Re: error 8254 DNS Lookup failure
From: Kevin Donnelly (donnelly_kevin_at_hotmail.com)
Date: 08/04/04
- Next message: Ryan: "Fail DNS Simple Query Test"
- Previous message: Kevin D. Goodknecht Sr. [MVP]: "Re: Event ID 5504"
- Messages sorted by: [ date ] [ thread ]
Date: 3 Aug 2004 18:26:30 -0700
FYI, I repointed the DNS to one server, deleted the contents of _MSDCS
and re-registered the adapters.
This didn't exactly work too well, and I was getting kerberos ticket
errors, even after running the netdom resetpwd command from the
offending box...so I promoted a DC into the domain to see how bad the
AD was, this worked and after leaving it to burn in for a day, the
offending DC replicated the required records from the new dc which
fixed it, then I removed the additional DC and all is running happy
now!!
Didn't receive any input to my original post but I hope this
information helps someone else.
Thanks anyway
Kevin
donnelly_kevin@hotmail.com (Kevin Donnelly) wrote in message news:<3b7eb118.0407280559.18c18503@posting.google.com>...
> Hi,
>
> I have a problem with a 2003 AD environment, I have 2 dc's configured
> in the same site, Replication has been fine up until yesterday, the
> DC's are both Multihomed, this has been working fine like this since
> last year!!...
> now the problem i am having is that replication has failed, when
> running dcdiag i get errors about DNS failing to find the registered
> guid for the server. I can nslookup and resolve the guid in question
> on both DC's (AD integrated DNS), i can map drives and authenticate on
> both DC's, just can't replicate..though earlier it was working one way
> temporarily!!..I have run dnslint which reported no missing records,
> also ran the dcdiag tests netlogon, replications and dnsregister -
> dnsregister passes on both dc's, replications has errors and netlogon
> passes...I also ran netdiag /testdns and this passed also.
>
> I am racking my brains as to how to fix this, i have a few ideas to
> fix this see below though it may seem a bit harsh, please advise if
> this would be the best way to go...
>
> 1 Make sure DNS is running on 1 server only.
> 2 Point all the DC's in the Site to that server as Primary, get rid of
> any Secondary Entries
> 3 Delete the Servers GUID in the MSDCS folder and every other folder
> that it appears in DNS. Also reverse lookup Zones and Blow away any
> standard host name entries for the DC.
> 4 Clear the cache out on the DC running DNC (IPCONFIG /FLUSHDNS and
> Clear Cache on the DNS MMC for the server running DNS
> 5 Delete inbound replication objects in sites & services for anything
> relating to the server that can't replicate
> 6 Stop & Start NetLogon on the Server that cannot register it's name
> and won't replicate properly
> 7 Have a peek in DNS, and make sure it's registering it's DNS entries
> properly
> 8 Run DCDiag & Netdiag after everything is settled.
> 9 Pray.
>
> DCDIAG and REPLMON Output follows:
>
> Domain Controller Diagnosis
>
> Performing initial setup:
> Done gathering initial info.
>
> Doing initial required tests
>
> Testing server: Default-First-Site-Name\TASNP48GEADDC01
> Starting test: Connectivity
> ......................... TASNP48GEADDC01 passed test
> Connectivity
>
> Doing primary tests
>
> Testing server: Default-First-Site-Name\TASNP48GEADDC01
> Starting test: Replications
> [Replications Check,TASNP48GEADDC01] A recent replication
> attempt failed:
> From TASNP137LADDC01 to TASNP48GEADDC01
> Naming Context:
> DC=ForestDnsZones,DC=npp,DC=tas,DC=com,DC=au
> The replication generated an error (8524):
> The DSA operation is unable to proceed because of a DNS
> lookup failure.
> The failure occurred at 2004-07-28 17:45:42.
> The last success occurred at 2004-07-27 11:47:25.
> 8 failures have occurred since the last success.
> The guid-based DNS name
> 99ce5b6e-a992-4b2c-86f2-3c202497b135._msdcs.npp.tas.com.au
> is not registered on one or more DNS servers.
> REPLICATION LATENCY WARNING
> ERROR: Expected notification link is missing.
> Source TASNP137LADDC01
> Replication of new changes along this path will be delayed.
> This problem should self-correct on the next periodic sync.
> [Replications Check,TASNP48GEADDC01] A recent replication
> attempt failed:
> From TASNP137LADDC01 to TASNP48GEADDC01
> Naming Context:
> DC=DomainDnsZones,DC=npp,DC=tas,DC=com,DC=au
> The replication generated an error (8524):
> The DSA operation is unable to proceed because of a DNS
> lookup failure.
