Re: XP can not register using secure updates?

Tech-Archive recommends: Speed Up your PC by fixing your registry

"Robert LeBlanc" <leblanc@xxxxxxx> wrote in message
news:OcAhMOgbFHA.584@xxxxxxxxxxxxxxxxxxxxxxx
> I've reconfigured my DNS servers since there was a lot messed up with
> the Active Directory Side of the DNS entries. To make a long story
> short, I probably didn't need to do that, but it's done. The question
> that I have now is this: I've set up the DNS servers to accept only
> Secure updates to the the DNS. After several hours and constantly
> changing settings and forcing a register, I can't get XP Professional to
> register unless I allow secure and insecure updates.

This sounds like flailing - which almost never works and
frequently causes more problems than it fixes.

> Windows 2000 and
> the other Windows 2003 member servers update without a problem. Anyone
> know what I'm doing wrong here?

In addition to Todd's list, here is mine. They are not in
conflict but just differently focused or stated - mine is
focused on getting DNS setup correctly for both clients
and servers in the general case rather than this specific
registration problem.

As you change things fixing the problem, make sure you
adhere to these guidelines -- which work even for Unix
DNS servers.

DNS for AD
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) If you have more than one Domain, every DNS server must
be able to resolve ALL domains (either directly or indirectly)

netdiag /fix

....or maybe:

dcdiag /fix

(Win2003 can do this from Support tools):
nltest /dsregdns /server:DC-ServerNameGoesHere
http://support.microsoft.com/kb/q260371/

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.

Single Label domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]


--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]

>
> Robert LeBlanc
> BioAg Computer Support
> Brigham Young University



.

Relevant Pages

  • Re: sys vol check
    ... instead of the local DNS server and two ISP DNS servers. ... I need to configure the DHCP to use all three internal DNS servers ... If DNS zones are AD Integrated are writtable. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Directory Service Event 1311
    ... The main issue was DNS. ... I had to point all DNS servers, ... port query tool to see what was being filtered. ... NLTEST is a support tool. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Renaming Domain
    ... default will register records within the DNS zone called DOMAIN.COM. ... they register they hostname within the DNS zone called SUB.DOMAIN.COM. ... I have a domain name of MyCompany and a fully qualified DNS ... My DNS servers are also at the SubZone ...
    (microsoft.public.windows.server.active_directory)
  • Re: sys vol check
    ... You've 3 DC DNS servers one in each Site with different subnets. ... You've A forward lookup Zone named CORP.DLECINC.COM and a reverse lookup ... The clients should use only their local DNSserver in ther NIC ...
    (microsoft.public.windows.server.active_directory)
  • Re: Win2k3 and Slow Logons
    ... > various DNS settings from the server and my router set up. ... for internal DNS servers, but it must NOT be listed on any ... >>>>bad world of the Internet. ...
    (microsoft.public.windows.server.dns)