Sign in with
Sign up | Sign in
Your question

Dual home DNS w/ AD doesn't work after several hours

Last response: in Windows 2000/NT
Share
July 26, 2004 4:19:21 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

We are experience problem which in the beginning I thought related to
ISP DNS problem because after server reboot in the morning because
cannot connect to internet several hours later (probably 6 hours or
more) we cannot connect internet again eventually I see that ping to
public IP no problem but ping to domain name is problem so I call and
try troubleshoot with ISP and find conclusion that our server problem.
This problem resolve everytime we reboot the server, if we just reboot
the DSL modem and router without reboot the server still cannot ping
the domain (FQDN) even though able to ping any public IP.

FYI:
This dual NIC W2K server connect to Internet & LAN as follow

ISP--> DSL modem --> static PUBLIC IP Router -->
1. Static PUBLIC WAN NIC
2. Static Internal LAN NIC --> all users PC

This server are running with Spoonproxy sw, DNS w/AD, DC, DHCP, s/w
firewall (the default setting from MS, actually if i was setup this
server I won't use AD and dual NIC... more headache but no choice now,
cannot reinstall from scratch cause the ONLY live server to handle
15-20 users.

Actually users just using email, internet and run centralize
application thoruh mapping drive network, so no need AD or DNS I
guess, but I think to let to change it.

In the past this server running ok until around 3 weeks ago begin
problem even though no changes in the server. So now every morning
need to reboot and also on lunch time otherwise after 6 or more hours
cannot ping to FQDN even though ping to any IP works, so users cannot
get to internet.
That's really weird and make me headache.

I also try run netdiag to see if somebody could help to check it. I
list it at very bottom here.

Computer Name: NTSERVER1
DNS Host Name: ntserver1.craft.local
System info : Windows 2000 Server (Build 2195)

Netcard queries test . . . . . . . : Passed


Per interface results:

Adapter : Local Area Connection

Netcard queries test . . . : Passed

Host Name. . . . . . . . . : ntserver1
IP Address . . . . . . . . : 10.1.1.10
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . :
Dns Servers. . . . . . . . : 10.1.1.10


AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Skipped
[WARNING] No gateways defined for this adapter.

NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03>
'Messenger Service', <20> 'WINS' names is missing.

WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.

Adapter : WAN

Netcard queries test . . . : Passed

Host Name. . . . . . . . . : ntserver1
IP Address . . . . . . . . : 216.xxx.xxx.aaa
Subnet Mask. . . . . . . . : 255.255.255.248
Default Gateway. . . . . . : 216.xxx.xxx.bbb
NetBIOS over Tcpip . . . . : Disabled
Dns Servers. . . . . . . . : 10.1.1.10


AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Passed

NetBT name test. . . . . . : Skipped
NetBT is disabled on this interface. [Test skipped]

WINS service test. . . . . : Skipped
NetBT is disable on this interface. [Test skipped].

Adapter : IPX Internal Interface

Netcard queries test . . . : Passed

Ipx configration
Network Number . . . . : 3bf8a0c6
Node . . . . . . . . . : 000000000001
Frame type . . . . . . : Ethernet II



Adapter : IpxLoopbackAdapter

Netcard queries test . . . : Passed

Ipx configration
Network Number . . . . : 3bf8a0c6
Node . . . . . . . . . : 000000000002
Frame type . . . . . . : 802.2



Adapter : NDISWANIPX

Netcard queries test . . . : Passed

Ipx configration
Network Number . . . . : 00000000
Node . . . . . . . . . : 601120524153
Frame type . . . . . . : Ethernet II


Global results:

Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00>
'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names
defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server
'10.1.1.10' and other DCs also have some of the names registered.


Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
The redir is bound to 1 NetBt transport.

List of NetBt transports currently bound to the browser
NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
No active remote access connections.


Modem diagnostics test . . . . . . : Passed


Netware configuration
You are not logged in to your preferred server .
Netware User Name. . . . . . . :
Netware Server Name. . . . . . :
Netware Tree Name. . . . . . . :
Netware Workstation Context. . :

IP Security test . . . . . . . . . : Passed
IPSec policy service is active, but no policy is assigned.

The command completed successfully





If anybody could help, really appreciate it.
I am in the dead end now.

Thanks,
Joe
Anonymous
July 26, 2004 6:42:10 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:74639a37.0407261119.ada381f@posting.google.com,
Joe <joebio91@hotmail.com> posted a question
Then Kevin replied below:

What DNS do you have assigned for the DNS server's forwarder?
Did you try nslookup against DNS to see if it resolves internally and
externally?

