Re: DNS Error--Anyone?
From: David Pharr [MSFT] (dpharr_at_microsoft.com)
Date: 04/14/04
- Next message: David Pharr [MSFT]: "RE: Active Directory User and Computer program issue"
- Previous message: dayaker reddy yasa: "adc"
- In reply to: Chris Hall: "Re: DNS Error--Anyone?"
- Next in thread: Chris Hall: "Re: DNS Error--Anyone?"
- Reply: Chris Hall: "Re: DNS Error--Anyone?"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 14 Apr 2004 02:10:22 GMT
Hi Chris,
Yes, if you had a dot zone it would show up under the Forward Lookup Zone.
Did you configure the PDC Emulator at the root of the forest for time
synchronization with an outside time server? If everyone is using Nt5DS as
their type (the default setting), this allows them all to synchronize with
the PDC Emulator as the master time server and that machine should be the
one to monitor the time.
216734 How to Configure an Authoritative Time Server in Windows 2000
http://support.microsoft.com/?id=216734
If you pick a machine that is not a domain controller to be your time
server, none of the other machines will automatically discover that time
server. You can select any machine to be a time server, but you would have
to point everyone to that server via their registry settings for W32Time.
I believe (and I'll double-check this so that I'm not giving you bad
information) that the frequency is based upon the Period setting in the
W32Time parameter registry setting on that manually configured server.
These settings are all located in
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters.
Here's the normal time synchronization process for clients/servers in a
Windows 2000 domain:
224799 Basic Operation of the Windows Time Service
http://support.microsoft.com/?id=224799
For detailed information on Windows time in Windows 2000, checkout the
following white paper:
http://www.microsoft.com/windows2000/techinfo/howitworks/security/wintimeser
v.asp
David Pharr, dpharr@online.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: "Chris Hall" <chris.hall@securityfederalbank.com>
| References: <OBNSXQ1GEHA.3776@tk2msftngp13.phx.gbl>
<#CtAzNBHEHA.1528@TK2MSFTNGP09.phx.gbl>
<zFYUwEsHEHA.3704@cpmsftngxa06.phx.gbl>
| Subject: Re: DNS Error--Anyone?
| Date: Tue, 13 Apr 2004 12:37:40 -0400
| Lines: 140
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
| Message-ID: <uESs7SXIEHA.1048@TK2MSFTNGP12.phx.gbl>
| Newsgroups: microsoft.public.win2000.active_directory
| NNTP-Posting-Host: 208.61.216.3
| Path:
cpmsftngxa10.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP12
phx.gbl
| Xref: cpmsftngxa10.phx.gbl microsoft.public.win2000.active_directory:76461
| X-Tomcat-NG: microsoft.public.win2000.active_directory
|
| Hi David,
|
| I didn't see a "." zone in the dns console....if it existed, wouldn't it
| show up in the Forward zones?
|
| No problems pinging, accessing resources...over the weekend and this
| morning, the event logs looked pretty clean. How often do clients/servers
| try to sychronize time from the time source? I do have one of my servers
set
| to get time from an NTP server.
|
| ""David Pharr [MSFT]"" <dpharr@microsoft.com> wrote in message
| news:zFYUwEsHEHA.3704@cpmsftngxa06.phx.gbl...
| > Hi Chris,
| >
| > Sorry, been away for a few days. I looked at your initial logs and they
| > looked fine - ad replication, frs, permissions on your default domain
| > controller policy, fsmo roles, dcdiag and netdiag all look fine.
| >
| > I took a quick look at your second set of logs and they look pretty
good,
| > too. FRS is working fine - if FRS cycles through 13508 and 13509 you're
| > ok. You are having a problem if you continually get 13508 with no good
| > messages (13509 and 13516). The versions for the group policies on both
| > DCs matches according to the gpotool results so it looks like the
contents
| > are synchronized.
| >
| > The DNS 4004 error looks like the AD isn't fully up and running when it
| > tries to load the ad-integrated zone. It looks like it is trying to
load
| > 4 zones - your domain zone, two reverse lookup zones and another one.
