Re: DNS help
- From: "Michael" <admin*_mperrin*_co*_uk>
- Date: Tue, 27 Mar 2007 18:18:05 +0100
Hi - Thanks for the reply again - I was posting from a work friend's PC btw
hence the different posting name.
Anyway.
We have 2 DNS servers - they replicate to each other.
I just noticed I got some IP addresses wrong in my original text as well.
Anyway..
Therefore i guess all DNS zones are on the same DNS server?
I'm not sure what to describe. The DNS has all of our subnets for our
reverse lookup zones.
We have some forward lookup ones. There are various ones in here that people
in the past have made that make no real sense.
It seems we have a company-name.com one. In there all the main records are.
Let me know exactly what i need to post up and i will.
Thanks
Michael.
"Chriss3 [MVP]" <removethis_christoffer.andersson@xxxxxxxxxx> wrote in
message news:%23oQmCqHcHHA.4772@xxxxxxxxxxxxxxxxxxxxxxx
Thanks.
Are the DNS zone's for both domains stored on the same DNS Server? Can you
explain the DNS Infrastructure in more detail?
Thanks
--
Regards
Christoffer Andersson
Executive Consultant - TrueSec
Microsoft MVP - Directory Services
----------------------------------------------------------------
http://www.chrisse.se - Active Directory Resources
"Idris" <idris@xxxxxxxxxxxxxx> wrote in message
news:OrJLgfHcHHA.2188@xxxxxxxxxxxxxxxxxxxxxxx
Thanks for the reply.
Yes domainA is the first domain we had. Not sure what you call this. Like
the main or root one - or top level? DomainB is another domain within the
same forest.
The trust is two way between both domains.
I don't understand the Forest Application Partition that you mention? The
domainB is all Win2000.
If you let me know how i can find this out i will post it.
ANY help or suggestions would be greatly welcomed. I'm happy to post any
tests/outcomes that might help.
Michael.
"Chriss3 [MVP]" <removethis_christoffer.andersson@xxxxxxxxxx> wrote in
message news:OZ%230CQHcHHA.2332@xxxxxxxxxxxxxxxxxxxxxxx
Hello
Is DomainA and DomainB within the same forest? are you using the Windows
Server 2003 Forest Application Partition to host the DNS data? It looks
like a permission issue, or a zone issue.
--
Regards
Christoffer Andersson
Executive Consultant - TrueSec
Microsoft MVP - Directory Services
----------------------------------------------------------------
http://www.chrisse.se - Active Directory Resources
"Michael" <admin*_mperrin*_co*_uk> wrote in message
news:ufvKJj8bHHA.4716@xxxxxxxxxxxxxxxxxxxxxxx
Hi, (Creating a new post to join together my old ones and ask new
qestions)
I'll try and describe my setup first before asking the questions. I've
recently set up sites and subnets as well (was nothing before).
SiteA
DomainA GC1 - Has DNS role - 10.97.100.1
DomainB GC1 - Is on the DMZ ip range and is an e-mail hosting server -
192.168.1.15 - SSterm01
DomainB GC2 - On DMZ and is terminal server - 192.168.1.15 -
SStaspmail01
Some server not a GC - WINS server - also have another one -
10.99.100.65 and 66
SiteB
DomainA GC2 - Has DNS role - 10.99.100.10
Now. Few things wrong. No WINS server at siteB. I'm ok with that for
now. My problem is domain B.
NETDIAG /FIX brings up problems. All DNS related. Now both DCs in
DomainB point to 10.97.100.1 which is my DNS server on the other
domain.
I've had someone check all firewall rules and aparently everything
should be getting through ok. The default gateway seems to block things
but that is the firewall. Apparently this will never allow anything
through hence the fails before.
Here is my copy/paste of my latest errors from netdiag:
C:\>netdiag /fix
..............................................
Computer Name: SSASPMAIL01
DNS Host Name: ssaspmail01.hosting.mycompany-name.com
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 6 Model 8 Stepping 6, GenuineIntel
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : DMZ LAN
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : ssaspmail01.company-name.com
IP Address . . . . . . . . : 192.168.1.20
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.1
Primary WINS Server. . . . : 10.97.100.65
Dns Servers. . . . . . . . : 10.97.100.5
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Failed
No gateway reachable for this adapter.
NetBT name test. . . . . . : Passed
WINS service test. . . . . : Passed
Global results:
Domain membership test . . . . . . : Failed
[WARNING] Ths system volume has not been completely replicated to
the local
machine. This machine is not working properly as a DC.
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{0A2E1260-357C-4E8F-8B7A-58E4EADF4F5D}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Failed
[FATAL] NO GATEWAYS ARE REACHABLE.
You have no connectivity to other network segments.
If you configured the IP protocol manually then
you need to add at least one valid gateway.