> We are experience problem which in the beginning I
> thought related to ISP DNS problem because after server
> reboot in the morning because cannot connect to internet
> several hours later (probably 6 hours or more) we cannot
> connect internet again eventually I see that ping to
> public IP no problem but ping to domain name is problem
> so I call and try troubleshoot with ISP and find
> conclusion that our server problem. This problem resolve
> everytime we reboot the server, if we just reboot the DSL
> modem and router without reboot the server still cannot
> ping the domain (FQDN) even though able to ping any
> public IP.
>
> FYI:
> This dual NIC W2K server connect to Internet & LAN as
> follow
>
> ISP--> DSL modem --> static PUBLIC IP Router -->
> 1. Static PUBLIC WAN NIC
> 2. Static Internal LAN NIC --> all users PC
>
> This server are running with Spoonproxy sw, DNS w/AD, DC,
> DHCP, s/w firewall (the default setting from MS, actually
> if i was setup this server I won't use AD and dual NIC...
> more headache but no choice now, cannot reinstall from
> scratch cause the ONLY live server to handle 15-20 users.
>
> Actually users just using email, internet and run
> centralize application thoruh mapping drive network, so
> no need AD or DNS I guess, but I think to let to change
> it.
>
> In the past this server running ok until around 3 weeks
> ago begin problem even though no changes in the server.
> So now every morning need to reboot and also on lunch
> time otherwise after 6 or more hours cannot ping to FQDN
> even though ping to any IP works, so users cannot get to
> internet.
> That's really weird and make me headache.
>
> I also try run netdiag to see if somebody could help to
> check it. I list it at very bottom here.
>
> Computer Name: NTSERVER1
> DNS Host Name: ntserver1.craft.local
> System info : Windows 2000 Server (Build 2195)
>
> Netcard queries test . . . . . . . : Passed
>
>
> Per interface results:
>
> Adapter : Local Area Connection
>
> Netcard queries test . . . : Passed
>
> Host Name. . . . . . . . . : ntserver1
> IP Address . . . . . . . . : 10.1.1.10
> Subnet Mask. . . . . . . . : 255.255.255.0
> Default Gateway. . . . . . :
> Dns Servers. . . . . . . . : 10.1.1.10
>
>
> AutoConfiguration results. . . . . . : Passed
>
> Default gateway test . . . : Skipped
> [WARNING] No gateways defined for this
> adapter.
>
> NetBT name test. . . . . . : Passed
> [WARNING] At least one of the <00> 'WorkStation
> Service', <03> 'Messenger Service', <20> 'WINS' names is
> missing.
>
> WINS service test. . . . . : Skipped
> There are no WINS servers configured for this
> interface.
>
> Adapter : WAN
>
> Netcard queries test . . . : Passed
>
> Host Name. . . . . . . . . : ntserver1
> IP Address . . . . . . . . : 216.xxx.xxx.aaa
> Subnet Mask. . . . . . . . : 255.255.255.248
> Default Gateway. . . . . . : 216.xxx.xxx.bbb
> NetBIOS over Tcpip . . . . : Disabled
> Dns Servers. . . . . . . . : 10.1.1.10
>
>
> AutoConfiguration results. . . . . . : Passed
>
> Default gateway test . . . : Passed
>
> NetBT name test. . . . . . : Skipped
> NetBT is disabled on this interface. [Test
> skipped]
>
> WINS service test. . . . . : Skipped
> NetBT is disable on this interface. [Test
> skipped].
>
> Adapter : IPX Internal Interface
>
> Netcard queries test . . . : Passed
>
> Ipx configration
> Network Number . . . . : 3bf8a0c6
> Node . . . . . . . . . : 000000000001
> Frame type . . . . . . : Ethernet II
>
>
>
> Adapter : IpxLoopbackAdapter
>
> Netcard queries test . . . : Passed
>
> Ipx configration
> Network Number . . . . : 3bf8a0c6
> Node . . . . . . . . . : 000000000002
> Frame type . . . . . . : 802.2
>
>
>
> Adapter : NDISWANIPX
>
> Netcard queries test . . . : Passed
>
> Ipx configration
> Network Number . . . . : 00000000
> Node . . . . . . . . . : 601120524153
> Frame type . . . . . . : Ethernet II
>
>
> Global results:
>
> Domain membership test . . . . . . : Passed
>
>
> NetBT transports test. . . . . . . : Passed
> List of NetBt transports currently configured:
> NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
> 1 NetBt transport currently configured.
>
>
> Autonet address test . . . . . . . : Passed
>
>
> IP loopback ping test. . . . . . . : Passed
>
>
> Default gateway test . . . . . . . : Passed
>
>
> NetBT name test. . . . . . . . . . : Passed
> [WARNING] You don't have a single interface with the
> <00> 'WorkStation Service', <03> 'Messenger Service',
> <20> 'WINS' names defined.
>
>
> Winsock test . . . . . . . . . . . : Passed
>
>
> DNS test . . . . . . . . . . . . . : Passed
> PASS - All the DNS entries for DC are registered on
> DNS server '10.1.1.10' and other DCs also have some of
> the names registered.
>
>
> Redir and Browser test . . . . . . : Passed
> List of NetBt transports currently bound to the Redir
> NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
> The redir is bound to 1 NetBt transport.
>
> List of NetBt transports currently bound to the
> browser
> NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
> The browser is bound to 1 NetBt transport.
>
>
> DC discovery test. . . . . . . . . : Passed
>
>
> DC list test . . . . . . . . . . . : Passed
>
>
> Trust relationship test. . . . . . : Skipped
>
>
> Kerberos test. . . . . . . . . . . : Passed
>
>
> LDAP test. . . . . . . . . . . . . : Passed
>
>
> Bindings test. . . . . . . . . . . : Passed
>
>
> WAN configuration test . . . . . . : Skipped
> No active remote access connections.
>
>
> Modem diagnostics test . . . . . . : Passed
>
>
> Netware configuration
> You are not logged in to your preferred server .
> Netware User Name. . . . . . . :
> Netware Server Name. . . . . . :
> Netware Tree Name. . . . . . . :
> Netware Workstation Context. . :
>
> IP Security test . . . . . . . . . : Passed
> IPSec policy service is active, but no policy is
> assigned.
>
> The command completed successfully
>
>
>
>
>
> If anybody could help, really appreciate it.
> I am in the dead end now.
>
> Thanks,
> Joe