You
| > don't have a dot (.) zone, do you? If so, delete it - this machine is
not
| > the root of the Internet so that dot (.) zone shouldn't be there.
| >
| > I would venture to guess that the records are present on both DCs and
that
| > you have no problem accessing resources or pinging machines by fqdn, ip
| > address or netbios names - is that correct? It may be a timing issue
but
| > I'll have to check into this and get back to you when I'm more alert. A
| > quick workaround would be to change it from ad-integrated to standard
| > primary.
| >
| > I'll get back to you this weekend with an update.
| >
| > David Pharr, dpharr@online.microsoft.com
| >
| > This posting is provided "AS IS" with no warranties, and confers no
| rights.
| > --------------------
| > | From: "Chris Hall" <chris.hall@securityfederalbank.com>
| > | References: <OBNSXQ1GEHA.3776@tk2msftngp13.phx.gbl>
| > | Subject: Re: DNS Error--Anyone?
| > | Date: Tue, 6 Apr 2004 16:18:34 -0400
| > | Lines: 55
| > | X-Priority: 3
| > | X-MSMail-Priority: Normal
| > | X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
| > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
| > | Message-ID: <#CtAzNBHEHA.1528@TK2MSFTNGP09.phx.gbl>
| > | Newsgroups: microsoft.public.win2000.active_directory
| > | NNTP-Posting-Host: 208.61.216.3
| > | Path:
| >
|
cpmsftngxa06.phx.gbl!TK2MSFTNGXA06.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP0
| > 8.phx.gbl!TK2MSFTNGP09.phx.gbl
| > | Xref: cpmsftngxa06.phx.gbl
| microsoft.public.win2000.active_directory:72393
| > | X-Tomcat-NG: microsoft.public.win2000.active_directory
| > |
| > |
| > | "Chris Hall" <chris.hall@securityfederalbank.com> wrote in message
| > | news:OBNSXQ1GEHA.3776@tk2msftngp13.phx.gbl...
| > | > I've setup a couple of test machines to try to work through
| installation
| > | > problems before installing on production servers....
| > | >
| > | > My original issue began on 3/29/04. I decided that it would be best
to
| > | just
| > | > reinstall the servers and sought advice in the thread "Installing
| Active
| > | > Directory and DNS 3/29/04"
| > | >
| > | > I've installed the first test server and promoted to a DC without a
| > | problem
| > | > (verified AD install, etc..per suggestions in the above mentioned
| > thread).
| > | I
| > | > installed the second server, setup static IP address, joined the
| domain,
| > | > made sure TCP/IP & DNS was all working and was getting ready to
| install
| > | DNS
| > | > on the second server per KB Articles 238369, when I noticed odd
errors
| > on
| > | > the first server. The errors I'm getting are Event ID: 4011 errors:
| > | >
| > | >
| > | > The DNS server was unable to add or write an update of domain
name
| > | _ldap
| > | > in zone name.com to the Active Directory. Check that the Active
| > | > Directory is functioning properly and add or update this domain name
| > using
| > | > the DNS console. The event data contains the error.
| > | >
| > | > The DNS server was unable to add or write an update of domain
name
| > _gc
| > | > in zone name.com to the Active Directory. Check that the Active
| > | > Directory is functioning properly and add or update this domain name
| > using
| > | > the DNS console. The event data contains the error.
| > | >
| > | > The DNS server was unable to add or write an update of domain
name
| > gc
| > | in
| > | > zone name.com to the Active Directory. Check that the Active
| > | > Directory is functioning properly and add or update this domain name
| > using
| > | > the DNS console. The event data contains the error.
| > | >
| > | > This is the only server in this test network, so I can't move the GC
| to
| > | > another server. I don't want to promote the other server if DNS/AD
| isn't
| > | > functioning properly--I could since this is only a test network, but
| I'm
| > | > trying to run through things before I install this in a production
| > | > environment.
| > | >
| > | > I've been told if we don't get this working, we'll be installing
| NetWare
| > | on
| > | > both servers.
| > | >
| > | > Any suggestions?
| > | >
| > | >
| > | >
| > |
| > |
| > |
| >
| >
|
|
|
- Next message: David Pharr [MSFT]: "RE: Active Directory User and Computer program issue"
- Previous message: dayaker reddy yasa: "adc"
- In reply to: Chris Hall: "Re: DNS Error--Anyone?"
- Next in thread: Chris Hall: "Re: DNS Error--Anyone?"
- Reply: Chris Hall: "Re: DNS Error--Anyone?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
