Re: DNS Error--Anyone?
From: Chris Hall (chris.hall_at_securityfederalbank.com)
Date: 04/16/04
- Next message: me: "ADS group pint"
- Previous message: John: "Delegating rights on local computers"
- Maybe in reply to: Chris Hall: "Re: DNS Error--Anyone?"
- Next in thread: David Pharr [MSFT]: "Re: DNS Error--Anyone?"
- Reply: David Pharr [MSFT]: "Re: DNS Error--Anyone?"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 16 Apr 2004 14:50:38 -0400
David,
You've been a big help. I learned a lot from this experience and appreciate
you sharing your knowledge and time.
Thanks,
Chris
""David Pharr [MSFT]"" <dpharr@microsoft.com> wrote in message
news:mUg$DFnIEHA.2172@cpmsftngxa06.phx.gbl...
> I'm glad to hear that all is working well.
>
> Have fun learning AD - there's a ton of information out there. Two good
> launching points:
>
> White papers:
> http://www.microsoft.com/windows2000/techinfo/howitworks/default.asp
>
> Technology Centers:
> http://www.microsoft.com/windows2000/technologies/default.asp
>
> David Pharr, dpharr@online.microsoft.com
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> --------------------
> | From: "Chris Hall" <chris.hall@securityfederalbank.com>
> | References: <OBNSXQ1GEHA.3776@tk2msftngp13.phx.gbl>
> <#CtAzNBHEHA.1528@TK2MSFTNGP09.phx.gbl>
> <zFYUwEsHEHA.3704@cpmsftngxa06.phx.gbl>
> <uESs7SXIEHA.1048@TK2MSFTNGP12.phx.gbl>
> <BzPRgWcIEHA.3636@cpmsftngxa06.phx.gbl>
> | Subject: Re: DNS Error--Anyone?
> | Date: Wed, 14 Apr 2004 10:37:09 -0400
> | Lines: 249
> | X-Priority: 3
> | X-MSMail-Priority: Normal
> | X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
> | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
> | Message-ID: <elZ143iIEHA.3128@TK2MSFTNGP10.phx.gbl>
> | Newsgroups: microsoft.public.win2000.active_directory
> | NNTP-Posting-Host: 208.61.216.3
> | Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.phx.gbl
> | Xref: cpmsftngxa06.phx.gbl
microsoft.public.win2000.active_directory:73075
> | X-Tomcat-NG: microsoft.public.win2000.active_directory
> |
> | Yes, the PDC Emulator is at the root of the forest and I configured the
> root
> | server as the time server. Again, everything looked good this morning in
> the
> | event logs. Looks like this is a good opportunity to learn all the
nuances
> | of AD!
> |
> |
> | ""David Pharr [MSFT]"" <dpharr@microsoft.com> wrote in message
> | news:BzPRgWcIEHA.3636@cpmsftngxa06.phx.gbl...
> | > Hi Chris,
> | >
> | > Yes, if you had a dot zone it would show up under the Forward Lookup
> Zone.
> | >
> | > Did you configure the PDC Emulator at the root of the forest for time
> | > synchronization with an outside time server? If everyone is using
Nt5DS
> | as
> | > their type (the default setting), this allows them all to synchronize
> with
> | > the PDC Emulator as the master time server and that machine should be
> the
> | > one to monitor the time.
> | >
> | > 216734 How to Configure an Authoritative Time Server in Windows 2000
> | > http://support.microsoft.com/?id=216734
> | >
> | > If you pick a machine that is not a domain controller to be your time
> | > server, none of the other machines will automatically discover that
time
> | > server. You can select any machine to be a time server, but you would
> | have
> | > to point everyone to that server via their registry settings for
> W32Time.
> | >
> | > I believe (and I'll double-check this so that I'm not giving you bad
> | > information) that the frequency is based upon the Period setting in
the
> | > W32Time parameter registry setting on that manually configured server.
> | > These settings are all located in
> | >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters.
> | >
> | > Here's the normal time synchronization process for clients/servers in
a
> | > Windows 2000 domain:
> | > 224799 Basic Operation of the Windows Time Service
> | > http://support.microsoft.com/?id=224799
> | >
> | > For detailed information on Windows time in Windows 2000, checkout the
> | > following white paper:
> | >
> |
>
http://www.microsoft.com/windows2000/techinfo/howitworks/security/wintimeser
> | > v.asp
> | >
> | > David Pharr, dpharr@online.microsoft.com
> | >
> | > This posting is provided "AS IS" with no warranties, and confers no
> | rights.