> The failure occurred at 2004-07-28 17:45:27.
> The last success occurred at 2004-07-27 11:47:25.
> 8 failures have occurred since the last success.
> The guid-based DNS name
> 99ce5b6e-a992-4b2c-86f2-3c202497b135._msdcs.npp.tas.com.au
> is not registered on one or more DNS servers.
> REPLICATION LATENCY WARNING
> ERROR: Expected notification link is missing.
> Source TASNP137LADDC01
> Replication of new changes along this path will be delayed.
> This problem should self-correct on the next periodic sync.
> [Replications Check,TASNP48GEADDC01] A recent replication
> attempt failed:
> From TASNP137LADDC01 to TASNP48GEADDC01
> Naming Context:
> CN=Schema,CN=Configuration,DC=npp,DC=tas,DC=com,DC=au
> The replication generated an error (1753):
> There are no more endpoints available from the endpoint
> mapper.
> The failure occurred at 2004-07-28 18:00:00.
> The last success occurred at 2004-07-27 11:47:25.
> 38 failures have occurred since the last success.
> The directory on TASNP137LADDC01 is in the process.
> of starting up or shutting down, and is not available.
> Verify machine is not hung during boot.
> [Replications Check,TASNP48GEADDC01] A recent replication
> attempt failed:
> From TASNP137LADDC01 to TASNP48GEADDC01
> Naming Context:
> CN=Configuration,DC=npp,DC=tas,DC=com,DC=au
> The replication generated an error (1753):
> There are no more endpoints available from the endpoint
> mapper.
> The failure occurred at 2004-07-28 17:59:39.
> The last success occurred at 2004-07-27 12:07:55.
> 39 failures have occurred since the last success.
> The directory on TASNP137LADDC01 is in the process.
> of starting up or shutting down, and is not available.
> Verify machine is not hung during boot.
> REPLICATION LATENCY WARNING
> ERROR: Expected notification link is missing.
> Source TASNP137LADDC01
> Replication of new changes along this path will be delayed.
> This problem should self-correct on the next periodic sync.
> [Replications Check,TASNP48GEADDC01] A recent replication
> attempt failed:
> From TASNP137LADDC01 to TASNP48GEADDC01
> Naming Context: DC=npp,DC=tas,DC=com,DC=au
> The replication generated an error (1753):
> There are no more endpoints available from the endpoint
> mapper.
> The failure occurred at 2004-07-28 17:59:18.
> The last success occurred at 2004-07-27 12:11:50.
> 46 failures have occurred since the last success.
> The directory on TASNP137LADDC01 is in the process.
> of starting up or shutting down, and is not available.
> Verify machine is not hung during boot.
> REPLICATION LATENCY WARNING
> ERROR: Expected notification link is missing.
> Source TASNP137LADDC01
> Replication of new changes along this path will be delayed.
> This problem should self-correct on the next periodic sync.
> REPLICATION-RECEIVED LATENCY WARNING
> TASNP48GEADDC01: Current time is 2004-07-28 18:26:24.
> DC=ForestDnsZones,DC=npp,DC=tas,DC=com,DC=au
> Last replication recieved from TASNP137LADDC01 at
> 2004-07-27 11:47:25.
> DC=DomainDnsZones,DC=npp,DC=tas,DC=com,DC=au
> Last replication recieved from TASNP137LADDC01 at
> 2004-07-27 11:47:25.
> CN=Schema,CN=Configuration,DC=npp,DC=tas,DC=com,DC=au
> Last replication recieved from TASNP137LADDC01 at
> 2004-07-27 11:47:25.
> CN=Configuration,DC=npp,DC=tas,DC=com,DC=au
> Last replication recieved from TASNP137LADDC01 at
> 2004-07-27 12:07:55.
> DC=npp,DC=tas,DC=com,DC=au
> Last replication recieved from TASNP137LADDC01 at
> 2004-07-27 12:11:50.
> ......................... TASNP48GEADDC01 passed test
> Replications
> Starting test: NCSecDesc
> ......................... TASNP48GEADDC01 passed test
> NCSecDesc
> Starting test: NetLogons
> ......................... TASNP48GEADDC01 passed test
> NetLogons
> Starting test: Advertising
> ......................... TASNP48GEADDC01 passed test
> Advertising
> Starting test: KnowsOfRoleHolders
> ......................... TASNP48GEADDC01 passed test
> KnowsOfRoleHolders
> Starting test: RidManager
> ......................... TASNP48GEADDC01 passed test
> RidManager
> Starting test: MachineAccount
> * The current DC is not in the domain controller's OU
> ......................... TASNP48GEADDC01 failed test
> MachineAccount
> Starting test: Services
> ......................... TASNP48GEADDC01 passed test
> Services
> Starting test: ObjectsReplicated
> ......................... TASNP48GEADDC01 passed test
> ObjectsReplicated
> Starting test: frssysvol
> ......................... TASNP48GEADDC01 passed test
> frssysvol
> Starting test: frsevent
> There are warning or error events within the last 24 hours
> after the
>
> SYSVOL has been shared. Failing SYSVOL replication problems
> may cause
>
> Group Policy problems.
