
    and
    | > 'Administrators'. Meanwhile, you need to ensure 'Everyone' has 'Read'
    | > permission of each record.
    | >
    | > 4. Please wait one day or two to monitor this issue. The records update
    | > need a period of time. You may also need to restart clients and SBS to
    | > make
    | > the them resolve names with new settings.
    | >
    | > If we cannot resolve the issue after we perform the above steps, please
    | > help me collect some information for further investigation:
    | >
    | > 1. Please open Forward Lookup zones - Domain.local and Reverse lookup
    | > zones
    | > - 192.168.16.x properties, select general tab, and capture screenshots
    on
    | > the windows and send the pictures to me at
    | >
    | > 2. Right click Forward Lookup zones - Domain.local and Reverse lookup
    | > zones
    | > - 192.168.16.x, select 'Export List', save the lists to text files and
    | > send
    | > to me.
    | >
    | > I hope these steps will give you some help.
    | >
    | > Thanks and have a nice day!
    | >
    | > Best regards,
    | >
    | > Terence Liu (MSFT)
    | >
    | > Microsoft CSS Online Newsgroup Support
    | >
    | > Get Secure! - www.microsoft.com/security
    | >
    | > =====================================================
    | > This newsgroup only focuses on SBS technical issues. If you have issues
    | > regarding other Microsoft products, you'd better post in the
    corresponding
    | > newsgroups so that they can be resolved in an efficient and timely
    manner.
    | > You can locate the newsgroup here:
    | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
    | >
    | > When opening a new thread via the web interface, we recommend you check
    | > the
    | > "Notify me of replies" box to receive e-mail notifications when there
    are
    | > any updates in your thread. When responding to posts via your
    newsreader,
    | > please "Reply to Group" so that others may learn and benefit from your
    | > issue.
    | >
    | > Microsoft engineers can only focus on one issue per thread. Although we
    | > provide other information for your reference, we recommend you post
    | > different incidents in different threads to keep the thread clean. In
    | > doing
    | > so, it will ensure your issues are resolved in a timely manner.
    | >
    | > For urgent issues, you may want to contact Microsoft CSS directly.
    Please
    | > check http://support.microsoft.com for regional support phone numbers.
    | >
    | > Any input or comments in this thread are highly appreciated.
    | > =====================================================
    | >
    | > This posting is provided "AS IS" with no warranties, and confers no
    | > rights.
    | >
    | > --------------------
    | > | From: "Nick" <>
    | > | References: <#>
    | > <>
    | > <e$>
    | > <>
    | > | Subject: Re: Workstations getting faulty session - DNS / PTR record
    | > issue
    | > | Date: Tue, 20 May 2008 11:25:34 +0100
    | > | Lines: 281
    | > | X-Priority: 3
    | > | X-MSMail-Priority: Normal
    | > | X-Newsreader: Microsoft Outlook Express 6.00.3790.2929
    | > | X-RFC2646: Format=Flowed; Original
    | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
    | > | Message-ID: <OH$>
    | > | Newsgroups: microsoft.public.windows.server.sbs
    | > | NNTP-Posting-Host: host81-154-197-37.range81-154.btcentralplus.com
    | > 81.154.197.37
    | > | Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP05.phx.gbl
    | > | Xref: TK2MSFTNGHUB02.phx.gbl
    microsoft.public.windows.server.sbs:108477
    | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
    | > |
    | > | Terrence, thanks for your suggestions.
    | > |
    | > | PTR records already exist for all computers.
    | > |
    | > | DNS - ServerName -
    | > | Forward Lookup zones - Domain.local - Dynamic updates was 'Secure
    | > only',
    | > | now changed to 'Nonsecure and secure'
    | > | Aging button - "Scavenge stale resource records" already tyurned
    | > Off.
    | > | Is this safe - there is a warning on screen about 'Allowing
    | > | nonsecure dynamic updates is a significant security vulerability...'
    | > | Should I also do the same in Reverse lookup zones -
    192.168.16.x
    | > as
    | > | that is currently set to Secure only?
    | > | Also what about Forward Lookup zones - _msdcs.domain.local is
    | > same
    | > | necessary there?
    | > |
    | > | Will monitor and report back status.
    | > |
    | > | > Suggestion 3: Ensure every client computer join SBS domain, and
    logon
    | > | > domain when access the shared folders. Otherwise, the SBS may
    unable
    | > to
    | > | > recognize the client.
    | > |
    | > | Not quite sure I understand what you are asking here. All
    workstations
    | > are
    | > | part of the domain.
    | > |
    | > | With regard to the PTR record something I have noticed:
    | > | This morning I have one workstation displaying as NetBIOS rather than
    | > FQDN.
    | > | Looking up Permissions for PTR record for this machine in Reverse
    lookup
    | > | zones shows that this PTR record does not have a permissions entry for
    | > the
    | > | Machine Name, all others have a permisions entry for:
    | > | Domain\MachineX$: Write all properties, Read Permissions, All
    | > validated
    | > | writes.
    | > | Any thoughts as to why this is? Who should be the owner of the PTR
    | > record,
    | > | System or Computer account? Am I perhaps missing some permission
    | > somewhere
    | > | which is causing this.
    | > |
    | > | With regards,
    | > | Nick
    | > |
    | > |
    | > | | > | > Hello Nick,
    | > | >
    | > | > Thank you for posting here.
    | > | >
    | > | > According to your description, I understand that when you view the
    | > | > connected users under Server Management console -> Shares, some
    | > computers
    | > | > display as NetBIOS name but not FQDN. If I have misunderstood the
    | > problem,
    | > | > please don't hesitate to let me know.
    | > | >
    | > | > Based on my research, this is the issue of the PRT record of the
    | > | > problematic computers. The SBS detects shared folders connection
    thru
    | > IP
    | > | > address. If the IP could resolve to FQDN in DNS, the console will
    | > display
    | > | > as FQDN, or you will see IP address or just computer name. I
    suggest
    | > we
    | > | > try
    | > | > the following steps to see if we can resolve this issue:
    | > | >
    | > | > Suggestion 1: Create the PTR record for the problematic client
    | > computers:
    | > | > 1. Click Start on SBS, click Run, type "dnsmgmt.msc" and click OK.
    | > | >
    | > | > 2. Expand your server\Reverse Lookup Zones\<your local
    subnet>.Subnet.
    | > | >
    | > | > 3. Can you see the PTR record for the unresolved IP address, if not,
    | > | > please
    | > | > add a PTR record for this IP address.
    | > | >
    | > | > Pointer (PTR) - For mapping a reverse DNS domain name based on the
    IP
    | > | > address of a computer that points to the forward DNS domain name of
    | > that
    | > | > computer.
    | > | >
    | > | > PTR records are used to support the reverse lookup process, based on
    | > zones
    | > | > created and rooted in the in-addr.arpa domain. These records are
    used
    | > to
    | > | > locate a computer by its IP address and resolve this information to
    | > the
    | > | > DNS
    | > | > domain name for that computer.
    | > | >
    | > | > PTR RRs can be added to a zone in several ways:
    | > | >
    | > | > - You can manually create a PTR RR for a static TCP/IP client
    computer
    | > | > using the DNS, either as a separate procedure or as part of the
    | > procedure
    | > | > for creating an A RR.
    | > | >
    | > | > - Computers use the DHCP Client service to dynamically register and
    | > update
    | > | > their PTR RR in DNS when an IP configuration change occurs.
    | > | >
    | > | > - All other DHCP-enabled client computers can have their PTR RRs
    | > | > registered
    | > | > and updated by the DHCP server if they obtain their IP lease from a
    | > | > qualified server. The Windows 2000 and Windows Server 2003 DHCP
    Server
    | > | > service provides this capability.
    | > | >
    | > | > The pointer (PTR) resource record is used only in reverse lookup
    zones
    | > to
    | > | > support reverse lookup.
    | > | >
    | > | > Suggestion 2: Please also perform the following steps to make DNS
    can
    | > | > update PTR record automatic:
    | > | >
    | > | > In dnsmgmt, right-click <your local subnet>.Subnet and click
    | > Properties.
    | > | > On
    | > | > General tab, in "Dynamic updates" please select "Nonsecure and
    | > secure".
    | > | > Click Aging button, do not tick "Scavenge stale resource records".
    | > | >
    | > | > Then monitor for one day (waiting for auto update).
    | > | >
    | > | > Suggestion 3: Ensure every client computer join SBS domain, and
    logon
    | > | > domain when access the shared folders. Otherwise, the SBS may
    unable
    | > to
    | > | > recognize the client.
    | > | >
    | > | > I hope these steps will give you some help.
    | > | >
    | > | > Thanks and have a nice day!
    | > | >
    | > | > Best regards,
    | > | >
    | > | > Terence Liu (MSFT)
    | > | >
    | > | > Microsoft CSS Online Newsgroup Support
    | > | >
    | > | > Get Secure! - www.microsoft.com/security
    | > | >
    | > | > =====================================================
    | > | > This newsgroup only focuses on SBS technical issues. If you have
    | > issues
    | > | > regarding other Microsoft products, you'd better post in the
    | > corresponding
    | > | > newsgroups so that they can be resolved in an efficient and timely
    | > manner.
    | > | > You can locate the newsgroup here:
    | > | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
    | > | >
    | > | > When opening a new thread via the web interface, we recommend you
    | > check
    | > | > the
    | > | > "Notify me of replies" box to receive e-mail notifications when
    there
    | > are
    | > | > any updates in your thread. When responding to posts via your
    | > newsreader,
    | > | > please "Reply to Group" so that others may learn and benefit from
    your
    | > | > issue.
    | > | >
    | > | > Microsoft engineers can only focus on one issue per thread.
    Although
    | > we
    | > | > provide other information for your reference, we recommend you post
    | > | > different incidents in different threads to keep the thread clean.
    In
    | > | > doing
    | > | > so, it will ensure your issues are resolved in a timely manner.
    | > | >
    | > | > For urgent issues, you may want to contact Microsoft CSS directly.
    | > Please
    | > | > check http://support.microsoft.com for regional support phone
    numbers.
    | > | >
    | > | > Any input or comments in this thread are highly appreciated.
    | > | > =====================================================
    | > | >
    | > | > This posting is provided "AS IS" with no warranties, and confers no
    | > | > rights.
    | > | >
    | > | > --------------------
    | > | > | From: "Nick" <>
    | > | > | References: <#>
    | > | > <>
    | > | > | Subject: Re: Workstations getting faulty session - DNS / PTR
    record
    | > | > issue
    | > | > | Date: Mon, 19 May 2008 11:06:55 +0100
    | > | > | Lines: 92
    | > | > | X-Priority: 3
    | > | > | X-MSMail-Priority: Normal
    | > | > | X-Newsreader: Microsoft Outlook Express 6.00.3790.2929
    | > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
    | > | > | X-RFC2646: Format=Flowed; Original
    | > | > | Message-ID: <e$>
    | > | > | Newsgroups: microsoft.public.windows.server.sbs
    | > | > | NNTP-Posting-Host:
    host86-136-136-109.range86-136.btcentralplus.com
    | > | > 86.136.136.109
    | > | > | Path:
    | > TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP05.phx.gbl
    | > | > | Xref: TK2MSFTNGHUB02.phx.gbl
    | > microsoft.public.windows.server.sbs:108302
    | > | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
    | > | > |
    | > | > | DavidGold,
    | > | > |
    | > | > | > not sure where exactly you are talking about, perhaps Computer
    | > | > Management
    | > | > | > under Shared Folders/Sessions?
    | > | > |
    | > | > | Server Management - Shares - View Connected Users.
    | > | > |
    | > | > | > assuming your are using SBS and there is only one domain why is
    it
    | > | > | > relevant?
    | > | > | > I mean, it's always going to be the same anyway whether it's
    | > spelled
    | > | > out
    | > | > | > or
    | > | > | > not.
    | > | > |
    | > | > | What I didn't explain was that this started with a problem wereeby
    | > some
    | > | > | would appear as their IP number instead which caused server
    manager
    | > to
    | > | > | lock-up. That problem has been solved by DHCP console - DNS tab -
    | > | > "Always
    | > | > | dynamically update DNS A and PTR records" but things are obviously
    | > still
    | > | > not
    | > | > | working perfectly. I agree that this is not causing us any
    apparent
    | > | > | problems but would like to get to the bottom of the problem
    before
    | > it
    | > | > does.
    | > | > |
    | > | > | Just had the same thing on one workstation and found a clue this
    | > time.
    | > | > | DNS - Reverse lookup zones - 192.168.16.x Subnet - PTR record for
    | > the
    | > | > | machine with faulty session - Properties - Security
    | > | > | Permissions for Computer account (domain\MachineXX) - unknown
    | > | > account!
    | > | > | Should be domain\MachineXX - Write all properties, Read
    | > permissions
    | > | > &
    | > | > | All validate writes
    | > | > |
    | > | > | Also find that DNS - Forward lookup zones - Host(A) record for
    | > machine -
    | > | > | Update associated pointer (PTR) record is not enabled
    | > | > | plus Permissions for the Computer account (domain\MachineXX) -
    | > | > unknown
    | > | > | account!
    | > | > |
    | > | > |
    | > | > | Any ideas why this is happening.
    | > | > |
    | > | > | Thx,
    | > | > | Nick
    | > | > |
    | > | > |
    | > | > |
    | > | > | | > | > | >> Normally workstations are listed in Sessions page in Local
    | > Computer /
    | > | > | >> Computer
    | > | > | >
    | > | > | > not sure where exactly you are talking about, perhaps Computer
    | > | > Management
    | > | > | > under Shared Folders/Sessions?
    | > | > | >
    | > | > | >> as Computer.domail.local, but some days one or two are listed
    by
    | > | > their
    | > | > | >> short
    | > | > | >> computer name instead, any ideas why?
    | > | > | >
    | > | > | > assuming your are using SBS and there is only one domain why is
    it
    | > | > | > relevant?
    | > | > | > I mean, it's always going to be the same anyway whether it's
    | > spelled
    | > | > out
    | > | > | > or
    | > | > | > not.
    | > | > | >
    | > | > | >
    | > | > | >
    | > | > | >
    | > | > | >
    | > | > | > "Nick" wrote:
    | > | > | >
    | > | > | >> I have an intermittent problem which occasionally affect
    various
    | > of
    | > | > our
    | > | > | >> workstations:
    | > | > | >>
    | > | > | >> Normally workstations are listed in Sessions page in Local
    | > Computer /
    | > | > | >> Computer
    | > | > | >> as Computer.domail.local, but some days one or two are listed
    by
    | > | > their
    | > | > | >> short
    | > | > | >> computer name instead, any ideas why?
    | > | > | >>
    | > | > | >> Our workstations are all use fixed IP numbers, DHCP allocated
    | > from
    | > | > MAC
    | > | > | >> address reservations.
    | > | > | >> DHCP console - DNS tab - "Always dynamically update DNS A and
    PTR
    | > | > | >> records"
    | > | > | >> is already enabled.
    | > | > | >>
    | > | > | >> This definately feels like a DNS / PTR record issue but I
    cannot
    | > see
    | > | > | >> what,
    | > | > | >> each workstation does have a PTR record it is just that
    sometimes
    | > | > they
    | > | > | >> don't
    | > | > | >> appear to get used properly.
    | > | > | >>
    | > | > | >> Thx,
    | > | > | >> Nick
    | > | > | >>
    | > | > | >>
    | > | > | >>
    | > | > |
    | > | > |
    | > | > |
    | > | >
    | > |
    | > |
    | > |
    | >
    |
    |
    |
     
