Microsoft Generic

Active Directory: Best Practices for Internal Domain and Network Names

Introduction

When planning for a new Active Directory (AD) or upgrade AD, or merging AD one of the topics that will get on the table is planning DNS. DNS is the Domain Naming system, used to translate names into network (IP) addresses. Certainly this is the case if you need to plan for integration with an extranet, DMZ (demilitarized zone, typically between intranet and internet), or publishing website and applications

Microsoft Generic

216.146.35.35 & 216.146.36.36 added as primary to your DNS settings

With the update to their client version 5.3.1 for Windows, DynDNS sets the first to entries in your local DNS to 216.146.35.35 and 216.146.36.36. Unfortunately this causes the machine the DynDNS client is installed on to fail to contact any other server within the local network up to giving login issues over RDP if this server is domain joined and requires NLA. The reason is happens is that this update sets the option “Use Dyn Recursive DNS servers on this machine” default.
This can be disabled by opening the client, click Settings, click Preferences and uncheck “Use Dyn Recursive DNS servers on this machine”

Dyn Updater Preferences (not real IP nor account)

Once this option is unchecked, the client will stop hijacking DNS on the machine it’s installed on.

Microsoft Generic

Monitoring for WMI corruption issues and rebuilding WMI

Background

  • WMI is a Windows OS component that is present on every Windows server and PC
  • WMI corruption can cause failures that include failure to apply Group Policy
  • Some organizations rely upon Group Policy to secure servers, secure group membership to groups with elevated rights, and to provide the working environment for interactive Remote Desktop Services users
  • WMI failures could lead to service outages or security issues