Re: Scavenging question
From: Herb Martin (news_at_LearnQuick.com)
Date: 04/16/04
- Next message: anon: "RE: Dns problem in my Domain"
- Previous message: Herb Martin: "Re: Scavenging question"
- In reply to: Alex Zhang: "Re: Scavenging question"
- Next in thread: Herb Martin: "Re: Scavenging question"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 16 Apr 2004 09:43:42 -0500
> I think that "DCpromo cycling" mentioned by Herb means "Demote your DCs
and
> then promote them".
I meant just the DC(s) that had SysVol errors, etc.
> If you have another DC, you can transfer FSMO to that DC, clean install
the
> original DC, promote it to a new DC, the AD information will be replaced
to
> this new DC automatically.
Seldom necessary to re-install the OS. I almost
never do this. It's a choice though.
-- Herb Martin "Alex Zhang(MSFT)" <v-qiz@online.microsoft.com> wrote in message news:BaVsIv6IEHA.3636@cpmsftngxa06.phx.gbl... > Hello Pedro, > > > 255690.KB.EN-US HOW TO: View and Transfer FSMO Roles in the Graphical User > Interface > http://support.microsoft.com/default.aspx?scid=KB;EN-US;255690 > > 255504.KB.EN-US: Using Ntdsutil.exe to Seize or Transfer the FSMO Roles to > a Domain > http://support.microsoft.com/default.aspx?scid=KB;EN-US;255504 > > 293421.KB.EN-US Domain Controllers Continue to Use Global Catalog Server > After It Has > http://support.microsoft.com/default.aspx?scid=KB;EN-US;293421 > > 295419.KB.EN-US XADM: How to Move the Global Catalog Role to Another Domain > Controller > http://support.microsoft.com/default.aspx?scid=KB;EN-US;295419 > > I hope this information proves helpful to you. > > If you have any questions or concerns, please do not hesitate to let me > know. I am happy to be of assistance. > > Thanks and regards, > Alex Zhang > Microsoft Partner Online Support > Get Secure! - www.microsoft.com/security > > ===================================================== > When responding to posts, please "Reply to Group" via your newsreader so > that others may learn and benefit from your issue. > ===================================================== > This posting is provided "AS IS" with no warranties, and confers no rights. > -------------------- > | Reply-To: "Pete" <sistemas@aspro-ocio.es> > | From: "Pete" <sistemas@aspro-ocio.es> > | References: <O9izLGiIEHA.3220@TK2MSFTNGP12.phx.gbl> > <O$Wha3iIEHA.700@TK2MSFTNGP09.phx.gbl> > <e08ZmQjIEHA.3720@tk2msftngp13.phx.gbl> > <ebewG0pIEHA.3820@tk2msftngp13.phx.gbl> > <#rTnGytIEHA.3512@TK2MSFTNGP10.phx.gbl> > <uYMaHn2IEHA.2988@TK2MSFTNGP12.phx.gbl> > | Subject: Re: Scavenging question > | Date: Fri, 16 Apr 2004 09:22:14 +0200 > | Lines: 170 > | Organization: Aspro Ocio > | X-Priority: 3 > | X-MSMail-Priority: Normal > | X-Newsreader: Microsoft Outlook Express 6.00.2800.1158 > | X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 > | Message-ID: <#cT4LO4IEHA.1388@TK2MSFTNGP10.phx.gbl> > | Newsgroups: microsoft.public.win2000.dns > | NNTP-Posting-Host: 212.49.167.241 > | Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.phx.gbl > | Xref: cpmsftngxa06.phx.gbl microsoft.public.win2000.dns:38357 > | X-Tomcat-NG: microsoft.public.win2000.dns > | > | Herb, > | > | Thank you so much for your good advice. > | > | The DCs in Madrid pont to themselves for DNS and use forwarders for > Internet > | use. Clients recieve all DNS information via DHCP so in that way XP > clients > | and Win2k clients use the same configuration yet behave dfiferently. This > is > | what puzzles me. > | > | NSLOOKUPs funtion as they should on all clients once they get logged on. > | > | I inherited this setup and so what was done to the default domain policy > is > | still a mystery. But my gut is telling me this is the real problem I > have a > | Microsoft tool that sets the default domain GPO back to its original > setting > | but have never heard of anyone using it before. It is called DCGPOFIX. > Ever > | heard of it? Sounds too good to be true and God knows what it might do. > | > | You mentioned DCpromo cycling my two DCs here. What do you mean by that? > You > | mean like in the NT days when you promoted and demoted DCs? Wouldn´t they > | always grab a copy of AD from another DC anyway? > | > | As soon as I get a hub I will do my packet capture and let you now how > this > | all pans out. > | > | All the best, > | > | Pedro > | > | > | > | > | "Herb Martin" <news@LearnQuick.com> wrote in message > | news:uYMaHn2IEHA.2988@TK2MSFTNGP12.phx.gbl... > | > "Pete" <sistemas@aspro-ocio.es> wrote in message > | > news:#rTnGytIEHA.3512@TK2MSFTNGP10.phx.gbl... > | > > Herb, > | > > > | > > Thank you for your help. I have confirmed that: > | > > > | > > 1) DNS is dynamic > | > > 2) All DNS servers are replicating > | > > 3) All clients specify ONLY the internal (dynamic) DNS servers on > their > | > NIC > | > > properties. > | > > | > Clients include DCs, right? (ALL have ONLY the internal DNS.) > | > > | > Double check any machines with two NICs (sometimes DHCP or someone > | > puts a wrong value there.) > | > > | > > I have since disabled scavenging because the XP clients that are shut > | off > | > > for more than a day (which is the TTL for DNS correct?) > | > > | > First, the TTL for DNS is settable on each zone as a default and can > | > be overwritten by the DNS server on each resource record, but it has > | > nothing to do with scavenging periods. It's about how long "others" > | > should cache this zone's records..... (like other DNS servers and > | > clients -- as of Win2000, clients do DNS caching too by default.) > | > > | > This also implies (but doesn't mean or prove) that you might have > | > been making one of those mistakes with scavenging that concerned > | > me -- default is 7 days "NO-refresh" PLUS 7 days "refresh" PLUS > | > the scavenging "period" is 7 days so records usually get scavenged > | > after 14+(0 to 7) days. > | > > | > You definitely don't want the clients getting scavenged between > | > normal disappearances on the net with a reappearance. So set it > | > longer than that if you ever use it again. > | > > | > > are still taking a very long time to log on. > | > > Even after the cleaning up of the DNS database. So > | > > | > This is NOT related to a need to scavenge. > | > > | > Think about it, even with a LOT of records the DNS server probably > | > caches the whole list anyway. > | > > | > What happens when you use NSLookup or another DNS test tool? > | > > | > Both implicitly (letting it pick the 'default' DNS server) and > explicitly > | > where you pick the "correct" or another DNS server...? > | > > | > If DNS is really the problem due to slow response you would need > | > to add MORE SERVERS. > | > > | > (There are only about 13 backbone Internet serves -- the most > | > heavily hit servers in the world in terms of REQUESTS (not data > | > size) -- and they do just fine. They're really HOT machines but > | > the Internet is really big too.) > | > > | > > my next step will be to do a packet capture of a machine with the > | problem > | > > during login. Why would this only affect XP clients? Win2k clients > have > | no > | > > problems. > | > > | > Sounds good. Most people wait TOO LONG before doing that. > | > > | > Why? I still think you have them pointed at the wrong or a > misconfigured > | > DNS server (really.) > | > > | > > I ran DCdiag on the two domain controllers in the Madrid offices > (where > | we > | > > are having problems). Here is the error on the first one: > | > > > | > > | > The one's that worry me are the Sysvol ones -- that might account > | > for slow logons if the GPOs cannot be fetched. You might have > | > to "DCPromo cycle" that DC if you cannot fix it. > | > > | > Those LaserJet errors are likely irrelevant, but you should maybe > | > LOOK at the System, DNS, and AD logs on each DC or DNS > | > server. > | > > | > Also a LOT of GPOs (more than 10) will make logon slow. > | > Also a GPO that installs software (or tries to) each time. > | > > | > -- > | > Herb Martin > | > > > | > > There are errors after the SYSVOL has been shared. > | > > The SYSVOL can prevent the AD from starting. > | > > ......................... MADAODC01 passed test frssysvol > | > > Starting test: systemlog > | > > An Error Event occured. EventID: 0x00000457 > | > > Time Generated: 04/15/2004 13:19:28 > | > > Event String: Driver HP LaserJet 1200 Series PCL 6 required for > | > > An Error Event occured. EventID: 0x00000452 > | > > Time Generated: 04/15/2004 13:19:28 > | > > Event String: The printer could not be installed. > | > > An Error Event occured. EventID: 0x00000457 > | > > Time Generated: 04/15/2004 13:19:29 > | > > Event String: Driver Xerox WorkCentre 24 PCL 6 required for > | > > An Error Event occured. EventID: 0x00000452 > | > > Time Generated: 04/15/2004 13:19:29 > | > > Event String: The printer could not be installed. > | > > ......................... MADAODC01 failed test systemlog > | > > > | > > and this on the other DC: > | > > > | > > > | > > Starting test: systemlog > | > > An Error Event occured. EventID: 0x00000457 > | > > Time Generated: 04/15/2004 13:22:21 > | > > Event String: Driver HP LaserJet 1200 Series PCL 6 required for > | > > An Error Event occured. EventID: 0x00000452 > | > > Time Generated: 04/15/2004 13:22:21 > | > > Event String: The printer could not be installed. > | > > An Error Event occured. EventID: 0x00000457 > | > > Time Generated: 04/15/2004 13:22:23 > | > > Event String: Driver HP LaserJet 4050 Series PCL 6 required for > | > > An Error Event occured. EventID: 0x00000452 > | > > Time Generated: 04/15/2004 13:22:23 > | > > Event String: The printer could not be installed. > | > > ......................... MADRID2AS failed test systemlog > | > > > | > > > | > > Other than that they passed all the other tests.This is driving me > nuts > | > but > | > > I really appreciate your help. > | > > > | > > > | > > Pedro > | > > > | > > > | > > | > > | > | > | >
- Next message: anon: "RE: Dns problem in my Domain"
- Previous message: Herb Martin: "Re: Scavenging question"
- In reply to: Alex Zhang: "Re: Scavenging question"
- Next in thread: Herb Martin: "Re: Scavenging question"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