    Terence Liu [MSFT], May 23, 2008
    #8
  9. Nick

    Nick Guest

    Terrence,

    Problem back again with one workstation this morning. Screen shots and DNS
    text files emailed to you as requested.

    Rgds,
    Nick
     
    Nick, May 27, 2008
    #9
  10. Hello Nick,

    Thank you for your update.

    After analyze the DNS records outcome, I find you have some repeat records in the zones.

    1. You have duplicate records in the Reverse zone:
    ==============
    192.168.16.17 Pointer (PTR) mobilenesmith.stkittsnevisregistry.local.
    192.168.16.18 Pointer (PTR) mobilenesmith.stkittsnevisregistry.local.
    192.168.16.19 Pointer (PTR) mobilenesmith.stkittsnevisregistry.local.

    192.168.16.20 Pointer (PTR) mobilebsterre2.stkittsnevisregistry.local.
    192.168.16.18 Pointer (PTR) mobilebsterre2.stkittsnevisregistry.local.
    ==================
    Note: the 192.168.16.18 is used for 2 different computers.

    Please delete the duplicate records.

    2. You have duplicate records in the Forward zone:
    ===============
    sknserver Host (A) 192.168.1.2
    sknserver Host (A) 192.168.16.2
    ===============
    Please delete the duplicate records.

    After you change the records, please wait one day or two to monitor this issue. The records update need a period of time. You may also
    need to restart clients and SBS to make the them resolve names with new settings.

    I hope these steps will give you some help.

    Thanks and have a nice day!

    Best regards,

    Terence Liu (MSFT)

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    =====================================================
    This newsgroup only focuses on SBS technical issues. If you have issues regarding other Microsoft products, you'd better post in the
    corresponding newsgroups so that they can be resolved in an efficient and timely manner. You can locate the newsgroup here:
    http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

    When opening a new thread via the web interface, we recommend you check the "Notify me of replies" box to receive e-mail notifications
    when there are any updates in your thread. When responding to posts via your newsreader, please "Reply to Group" so that others may
    learn and benefit from your issue.

    Microsoft engineers can only focus on one issue per thread. Although we provide other information for your reference, we recommend you
    post different incidents in different threads to keep the thread clean. In doing so, it will ensure your issues are resolved in a timely manner.

    For urgent issues, you may want to contact Microsoft CSS directly. Please check http://support.microsoft.com for regional support phone
    numbers.