--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
--
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your
issue. To respond directly to me remove the nospam. from my
email. ==========================================
http://www.lonestaramerica.com/
==========================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
==========================================
Keep a back up of your OE settings and folders with
OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
==========================================
July 27, 2004 10:21:57 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

I do netdiag/fix successfully, reboot server but after several hours
the server cannot ping to FQDN even though ping IP still ok (same
problem).

I saw in the event log that around those time the problem happened is
Warning: 5781 source: Netlogon (dynamic registration ...., because no
dns server available). Data in byte = 0000:b4 05 00 00

If I do nslookup the result is
DNS timeout
can't find server name for address 10.1.1.10
Default server: unknown
Address: 10.1.1.10

If I do nslookup externally, it's works fine (ping yahoo.com/ca with
reply)
But internally, nope..but actually i don't think we need DNS server
locally.

This DNS server installation is I think default setup when you setup
DC AD in server W2K. So basically just need to be able to connect
internet from client's machine, even though let say no DNS...no
problem. But because already installed and AD integrated so I have
just use it and make it works like before.



"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message news:<eA$QGj0cEHA.644@tk2msftngp13.phx.gbl>...
> In news:74639a37.0407261119.ada381f@posting.google.com,
> Joe <joebio91@hotmail.com> posted a question
> Then Kevin replied below:
>
> What DNS do you have assigned for the DNS server's forwarder?
> Did you try nslookup against DNS to see if it resolves internally and
> externally?
>
> > We are experience problem which in the beginning I
> > thought related to ISP DNS problem because after server
> > reboot in the morning because cannot connect to internet
> > several hours later (probably 6 hours or more) we cannot
> > connect internet again eventually I see that ping to
> > public IP no problem but ping to domain name is problem
> > so I call and try troubleshoot with ISP and find
> > conclusion that our server problem. This problem resolve
> > everytime we reboot the server, if we just reboot the DSL
> > modem and router without reboot the server still cannot
> > ping the domain (FQDN) even though able to ping any
> > public IP.
> >
> > FYI:
> > This dual NIC W2K server connect to Internet & LAN as
> > follow
> >
> > ISP--> DSL modem --> static PUBLIC IP Router -->
> > 1. Static PUBLIC WAN NIC
> > 2. Static Internal LAN NIC --> all users PC
> >
> > This server are running with Spoonproxy sw, DNS w/AD, DC,
> > DHCP, s/w firewall (the default setting from MS, actually
> > if i was setup this server I won't use AD and dual NIC...
> > more headache but no choice now, cannot reinstall from
> > scratch cause the ONLY live server to handle 15-20 users.
> >
> > Actually users just using email, internet and run
> > centralize application thoruh mapping drive network, so
> > no need AD or DNS I guess, but I think to let to change
> > it.
> >
> > In the past this server running ok until around 3 weeks
> > ago begin problem even though no changes in the server.
> > So now every morning need to reboot and also on lunch
> > time otherwise after 6 or more hours cannot ping to FQDN
> > even though ping to any IP works, so users cannot get to
> > internet.
> > That's really weird and make me headache.
> >
> > I also try run netdiag to see if somebody could help to
> > check it. I list it at very bottom here.
> >
> > Computer Name: NTSERVER1
> > DNS Host Name: ntserver1.craft.local
> > System info : Windows 2000 Server (Build 2195)
> >
> > Netcard queries test . . . . . . . : Passed
> >
> >
> > Per interface results:
> >
> > Adapter : Local Area Connection
> >
> > Netcard queries test . . . : Passed
> >
> > Host Name. . . . . . . . . : ntserver1
> > IP Address . . . . . . . . : 10.1.1.10
> > Subnet Mask. . . . . . . . : 255.255.255.0
> > Default Gateway. . . . . . :
> > Dns Servers. . . . . . . . : 10.1.1.10
> >
> >
> > AutoConfiguration results. . . . . . : Passed
> >
> > Default gateway test . . . : Skipped
> > [WARNING] No gateways defined for this
> > adapter.
> >
> > NetBT name test. . . . . . : Passed
> > [WARNING] At least one of the <00> 'WorkStation
