Re: Re: Re: _msdcs question

TEST2

--
Cheers,
# Jorge de Almeida Pinto #
----------------------------------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test before implementing!
----------------------------------------------------------------------------------------------------------------------
"Jorge de Almeida Pinto" <Jorge.de.Almeida.Pinto@xxxxxxxxx> wrote in message
news:11p98e8aoolrffe@xxxxxxxxxxxxxxxxxxxxx
> TEST AGAIN
> Cheers,
> # Jorge de Almeida Pinto #
> BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx
> ----------------------------------------------------------------------
> -------
> * This posting is provided "AS IS" with no warranties and confers no
> rights!
> * Always test before implementing!
> ----------------------------------------------------------------------
> -------
> 04-Dec-2005 20:50:34
> Jorge de Almeida Pinto <Jorge.de.Almeida.Pinto@xxxxxxxxx> wrote in
> message
> <11p96o52r3sl668@xxxxxxxxxxxxxxxxxx>
>
>> test
>>
>> --
>> Cheers,
>> # Jorge de Almeida Pinto #
>> --------------------------------------------------------------------
> --------------------------------------------------
>> * This posting is provided "AS IS" with no warranties and confers
> no rights!
>> * Always test before implementing!
>> --------------------------------------------------------------------
> --------------------------------------------------
>> "Jorge de Almeida Pinto" <Jorge.de.Almeida.Pinto@xxxxxxxxx> wrote
> in message
>> news:11p6ger7q9gp8f5@xxxxxxxxxxxxxxxxxxxxx
>> > Hi,
>> > Remember that before a registration is possible the server name
>> > specified in SOA RR needs to be resolved to an IP address. So if
> the
>> > host A record (which for a writable DNS server is the same as the
> SOA
>> > RR) is not available (which is registered by the DHCP client
> service)
>> > the registration will not succeed because the SOA server name
> cannot
>> > be resolved to an IP. That is why the event log shows event id
> 5781
>> > stating it cannot use DDNS
>> > Remember that the DNS server service also registers host A
> records
>> > for all IPs on a NIC and for all NICs the service listens on!
>> > As Dean said change the SOA to SOMESERVER.<YOURDOMAIN> and
> manually
>> > create a host A record SOMESERVER.<YOURDOMAIN> that points to the
> IP
>> > address of the DNS server.
>> > It is best to test this with a standard primary zone, otherwise
> the
>> > SOA record will be changed again by the system to the original
> name
>> > of the DC/DNS server (if the zone is AD-I).
>> > For more info on how DDNS registration works see: http://www.
>> > microsoft.
>> >
> com/technet/prodtechnol/windowsserver2003/library/ServerHelp/e760737e-
>
>> > 9e55-458d-b5ed-a1ae9e04819e.mspx (or MS-KBQ816592_How To
> Configure
>> > DNS Dynamic Update in Windows 2003)
>> > * Stop and Disable the DHCP Client Service
>> > * Delete the SRV RRs, sub domains and host A record of the DC
> (but
>> > not the host A record that is the same as the server name in the
> SOA
>> > record)
>> > * Wait for about 15-20 min or restart NETLOGON service and the
> SRV
>> > RRs will be reregistered.
>> > I have tested this in different scenarios like with W2K SP4,
>> > W2K3SP1R2, deleting the contents of the zones and waiting,
> deleting
>> > the contents of the zones and restarting the NETLOGON svc,
> deleting
>> > the zones and recreating them (except the record which has the
> same
>> > server name as specified in the SOA RR)
>> > And if you have deleted ALL records, then first restart the DNS
>> > service and then restart the NETLOGON service.
>> > Cheers,
>> > Jorge
>> >
>> > 04-Dec-2005 15:26:49
>> > "Paul Williams [MVP]" <ptw2001@xxxxxxxxxxx> wrote in message
>> > <uWhK96N#FHA.1312@xxxxxxxxxxxxxxxxxxxx>
>> >