    Any input or comments in this thread are highly appreciated.
    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    | From: "Nick" <>
    | References: <#> <> <e
    $> <> <OH$xZPmuIHA.524
    @TK2MSFTNGP05.phx.gbl> <>
    | Subject: Re: Workstations getting faulty session - DNS / PTR record issue
    | Date: Tue, 27 May 2008 11:11:42 +0100
    | Lines: 457
    | X-Priority: 3
    | X-MSMail-Priority: Normal
    | X-Newsreader: Microsoft Outlook Express 6.00.3790.2929
    | X-RFC2646: Format=Flowed; Original
    | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
    | Message-ID: <OYCsSI#>
    | Newsgroups: microsoft.public.windows.server.sbs
    | NNTP-Posting-Host: host86-143-103-26.range86-143.btcentralplus.com 86.143.103.26
    | Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP04.phx.gbl
    | Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:109510
    | X-Tomcat-NG: microsoft.public.windows.server.sbs
    |
    | Terrence,
    |
    | Problem back again with one workstation this morning. Screen shots and DNS
    | text files emailed to you as requested.
    |
    | Rgds,
    | Nick
    |
    |
    |
    | | > Hello Nick,
    | >
    | > Thank you for your update.
    | >
    | > 1. Dynamic updates of the zone
    | >
    | > a. You can set the Reverse lookup zones - 192.168.16.x as 'Nonsecure and
    | > secure', but do not change any settings on Forward Lookup zones -
    | > _msdcs.domain.local. It is used for AD resource name resolution.
    | >
    | > b. You can tick the option "Scavenge stale resource records" for Forward
    | > Lookup zones - Domain.local and Reverse lookup zones - 192.168.16.x, but
    | > not Forward Lookup zones - _msdcs.domain.local.
    | >
    | > c. Please ignore the warning of 'Allowing nonsecure dynamic updates is a
    | > significant security vulnerability...'
    | >
    | > 2. For the client computers, we need to join them to SBS domain. When
    | > access the shared folders, ensure the clients use the domain accounts to
    | > logon computers.
    | >
    | > 3. For the PTR record permission, the owner should be 'Administrator' and
    | > 'Administrators'. Meanwhile, you need to ensure 'Everyone' has 'Read'
    | > permission of each record.
    | >
    | > 4. Please wait one day or two to monitor this issue. The records update
    | > need a period of time. You may also need to restart clients and SBS to
    | > make
    | > the them resolve names with new settings.
    | >
    | > If we cannot resolve the issue after we perform the above steps, please
    | > help me collect some information for further investigation:
    | >
    | > 1. Please open Forward Lookup zones - Domain.local and Reverse lookup
    | > zones
    | > - 192.168.16.x properties, select general tab, and capture screenshots on
    | > the windows and send the pictures to me at
    | >
    | > 2. Right click Forward Lookup zones - Domain.local and Reverse lookup
    | > zones
    | > - 192.168.16.x, select 'Export List', save the lists to text files and
    | > send
    | > to me.
    | >
    | > I hope these steps will give you some help.
    | >
    | > Thanks and have a nice day!
    | >
    | > Best regards,
    | >
    | > Terence Liu (MSFT)
    | >
    | > Microsoft CSS Online Newsgroup Support
    | >
    | > Get Secure! - www.microsoft.com/security
    | >
    | > =====================================================
    | > This newsgroup only focuses on SBS technical issues. If you have issues
    | > regarding other Microsoft products, you'd better post in the corresponding
    | > newsgroups so that they can be resolved in an efficient and timely manner.
    | > You can locate the newsgroup here:
    | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
    | >
    | > When opening a new thread via the web interface, we recommend you check
    | > the
    | > "Notify me of replies" box to receive e-mail notifications when there are
    | > any updates in your thread. When responding to posts via your newsreader,
    | > please "Reply to Group" so that others may learn and benefit from your
    | > issue.
    | >
    | > Microsoft engineers can only focus on one issue per thread. Although we
    | > provide other information for your reference, we recommend you post
    | > different incidents in different threads to keep the thread clean. In
    | > doing
    | > so, it will ensure your issues are resolved in a timely manner.
    | >
    | > For urgent issues, you may want to contact Microsoft CSS directly. Please
    | > check http://support.microsoft.com for regional support phone numbers.
    | >
    | > Any input or comments in this thread are highly appreciated.
    | > =====================================================
    | >
    | > This posting is provided "AS IS" with no warranties, and confers no
    | > rights.
    | >
    | > --------------------
    | > | From: "Nick" <>
    | > | References: <#>
    | > <>
    | > <e$>
    | > <>
    | > | Subject: Re: Workstations getting faulty session - DNS / PTR record
    | > issue
    | > | Date: Tue, 20 May 2008 11:25:34 +0100
    | > | Lines: 281
    | > | X-Priority: 3
    | > | X-MSMail-Priority: Normal
    | > | X-Newsreader: Microsoft Outlook Express 6.00.3790.2929
    | > | X-RFC2646: Format=Flowed; Original
    | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
    | > | Message-ID: <OH$>
    | > | Newsgroups: microsoft.public.windows.server.sbs
    | > | NNTP-Posting-Host: host81-154-197-37.range81-154.btcentralplus.com
    | > 81.154.197.37
    | > | Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP05.phx.gbl
    | > | Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:108477
    | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
    | > |
    | > | Terrence, thanks for your suggestions.
    | > |
    | > | PTR records already exist for all computers.
    | > |
    | > | DNS - ServerName -
    | > | Forward Lookup zones - Domain.local - Dynamic updates was 'Secure
    | > only',
    | > | now changed to 'Nonsecure and secure'
    | > | Aging button - "Scavenge stale resource records" already tyurned
    | > Off.
    | > | Is this safe - there is a warning on screen about 'Allowing
    | > | nonsecure dynamic updates is a significant security vulerability...'
    | > | Should I also do the same in Reverse lookup zones - 192.168.16.x
    | > as
    | > | that is currently set to Secure only?
    | > | Also what about Forward Lookup zones - _msdcs.domain.local is
    | > same
    | > | necessary there?
    | > |
    | > | Will monitor and report back status.
    | > |
    | > | > Suggestion 3: Ensure every client computer join SBS domain, and logon
    | > | > domain when access the shared folders. Otherwise, the SBS may unable
    | > to
    | > | > recognize the client.
    | > |
    | > | Not quite sure I understand what you are asking here. All workstations
    | > are
    | > | part of the domain.
    | > |
    | > | With regard to the PTR record something I have noticed:
    | > | This morning I have one workstation displaying as NetBIOS rather than
    | > FQDN.
    | > | Looking up Permissions for PTR record for this machine in Reverse lookup
    | > | zones shows that this PTR record does not have a permissions entry for
    | > the
    | > | Machine Name, all others have a permisions entry for:
    | > | Domain\MachineX$: Write all properties, Read Permissions, All
    | > validated
    | > | writes.
    | > | Any thoughts as to why this is? Who should be the owner of the PTR
    | > record,
    | > | System or Computer account? Am I perhaps missing some permission
    | > somewhere
    | > | which is causing this.
    | > |
    | > | With regards,
    | > | Nick
    | > |
    | > |
    | > | | > | > Hello Nick,
    | > | >
    | > | > Thank you for posting here.
    | > | >
    | > | > According to your description, I understand that when you view the
    | > | > connected users under Server Management console -> Shares, some
    | > computers
    | > | > display as NetBIOS name but not FQDN. If I have misunderstood the
    | > problem,
    | > | > please don't hesitate to let me know.
    | > | >
    | > | > Based on my research, this is the issue of the PRT record of the
    | > | > problematic computers. The SBS detects shared folders connection thru
    | > IP
    | > | > address. If the IP could resolve to FQDN in DNS, the console will
    | > display
    | > | > as FQDN, or you will see IP address or just computer name. I suggest
    | > we
    | > | > try
    | > | > the following steps to see if we can resolve this issue:
    | > | >
    | > | > Suggestion 1: Create the PTR record for the problematic client
    | > computers:
    | > | > 1. Click Start on SBS, click Run, type "dnsmgmt.msc" and click OK.
    | > | >
    | > | > 2. Expand your server\Reverse Lookup Zones\<your local subnet>.Subnet.
    | > | >
    | > | > 3. Can you see the PTR record for the unresolved IP address, if not,
    | > | > please
    | > | > add a PTR record for this IP address.
    | > | >
    | > | > Pointer (PTR) - For mapping a reverse DNS domain name based on the IP
    | > | > address of a computer that points to the forward DNS domain name of
    | > that
    | > | > computer.
    | > | >