> > Service', <03> 'Messenger Service', <20> 'WINS' names is
> > missing.
> >
> > WINS service test. . . . . : Skipped
> > There are no WINS servers configured for this
> > interface.
> >
> > Adapter : WAN
> >
> > Netcard queries test . . . : Passed
> >
> > Host Name. . . . . . . . . : ntserver1
> > IP Address . . . . . . . . : 216.xxx.xxx.aaa
> > Subnet Mask. . . . . . . . : 255.255.255.248
> > Default Gateway. . . . . . : 216.xxx.xxx.bbb
> > NetBIOS over Tcpip . . . . : Disabled
> > Dns Servers. . . . . . . . : 10.1.1.10
> >
> >
> > AutoConfiguration results. . . . . . : Passed
> >
> > Default gateway test . . . : Passed
> >
> > NetBT name test. . . . . . : Skipped
> > NetBT is disabled on this interface. [Test
> > skipped]
> >
> > WINS service test. . . . . : Skipped
> > NetBT is disable on this interface. [Test
> > skipped].
> >
> > Adapter : IPX Internal Interface
> >
> > Netcard queries test . . . : Passed
> >
> > Ipx configration
> > Network Number . . . . : 3bf8a0c6
> > Node . . . . . . . . . : 000000000001
> > Frame type . . . . . . : Ethernet II
> >
> >
> >
> > Adapter : IpxLoopbackAdapter
> >
> > Netcard queries test . . . : Passed
> >
> > Ipx configration
> > Network Number . . . . : 3bf8a0c6
> > Node . . . . . . . . . : 000000000002
> > Frame type . . . . . . : 802.2
> >
> >
> >
> > Adapter : NDISWANIPX
> >
> > Netcard queries test . . . : Passed
> >
> > Ipx configration
> > Network Number . . . . : 00000000
> > Node . . . . . . . . . : 601120524153
> > Frame type . . . . . . : Ethernet II
> >
> >
> > Global results:
> >
> > Domain membership test . . . . . . : Passed
> >
> >
> > NetBT transports test. . . . . . . : Passed
> > List of NetBt transports currently configured:
> > NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
> > 1 NetBt transport currently configured.
> >
> >
> > Autonet address test . . . . . . . : Passed
> >
> >
> > IP loopback ping test. . . . . . . : Passed
> >
> >
> > Default gateway test . . . . . . . : Passed
> >
> >
> > NetBT name test. . . . . . . . . . : Passed
> > [WARNING] You don't have a single interface with the
> > <00> 'WorkStation Service', <03> 'Messenger Service',
> > <20> 'WINS' names defined.
> >
> >
> > Winsock test . . . . . . . . . . . : Passed
> >
> >
> > DNS test . . . . . . . . . . . . . : Passed
> > PASS - All the DNS entries for DC are registered on
> > DNS server '10.1.1.10' and other DCs also have some of
> > the names registered.
> >
> >
> > Redir and Browser test . . . . . . : Passed
> > List of NetBt transports currently bound to the Redir
> > NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
> > The redir is bound to 1 NetBt transport.
> >
> > List of NetBt transports currently bound to the
> > browser
> > NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
> > The browser is bound to 1 NetBt transport.
> >
> >
> > DC discovery test. . . . . . . . . : Passed
> >
> >
> > DC list test . . . . . . . . . . . : Passed
> >
> >
> > Trust relationship test. . . . . . : Skipped
> >
> >
> > Kerberos test. . . . . . . . . . . : Passed
> >
> >
> > LDAP test. . . . . . . . . . . . . : Passed
> >
> >
> > Bindings test. . . . . . . . . . . : Passed
> >
> >
> > WAN configuration test . . . . . . : Skipped
> > No active remote access connections.
> >
> >
> > Modem diagnostics test . . . . . . : Passed
> >
> >
> > Netware configuration
> > You are not logged in to your preferred server .
> > Netware User Name. . . . . . . :
> > Netware Server Name. . . . . . :
> > Netware Tree Name. . . . . . . :
> > Netware Workstation Context. . :
> >
> > IP Security test . . . . . . . . . : Passed
> > IPSec policy service is active, but no policy is
> > assigned.
> >
> > The command completed successfully
> >
> >
> >
> >
> >
> > If anybody could help, really appreciate it.
> > I am in the dead end now.
> >
> > Thanks,
> > Joe
>
>
>
> --
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ============================
> --
> When responding to posts, please "Reply to Group" via your
> newsreader so that others may learn and benefit from your
> issue. To respond directly to me remove the nospam. from my
> email. ==========================================
> http://www.lonestaramerica.com/
> ==========================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ==========================================
> Keep a back up of your OE settings and folders with
> OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ==========================================
Related resources
July 27, 2004 12:00:44 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Forgot to add:

