DNS errors after moving Windows 2003 server to DMZ

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: GreenThumb (GreenThumb_at_discussions.microsoft.com)
Date: 03/23/05

• Next message: Jupiter Jones [MVP]: "Re: Daylight Saving time?"
• Previous message: Alun Jones [MSFT]: "Re: QuickBooks and its users"
• Next in thread: Mitch Tulloch: "Re: DNS errors after moving Windows 2003 server to DMZ"
• Reply: Mitch Tulloch: "Re: DNS errors after moving Windows 2003 server to DMZ"
• Messages sorted by: [ date ] [ thread ]

---

Date: Wed, 23 Mar 2005 09:09:07 -0800

Hi All-

I recently moved a 2003 server into a Cisco PIX DMZ and now I'm getting
these errors in Event Viewer:

Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1054
Date: 3/23/2005
Time: 8:21:15 AM
User: NT AUTHORITY\SYSTEM
Computer: XXXXXXXXXX
Description:
Windows cannot obtain the domain controller name for your computer network.
(An unexpected network error occurred. ). Group Policy processing aborted.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

I have the following ports open from that host on the DMZ to the inside
network:

domain/udp to DC
kerberos/tcp to DC
kerberos/udp to DC
time/udp to DC
netbios-ssn/tcp to DC
ldap/tcp to DC
389/udp to DC
445/tcp to DC
3268/tcp to DC
10024/tcp to DC (I created this static RCP port to get around dynamic RCP).
I added the TCP/IP Port DWORD in
HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters and set the value to
10024

I rebooted the DC after putting those firewall settings in place but still
getting the DNS errors. I even disjoined and rejoined to the domain - to no
avail. Am I missing a port necessary for domain authentication?

Thank You for your help and have a nice day!!

GreenThumb

---

• Next message: Jupiter Jones [MVP]: "Re: Daylight Saving time?"
• Previous message: Alun Jones [MSFT]: "Re: QuickBooks and its users"
• Next in thread: Mitch Tulloch: "Re: DNS errors after moving Windows 2003 server to DMZ"
• Reply: Mitch Tulloch: "Re: DNS errors after moving Windows 2003 server to DMZ"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages RE: Printing from Win9x clients stops ... > and make sure this software does not interfere with SBS Server. ... > clients, please disable it and try again. ... Create a local printer and redirect the port to the network server. ... (microsoft.public.windows.server.sbs) RE: SBS 2003, ISA 2004 ... ISA and IIS try listening on these two ports. ... by default the Web Proxy is listening on port 8080 ... of the local network adapter. ... Microsoft CSS Online Newsgroup Support ... (microsoft.public.windows.server.sbs) Re: ERS 8600, simple setup, IP, VLANs, etc. ... management port is just used to hang an IP address to. ... associated with an interface, such as a VLAN. ... fairly functionally homogenous network), but something that is ... or OS virtuallization - except that networks have been doing this kind of ... (comp.dcom.sys.nortel) network slowness/freez-up since update 10/11 ... network problems: first the network is slow (even within a few ... network - but not the rest of the system - just locks up (can't ping ... OHCI version 1.0, legacy support ... <Parallel port bus> on ppc0 ... (freebsd-current) network slowness/freez-up since update 10/11 ... network problems: first the network is slow (even within a few ... network - but not the rest of the system - just locks up (can't ping ... OHCI version 1.0, legacy support ... <Parallel port bus> on ppc0 ... (freebsd-current)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.general  > 2005-03