Re: [WARNING] Failed to query SPN registration on DC

The second commad I have should verify the dns service records on your DC's. I assume you got no errors, but that surprises me with the event log you also noted. When I asked you to over write the first couple of octets it would have helped to keep them common, unless the x.x was consistent across the lan, but you have a network with 8100+ devices if I did my math correctly. I wanted to see if you have placed your dc in the proper subnet.
From this I can't tell, but the error doesn't appear to point to a network
issue that I can see anyways.

I would suggest for now try unteaming your dc and doing a stan alone nic and disabling the second one to see if this helps.


--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.
"Andrew Story" <andrewDOTstoryATjameswalkerDOTbiz> wrote in message news:unqNZaadJHA.3488@xxxxxxxxxxxxxxxxxxxxxxx
IPConfig from rebuilt DC (new one)

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : newADS01
Primary DNS Suffix . . . . . . . : domain.co.uk
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.co.uk


Ethernet adapter Team 1:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : BASP Virtual Adapter
Physical Address. . . . . . . . . : 00-15-C5-E1-39-EE
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : x.x.1.1
Subnet Mask . . . . . . . . . . . : 255.255.240.0
Default Gateway . . . . . . . . . : x.x.0.1
DNS Servers . . . . . . . . . . . : x.x.1.1
x.x.33.99
Primary WINS Server . . . . . . . : x.x.1.1
Secondary WINS Server . . . . . . : x.x.99


IPConfig from existing DC (not in same site, in site linked via ADSS)

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : existingADS01
Primary DNS Suffix . . . . . . . : domain.co.uk
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.co.uk

Ethernet adapter Team 1:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : BASP Virtual Adapter
Physical Address. . . . . . . . . : 00-18-8B-F8-7B-D7
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : x.x.33.1
Subnet Mask . . . . . . . . . . . : 255.255.240.0
Default Gateway . . . . . . . . . : x.x.32.1
DNS Servers . . . . . . . . . . . : x.x.33.1
x.x.33.99
Primary WINS Server . . . . . . . : x.x.33.1
Secondary WINS Server . . . . . . : x.x.33.99

Ran the command also on both DC's, not sure what info to lookfor though?

Cheers.


"Paul Bergson" <pbbergs@xxxxxxxxxxxxx> wrote in message news:30BD25EC-2EED-44D2-A37D-1EFF3834BC4B@xxxxxxxxxxxxxxxx
I wonder if this isn't related to dns issues.

can you post an ipconfig /all from the failing dc and a good dc preferably from the same site. Please change the first few octets to not expose the actual ip address of your lan.

Also run on good and failing dc
dnscmd domainname.com /enumzones > c:\dnscmd.txt
start c:\dnscmd.txt


--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.
"Andrew Story" <andrewDOTstoryATjameswalkerDOTbiz> wrote in message news:e%23iudFadJHA.1184@xxxxxxxxxxxxxxxxxxxxxxx
Hi all,

Newly promoted DC (after an OS failure requiring a rebuild - metadata cleanup performed). AD installed fine etc but won't replicate anymore with any peers. Netdiag gives this as the only problem
[WARNING] Failed to query SPN registration on DC (every DC is listed)

DCDIAG is clean.

On the server which the newly promtoed one has a site link too are many Event ID 1265, Source Knowledge Consistency Checker. These advise replication cannot occur due to a DNS lookup failue.

Service records exist in the newly promoted DC for itself, but not on it's replication partner.

Any ideas guys? I'm a bit stumped here





.

Relevant Pages

  • Win2003 server hanging at bootup at network connections
    ... that the logon process takes an equally lengthy period of ... DNS likely needs additional ... service records appropriately in DNS, ... domain controller, you need to let it replicate before ...
    (microsoft.public.windows.server.general)
  • Re: Problem Adding 2nd DC to domain
    ... _msdcs sub-domain ... The above contain the service records for your AD ... Host= ip address of your DNS server that Holds the Dc ... There are either problems on your current DNS that hosts your dc (You could ...
    (microsoft.public.win2000.active_directory)
  • Re: DNS Error
    ... Those srv records are created during netlogon. ... DNS did not replicate. ... finally get some of the enties in DNS but no service records would come ...
    (microsoft.public.windows.server.dns)
  • Re: Problem Adding 2nd DC to domain
    ... I believe it is looking at the DNS you have supplied and is unable to find ... the AD service records. ... Are you pointing to the same DNS server as the ... > An Active Directory Domain controller for the domain xyz.xxx could not be ...
    (microsoft.public.win2000.active_directory)
  • Re: [WARNING] Failed to query SPN registration on DC
    ... some other DC which is also DNS ... NET STOP NETLOGON & NET START NETLOGON ... "Andrew Story" wrote in message ... Service records exist in the newly promoted DC for itself, but not on it's replication partner. ...
    (microsoft.public.windows.server.active_directory)
Loading