Forwarder to pri & sec ISP DNS server.


"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message news:<eA$QGj0cEHA.644@tk2msftngp13.phx.gbl>...
> In news:74639a37.0407261119.ada381f@posting.google.com,
> Joe <joebio91@hotmail.com> posted a question
> Then Kevin replied below:
>
> What DNS do you have assigned for the DNS server's forwarder?
> Did you try nslookup against DNS to see if it resolves internally and
> externally?
>
> > We are experience problem which in the beginning I
> > thought related to ISP DNS problem because after server
> > reboot in the morning because cannot connect to internet
> > several hours later (probably 6 hours or more) we cannot
> > connect internet again eventually I see that ping to
> > public IP no problem but ping to domain name is problem
> > so I call and try troubleshoot with ISP and find
> > conclusion that our server problem. This problem resolve
> > everytime we reboot the server, if we just reboot the DSL
> > modem and router without reboot the server still cannot
> > ping the domain (FQDN) even though able to ping any
> > public IP.
> >
> > FYI:
> > This dual NIC W2K server connect to Internet & LAN as
> > follow
> >
> > ISP--> DSL modem --> static PUBLIC IP Router -->
> > 1. Static PUBLIC WAN NIC
> > 2. Static Internal LAN NIC --> all users PC
> >
> > This server are running with Spoonproxy sw, DNS w/AD, DC,
> > DHCP, s/w firewall (the default setting from MS, actually
> > if i was setup this server I won't use AD and dual NIC...
> > more headache but no choice now, cannot reinstall from
> > scratch cause the ONLY live server to handle 15-20 users.
> >
> > Actually users just using email, internet and run
> > centralize application thoruh mapping drive network, so
> > no need AD or DNS I guess, but I think to let to change
> > it.
> >
> > In the past this server running ok until around 3 weeks
> > ago begin problem even though no changes in the server.
> > So now every morning need to reboot and also on lunch
> > time otherwise after 6 or more hours cannot ping to FQDN
> > even though ping to any IP works, so users cannot get to
> > internet.
> > That's really weird and make me headache.
> >
> > I also try run netdiag to see if somebody could help to
> > check it. I list it at very bottom here.
> >
> > Computer Name: NTSERVER1
> > DNS Host Name: ntserver1.craft.local
> > System info : Windows 2000 Server (Build 2195)
> >
> > Netcard queries test . . . . . . . : Passed
> >
> >
> > Per interface results:
> >
> > Adapter : Local Area Connection
> >
> > Netcard queries test . . . : Passed
> >
> > Host Name. . . . . . . . . : ntserver1
> > IP Address . . . . . . . . : 10.1.1.10
> > Subnet Mask. . . . . . . . : 255.255.255.0
> > Default Gateway. . . . . . :
> > Dns Servers. . . . . . . . : 10.1.1.10
> >
> >
> > AutoConfiguration results. . . . . . : Passed
> >
> > Default gateway test . . . : Skipped
> > [WARNING] No gateways defined for this
> > adapter.
> >
> > NetBT name test. . . . . . : Passed
> > [WARNING] At least one of the <00> 'WorkStation
> > Service', <03> 'Messenger Service', <20> 'WINS' names is
> > missing.
> >
> > WINS service test. . . . . : Skipped
> > There are no WINS servers configured for this
> > interface.
> >
> > Adapter : WAN
> >
> > Netcard queries test . . . : Passed
> >
> > Host Name. . . . . . . . . : ntserver1
> > IP Address . . . . . . . . : 216.xxx.xxx.aaa
> > Subnet Mask. . . . . . . . : 255.255.255.248
> > Default Gateway. . . . . . : 216.xxx.xxx.bbb
> > NetBIOS over Tcpip . . . . : Disabled
> > Dns Servers. . . . . . . . : 10.1.1.10
> >
> >
> > AutoConfiguration results. . . . . . : Passed
> >
> > Default gateway test . . . : Passed
> >
> > NetBT name test. . . . . . : Skipped
> > NetBT is disabled on this interface. [Test
> > skipped]
> >