>> >> > ...can anyone provide documentation or repro. steps to
>> > substantiate?
>> >>
>> >> Just read this thread and was in a position to test, so I did.
>> >>
>> >> ----- Environment info. -----
>> >>
>> >> -- Windows 2003 R2 (not that it matters, but does prove SP
> level).
>> >> -- Domain name is DC=r2,DC=test-lab,DC=com.
>> >> -- Non-disjoint namespace.
>> >> -- DC points to 127.0.0.1 for DNS. No forwarders (uses root
> hints
>> > for
>> >> other resolution).
>> >>
>> >> So, I have two zones - _msdcs.r2.test-lab.com (ForestDNSZones)
> and
>> >> r2.test-lab.com (DomainDNSZones).
>> >>
>> >>
>> >> ----- Tests performed -----
>> >>
>> >> Deleted the DC sub domain of _msdcs, the CNAME record for the
> DCs
>> > GUID and
>> >> the A records for the domain name (same as parent) and hostname.
>> > For your
>> >> info., the DC in question is called r2-dc-01. This is a GC and
>> > happens to
>> >> hold the OM roles.
>> >>
>> >> Stopped and disabled DHCP Client.
>> >>
>> >> Stopped and started NETLOGON.
>> >>
>> >> Refreshing DNS shows that no records have been registered.
> Waited
>> > a little
>> >> longer and refreshed again. Still nothing. Stopped and started
>> > NETLOGON
>> >> again, waited and checked. Nothing. Repeated again. Looked in
>> > the event
>> >> log and had three NETLOGON 5781s - Dynamic registration failed...
>
>> >>
>> >> Set DHCP Client to automatic and started.
>> >>
>> >> Stopped and started NETLOGON.
>> >>
>> >> Checked DNS. Nothing. Refreshed. Nothing. Checked event logs.
>
>> > Nothing.
>> >> Refreshed DNS, and there they all were - A, CNAME and SRV
> records.
>> >>
>> >>
>> >> Limited testing I know. However this, for me, shows that it is
> the
>> > DHCP
>> >> Client Service that does the actual registrations. NETLOGON
>> > initiates this,
>> >> but it's the DHCP Client service that appears to do the
>> > registration.
>> >> Although the documentation around this is possibly vague,
> nothing
>> > I've read
>> >> appears inaccurate. NETLOGON registers records is a valid
>> > statement, as
>> >> NETLOGON initiates this.
>> >>
>> >> Dean, do you have time to look at the code and clarify? Or has
>> > your testing
>> >> provided different results? I can also test 2000 SP4 and 2003
> RTM
>> > if you
>> >> want?
>> >>
>> >>
>> >> > An additional thought; NETLOGON is also directly responsible
> for
>> >> > registering the domain A record
>> >>
>> >> Didn't test that. Will see if I can test later (going out now).
>> >>
>> >> --
>> >> Paul Williams
>> >> Microsoft MVP - Windows Server - Directory Services
>> >> http://www.msresource.net | http://forums.msresource.net


.

Relevant Pages

  • Re: Windows 98 Client Logging into Server 2003 AD
    ... "Jorge de Almeida Pinto" wrote: ... When I install Windows Server 2003, ...
    (microsoft.public.windows.server.active_directory)
  • Re: Windows 98 Client Logging into Server 2003 AD
    ... >> # Jorge de Almeida Pinto # ... I don't have SQL Server, Exchange, or anything else cool ... >>> what mode to install the server in. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Wins migration
    ... Is going into replication partners on the wins ... > console on the target server and deleting it from there sufficient. ... >> # Jorge de Almeida Pinto # ...
    (microsoft.public.windows.server.active_directory)
  • Re: Active Directory Replication error
    ... * This posting is provided "AS IS" with no warranties and confers no rights! ... >> # Jorge de Almeida Pinto # ...
    (microsoft.public.windows.server.active_directory)
  • Re: migration AD 2000 to 2003
    ... BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx ... win2k3 machine and i'm running adprep directly from the cd ... Jorge de Almeida Pinto wrote: ...
    (microsoft.public.win2000.active_directory)