Re: DNS signature failed to verify error

Read inline please.

In news:4C12EDA0-953B-435C-8898-945C1E53F970@xxxxxxxxxxxxx,
Don <Don@xxxxxxxxxxxxxxxxxxxxxxxxx> typed:
I have two servers, one w/Win Srv SBS Prem Ed 2K3 (Srv 1) and the
other Win Srv Std Ed 2K3 (Srv 2). All updates have been applied. Srv
1 was up and in production for several months before Srv 2 came
on-line.

The error is Netlogon
Event ID: 5774

The dynamic registration of the DNS record
'97adc2e7-9a51-4006-a405-061daec8f2fd._msdcs.domain.local. 600 IN
CNAME srv1.domain.local.' failed on the following DNS server:

DNS server IP address: 192.168.2.132
Returned Response Code (RCODE): 5
Returned Status Code: 9016

The above IP address is the IP address of Srv 2. Likewise there is a
similar error on Srv 2 when it tries to update Srv 1. Obviously the
appropriate info is changed in the error msg.


Win2k3 did things slightly different from Win2k, on Win2k the _msdcs is a
subdomain and all Netlogon records are located in this sub domain. Win2k3
split the _msdcs off into its own forward lookup zone, _msdcs.domain.local,
where all Domain controllers in the AD Forest register forest level Netlogon
records.

Do both DNS servers have a zone named _msdcs.domain.local, with dynamic
updates allowed?

In the domain.local zone, there should be a delegation named _msdcs, with NS
records for all DNS servers in the forest running on DCs. All DCs in the
Forest should have this _msdcs.domain.local forward lookup zone

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
Send IM: http://www.icq.com/people/webmsg.php?to=296095728
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================


.

Relevant Pages

  • Log User Off if Idle
    ... I have a small business about 40 users. ... Win XP all updates. ... AC on 2K Srv. ... leave their workstation idle for say 10 minutes it will ...
    (microsoft.public.backoffice.smallbiz)
  • Re: ISA04 m. SBS03: Proxykettenfehler nach MS-Updateeinspielung
    ... Hallo Jens, ... Hast Du die Updates deinstalliert und geht es dann wieder? ... Auf dem Srv sehe ich alle Do installierten Updates. ...
    (microsoft.public.de.german.isaserver)
  • Defrag Hard Drive with Exch. 2000
    ... I have an Exchange 2000 Srv (all updates) ... running defrag on the hard drive where the DB is. ...
    (microsoft.public.exchange2000.misc)
  • Re: problems demoting a win 2k DC (SRV records missing?)
    ... So I need a list of the needed SRV records. ... >> Hiya on the 27th I was asking about problems promoting ... >> I'm thinking I may still be missing one or two SRV ... >> them to the DNS server by hand? ...
    (microsoft.public.win2000.active_directory)
  • Re: multiple errors in Active Directory
    ... SRV record for a domain. ... DHCP Client service is running on all 3 domain controllers. ... Can't change the TCP/IP settings because I only have 1 DNS server. ... AD database for it's services and such, and assembles it, then registers it. ...
    (microsoft.public.windows.server.active_directory)