> > WINS service test. . . . . : Skipped
> > NetBT is disable on this interface. [Test
> > skipped].
> >
> > Adapter : IPX Internal Interface
> >
> > Netcard queries test . . . : Passed
> >
> > Ipx configration
> > Network Number . . . . : 3bf8a0c6
> > Node . . . . . . . . . : 000000000001
> > Frame type . . . . . . : Ethernet II
> >
> >
> >
> > Adapter : IpxLoopbackAdapter
> >
> > Netcard queries test . . . : Passed
> >
> > Ipx configration
> > Network Number . . . . : 3bf8a0c6
> > Node . . . . . . . . . : 000000000002
> > Frame type . . . . . . : 802.2
> >
> >
> >
> > Adapter : NDISWANIPX
> >
> > Netcard queries test . . . : Passed
> >
> > Ipx configration
> > Network Number . . . . : 00000000
> > Node . . . . . . . . . : 601120524153
> > Frame type . . . . . . : Ethernet II
> >
> >
> > Global results:
> >
> > Domain membership test . . . . . . : Passed
> >
> >
> > NetBT transports test. . . . . . . : Passed
> > List of NetBt transports currently configured:
> > NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
> > 1 NetBt transport currently configured.
> >
> >
> > Autonet address test . . . . . . . : Passed
> >
> >
> > IP loopback ping test. . . . . . . : Passed
> >
> >
> > Default gateway test . . . . . . . : Passed
> >
> >
> > NetBT name test. . . . . . . . . . : Passed
> > [WARNING] You don't have a single interface with the
> > <00> 'WorkStation Service', <03> 'Messenger Service',
> > <20> 'WINS' names defined.
> >
> >
> > Winsock test . . . . . . . . . . . : Passed
> >
> >
> > DNS test . . . . . . . . . . . . . : Passed
> > PASS - All the DNS entries for DC are registered on
> > DNS server '10.1.1.10' and other DCs also have some of
> > the names registered.
> >
> >
> > Redir and Browser test . . . . . . : Passed
> > List of NetBt transports currently bound to the Redir
> > NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
> > The redir is bound to 1 NetBt transport.
> >
> > List of NetBt transports currently bound to the
> > browser
> > NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
> > The browser is bound to 1 NetBt transport.
> >
> >
> > DC discovery test. . . . . . . . . : Passed
> >
> >
> > DC list test . . . . . . . . . . . : Passed
> >
> >
> > Trust relationship test. . . . . . : Skipped
> >
> >
> > Kerberos test. . . . . . . . . . . : Passed
> >
> >
> > LDAP test. . . . . . . . . . . . . : Passed
> >
> >
> > Bindings test. . . . . . . . . . . : Passed
> >
> >
> > WAN configuration test . . . . . . : Skipped
> > No active remote access connections.
> >
> >
> > Modem diagnostics test . . . . . . : Passed
> >
> >
> > Netware configuration
> > You are not logged in to your preferred server .
> > Netware User Name. . . . . . . :
> > Netware Server Name. . . . . . :
> > Netware Tree Name. . . . . . . :
> > Netware Workstation Context. . :
> >
> > IP Security test . . . . . . . . . : Passed
> > IPSec policy service is active, but no policy is
> > assigned.
> >
> > The command completed successfully
> >
> >
> >
> >
> >
> > If anybody could help, really appreciate it.
> > I am in the dead end now.
> >
> > Thanks,
> > Joe
>
>
>
> --
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ============================
> --
> When responding to posts, please "Reply to Group" via your
> newsreader so that others may learn and benefit from your
> issue. To respond directly to me remove the nospam. from my
> email. ==========================================
> http://www.lonestaramerica.com/
> ==========================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ==========================================
> Keep a back up of your OE settings and folders with
> OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ==========================================
July 27, 2004 12:49:29 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