    | > | > PTR records are used to support the reverse lookup process, based on
    | > zones
    | > | > created and rooted in the in-addr.arpa domain. These records are used
    | > to
    | > | > locate a computer by its IP address and resolve this information to
    | > the
    | > | > DNS
    | > | > domain name for that computer.
    | > | >
    | > | > PTR RRs can be added to a zone in several ways:
    | > | >
    | > | > - You can manually create a PTR RR for a static TCP/IP client computer
    | > | > using the DNS, either as a separate procedure or as part of the
    | > procedure
    | > | > for creating an A RR.
    | > | >
    | > | > - Computers use the DHCP Client service to dynamically register and
    | > update
    | > | > their PTR RR in DNS when an IP configuration change occurs.
    | > | >
    | > | > - All other DHCP-enabled client computers can have their PTR RRs
    | > | > registered
    | > | > and updated by the DHCP server if they obtain their IP lease from a
    | > | > qualified server. The Windows 2000 and Windows Server 2003 DHCP Server
    | > | > service provides this capability.
    | > | >
    | > | > The pointer (PTR) resource record is used only in reverse lookup zones
    | > to
    | > | > support reverse lookup.
    | > | >
    | > | > Suggestion 2: Please also perform the following steps to make DNS can
    | > | > update PTR record automatic:
    | > | >
    | > | > In dnsmgmt, right-click <your local subnet>.Subnet and click
    | > Properties.
    | > | > On
    | > | > General tab, in "Dynamic updates" please select "Nonsecure and
    | > secure".
    | > | > Click Aging button, do not tick "Scavenge stale resource records".
    | > | >
    | > | > Then monitor for one day (waiting for auto update).
    | > | >
    | > | > Suggestion 3: Ensure every client computer join SBS domain, and logon
    | > | > domain when access the shared folders. Otherwise, the SBS may unable
    | > to
    | > | > recognize the client.
    | > | >
    | > | > I hope these steps will give you some help.
    | > | >
    | > | > Thanks and have a nice day!
    | > | >
    | > | > Best regards,
    | > | >
    | > | > Terence Liu (MSFT)
    | > | >
    | > | > Microsoft CSS Online Newsgroup Support
    | > | >
    | > | > Get Secure! - www.microsoft.com/security
    | > | >
    | > | > =====================================================
    | > | > This newsgroup only focuses on SBS technical issues. If you have
    | > issues
    | > | > regarding other Microsoft products, you'd better post in the
    | > corresponding
    | > | > newsgroups so that they can be resolved in an efficient and timely
    | > manner.
    | > | > You can locate the newsgroup here:
    | > | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
    | > | >
    | > | > When opening a new thread via the web interface, we recommend you
    | > check
    | > | > the
    | > | > "Notify me of replies" box to receive e-mail notifications when there
    | > are
    | > | > any updates in your thread. When responding to posts via your
    | > newsreader,
    | > | > please "Reply to Group" so that others may learn and benefit from your
    | > | > issue.
    | > | >
    | > | > Microsoft engineers can only focus on one issue per thread. Although
    | > we
    | > | > provide other information for your reference, we recommend you post
    | > | > different incidents in different threads to keep the thread clean. In
    | > | > doing
    | > | > so, it will ensure your issues are resolved in a timely manner.
    | > | >
    | > | > For urgent issues, you may want to contact Microsoft CSS directly.
    | > Please
    | > | > check http://support.microsoft.com for regional support phone numbers.
    | > | >
    | > | > Any input or comments in this thread are highly appreciated.
    | > | > =====================================================
    | > | >
    | > | > This posting is provided "AS IS" with no warranties, and confers no
    | > | > rights.
    | > | >
    | > | > --------------------
    | > | > | From: "Nick" <>
    | > | > | References: <#>
    | > | > <>
    | > | > | Subject: Re: Workstations getting faulty session - DNS / PTR record
    | > | > issue
    | > | > | Date: Mon, 19 May 2008 11:06:55 +0100
    | > | > | Lines: 92
    | > | > | X-Priority: 3
    | > | > | X-MSMail-Priority: Normal
    | > | > | X-Newsreader: Microsoft Outlook Express 6.00.3790.2929
    | > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
    | > | > | X-RFC2646: Format=Flowed; Original
    | > | > | Message-ID: <e$>
    | > | > | Newsgroups: microsoft.public.windows.server.sbs
    | > | > | NNTP-Posting-Host: host86-136-136-109.range86-136.btcentralplus.com
    | > | > 86.136.136.109
    | > | > | Path:
    | > TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP05.phx.gbl
    | > | > | Xref: TK2MSFTNGHUB02.phx.gbl
    | > microsoft.public.windows.server.sbs:108302
    | > | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
    | > | > |
    | > | > | DavidGold,
    | > | > |
    | > | > | > not sure where exactly you are talking about, perhaps Computer
    | > | > Management
    | > | > | > under Shared Folders/Sessions?
    | > | > |
    | > | > | Server Management - Shares - View Connected Users.
    | > | > |
    | > | > | > assuming your are using SBS and there is only one domain why is it
    | > | > | > relevant?
    | > | > | > I mean, it's always going to be the same anyway whether it's
    | > spelled
    | > | > out
    | > | > | > or
    | > | > | > not.
    | > | > |
    | > | > | What I didn't explain was that this started with a problem wereeby
    | > some
    | > | > | would appear as their IP number instead which caused server manager
    | > to
    | > | > | lock-up. That problem has been solved by DHCP console - DNS tab -
    | > | > "Always
    | > | > | dynamically update DNS A and PTR records" but things are obviously
    | > still
    | > | > not
    | > | > | working perfectly. I agree that this is not causing us any apparent
    | > | > | problems but would like to get to the bottom of the problem before
    | > it
    | > | > does.
    | > | > |
    | > | > | Just had the same thing on one workstation and found a clue this
    | > time.
    | > | > | DNS - Reverse lookup zones - 192.168.16.x Subnet - PTR record for
    | > the
    | > | > | machine with faulty session - Properties - Security
    | > | > | Permissions for Computer account (domain\MachineXX) - unknown
    | > | > account!
    | > | > | Should be domain\MachineXX - Write all properties, Read
    | > permissions
    | > | > &
    | > | > | All validate writes
    | > | > |
    | > | > | Also find that DNS - Forward lookup zones - Host(A) record for
    | > machine -
    | > | > | Update associated pointer (PTR) record is not enabled
    | > | > | plus Permissions for the Computer account (domain\MachineXX) -
    | > | > unknown
    | > | > | account!
    | > | > |
    | > | > |
    | > | > | Any ideas why this is happening.
    | > | > |
    | > | > | Thx,
    | > | > | Nick
    | > | > |
    | > | > |
    | > | > |
    | > | > | | > | > | >> Normally workstations are listed in Sessions page in Local
    | > Computer /
    | > | > | >> Computer
    | > | > | >
    | > | > | > not sure where exactly you are talking about, perhaps Computer
    | > | > Management
    | > | > | > under Shared Folders/Sessions?
    | > | > | >
    | > | > | >> as Computer.domail.local, but some days one or two are listed by
    | > | > their
    | > | > | >> short
    | > | > | >> computer name instead, any ideas why?
    | > | > | >
    | > | > | > assuming your are using SBS and there is only one domain why is it
    | > | > | > relevant?
    | > | > | > I mean, it's always going to be the same anyway whether it's
    | > spelled
    | > | > out
    | > | > | > or
    | > | > | > not.
    | > | > | >
    | > | > | >
    | > | > | >
    | > | > | >
    | > | > | >
    | > | > | > "Nick" wrote:
    | > | > | >
    | > | > | >> I have an intermittent problem which occasionally affect various
    | > of
    | > | > our
    | > | > | >> workstations:
    | > | > | >>
    | > | > | >> Normally workstations are listed in Sessions page in Local
    | > Computer /
    | > | > | >> Computer
    | > | > | >> as Computer.domail.local, but some days one or two are listed by
    | > | > their
    | > | > | >> short
    | > | > | >> computer name instead, any ideas why?
    | > | > | >>
    | > | > | >> Our workstations are all use fixed IP numbers, DHCP allocated
    | > from
    | > | > MAC
    | > | > | >> address reservations.
    | > | > | >> DHCP console - DNS tab - "Always dynamically update DNS A and PTR
    | > | > | >> records"
    | > | > | >> is already enabled.
    | > | > | >>
    | > | > | >> This definately feels like a DNS / PTR record issue but I cannot
    | > see
    | > | > | >> what,
    | > | > | >> each workstation does have a PTR record it is just that sometimes
    | > | > they
    | > | > | >> don't
    | > | > | >> appear to get used properly.
    | > | > | >>
    | > | > | >> Thx,
    | > | > | >> Nick
    | > | > | >>
    | > | > | >>
    | > | > | >>
    | > | > |
    | > | > |
    | > | > |
    | > | >
    | > |
    | > |
    | > |
    | >
    |
    |
    |
     
