DNS Entry of Domain Controller are Resolving to Incorrect value

By | May 24, 2015

One of the Domain Controller DNS entries pointing to wrong IP Address (resolving with the wrong IP address) which is affected Active Directory authentication and other services. This is a unique issue which I have come across

It’s a single forest with multiple child domains as the architecture, when try to resolve one of the child Domain’s Domain Controller from other child domain, it resolve to incorrect value and after sometime the DNS servers will resolve with the correct IP addresses

Affected Domain Controller configured with Correct IP and no issues with DNS resolution with in same domain, issue seen if we resolve from other child domain and was very intermittent, sometime resolves correct IP and sometime not

Root Cause:

Cross Domain DNS resolution through DNS zone delegation (not through DNS forwarder /conditional forwarder), found the wrong IP configured on the NS record from DNS zone delegation for child domain on root Domain

Domain Controllers on all child domains are configured with DNS forwarder to root Domain and DNS zone delegation configured for all child domains on root Domain, will able to resolve any Domain DNS from All the Domains


DNS zone delegation with manual NS record that causes the issue, if we change the Domain Controller IP address, need to change the NS record IP address on DNS zone delegation to avoid this issue


Need to configure conditional forwarder on all DNS servers for each Domain with multiple IP address for redundancy


5 thoughts on “DNS Entry of Domain Controller are Resolving to Incorrect value

  1. Neeraj Guleria S

    Extra ordinary stuffs, excellent ! Thank You. This tutorial helped me to crack L3 AD interview in short span

  2. Shishir kumar

    Posted blogs content is really meaningful simple and fantastic.
    Thanks for posting so much information.


Leave a Reply

Your email address will not be published. Required fields are marked *