Re: Cannot find domain controller

Please see inline
We left you ages ago.
Yes I know and you both moved out from the real problem.

What you describe might be valid if you have misconfigured DNS so your
clients try to reach Ext DNS servers.
Incorrect, it's not bad configuration but rather default behavior. Of course
you can change that.

Your clients need not try to register PTR records.
Incorrect again, they try by default to register the PTR records.

They do not and your Kerberos conv will succeed without Reverse DNS zones
setup. Try it out.
Sure they do. The problem is that the error is logged because they are
trying to reach to an un-authorized server, the error may be misleading, but
the error is logged because of that.

Apps may require Reverse zones for security (to check if the ip refers to
a known name) but this is built into the app. Spam filters also use
reverse lookups to verify ip adds and host names. Other than this, you
don't really need them.
Lol.
Other than this??!!!
I don't know what type of network you're running, but in my client's network
the Apps are most critical to keep the network users running, and if that
stops, all users will stop working and that would be a major problem, so,
sounds to me that is more than 1 reason to create PTR records and Reverse
lookup zones. Networks don't run only Microsoft products you know...
There're many other products that may run in that same physical network, in
my case I work toguether with other technologies (Unix, HP Ux, Solaris,
Linux, ...) and in some cases we need to integrate them with MS technology
so everyone can work happy, think about that when you say there's NOTHING
more to be used with this or that....

--
===================================
I hope that the information above helps you.
Have a Nice day.

Jorge Silva
MCSE, MVP Directory Services
===================================
"Austin Osuide" <austin@xxxxxxxxxxx> wrote in message
news:47430BB9-AAA0-470F-A0F2-87B4C97A5551@xxxxxxxxxxxxxxxx
No Jorge,
We left you ages ago.
What you describe might be valid if you have misconfigured DNS so your
clients try to reach Ext DNS servers.
Your clients need not try to register PTR records. That's the point.
Ace and I were discussing where PTR records come in in a Kerberos
conversation where tickets for SPNs are requested.
They do not and your Kerberos conv will succeed without Reverse DNS zones
setup. Try it out.
Apps may require Reverse zones for security (to check if the ip refers to
a known name) but this is built into the app. Spam filters also use
reverse lookups to verify ip adds and host names. Other than this, you
don't really need them.

Regards,

Austin



"Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx> wrote in message
news:OA$dV0GKIHA.5468@xxxxxxxxxxxxxxxxxxxxxxx
the explanation is in my post...
:)

"Ace Fekay [MVP]" <PleaseAskMe@xxxxxxxxxxxxxx> wrote in message
news:%23ZdaPkEKIHA.5928@xxxxxxxxxxxxxxxxxxxxxxx
In news:%23KmQk52JIHA.5160@xxxxxxxxxxxxxxxxxxxx,
Austin Osuide <austin@xxxxxxxxxxx> typed:
Hi Ace,
Sorry about the delay in getting back.
I think it might be best to respond inline:

Your points are valid, and I am not discounting your experience in it,
which you apparently have more than myself, and I agree those links do
not indicate anything concerning a PTR and an SPNEGO relationship.
However back to my original point, albeit your claim that EventID.net
can be misleading or not, how can you explain providing a PTR fixes the
issue?

Ace






.

Relevant Pages

  • Re: strange dns client errors
    ... Client IP configuration: ... There are no forwarders configured on both DNS Servers ... There are three correctly configured reverse lookup zones for the networks ... - ICS was never configured on the network ...
    (microsoft.public.windows.server.dns)
  • Re: Cannot connect to the Internet
    ... Connection 2 Status icon shows "Connected" with a speed of 10.0 Mbps, ... The master browser has received a server announcement from the ... service will not use the network to avoid further network performance ... these DNS servers or contact your network administrator. ...
    (microsoft.public.mac.virtualpc)
  • Re: Cannot connect to the Internet
    ... Connection 2 Status icon shows "Connected" with a speed of 10.0 Mbps, ... The master browser has received a server announcement from the ... service will not use the network to avoid further network performance ... these DNS servers or contact your network administrator. ...
    (microsoft.public.mac.virtualpc)
  • Re: hanging behavior and event ID questions
    ... > use the network to avoid further network performance problems. ... > verify network conditions to these DNS servers or contact. ... > Thanks, Josie ... Please explain your internet connection more clearly. ...
    (microsoft.public.win2000.general)
  • Network logins take too long!
    ... Intel or Broadcomm network adapters. ... As in almost all cases of slow network logins the culprit is DNS or network ... We have 2 AD integrated DNS servers on the ... Domain Controller machines. ...
    (microsoft.public.windows.server.active_directory)