NetBT name test. . . . . . . . . . : Passed
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Failed
[FATAL] Failed to fix: DC DNS entry hosting.company-name.com.
re-regi
steration on DNS server '10.97.100.5' failed.
DNS Error code: ERROR_TIMEOUT (Dns server may be down.)
[FATAL] Failed to fix: DC DNS entry hosting.company-name.com.
re-regi
steration on DNS server '10.97.100.5' failed.
DNS Error code: ERROR_TIMEOUT (Dns server may be down.)
[FATAL] Failed to fix: DC DNS entry hosting.company-name.com.
re-regi
steration on DNS server '10.97.100.5' failed.
DNS Error code: ERROR_TIMEOUT (Dns server may be down.)
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.SiteA._sites.hosting.
hosting.company-name.com. re-registeration on DNS server '10.97.100.5'
failed.
DNS Error code: ERROR_TIMEOUT (Dns server may be down.)
[FATAL] Failed to fix: DC DNS entry
_ldap._tcp.SiteA._sites.gc._msdcs.
hosting.company-name.com. re-registeration on DNS server '10.97.100.5'
failed.
DNS Error code: ERROR_TIMEOUT (Dns server may be down.)
[FATAL] Failed to fix: DC DNS entry
_kerberos._tcp.SiteA._sites.dc._msdcs
.hosting.company-name.com. re-registeration on DNS server '10.97.100.5'
f
ailed.
DNS Error code: ERROR_TIMEOUT (Dns server may be down.)
[FATAL] Failed to fix: DC DNS entry
_ldap._tcp.SiteA._sites.dc._msdcs.hos
ting.company-name.com. re-registeration on DNS server '10.97.100.5'
faile
d.
DNS Error code: ERROR_TIMEOUT (Dns server may be down.)
[FATAL] Failed to fix: DC DNS entry
_kerberos._tcp.SiteA._sites.hosting.
hosting.company-name.com. re-registeration on DNS server '10.97.100.5'
failed.
DNS Error code: ERROR_TIMEOUT (Dns server may be down.)
[FATAL] Failed to fix: DC DNS entry _gc._tcp.SiteA._sites.hosting.
company-name.com. re-registeration on DNS server '10.97.100.5' failed.
DNS Error code: ERROR_TIMEOUT (Dns server may be down.)
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.SiteB._sites.hosting.
hosting.company-name.com. re-registeration on DNS server '10.97.100.5'
failed.
DNS Error code: ERROR_TIMEOUT (Dns server may be down.)
[FATAL] Failed to fix: DC DNS entry
_kerberos._tcp.SiteB._sites.dc._msdcs.ho
sting.company-name.com. re-registeration on DNS server '10.97.100.5'
fail
ed.
DNS Error code: ERROR_TIMEOUT (Dns server may be down.)
[FATAL] Failed to fix: DC DNS entry
_ldap._tcp.SiteB._sites.dc._msdcs.hostin
g.company-name.com. re-registeration on DNS server '10.97.100.5'
failed.
DNS Error code: ERROR_TIMEOUT (Dns server may be down.)
[FATAL] Failed to fix: DC DNS entry
_kerberos._tcp.SiteB._sites.hosting.
hosting.company-name.com. re-registeration on DNS server '10.97.100.5'
failed.
DNS Error code: ERROR_TIMEOUT (Dns server may be down.)
[FATAL] File \config\netlogon.dns contains invalid DNS entries.
[FATAL
] No DNS servers have the DNS records for this DC registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{0A2E1260-357C-4E8F-8B7A-58E4EADF4F5D}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{0A2E1260-357C-4E8F-8B7A-58E4EADF4F5D}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Failed
Failed to enumerate DCs by using the browser.
[ERROR_BAD_NETPATH]
Trust relationship test. . . . . . : Passed
Secure channel for domain 'HOSTING' is to
'\\ssterm01.hosting.company-name.com'
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Passed
IPSec policy service is active, but no policy is assigned.
The command completed successfully
Can anyone shed some light on what to check next? Spent all day looking
at this today and just can't see why either of these servers in DomainB
cannot contact the DNS server in DomainA.
Any help greatly appreciated. I'm quite lost now.
Thanks Michael.
.
- Follow-Ups:
- Re: DNS help
- From: Idris
- Re: DNS help
- References:
- DNS help
- From: Michael
- Re: DNS help
- From: Chriss3 [MVP]
- Re: DNS help
- From: Idris
- Re: DNS help
- From: Chriss3 [MVP]
- DNS help
- Prev by Date: Re: How do I reset access rights to use/view ADUC?
- Next by Date: Delete Default first site ?
- Previous by thread: Re: DNS help
- Next by thread: Re: DNS help
- Index(es):
Relevant Pages
|