> | >
> | > --------------------
> | > | From: "Chris Hall" <chris.hall@securityfederalbank.com>
> | > | References: <OBNSXQ1GEHA.3776@tk2msftngp13.phx.gbl>
> | > <#CtAzNBHEHA.1528@TK2MSFTNGP09.phx.gbl>
> | > <zFYUwEsHEHA.3704@cpmsftngxa06.phx.gbl>
> | > | Subject: Re: DNS Error--Anyone?
> | > | Date: Tue, 13 Apr 2004 12:37:40 -0400
> | > | Lines: 140
> | > | X-Priority: 3
> | > | X-MSMail-Priority: Normal
> | > | X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
> | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
> | > | Message-ID: <uESs7SXIEHA.1048@TK2MSFTNGP12.phx.gbl>
> | > | Newsgroups: microsoft.public.win2000.active_directory
> | > | NNTP-Posting-Host: 208.61.216.3
> | > | Path:
> | >
> |
>
cpmsftngxa10.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP12
> | > phx.gbl
> | > | Xref: cpmsftngxa10.phx.gbl
> | microsoft.public.win2000.active_directory:76461
> | > | X-Tomcat-NG: microsoft.public.win2000.active_directory
> | > |
> | > | Hi David,
> | > |
> | > | I didn't see a "." zone in the dns console....if it existed,
wouldn't
> it
> | > | show up in the Forward zones?
> | > |
> | > | No problems pinging, accessing resources...over the weekend and this
> | > | morning, the event logs looked pretty clean. How often do
> | clients/servers
> | > | try to sychronize time from the time source? I do have one of my
> servers
> | > set
> | > | to get time from an NTP server.
> | > |
> | > | ""David Pharr [MSFT]"" <dpharr@microsoft.com> wrote in message
> | > | news:zFYUwEsHEHA.3704@cpmsftngxa06.phx.gbl...
> | > | > Hi Chris,
> | > | >
> | > | > Sorry, been away for a few days. I looked at your initial logs
and
> | they
> | > | > looked fine - ad replication, frs, permissions on your default
> domain
> | > | > controller policy, fsmo roles, dcdiag and netdiag all look fine.
> | > | >
> | > | > I took a quick look at your second set of logs and they look
pretty
> | > good,
> | > | > too. FRS is working fine - if FRS cycles through 13508 and 13509
> | you're
> | > | > ok. You are having a problem if you continually get 13508 with no
> | good
> | > | > messages (13509 and 13516). The versions for the group policies
on
> | both
> | > | > DCs matches according to the gpotool results so it looks like the
> | > contents
> | > | > are synchronized.
> | > | >
> | > | > The DNS 4004 error looks like the AD isn't fully up and running
when
> | it
> | > | > tries to load the ad-integrated zone. It looks like it is trying
> to
> | > load
> | > | > 4 zones - your domain zone, two reverse lookup zones and another
> one.
> | > You
> | > | > don't have a dot (.) zone, do you? If so, delete it - this
machine
> is
> | > not
> | > | > the root of the Internet so that dot (.) zone shouldn't be there.
> | > | >
> | > | > I would venture to guess that the records are present on both DCs
> and
> | > that
> | > | > you have no problem accessing resources or pinging machines by
fqdn,
> | ip
> | > | > address or netbios names - is that correct? It may be a timing
> issue
> | > but
> | > | > I'll have to check into this and get back to you when I'm more
> alert.
> | A
> | > | > quick workaround would be to change it from ad-integrated to
> standard
> | > | > primary.
> | > | >
> | > | > I'll get back to you this weekend with an update.
> | > | >
> | > | > David Pharr, dpharr@online.microsoft.com
> | > | >
> | > | > This posting is provided "AS IS" with no warranties, and confers
no
> | > | rights.
> | > | > --------------------
> | > | > | From: "Chris Hall" <chris.hall@securityfederalbank.com>
> | > | > | References: <OBNSXQ1GEHA.3776@tk2msftngp13.phx.gbl>
> | > | > | Subject: Re: DNS Error--Anyone?