> ......................... TASNP48GEADDC01 failed test
> frsevent
> Starting test: kccevent
> ......................... TASNP48GEADDC01 passed test
> kccevent
> Starting test: systemlog
> An Error Event occured. EventID: 0x0000045A
> Time Generated: 07/28/2004 18:11:00
> Event String: Error communicating with the Spooler system
>
> ......................... TASNP48GEADDC01 failed test
> systemlog
> Starting test: VerifyReferences
> ......................... TASNP48GEADDC01 passed test
> VerifyReferences
>
> Running partition tests on : ForestDnsZones
> Starting test: CrossRefValidation
> ......................... ForestDnsZones passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... ForestDnsZones passed test
> CheckSDRefDom
>
> Running partition tests on : DomainDnsZones
> Starting test: CrossRefValidation
> ......................... DomainDnsZones passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... DomainDnsZones passed test
> CheckSDRefDom
>
> Running partition tests on : Schema
> Starting test: CrossRefValidation
> ......................... Schema passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... Schema passed test CheckSDRefDom
>
> Running partition tests on : Configuration
> Starting test: CrossRefValidation
> ......................... Configuration passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... Configuration passed test
> CheckSDRefDom
>
> Running partition tests on : npp
> Starting test: CrossRefValidation
> ......................... npp passed test CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... npp passed test CheckSDRefDom
>
> Running enterprise tests on : npp.tas.com.au
> Starting test: Intersite
> ......................... npp.tas.com.aupassed test Intersite
> Starting test: FsmoCheck
> ......................... npp.tas.com.aupassed test FsmoCheck
>
>
> REPLMON OUTPUT:
>
> Active Directory Replication Monitor
> Printed on 7/28/2004 6:41:29 PM
> This report was generated on data from the server: TASNP48GEADDC01
>
> ***************************************************************************
> TASNP48GEADDC01 Data
> ***************************************************************************
>
> This server currently has writable copies of the following directory
> partitions:
> ---------------------------------------------------------------------------
> DC=npp,DC=TAS,DC=com,DC=au
> CN=Configuration,DC=npp,DC=TAS,DC=com,DC=au
> CN=Schema,CN=Configuration,DC=npp,DC=TAS,DC=com,DC=au
> DC=DomainDnsZones,DC=npp,DC=TAS,DC=com,DC=au
> DC=ForestDnsZones,DC=npp,DC=TAS,DC=com,DC=au
>
> Because this server is a Global Catalog (GC) server, it also has
> copies
> of the following directory partitions:
> ---------------------------------------------------------------------------
>
> Current NTDS Connection Objects
> -------------------------------
> Default-First-Site-Name\TASNP137LADDC01
> Connection Name : 43aba01e-d2eb-41d0-9267-9a1353c636b1
> Administrator Generated?: AUTO
> Reasons for this connection:
> Directory Partition
> (CN=Configuration,DC=npp,DC=TAS,DC=com,DC=au)
> This replication connection is created because
> another replication partner has surpassed the allowed failure limit.
>
> Directory Partition
> (CN=Schema,CN=Configuration,DC=npp,DC=TAS,DC=com,DC=au)
> This replication connection is created because
> another replication partner has surpassed the allowed failure limit.
>
> Directory Partition
> (DC=ForestDnsZones,DC=npp,DC=TAS,DC=com,DC=au)
> This replication connection is created because
> another replication partner has surpassed the allowed failure limit.
>
> Directory Partition
> (DC=DomainDnsZones,DC=npp,DC=TAS,DC=com,DC=au)
> This replication connection is created because
> another replication partner has surpassed the allowed failure limit.
>
> Directory Partition (DC=npp,DC=TAS,DC=com,DC=au)
> This replication connection is created because
> another replication partner has surpassed the allowed failure limit.
