Re: LSASRV SPNEGO event in System log
From: Kevin D. Goodknecht Sr. [MVP] (admin_at_nospam.WFTX.US)
Date: 07/13/04
- Next message: Help us Please: "Correct name"
- Previous message: Deji Akomolafe: "Re: My XP Clients are not updating their IP Addresses"
- In reply to: Guillaume Tamisier: "Re: LSASRV SPNEGO event in System log"
- Next in thread: Guillaume Tamisier: "Re: LSASRV SPNEGO event in System log"
- Reply: Guillaume Tamisier: "Re: LSASRV SPNEGO event in System log"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 13 Jul 2004 18:43:10 -0500
In news:eE8565SaEHA.712@TK2MSFTNGP11.phx.gbl,
Guillaume Tamisier <nospam@nospam.com> posted a question
Then Kevin replied below:
> Yes, I have two NIC on my DC (one public, one private).
> You seems to be right : the DNS server of my ISP is
> listed in the TCP/IP properties of my public NIC because
> this interface uses DHCP. How can I stay using DHCP but
> not using the DNS servers the DHCP response indicates (I
> only need an IP address, network mask and gateway
> address).
>
> (I've not created a a reverse lookup zone for my public
> IP address.)
>
>
Manually add your local DNS in TCP/IP properties of the public NIC, but let
DHCP assign the IP address.
In addition, Multi-homed Domain controllers are problematic and require some
extra configuration.
Do these things:
1 Bindings- Check the binding order of your NICs, Right click on network
places, choose properties, In the Advanced menu select Advanced settings,
make sure your internal interface is at the top of the connections list and
that only the internal interface has file sharing and Client for MS Networks
in the bindings pane.
2 DNS listener addresses- Use the DNS management console choose the
properties of the DNS server, on the interfaces tab select "Listen only on
these addresses" with the IP of the internal interface.
3 LDAP IP addresses- By default the netlogon service on Domain controllers
will register (same as parent folder) Host records for all IP addresses on
the machine, if you have a public address on the machine that you do not
want File Sharing enabled on, you also do not want the (same as parent
folder) host for its IP address. This record is used for the domain DFS
SYSVOL share at \\<domainname>\SYSVOL What you have to do, is stop the
creation of these records then manually create the record for the private
IP.
In addition, if this is your forest root DC, and it is also a Global Catalog
server, so it also creates a (same as parent folder) host in the
gc._msdcs.<forestroot> for each IP you will also need to stop this and
manually create the (same as parent folder) record for the internal IP
there, too.
Here is the registry entry to stop these records and don't forget to
manually create these records.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
Registry value: DnsAvoidRegisterRecords
Data type: REG_MULTI_SZ
LdapIpAddress
GcIpAddress
-- Best regards, Kevin D4 Dad Goodknecht Sr. [MVP] Hope This Helps ============================ -- When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. To respond directly to me remove the nospam. from my email. ========================================== http://www.lonestaramerica.com/ ========================================== Use Outlook Express?... Get OE_Quotefix: It will strip signature out and more http://home.in.tum.de/~jain/software/oe-quotefix/ ========================================== Keep a back up of your OE settings and folders with OEBackup: http://www.oehelp.com/OEBackup/Default.aspx ==========================================
- Next message: Help us Please: "Correct name"
- Previous message: Deji Akomolafe: "Re: My XP Clients are not updating their IP Addresses"
- In reply to: Guillaume Tamisier: "Re: LSASRV SPNEGO event in System log"
- Next in thread: Guillaume Tamisier: "Re: LSASRV SPNEGO event in System log"
- Reply: Guillaume Tamisier: "Re: LSASRV SPNEGO event in System log"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