> | > | > | Date: Tue, 6 Apr 2004 16:18:34 -0400
> | > | > | Lines: 55
> | > | > | X-Priority: 3
> | > | > | X-MSMail-Priority: Normal
> | > | > | X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
> | > | > | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
> | > | > | Message-ID: <#CtAzNBHEHA.1528@TK2MSFTNGP09.phx.gbl>
> | > | > | Newsgroups: microsoft.public.win2000.active_directory
> | > | > | NNTP-Posting-Host: 208.61.216.3
> | > | > | Path:
> | > | >
> | > |
> | >
> |
>
cpmsftngxa06.phx.gbl!TK2MSFTNGXA06.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP0
> | > | > 8.phx.gbl!TK2MSFTNGP09.phx.gbl
> | > | > | Xref: cpmsftngxa06.phx.gbl
> | > | microsoft.public.win2000.active_directory:72393
> | > | > | X-Tomcat-NG: microsoft.public.win2000.active_directory
> | > | > |
> | > | > |
> | > | > | "Chris Hall" <chris.hall@securityfederalbank.com> wrote in
message
> | > | > | news:OBNSXQ1GEHA.3776@tk2msftngp13.phx.gbl...
> | > | > | > I've setup a couple of test machines to try to work through
> | > | installation
> | > | > | > problems before installing on production servers....
> | > | > | >
> | > | > | > My original issue began on 3/29/04. I decided that it would be
> | best
> | > to
> | > | > | just
> | > | > | > reinstall the servers and sought advice in the thread
> "Installing
> | > | Active
> | > | > | > Directory and DNS 3/29/04"
> | > | > | >
> | > | > | > I've installed the first test server and promoted to a DC
> without
> | a
> | > | > | problem
> | > | > | > (verified AD install, etc..per suggestions in the above
> mentioned
> | > | > thread).
> | > | > | I
> | > | > | > installed the second server, setup static IP address, joined
the
> | > | domain,
> | > | > | > made sure TCP/IP & DNS was all working and was getting ready
to
> | > | install
> | > | > | DNS
> | > | > | > on the second server per KB Articles 238369, when I noticed
odd
> | > errors
> | > | > on
> | > | > | > the first server. The errors I'm getting are Event ID: 4011
> | errors:
> | > | > | >
> | > | > | >
> | > | > | > The DNS server was unable to add or write an update of
> domain
> | > name
> | > | > | _ldap
> | > | > | > in zone name.com to the Active Directory. Check that the
Active
> | > | > | > Directory is functioning properly and add or update this
domain
> | name
> | > | > using
> | > | > | > the DNS console. The event data contains the error.
> | > | > | >
> | > | > | > The DNS server was unable to add or write an update of
> domain
> | > name
> | > | > _gc
> | > | > | > in zone name.com to the Active Directory. Check that the
Active
> | > | > | > Directory is functioning properly and add or update this
domain
> | name
> | > | > using
> | > | > | > the DNS console. The event data contains the error.
> | > | > | >
> | > | > | > The DNS server was unable to add or write an update of
> domain
> | > name
> | > | > gc
> | > | > | in
> | > | > | > zone name.com to the Active Directory. Check that the Active
> | > | > | > Directory is functioning properly and add or update this
domain
> | name
> | > | > using
> | > | > | > the DNS console. The event data contains the error.
> | > | > | >
> | > | > | > This is the only server in this test network, so I can't move
> the
> | GC
> | > | to
> | > | > | > another server. I don't want to promote the other server if
> DNS/AD
> | > | isn't
> | > | > | > functioning properly--I could since this is only a test
network,
> | but
> | > | I'm
> | > | > | > trying to run through things before I install this in a
> production
> | > | > | > environment.
> | > | > | >
> | > | > | > I've been told if we don't get this working, we'll be
installing
> | > | NetWare
> | > | > | on
> | > | > | > both servers.
> | > | > | >
> | > | > | > Any suggestions?
> | > | > | >
> | > | > | >
> | > | > | >
> | > | > |
> | > | > |
> | > | > |
> | > | >
> | > | >
> | > |
> | > |
> | > |
> | >
> | >
> |
> |
> |
>
>
- Next message: me: "ADS group pint"
- Previous message: John: "Delegating rights on local computers"
- Maybe in reply to: Chris Hall: "Re: DNS Error--Anyone?"
- Next in thread: David Pharr [MSFT]: "Re: DNS Error--Anyone?"
- Reply: David Pharr [MSFT]: "Re: DNS Error--Anyone?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