>
>
> Current Direct Replication Partner Status
> -----------------------------------------
>
> Directory Partition: DC=npp,DC=TAS,DC=com,DC=au
>
> Partner Name: Default-First-Site-Name\TASNP137LADDC01
> Partner GUID: 07B2F86B-BCE3-4591-886D-5C9BF81B5C21
> Last Attempted Replication: 7/28/2004 5:59:18 PM
> (local)
> Last Successful Replication: 7/27/2004 12:11:50 PM
> (local)
> Number of Failures: 46
> Failure Reason Error Code: 1753
> Failure Description: There are no more endpoints
> available from the endpoint mapper.
> Synchronization Flags:
> DRS_WRIT_REP,DRS_INIT_SYNC,DRS_PER_SYNC
> USN of Last Property Updated: 2302697
> USN of Last Object Updated: 2302697
> Transport: Intra-Site RPC
>
> Directory Partition: CN=Configuration,DC=npp,DC=TAS,DC=com,DC=au
>
> Partner Name: Default-First-Site-Name\TASNP137LADDC01
> Partner GUID: 07B2F86B-BCE3-4591-886D-5C9BF81B5C21
> Last Attempted Replication: 7/28/2004 5:59:39 PM
> (local)
> Last Successful Replication: 7/27/2004 12:07:55 PM
> (local)
> Number of Failures: 39
> Failure Reason Error Code: 1753
> Failure Description: There are no more endpoints
> available from the endpoint mapper.
> Synchronization Flags:
> DRS_WRIT_REP,DRS_INIT_SYNC,DRS_PER_SYNC
> USN of Last Property Updated: 2302767
> USN of Last Object Updated: 2302767
> Transport: Intra-Site RPC
>
> Directory Partition:
> CN=Schema,CN=Configuration,DC=npp,DC=TAS,DC=com,DC=au
>
> Partner Name: Default-First-Site-Name\TASNP137LADDC01
> Partner GUID: 07B2F86B-BCE3-4591-886D-5C9BF81B5C21
> Last Attempted Replication: 7/28/2004 6:00:00 PM
> (local)
> Last Successful Replication: 7/27/2004 11:47:25 AM
> (local)
> Number of Failures: 38
> Failure Reason Error Code: 1753
> Failure Description: There are no more endpoints
> available from the endpoint mapper.
> Synchronization Flags:
> DRS_WRIT_REP,DRS_INIT_SYNC,DRS_PER_SYNC
> USN of Last Property Updated: 2302490
> USN of Last Object Updated: 2302490
> Transport: Intra-Site RPC
>
> Change Notifications for this Directory Partition
> -------------------------------------------------
> Server Name: Default-First-Site-Name\TASNP137LADDC01
> Object GUID: 99CE5B6E-A992-4B2C-86F2-3C202497B135
> Time Added: 7/10/2004 2:51:21 PM
> Flags: DRS_WRIT_REP
> Transport: RPC
>
> Directory Partition: DC=DomainDnsZones,DC=npp,DC=TAS,DC=com,DC=au
>
> Partner Name: Default-First-Site-Name\TASNP137LADDC01
> Partner GUID: 07B2F86B-BCE3-4591-886D-5C9BF81B5C21
> Last Attempted Replication: 7/28/2004 5:45:27 PM
> (local)
> Last Successful Replication: 7/27/2004 11:47:25 AM
> (local)
> Number of Failures: 8
> Failure Reason Error Code: 8524
> Failure Description: The DSA operation is unable to
> proceed because of a DNS lookup failure.
> Synchronization Flags:
> DRS_WRIT_REP,DRS_INIT_SYNC,DRS_PER_SYNC
> USN of Last Property Updated: 2302490
> USN of Last Object Updated: 2302490
> Transport: Intra-Site RPC
>
> Directory Partition: DC=ForestDnsZones,DC=npp,DC=TAS,DC=com,DC=au
>
> Partner Name: Default-First-Site-Name\TASNP137LADDC01
> Partner GUID: 07B2F86B-BCE3-4591-886D-5C9BF81B5C21
> Last Attempted Replication: 7/28/2004 5:45:42 PM
> (local)
> Last Successful Replication: 7/27/2004 11:47:25 AM
> (local)
> Number of Failures: 8
> Failure Reason Error Code: 8524
> Failure Description: The DSA operation is unable to
> proceed because of a DNS lookup failure.
> Synchronization Flags:
> DRS_WRIT_REP,DRS_INIT_SYNC,DRS_PER_SYNC
> USN of Last Property Updated: 2302490
> USN of Last Object Updated: 2302490
> Transport: Intra-Site RPC
- Next message: Ryan: "Fail DNS Simple Query Test"
- Previous message: Kevin D. Goodknecht Sr. [MVP]: "Re: Event ID 5504"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