    Terence Liu [MSFT], May 28, 2008
    #10
  11. Nick

    Nick Guest

    Hi Terrence, still seeing the same problem.

    This morning one machine is displaying under Computer management - Shared
    folders - Sessions by its NetBIOS name rather than its IP number. Even
    closing the session and allowing it to recreate does not have any effect.

    Nick
     
    Nick, May 29, 2008
    #11
  12. Hello Nick,

    Thank you for your update.

    This is really a strange issue. Now, I have only one step to narrow down this issue. Please run the following command on your SBS:

    nslookup the_problematic_client_IP

    Can you get the correct FQDN of the problematic client computer?

    If yes, that means the DNS works fine. In this situation, this is a complex issue. So if you would like to call CSS for assistance, I would be
    appreciate and think it is a more effective ways. To obtain the phone numbers for specific technology request please take a look at the
    web site listed below.

    http://support.microsoft.com/default.aspx?scid=fh;EN-US;PHONENUMBERS

    If you are outside the US please see http://support.microsoft.com for regional support phone numbers.

    If no, that means the DNS configuration still not work fine. We may need to reinstall DNS on SBS.

    1. Open Control Panel, go to Add/Remove Windows Components to uninstall DNS Service on SBS Server.
    2. Reinstall DNS Services again.
    3. Create the DNS zone and then restart the Netlogon service to let SBS Server register DC related records.
    4. Go to Server Management Tools, go to Internet and E-mails, click "Connect to the internet", follow the wizard to finish the wizard.

    Then, monitoring this issue.

    Thanks and have a nice day!

    Best regards,

    Terence Liu (MSFT)

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    =====================================================
    This newsgroup only focuses on SBS technical issues. If you have issues regarding other Microsoft products, you'd better post in the
    corresponding newsgroups so that they can be resolved in an efficient and timely manner. You can locate the newsgroup here:
    http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

    When opening a new thread via the web interface, we recommend you check the "Notify me of replies" box to receive e-mail notifications
    when there are any updates in your thread. When responding to posts via your newsreader, please "Reply to Group" so that others may
    learn and benefit from your issue.

    Microsoft engineers can only focus on one issue per thread. Although we provide other information for your reference, we recommend you
    post different incidents in different threads to keep the thread clean. In doing so, it will ensure your issues are resolved in a timely manner.

    For urgent issues, you may want to contact Microsoft CSS directly. Please check http://support.microsoft.com for regional support phone
    numbers.