UPDATED INFO:

I do test using netdiag /test:D ns /v and below is the result (with
certain COMMENT INLINE), probably helpfull for expert to see it and
help to analyze what's the problem.



Gathering IPX configuration information.
Querying status of the Netcard drivers... Passed
Testing Domain membership... Passed
Gathering NetBT configuration information.
Testing DNS
The DNS registration for ntserver1.craft.local is correct on
all DNS servers
PASS - All the DNS entries for DC are registered on DNS server
'10.1.1.10' and other DCs also have some of the names registered.

Tests complete.


Computer Name: NTSERVER1
DNS Host Name: ntserver1.craft.local
DNS Domain Name: craft.local
System info : Windows 2000 Server (Build 2195)

Netcard queries test . . . . . . . : Passed

Information of Netcard drivers:

---------------------------------------------------------------------------
Description: D-Link DFE-530TX PCI Fast Ethernet Adapter (Rev A)
Device: \DEVICE\{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}

Media State: Connected

Device State: Connected
Connect Time: 04:03:09
Media Speed: 100 Mbps

Packets Sent: 5931721
Bytes Sent (Optional): 0

Packets Received: 5062199
Directed Pkts Recd (Optional): 5058316
Bytes Received (Optional): 0
Directed Bytes Recd (Optional): 0

Packets SendError: 1
---------------------------------------------------------------------------
Description: D-Link DFE-530TX PCI Fast Ethernet Adapter (Rev A) #2
Device: \DEVICE\{D8B20A17-3FCD-440D-BC39-9C1898327C2D}

Media State: Connected

Device State: Connected
Connect Time: 04:03:09
Media Speed: 100 Mbps

Packets Sent: 174611
Bytes Sent (Optional): 0

Packets Received: 257834
Directed Pkts Recd (Optional): 256741
Bytes Received (Optional): 0
Directed Bytes Recd (Optional): 0

---------------------------------------------------------------------------
[PASS] - At least one netcard is in the 'Connected' state.



Per interface results:

Adapter : Local Area Connection
Adapter ID . . . . . . . . :
{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}

Netcard queries test . . . : Passed

Adapter : WAN
Adapter ID . . . . . . . . :
{D8B20A17-3FCD-440D-BC39-9C1898327C2D}

Netcard queries test . . . : Passed

Adapter : IPX Internal Interface
Adapter ID . . . . . . . . : Internal

Netcard queries test . . . : Passed

Adapter : IpxLoopbackAdapter
Adapter ID . . . . . . . . : IpxLoopbackAdapter

Netcard queries test . . . : Passed

Adapter : NDISWANIPX
Adapter ID . . . . . . . . : NDISWANIPX

Netcard queries test . . . : Passed


Global results:


Domain membership test . . . . . . : Passed
Machine is a . . . . . . . . . : Primary Domain Controller
Emulator
Netbios Domain name. . . . . . : craft
Dns domain name. . . . . . . . : craft.local
Dns forest name. . . . . . . . : craft.local
Domain Guid. . . . . . . . . . :
{79947618-742C-496D-AB83-FE8DC33C0739}
Domain Sid . . . . . . . . . . :
S-1-5-21-1844237615-1965331169-725345543
Logon User . . . . . . . . . . : mci
Logon Domain . . . . . . . . . : craft


NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
1 NetBt transport currently configured.


DNS test . . . . . . . . . . . . . : Passed
Interface {8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
DNS Domain: craft.local
DNS Servers: 10.1.1.10
IP Address: 10.1.1.10
Expected registration with PDN (primary DNS domain name):
Hostname: ntserver1.craft.local.
Authoritative zone: craft.local.
Primary DNS server: ntserver1.craft.local 10.1.1.10
Authoritative NS:10.1.1.10
Interface {D8B20A17-3FCD-440D-BC39-9C1898327C2D}
DNS Domain:
DNS Servers: 10.1.1.10
IP Address: 216.xxx.xxx.aaa
The DNS registration is disabled for this interface
Verify DNS registration:
Name: ntserver1.craft.local
Expected IP: 10.1.1.10
Server 10.1.1.10: NO_ERROR
The DNS registration for ntserver1.craft.local is correct on all
DNS servers
Check the DNS registration for DCs entries on DNS server '10.1.1.10'
The Record is correct on DNS server '10.1.1.10'.

