RE: multiple dns errors with domain controllers
- From: "Gilbert" <Gilbert@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 6 Feb 2006 08:08:29 -0800
Nslookup works fine on all 3 servers. Here's the errors in the DNS server log:
I noticed that one of the servers had DNS setup on it and I didn't think it
was a DNS server. It had an Active Directory zone installed on it. I
uninstalled DNS from that server since in the Network Properties it was using
the main DNS server anyway to resolve DNS.
Server sutherlin-win3: (no longer a DNS server but here are the errors in
the log:)
Event Id 4015 Source: DNS
The DNS server has encountered a critical error from the Active Directory.
Check that the Active Directory is functioning properly. The extended error
debug information (which may be empty) is "". The event data contains the
error.
Event Id: 4004 Source: DNS
The DNS server was unable to complete directory service enumeration of zone
sutherlinzone. This DNS server is configured to use information obtained
from Active Directory for this zone and is unable to load the zone without
it. Check that the Active Directory is functioning properly and repeat
enumeration of the zone. The extended error debug information (which may be
empty) is "". The event data contains the error.
shs2003 server
Event Id 6702 Source: DNS
DNS server has updated its own host (A) records. In order to ensure that
its DS-integrated peer DNS servers are able to replicate with this server, an
attempt was made to update them with the new records through dynamic update.
An error was encountered during this update, the record data is the error
code.
If this DNS server does not have any DS-integrated peers, then this error
should be ignored.
If this DNS server's Active Directory replication partners do not have the
correct IP address(es) for this server, they will be unable to replicate with
it.
To ensure proper replication:
1) Find this server's Active Directory replication partners that run the DNS
server.
2) Open DnsManager and connect in turn to each of the replication partners.
3) On each server, check the host (A record) registration for THIS server.
4) Delete any A records that do NOT correspond to IP addresses of this
server.
5) If there are no A records for this server, add at least one A record
corresponding to an address on this server, that the replication partner can
contact. (In other words, if there multiple IP addresses for this DNS
server, add at least one that is on the same network as the Active Directory
DNS server you are updating.)
6) Note, that is not necessary to update EVERY replication partner. It is
only necessary that the records are fixed up on enough replication partners
so that every server that replicates with this server will receive (through
replication) the new data.
"alexk" wrote:
Gilbert,.
Have you attempted to run nslookup against the DNS server? Are there any
errors in the DNS server event log?
let me know what you get.
alexk
"Gilbert" wrote:
I'm using Windows 2003 with all the patches and service packs. I have 3
domain controllers and 1 of them is the DNS server. I have multiple errors
in the event viewer and when running dcdiag and netdiag. I think it's a DNS
issue I have to fix first before I can get the other stuff worked out. I
tried to run the utilities with the /fix but no luck. I tried to start and
stop the net logon service, also do ipconfig /registerdns, no luck. Made
sure the domain controllers are registered in DNS with SRV records and
everything looks good. I even re-created the zone. All the domain
controllers are pointing to the main DNS server for name resolution.
Main domain controller with all the roles: When I run DCDIAG I get this:
Starting test: frsevent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may
cause
Group Policy problems.
......................... SHS2003SERVER failed test frsevent
Starting test: kccevent
An Warning Event occured. EventID: 0x80000785
Time Generated: 02/02/2006 11:08:52
Event String: The attempt to establish a replication link for
......................... SHS2003SERVER failed test kccevent
When I run NETDIAG, I get this:
Kerberos test. . . . . . . . . . . : Failed
[FATAL] Kerberos does not have a ticket for
host/shs2003server.sutherlin.k12.or.us.
LDAP test. . . . . . . . . . . . . : Passed
[WARNING] Failed to query SPN registration on DC
'sutherlin-win3.sutherlin.k12.or.us'.
On one of my other domain controllers, here's what I get when running DCDIAG:
Starting test: kccevent
An Warning Event occured. EventID: 0x80000785
Time Generated: 02/02/2006 11:25:11
Event String: The attempt to establish a replication link for
......................... SUTHERLIN-WEB failed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/02/2006 10:30:39
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/02/2006 10:30:39
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/02/2006 10:30:39
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/02/2006 10:30:39
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/02/2006 10:30:39
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/02/2006 10:30:39
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/02/2006 10:30:39
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/02/2006 10:30:39
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/02/2006 10:30:39
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0xC0000021
Time Generated: 02/02/2006 10:33:35
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/02/2006 10:40:42
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/02/2006 10:40:43
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 02/02/2006 10:40:43
(Event String could not be retrieved)
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/02/2006 10:41:27
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/02/2006 10:41:27
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/02/2006 10:41:27
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/02/2006 10:41:27
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/02/2006 10:41:27
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/02/2006 10:41:27
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/02/2006 10:41:27
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/02/2006 10:41:27
Event String: The dynamic registration of the DNS record
An Error Event occured. EventID: 0x0000168E
Time Generated: 02/02/2006 10:41:27
Event String: The dynamic registration of the DNS record
......................... SUTHERLIN-WEB failed test systemlog
When I run NETDIAG, I get this:
DNS test . . . . . . . . . . . . . : Failed
[WARNING] Cannot find a primary authoritative DNS server for the
name
'sutherlin-web.sutherlin.k12.or.us.'. [ERROR_TIMEOUT]
The name 'sutherlin-web.sutherlin.k12.or.us.' may not be
registered in DNS.
[WARNING] The DNS entries for this DC are not registered correctly on
DNS server '10.30.0.10'. Please wait for 30 minutes for DNS server
replication.
[FATAL] No DNS servers have the DNS records for this DC registered.
Kerberos test. . . . . . . . . . . : Failed
[FATAL] Kerberos does not have a ticket for
host/sutherlin-web.sutherlin.k12.or.us.
LDAP test. . . . . . . . . . . . . : Passed
[WARNING] Failed to query SPN registration on DC
'sutherlin-win3.sutherlin.k12.or.us'.
- References:
- multiple dns errors with domain controllers
- From: Gilbert
- RE: multiple dns errors with domain controllers
- From: alexk
- multiple dns errors with domain controllers
- Prev by Date: DNS Question - Stale Records
- Next by Date: Multiple Names Single domain
- Previous by thread: RE: multiple dns errors with domain controllers
- Next by thread: Mapped Drive Works. Microsoft Windows Network Browsing Doesn't.
- Index(es):
Relevant Pages
|