    Any input or comments in this thread are highly appreciated.
    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    | From: "Nick" <>
    | References: <#> <> <e
    $> <> <OH$xZPmuIHA.524
    @TK2MSFTNGP05.phx.gbl> <> <OYCsSI#>
    <>
    | Subject: Re: Workstations getting faulty session - DNS / PTR record issue
    | Date: Thu, 29 May 2008 11:22:48 +0100
    | Lines: 642
    | X-Priority: 3
    | X-MSMail-Priority: Normal
    | X-Newsreader: Microsoft Outlook Express 6.00.3790.2929
    | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
    | X-RFC2646: Format=Flowed; Original
    | Message-ID: <>
    | Newsgroups: microsoft.public.windows.server.sbs
    | NNTP-Posting-Host: host86-154-52-163.range86-154.btcentralplus.com 86.154.52.163
    | Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP03.phx.gbl
    | Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:109914
    | X-Tomcat-NG: microsoft.public.windows.server.sbs
    |
    | Hi Terrence, still seeing the same problem.
    |
    | This morning one machine is displaying under Computer management - Shared
    | folders - Sessions by its NetBIOS name rather than its IP number. Even
    | closing the session and allowing it to recreate does not have any effect.
    |
    | Nick
    |
    | | > Hello Nick,
    | >
    | > Thank you for your update.
    | >
    | > After analyze the DNS records outcome, I find you have some repeat records
    | > in the zones.
    | >
    | > 1. You have duplicate records in the Reverse zone:
    | > ==============
    | > 192.168.16.17 Pointer (PTR) mobilenesmith.stkittsnevisregistry.local.
    | > 192.168.16.18 Pointer (PTR) mobilenesmith.stkittsnevisregistry.local.
    | > 192.168.16.19 Pointer (PTR) mobilenesmith.stkittsnevisregistry.local.
    | >
    | > 192.168.16.20 Pointer (PTR) mobilebsterre2.stkittsnevisregistry.local.
    | > 192.168.16.18 Pointer (PTR) mobilebsterre2.stkittsnevisregistry.local.
    | > ==================
    | > Note: the 192.168.16.18 is used for 2 different computers.
    | >
    | > Please delete the duplicate records.
    | >
    | > 2. You have duplicate records in the Forward zone:
    | > ===============
    | > sknserver Host (A) 192.168.1.2
    | > sknserver Host (A) 192.168.16.2
    | > ===============
    | > Please delete the duplicate records.
    | >
    | > After you change the records, please wait one day or two to monitor this
    | > issue. The records update need a period of time. You may also
    | > need to restart clients and SBS to make the them resolve names with new
    | > settings.
    | >
    | > I hope these steps will give you some help.
    | >
    | > Thanks and have a nice day!
    | >
    | > Best regards,
    | >
    | > Terence Liu (MSFT)
    | >
    | > Microsoft CSS Online Newsgroup Support
    | >
    | > Get Secure! - www.microsoft.com/security
    | >
    | > =====================================================
    | > This newsgroup only focuses on SBS technical issues. If you have issues
    | > regarding other Microsoft products, you'd better post in the
    | > corresponding newsgroups so that they can be resolved in an efficient and
    | > timely manner. You can locate the newsgroup here:
    | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
    | >
    | > When opening a new thread via the web interface, we recommend you check
    | > the "Notify me of replies" box to receive e-mail notifications
    | > when there are any updates in your thread. When responding to posts via
    | > your newsreader, please "Reply to Group" so that others may
    | > learn and benefit from your issue.
    | >
    | > Microsoft engineers can only focus on one issue per thread. Although we
    | > provide other information for your reference, we recommend you
    | > post different incidents in different threads to keep the thread clean. In
    | > doing so, it will ensure your issues are resolved in a timely manner.
    | >
    | > For urgent issues, you may want to contact Microsoft CSS directly. Please
    | > check http://support.microsoft.com for regional support phone
    | > numbers.
    | >
    | > Any input or comments in this thread are highly appreciated.
    | > =====================================================
    | >
    | > This posting is provided "AS IS" with no warranties, and confers no
    | > rights.
    | >
    | > --------------------
    | > | From: "Nick" <>
    | > | References: <#>
    | > <> <e
    | > $>
    | > <> <OH$xZPmuIHA.524
    | > @TK2MSFTNGP05.phx.gbl> <>
    | > | Subject: Re: Workstations getting faulty session - DNS / PTR record
    | > issue
    | > | Date: Tue, 27 May 2008 11:11:42 +0100
    | > | Lines: 457
    | > | X-Priority: 3
    | > | X-MSMail-Priority: Normal
    | > | X-Newsreader: Microsoft Outlook Express 6.00.3790.2929
    | > | X-RFC2646: Format=Flowed; Original
    | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
    | > | Message-ID: <OYCsSI#>
    | > | Newsgroups: microsoft.public.windows.server.sbs
    | > | NNTP-Posting-Host: host86-143-103-26.range86-143.btcentralplus.com
    | > 86.143.103.26
    | > | Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP04.phx.gbl
    | > | Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:109510
    | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
    | > |
    | > | Terrence,
    | > |
    | > | Problem back again with one workstation this morning. Screen shots and
    | > DNS
    | > | text files emailed to you as requested.
    | > |
    | > | Rgds,
    | > | Nick
    | > |
    | > |
    | > |
    | > | | > | > Hello Nick,
    | > | >
    | > | > Thank you for your update.
    | > | >
    | > | > 1. Dynamic updates of the zone
    | > | >
    | > | > a. You can set the Reverse lookup zones - 192.168.16.x as 'Nonsecure
    | > and
    | > | > secure', but do not change any settings on Forward Lookup zones -
    | > | > _msdcs.domain.local. It is used for AD resource name resolution.
    | > | >
    | > | > b. You can tick the option "Scavenge stale resource records" for
    | > Forward
    | > | > Lookup zones - Domain.local and Reverse lookup zones - 192.168.16.x,
    | > but
    | > | > not Forward Lookup zones - _msdcs.domain.local.
    | > | >
    | > | > c. Please ignore the warning of 'Allowing nonsecure dynamic updates is
    | > a
    | > | > significant security vulnerability...'
    | > | >
    | > | > 2. For the client computers, we need to join them to SBS domain. When
    | > | > access the shared folders, ensure the clients use the domain accounts
    | > to
    | > | > logon computers.
    | > | >
    | > | > 3. For the PTR record permission, the owner should be 'Administrator'
    | > and
    | > | > 'Administrators'. Meanwhile, you need to ensure 'Everyone' has 'Read'
    | > | > permission of each record.
    | > | >
    | > | > 4. Please wait one day or two to monitor this issue. The records
    | > update
    | > | > need a period of time. You may also need to restart clients and SBS to
    | > | > make
    | > | > the them resolve names with new settings.
    | > | >
    | > | > If we cannot resolve the issue after we perform the above steps,
    | > please
    | > | > help me collect some information for further investigation:
    | > | >
    | > | > 1. Please open Forward Lookup zones - Domain.local and Reverse lookup
    | > | > zones
    | > | > - 192.168.16.x properties, select general tab, and capture screenshots
    | > on
    | > | > the windows and send the pictures to me at
    | > | >
    | > | > 2. Right click Forward Lookup zones - Domain.local and Reverse lookup
    | > | > zones
    | > | > - 192.168.16.x, select 'Export List', save the lists to text files and
    | > | > send
    | > | > to me.
    | > | >
    | > | > I hope these steps will give you some help.
    | > | >
    | > | > Thanks and have a nice day!
    | > | >
    | > | > Best regards,
    | > | >
    | > | > Terence Liu (MSFT)
    | > | >
    | > | > Microsoft CSS Online Newsgroup Support
    | > | >
    | > | > Get Secure! - www.microsoft.com/security
    | > | >
    | > | > =====================================================
    | > | > This newsgroup only focuses on SBS technical issues. If you have
    | > issues
    | > | > regarding other Microsoft products, you'd better post in the
    | > corresponding
    | > | > newsgroups so that they can be resolved in an efficient and timely
    | > manner.
    | > | > You can locate the newsgroup here:
    | > | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
    | > | >
    | > | > When opening a new thread via the web interface, we recommend you
    | > check
    | > | > the
    | > | > "Notify me of replies" box to receive e-mail notifications when there
    | > are
    | > | > any updates in your thread. When responding to posts via your
    | > newsreader,
    | > | > please "Reply to Group" so that others may learn and benefit from your
    | > | > issue.
    | > | >
    | > | > Microsoft engineers can only focus on one issue per thread. Although
    | > we
    | > | > provide other information for your reference, we recommend you post
    | > | > different incidents in different threads to keep the thread clean. In
    | > | > doing
    | > | > so, it will ensure your issues are resolved in a timely manner.
    | > | >
    | > | > For urgent issues, you may want to contact Microsoft CSS directly.
    | > Please
    | > | > check http://support.microsoft.com for regional support phone numbers.
    | > | >
    | > | > Any input or comments in this thread are highly appreciated.
    | > | > =====================================================
    | > | >
    | > | > This posting is provided "AS IS" with no warranties, and confers no
    | > | > rights.
    | > | >
    | > | > --------------------
    | > | > | From: "Nick" <>
    | > | > | References: <#>
    | > | > <>
    | > | > <e$>
    | > | > <>
    | > | > | Subject: Re: Workstations getting faulty session - DNS / PTR record
    | > | > issue
    | > | > | Date: Tue, 20 May 2008 11:25:34 +0100
    | > | > | Lines: 281
    | > | > | X-Priority: 3
    | > | > | X-MSMail-Priority: Normal
    | > | > | X-Newsreader: Microsoft Outlook Express 6.00.3790.2929
    | > | > | X-RFC2646: Format=Flowed; Original
    | > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
    | > | > | Message-ID: <OH$>
    | > | > | Newsgroups: microsoft.public.windows.server.sbs
    | > | > | NNTP-Posting-Host: host81-154-197-37.range81-154.btcentralplus.com
    | > | > 81.154.197.37
    | > | > | Path:
    | > TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP05.phx.gbl
    | > | > | Xref: TK2MSFTNGHUB02.phx.gbl
    | > microsoft.public.windows.server.sbs:108477
    | > | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
    | > | > |
    | > | > | Terrence, thanks for your suggestions.
    | > | > |
    | > | > | PTR records already exist for all computers.
    | > | > |
    | > | > | DNS - ServerName -
    | > | > | Forward Lookup zones - Domain.local - Dynamic updates was
    | > 'Secure
    | > | > only',
    | > | > | now changed to 'Nonsecure and secure'
    | > | > | Aging button - "Scavenge stale resource records" already tyurned
    | > | > Off.
    | > | > | Is this safe - there is a warning on screen about 'Allowing
    | > | > | nonsecure dynamic updates is a significant security vulerability...'
    | > | > | Should I also do the same in Reverse lookup zones -
    | > 192.168.16.x
    | > | > as
    | > | > | that is currently set to Secure only?
    | > | > | Also what about Forward Lookup zones - _msdcs.domain.local
    | > is
    | > | > same
    | > | > | necessary there?
    | > | > |
    | > | > | Will monitor and report back status.
    | > | > |
    | > | > | > Suggestion 3: Ensure every client computer join SBS domain, and
    | > logon
    | > | > | > domain when access the shared folders. Otherwise, the SBS may
    | > unable
    | > | > to
    | > | > | > recognize the client.
    | > | > |
    | > | > | Not quite sure I understand what you are asking here. All
    | > workstations
    | > | > are
    | > | > | part of the domain.
    | > | > |
    | > | > | With regard to the PTR record something I have noticed:
    | > | > | This morning I have one workstation displaying as NetBIOS rather
    | > than
    | > | > FQDN.
    | > | > | Looking up Permissions for PTR record for this machine in Reverse
    | > lookup
    | > | > | zones shows that this PTR record does not have a permissions entry
    | > for
    | > | > the
    | > | > | Machine Name, all others have a permisions entry for:
    | > | > | Domain\MachineX$: Write all properties, Read Permissions, All
    | > | > validated
    | > | > | writes.
