Re: Re: _msdcs question

---

• From: "Jorge de Almeida Pinto" <Jorge.de.Almeida.Pinto@xxxxxxxxx>
• Date: Mon, 5 Dec 2005 21:25:08 +0100

---

ANOTHER TEST

--
Cheers,
# Jorge de Almeida Pinto #
----------------------------------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test before implementing!
----------------------------------------------------------------------------------------------------------------------
"Jorge de Almeida Pinto" <Jorge.de.Almeida.Pinto@xxxxxxxxx> wrote in message
news:11p96o52r3sl668@xxxxxxxxxxxxxxxxxxxxx
> test
>
> --
> Cheers,
> # Jorge de Almeida Pinto #
> ----------------------------------------------------------------------------------------------------------------------
> * This posting is provided "AS IS" with no warranties and confers no
> rights!
> * Always test before implementing!
> ----------------------------------------------------------------------------------------------------------------------
> "Jorge de Almeida Pinto" <Jorge.de.Almeida.Pinto@xxxxxxxxx> wrote in
> message news:11p6ger7q9gp8f5@xxxxxxxxxxxxxxxxxxxxx
>> Hi,
>> Remember that before a registration is possible the server name
>> specified in SOA RR needs to be resolved to an IP address. So if the
>> host A record (which for a writable DNS server is the same as the SOA
>> RR) is not available (which is registered by the DHCP client service)
>> the registration will not succeed because the SOA server name cannot
>> be resolved to an IP. That is why the event log shows event id 5781
>> stating it cannot use DDNS
>> Remember that the DNS server service also registers host A records
>> for all IPs on a NIC and for all NICs the service listens on!
>> As Dean said change the SOA to SOMESERVER.<YOURDOMAIN> and manually
>> create a host A record SOMESERVER.<YOURDOMAIN> that points to the IP
>> address of the DNS server.
>> It is best to test this with a standard primary zone, otherwise the
>> SOA record will be changed again by the system to the original name
>> of the DC/DNS server (if the zone is AD-I).
>> For more info on how DDNS registration works see: http://www.
>> microsoft.
>> com/technet/prodtechnol/windowsserver2003/library/ServerHelp/e760737e-
>> 9e55-458d-b5ed-a1ae9e04819e.mspx (or MS-KBQ816592_How To Configure
>> DNS Dynamic Update in Windows 2003)
>> * Stop and Disable the DHCP Client Service
>> * Delete the SRV RRs, sub domains and host A record of the DC (but
>> not the host A record that is the same as the server name in the SOA
>> record)
>> * Wait for about 15-20 min or restart NETLOGON service and the SRV
>> RRs will be reregistered.
>> I have tested this in different scenarios like with W2K SP4,
>> W2K3SP1R2, deleting the contents of the zones and waiting, deleting
>> the contents of the zones and restarting the NETLOGON svc, deleting
>> the zones and recreating them (except the record which has the same
>> server name as specified in the SOA RR)
>> And if you have deleted ALL records, then first restart the DNS
>> service and then restart the NETLOGON service.
>> Cheers,
>> Jorge
>>
>> 04-Dec-2005 15:26:49
>> "Paul Williams [MVP]" <ptw2001@xxxxxxxxxxx> wrote in message
>> <uWhK96N#FHA.1312@xxxxxxxxxxxxxxxxxxxx>
>>
>>> > ...can anyone provide documentation or repro. steps to
>> substantiate?
>>>
>>> Just read this thread and was in a position to test, so I did.
>>>
>>> ----- Environment info. -----
>>>
>>> -- Windows 2003 R2 (not that it matters, but does prove SP level).
>>> -- Domain name is DC=r2,DC=test-lab,DC=com.
>>> -- Non-disjoint namespace.
>>> -- DC points to 127.0.0.1 for DNS. No forwarders (uses root hints
>> for
>>> other resolution).
>>>
>>> So, I have two zones - _msdcs.r2.test-lab.com (ForestDNSZones) and
>>> r2.test-lab.com (DomainDNSZones).
>>>
>>>
>>> ----- Tests performed -----
>>>
>>> Deleted the DC sub domain of _msdcs, the CNAME record for the DCs
>> GUID and
>>> the A records for the domain name (same as parent) and hostname.
>> For your
>>> info., the DC in question is called r2-dc-01. This is a GC and
>> happens to
>>> hold the OM roles.
>>>
>>> Stopped and disabled DHCP Client.
>>>
>>> Stopped and started NETLOGON.
>>>
>>> Refreshing DNS shows that no records have been registered. Waited
>> a little
>>> longer and refreshed again. Still nothing. Stopped and started
>> NETLOGON
>>> again, waited and checked. Nothing. Repeated again. Looked in
>> the event
>>> log and had three NETLOGON 5781s - Dynamic registration failed...
>>>
>>> Set DHCP Client to automatic and started.
>>>
>>> Stopped and started NETLOGON.
>>>
>>> Checked DNS. Nothing. Refreshed. Nothing. Checked event logs.
>> Nothing.
>>> Refreshed DNS, and there they all were - A, CNAME and SRV records.
>>>
>>>
>>> Limited testing I know. However this, for me, shows that it is the
>> DHCP
>>> Client Service that does the actual registrations. NETLOGON
>> initiates this,
>>> but it's the DHCP Client service that appears to do the
>> registration.
>>> Although the documentation around this is possibly vague, nothing
>> I've read
>>> appears inaccurate. NETLOGON registers records is a valid
>> statement, as
>>> NETLOGON initiates this.
>>>
>>> Dean, do you have time to look at the code and clarify? Or has
>> your testing
>>> provided different results? I can also test 2000 SP4 and 2003 RTM
>> if you
>>> want?
>>>
>>>
>>> > An additional thought; NETLOGON is also directly responsible for
>>> > registering the domain A record
>>>
>>> Didn't test that. Will see if I can test later (going out now).
>>>
>>> --
>>> Paul Williams
>>> Microsoft MVP - Windows Server - Directory Services
>>> http://www.msresource.net | http://forums.msresource.net
>
>