    | > | > | Any thoughts as to why this is? Who should be the owner of the PTR
    | > | > record,
    | > | > | System or Computer account? Am I perhaps missing some permission
    | > | > somewhere
    | > | > | which is causing this.
    | > | > |
    | > | > | With regards,
    | > | > | Nick
    | > | > |
    | > | > |
    | > message
    | > | > | | > | > | > Hello Nick,
    | > | > | >
    | > | > | > Thank you for posting here.
    | > | > | >
    | > | > | > According to your description, I understand that when you view the
    | > | > | > connected users under Server Management console -> Shares, some
    | > | > computers
    | > | > | > display as NetBIOS name but not FQDN. If I have misunderstood the
    | > | > problem,
    | > | > | > please don't hesitate to let me know.
    | > | > | >
    | > | > | > Based on my research, this is the issue of the PRT record of the
    | > | > | > problematic computers. The SBS detects shared folders connection
    | > thru
    | > | > IP
    | > | > | > address. If the IP could resolve to FQDN in DNS, the console will
    | > | > display
    | > | > | > as FQDN, or you will see IP address or just computer name. I
    | > suggest
    | > | > we
    | > | > | > try
    | > | > | > the following steps to see if we can resolve this issue:
    | > | > | >
    | > | > | > Suggestion 1: Create the PTR record for the problematic client
    | > | > computers:
    | > | > | > 1. Click Start on SBS, click Run, type "dnsmgmt.msc" and click OK.
    | > | > | >
    | > | > | > 2. Expand your server\Reverse Lookup Zones\<your local
    | > subnet>.Subnet.
    | > | > | >
    | > | > | > 3. Can you see the PTR record for the unresolved IP address, if
    | > not,
    | > | > | > please
    | > | > | > add a PTR record for this IP address.
    | > | > | >
    | > | > | > Pointer (PTR) - For mapping a reverse DNS domain name based on the
    | > IP
    | > | > | > address of a computer that points to the forward DNS domain name
    | > of
    | > | > that
    | > | > | > computer.
    | > | > | >
    | > | > | > PTR records are used to support the reverse lookup process, based
    | > on
    | > | > zones
    | > | > | > created and rooted in the in-addr.arpa domain. These records are
    | > used
    | > | > to
    | > | > | > locate a computer by its IP address and resolve this information
    | > to
    | > | > the
    | > | > | > DNS
    | > | > | > domain name for that computer.
    | > | > | >
    | > | > | > PTR RRs can be added to a zone in several ways:
    | > | > | >
    | > | > | > - You can manually create a PTR RR for a static TCP/IP client
    | > computer
    | > | > | > using the DNS, either as a separate procedure or as part of the
    | > | > procedure
    | > | > | > for creating an A RR.
    | > | > | >
    | > | > | > - Computers use the DHCP Client service to dynamically register
    | > and
    | > | > update
    | > | > | > their PTR RR in DNS when an IP configuration change occurs.
    | > | > | >
    | > | > | > - All other DHCP-enabled client computers can have their PTR RRs
    | > | > | > registered
    | > | > | > and updated by the DHCP server if they obtain their IP lease from
    | > a
    | > | > | > qualified server. The Windows 2000 and Windows Server 2003 DHCP
    | > Server
    | > | > | > service provides this capability.
    | > | > | >
    | > | > | > The pointer (PTR) resource record is used only in reverse lookup
    | > zones
    | > | > to
    | > | > | > support reverse lookup.
    | > | > | >
    | > | > | > Suggestion 2: Please also perform the following steps to make DNS
    | > can
    | > | > | > update PTR record automatic:
    | > | > | >
    | > | > | > In dnsmgmt, right-click <your local subnet>.Subnet and click
    | > | > Properties.
    | > | > | > On
    | > | > | > General tab, in "Dynamic updates" please select "Nonsecure and
    | > | > secure".
    | > | > | > Click Aging button, do not tick "Scavenge stale resource records".
    | > | > | >
    | > | > | > Then monitor for one day (waiting for auto update).
    | > | > | >
    | > | > | > Suggestion 3: Ensure every client computer join SBS domain, and
    | > logon
    | > | > | > domain when access the shared folders. Otherwise, the SBS may
    | > unable
    | > | > to
    | > | > | > recognize the client.
    | > | > | >
    | > | > | > I hope these steps will give you some help.
    | > | > | >
    | > | > | > Thanks and have a nice day!
    | > | > | >
    | > | > | > Best regards,
    | > | > | >
    | > | > | > Terence Liu (MSFT)
    | > | > | >
    | > | > | > Microsoft CSS Online Newsgroup Support
    | > | > | >
    | > | > | > Get Secure! - www.microsoft.com/security
    | > | > | >
    | > | > | > =====================================================
    | > | > | > This newsgroup only focuses on SBS technical issues. If you have
    | > | > issues
    | > | > | > regarding other Microsoft products, you'd better post in the
    | > | > corresponding
    | > | > | > newsgroups so that they can be resolved in an efficient and timely
    | > | > manner.
    | > | > | > You can locate the newsgroup here:
    | > | > | > http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
    | > | > | >
    | > | > | > When opening a new thread via the web interface, we recommend you
    | > | > check
    | > | > | > the
    | > | > | > "Notify me of replies" box to receive e-mail notifications when
    | > there
    | > | > are
    | > | > | > any updates in your thread. When responding to posts via your
    | > | > newsreader,
    | > | > | > please "Reply to Group" so that others may learn and benefit from
    | > your
    | > | > | > issue.
    | > | > | >
    | > | > | > Microsoft engineers can only focus on one issue per thread.
    | > Although
    | > | > we
    | > | > | > provide other information for your reference, we recommend you
    | > post
    | > | > | > different incidents in different threads to keep the thread clean.
    | > In
    | > | > | > doing
    | > | > | > so, it will ensure your issues are resolved in a timely manner.
    | > | > | >
    | > | > | > For urgent issues, you may want to contact Microsoft CSS directly.
    | > | > Please
    | > | > | > check http://support.microsoft.com for regional support phone
    | > numbers.
    | > | > | >
    | > | > | > Any input or comments in this thread are highly appreciated.
    | > | > | > =====================================================
    | > | > | >
    | > | > | > This posting is provided "AS IS" with no warranties, and confers
    | > no
    | > | > | > rights.
    | > | > | >
    | > | > | > --------------------
    | > | > | > | From: "Nick" <>
    | > | > | > | References: <#>
    | > | > | > <>
    | > | > | > | Subject: Re: Workstations getting faulty session - DNS / PTR
    | > record
    | > | > | > issue
    | > | > | > | Date: Mon, 19 May 2008 11:06:55 +0100
    | > | > | > | Lines: 92
    | > | > | > | X-Priority: 3
    | > | > | > | X-MSMail-Priority: Normal
    | > | > | > | X-Newsreader: Microsoft Outlook Express 6.00.3790.2929
    | > | > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
    | > | > | > | X-RFC2646: Format=Flowed; Original
    | > | > | > | Message-ID: <e$>
    | > | > | > | Newsgroups: microsoft.public.windows.server.sbs
    | > | > | > | NNTP-Posting-Host:
    | > host86-136-136-109.range86-136.btcentralplus.com
    | > | > | > 86.136.136.109
    | > | > | > | Path:
    | > | > TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP05.phx.gbl
    | > | > | > | Xref: TK2MSFTNGHUB02.phx.gbl
    | > | > microsoft.public.windows.server.sbs:108302
    | > | > | > | X-Tomcat-NG: microsoft.public.windows.server.sbs
    | > | > | > |
    | > | > | > | DavidGold,
    | > | > | > |
    | > | > | > | > not sure where exactly you are talking about, perhaps Computer
    | > | > | > Management
    | > | > | > | > under Shared Folders/Sessions?
    | > | > | > |
    | > | > | > | Server Management - Shares - View Connected Users.
    | > | > | > |
    | > | > | > | > assuming your are using SBS and there is only one domain why
    | > is it
    | > | > | > | > relevant?
    | > | > | > | > I mean, it's always going to be the same anyway whether it's
    | > | > spelled
    | > | > | > out
    | > | > | > | > or
    | > | > | > | > not.
    | > | > | > |
    | > | > | > | What I didn't explain was that this started with a problem
    | > wereeby
    | > | > some
    | > | > | > | would appear as their IP number instead which caused server
    | > manager
    | > | > to
    | > | > | > | lock-up. That problem has been solved by DHCP console - DNS
    | > tab -
    | > | > | > "Always
    | > | > | > | dynamically update DNS A and PTR records" but things are
    | > obviously
    | > | > still
    | > | > | > not
    | > | > | > | working perfectly. I agree that this is not causing us any
    | > apparent
    | > | > | > | problems but would like to get to the bottom of the problem
    | > before
    | > | > it
    | > | > | > does.
    | > | > | > |
    | > | > | > | Just had the same thing on one workstation and found a clue this
    | > | > time.
    | > | > | > | DNS - Reverse lookup zones - 192.168.16.x Subnet - PTR record
    | > for
    | > | > the
    | > | > | > | machine with faulty session - Properties - Security
    | > | > | > | Permissions for Computer account (domain\MachineXX) -
    | > unknown
    | > | > | > account!
    | > | > | > | Should be domain\MachineXX - Write all properties, Read
    | > | > permissions
    | > | > | > &
    | > | > | > | All validate writes
    | > | > | > |
    | > | > | > | Also find that DNS - Forward lookup zones - Host(A) record for
    | > | > machine -
    | > | > | > | Update associated pointer (PTR) record is not enabled
    | > | > | > | plus Permissions for the Computer account
    | > (domain\MachineXX) -
    | > | > | > unknown
    | > | > | > | account!
    | > | > | > |
    | > | > | > |
    | > | > | > | Any ideas why this is happening.
    | > | > | > |
    | > | > | > | Thx,
    | > | > | > | Nick
    | > | > | > |
    | > | > | > |
    | > | > | > |
    | > message
    | > | > | > | | > | > | > | >> Normally workstations are listed in Sessions page in Local
    | > | > Computer /
    | > | > | > | >> Computer
    | > | > | > | >
    | > | > | > | > not sure where exactly you are talking about, perhaps Computer
    | > | > | > Management
    | > | > | > | > under Shared Folders/Sessions?
    | > | > | > | >
    | > | > | > | >> as Computer.domail.local, but some days one or two are listed
    | > by
    | > | > | > their
    | > | > | > | >> short
    | > | > | > | >> computer name instead, any ideas why?
    | > | > | > | >
    | > | > | > | > assuming your are using SBS and there is only one domain why
    | > is it
    | > | > | > | > relevant?
    | > | > | > | > I mean, it's always going to be the same anyway whether it's
    | > | > spelled
    | > | > | > out
    | > | > | > | > or
    | > | > | > | > not.
    | > | > | > | >
    | > | > | > | >
    | > | > | > | >
    | > | > | > | >
    | > | > | > | >
    | > | > | > | > "Nick" wrote:
    | > | > | > | >
    | > | > | > | >> I have an intermittent problem which occasionally affect
    | > various
    | > | > of
    | > | > | > our
    | > | > | > | >> workstations:
    | > | > | > | >>
    | > | > | > | >> Normally workstations are listed in Sessions page in Local
    | > | > Computer /
    | > | > | > | >> Computer
    | > | > | > | >> as Computer.domail.local, but some days one or two are listed
    | > by
    | > | > | > their
    | > | > | > | >> short
    | > | > | > | >> computer name instead, any ideas why?
    | > | > | > | >>
    | > | > | > | >> Our workstations are all use fixed IP numbers, DHCP allocated
    | > | > from
    | > | > | > MAC
    | > | > | > | >> address reservations.
    | > | > | > | >> DHCP console - DNS tab - "Always dynamically update DNS A and
    | > PTR
    | > | > | > | >> records"
    | > | > | > | >> is already enabled.
    | > | > | > | >>
    | > | > | > | >> This definately feels like a DNS / PTR record issue but I
    | > cannot
    | > | > see
    | > | > | > | >> what,
    | > | > | > | >> each workstation does have a PTR record it is just that
    | > sometimes
    | > | > | > they
    | > | > | > | >> don't
    | > | > | > | >> appear to get used properly.
    | > | > | > | >>
    | > | > | > | >> Thx,
    | > | > | > | >> Nick
    | > | > | > | >>
    | > | > | > | >>
    | > | > | > | >>
    | > | > | > |
    | > | > | > |
    | > | > | > |
    | > | > | >
    | > | > |
    | > | > |
    | > | > |
    | > | >
    | > |
    | > |
    | > |
    | >
    | >
    |
    |
    |
     
    Terence Liu [MSFT], May 30, 2008
    #12
  13. Nick

    Nick Guest

    Believe we may have now solved this issue. Have removed all fixed DHCP
    reservations which we had configured by MAC address for each workstation and
    PTR records etc now seem to work correctly.

    Nick
     
    Nick, Jun 26, 2008
    #13
  14. Hello Nick,

    Thank you very much for sharing your resolution. I appreciate your time on
    this issue.

    I'm glad to hear that things are working correctly for you now.

    I'd like to make a summary for this post:

    Issue:
    =============
    view the
    Open connected users under Server Management console -> Shares, some
    computers display as NetBIOS name but not FQDN

    Cause:
    =============
    PTR record not properly update

    Resolutions:
    =============
    Remove all reservations record for the client computers.

    Please do not hesitate to post in SBS newsgroup if you need any assistance
    in the future. I look forward to working with you again.

    Thank you and have a nice day,

    Best regards,

    Terence Liu (MSFT)

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    =====================================================
    This newsgroup only focuses on SBS technical issues. If you have issues
    regarding other Microsoft products, you'd better post in the corresponding
    newsgroups so that they can be resolved in an efficient and timely manner.
    You can locate the newsgroup here:
    http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

    When opening a new thread via the web interface, we recommend you check the
    "Notify me of replies" box to receive e-mail notifications when there are
    any updates in your thread. When responding to posts via your newsreader,
    please "Reply to Group" so that others may learn and benefit from your
    issue.

    Microsoft engineers can only focus on one issue per thread. Although we
    provide other information for your reference, we recommend you post
    different incidents in different threads to keep the thread clean. In doing
    so, it will ensure your issues are resolved in a timely manner.

    For urgent issues, you may want to contact Microsoft CSS directly. Please
    check http://support.microsoft.com for regional support phone numbers.

    Any input or comments in this thread are highly appreciated.
    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    <>
    <e$>
    <>
    <OH$>
    <>
    <OYCsSI#>
    <>
     
    Terence Liu [MSFT], Jun 27, 2008
    #14
  15. Nick

    Nick Guest

    Sorry to report the issue is back again! Worked fine for a week or so but
    this morning one workstation is back to the NetBIOS name while all the
    others are correctly displayed by FQDN.

    However one new clue noted is that for all machines:
    DNS / Forward lookup zones - Update associated pointer (PTR) record is
    disabled
    I enable this for one machine and it becomes enabled for all machines.
    However after closing Server Manager and checking it becomes disabled again.

    One more thing just noticed all the PTR records list the hostname as
    'machine.domain.local.' note the trailing dot. The _msdcs CName and NS
    records also seem to have this trailing dot, is this correct?

    Nick
     
    Nick, Jun 27, 2008
    #15
  16. Hello Nick,

    Thank you for your update.

    1. Yes the option Update associated pointer (PTR) record is for all A
    records. If you enable one, all will be enabled. To enable this option will
    delete some PTR records in the reverse zone. Therefore, we do not need to
    enable it.

    2. The trailing dot is also correct. That means the DNS root.

    This is a strange issue, I suggest we try the following steps to see if it
    help:

    1. Disable WINS-R lookup:

    a. Open DNS console on SBS
    b. Extend to Reverse Lookup Zones, right click the reverse subnet, select
    properties.
    c. Select WINS-R tab, uncheck Use WINS-R lookup option
    d. Click OK.

    Then, monitor this issue for a period of time.

    2. Enable DNS dynamic updates on DHCP

    a. Open DHCP console on SBS
    b. Right click SBS server name, select properties
    c. Select DNS tab, tick Enable DNS dynamic updates according to the
    settings below, and select Always dynamically update DNS A and PTR records.
    Tick Discard A and PRT records when lease is deleted.
    d. Click OK.

    Then, monitor this issue for a period of time.

    3. Please run the following command on problematic client computer to
    manually update PTR record in DNS:

    ipconfig /registerdns

    Then, monitor this issue for a period of time.

    If we cannot resolve the issue after we perform the steps above, this issue
    will become more complex, you will need to call our CSS for further
    assistance.

    I hope these steps will give you some help.

    Thanks and have a nice day!

    Best regards,

    Terence Liu (MSFT)

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    =====================================================
    This newsgroup only focuses on SBS technical issues. If you have issues
    regarding other Microsoft products, you'd better post in the corresponding
    newsgroups so that they can be resolved in an efficient and timely manner.
    You can locate the newsgroup here:
    http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

    When opening a new thread via the web interface, we recommend you check the
    "Notify me of replies" box to receive e-mail notifications when there are
    any updates in your thread. When responding to posts via your newsreader,
    please "Reply to Group" so that others may learn and benefit from your
    issue.

    Microsoft engineers can only focus on one issue per thread. Although we
    provide other information for your reference, we recommend you post
    different incidents in different threads to keep the thread clean. In doing
    so, it will ensure your issues are resolved in a timely manner.

    For urgent issues, you may want to contact Microsoft CSS directly. Please
    check http://support.microsoft.com for regional support phone numbers.

    Any input or comments in this thread are highly appreciated.
    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    <>
    <e$>
    <>
    <OH$>
    <>
    <OYCsSI#>
    <>
    <>
    <>
     
    Terence Liu [MSFT], Jun 30, 2008
    #16
  17. Nick

    Nick Guest

    Thanks Terence,
    Will wait until a workstation has the problem and try running this.

    Will revert after a short trial period,

    ALl the best,
    Nick
     
    Nick, Jun 30, 2008
    #17
  18. Hello Nick,

    Thank you for your update.

    I hope everything is going well.

    If there's anything else about this issue I can do for you, please do not
    hesitate to let me know.

    Thank you and have a nice day,

    Best regards,

    Terence Liu (MSFT)

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    =====================================================
    This newsgroup only focuses on SBS technical issues. If you have issues
    regarding other Microsoft products, you'd better post in the corresponding
    newsgroups so that they can be resolved in an efficient and timely manner.
    You can locate the newsgroup here:
    http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

    When opening a new thread via the web interface, we recommend you check the
    "Notify me of replies" box to receive e-mail notifications when there are
    any updates in your thread. When responding to posts via your newsreader,
    please "Reply to Group" so that others may learn and benefit from your
    issue.

    Microsoft engineers can only focus on one issue per thread. Although we
    provide other information for your reference, we recommend you post
    different incidents in different threads to keep the thread clean. In doing
    so, it will ensure your issues are resolved in a timely manner.

    For urgent issues, you may want to contact Microsoft CSS directly. Please
    check http://support.microsoft.com for regional support phone numbers.

    Any input or comments in this thread are highly appreciated.
    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    <>
    <e$>
    <>
    <OH$>
    <>
    <OYCsSI#>
    <>
    <>
    <>
    <>
    <>
     
    Terence Liu [MSFT], Jul 1, 2008
    #18
  19. Nick

    Nick Guest

    Hello Terence, problem is back again.

    Can we look at this from a different angle, it is the Sessions screen which
    is displaying incorrect machine info. What mechanism does Session manager
    use to obtain the Computer-name from the Username?

    Thx,
    Nick
     
    Nick, Jul 4, 2008
    #19
  20. Hi Nick,

    Thank you for your update.

    I'm sorry for the delay response due to the weekend.

    First I want to explain that since we have performed some troubleshooting
    steps and the issue remains. I think this problem may be a little complex
    and our troubleshooting maybe time-consuming. So if you would like to call
    CSS for assistance, I would be appreciate and think it is a more effective
    ways. To obtain the phone numbers for specific technology request please
    take a look at the web site listed below.

    http://support.microsoft.com/default.aspx?scid=fh;EN-US;PHONENUMBERS

    If you are outside the US please see http://support.microsoft.com for
    regional support phone numbers.

    Additionally, I want to suggest you perform the following steps:

    1. Clear DNS cache: Open DNS console on SBS, right click SBSServerName,
    select Clear Cache command.

    2. If the issue only happen on individual client computer name, I suggest
    you check the DNS suffix setting on it: Right click My Computer on the
    problematic client, select properties, select Computer Name tab, click
    Change button, click More button, ensure the there is
    "stkittsnevisregistry.local" in the box.

    3. The computer name but not FQDN in the sessions screen, may because the
    WINS resolved the IP before DNS. You can try to delete WINS server settings
    from SBS NIC, and make the DNS the only name resolution method: NIC
    properties -> TCP/IP properties -> Advanced -> WINS tab, remove WINS.

    Note: If you get any network related issue after you remove the WINS,
    please roll back the settings.

    I hope these steps will give you some help.

    Thanks for your understanding and have a nice day!

    Best regards,

    Terence Liu (MSFT)

    Microsoft CSS Online Newsgroup Support

    Get Secure! - www.microsoft.com/security

    =====================================================
    This newsgroup only focuses on SBS technical issues. If you have issues
    regarding other Microsoft products, you'd better post in the corresponding
    newsgroups so that they can be resolved in an efficient and timely manner.
    You can locate the newsgroup here:
    http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

    When opening a new thread via the web interface, we recommend you check the
    "Notify me of replies" box to receive e-mail notifications when there are
    any updates in your thread. When responding to posts via your newsreader,
    please "Reply to Group" so that others may learn and benefit from your
    issue.

    Microsoft engineers can only focus on one issue per thread. Although we
    provide other information for your reference, we recommend you post
    different incidents in different threads to keep the thread clean. In doing
    so, it will ensure your issues are resolved in a timely manner.

    For urgent issues, you may want to contact Microsoft CSS directly. Please
    check http://support.microsoft.com for regional support phone numbers.

    Any input or comments in this thread are highly appreciated.
    =====================================================

    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------
    <>
    <e$>
    <>
    <OH$>
    <>
    <OYCsSI#>
    <>
    <>
    <>
    <>
    <>
    <>
    <zRJ#>
     
    Terence Liu [MSFT], Jul 7, 2008
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.