.

---

• References:
  • Re: _msdcs question
    • From: Paul Williams [MVP]
  • Re: _msdcs question
    • From: Ace Fekay [MVP]
  • Re: _msdcs question
    • From: Dean Wells [MVP]
  • Re: _msdcs question
    • From: Dean Wells [MVP]
  • Re: _msdcs question
    • From: Paul Williams [MVP]
  • Re: Re: _msdcs question
    • From: Jorge de Almeida Pinto

• Prev by Date: Re: Computer Account Creation
• Next by Date: Re: Simple question on publishing folders and printers
• Previous by thread: Re: Re: _msdcs question
• Next by thread: Re: Re: Re: _msdcs question
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Re: _msdcs question ... > host A record (which for a writable DNS server is the same as the SOA ... > * Wait for about 15-20 min or restart NETLOGON service and the SRV ... (microsoft.public.windows.server.active_directory) Re: AD replication fails - ... Is the new DC registered correctly in DNS in forward/reverse lookup zone? ... The DHCP client service is started by the default 'Network Service'. ... The IPconfig for the Win2k server is: ... The DC ITASCA-DEV-AD is advertising itself as a DC and having ... (microsoft.public.windows.server.active_directory) RE: Solved: DHCP Client Service cannot start after conficker invad ... I was about to reply to Meinolf that the fix still did not work. ... Once the server rebooted after changing registry, ... DNS server mostly use secure dynamic updates. ... speicifc details lke what would happen if the DHCP client service ... (microsoft.public.windows.server.general) RE: Solved: DHCP Client Service cannot start after conficker invaded ... These are the only permissions needed to fix this problem. ... Once the server rebooted after changing registry, ... DNS server mostly use secure dynamic updates. ... speicifc details lke what would happen if the DHCP client service ... (microsoft.public.windows.server.general) Solved: DHCP Client Service cannot start after conficker invaded ... Once the server rebooted after changing registry, ... DNS server mostly use secure dynamic updates. ... only reply to Newsgroups ... speicifc details lke what would happen if the DHCP client service ... (microsoft.public.windows.server.general)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.active_directory  > 2005-12