The Record is correct on DNS server '10.1.1.10'.

The Record is correct on DNS server '10.1.1.10'.

The Record is correct on DNS server '10.1.1.10'.

The Record is correct on DNS server '10.1.1.10'.

The Record is correct on DNS server '10.1.1.10'.

The Record is correct on DNS server '10.1.1.10'.

The Record is correct on DNS server '10.1.1.10'.

The Record is correct on DNS server '10.1.1.10'.

The Record is correct on DNS server '10.1.1.10'.

The Record is correct on DNS server '10.1.1.10'.

The Record is correct on DNS server '10.1.1.10'.

The Record is correct on DNS server '10.1.1.10'.

The Record is correct on DNS server '10.1.1.10'.

The Record is correct on DNS server '10.1.1.10'.

The Record is correct on DNS server '10.1.1.10'.

The Record is correct on DNS server '10.1.1.10'.

The Record is correct on DNS server '10.1.1.10'.

The Record is different on DNS server '10.1.1.10'.
DNS server has more than one entries for this name, usually this means
there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '10.1.1.10', no need to
re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = craft.local.
DNS DATA =
A 10.1.1.10

The record on DNS server 10.1.1.10 is:
DNS NAME = craft.local
DNS DATA =
A 10.1.1.10
A 10.126.xxx.aaa ******************************** (WHY
THIS IS 10.XXX... IT ISN'T SUPPOSE TO 216.XXX.XXX.aaa ? )
**********************
+------------------------------------------------------+

The Record is different on DNS server '10.1.1.10'.
DNS server has more than one entries for this name, usually this means
there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '10.1.1.10', no need to
re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = gc._msdcs.craft.local.
DNS DATA =
A 10.1.1.10

The record on DNS server 10.1.1.10 is:
DNS NAME = gc._msdcs.craft.local
DNS DATA =
A 10.1.1.10
A 10.126.xxx.aaa ******************************** (WHY
THIS IS 10.XXX... IT ISN'T SUPPOSE TO 216.XXX.XXX.aaa ? )
**********************
+------------------------------------------------------+

The Record is different on DNS server '10.1.1.10'.
DNS server has more than one entries for this name, usually this means
there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '10.1.1.10', no need to
re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = craft.local.
DNS DATA =
A 216.xxx.xxx.aaa

The record on DNS server 10.1.1.10 is:
DNS NAME = craft.local
DNS DATA =
A 10.1.1.10
A 10.126.xxx.aaa
+------------------------------------------------------+

The Record is different on DNS server '10.1.1.10'.
DNS server has more than one entries for this name, usually this means
there are multiple DCs for this domain.
Your DC entry is one of them on DNS server '10.1.1.10', no need to
re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = gc._msdcs.craft.local.
DNS DATA =
A 216.xxx.xxx.aaa

The record on DNS server 10.1.1.10 is:
DNS NAME = gc._msdcs.craft.local
DNS DATA =
A 10.1.1.10
A 10.126.xxx.aaa
+------------------------------------------------------+

PASS - All the DNS entries for DC are registered on DNS server
'10.1.1.10' and other DCs also have some of the names registered.


The command completed successfully




"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message news:<eA$QGj0cEHA.644@tk2msftngp13.phx.gbl>...
> In news:74639a37.0407261119.ada381f@posting.google.com,
> Joe <joebio91@hotmail.com> posted a question
> Then Kevin replied below:
>
> What DNS do you have assigned for the DNS server's forwarder?
> Did you try nslookup against DNS to see if it resolves internally and
> externally?
>
> > We are experience problem which in the beginning I
> > thought related to ISP DNS problem because after server
> > reboot in the morning because cannot connect to internet
> > several hours later (probably 6 hours or more) we cannot
> > connect internet again eventually I see that ping to
> > public IP no problem but ping to domain name is problem
> > so I call and try troubleshoot with ISP and find
> > conclusion that our server problem. This problem resolve
> > everytime we reboot the server, if we just reboot the DSL
> > modem and router without reboot the server still cannot
> > ping the domain (FQDN) even though able to ping any
> > public IP.
> >
> > FYI:
> > This dual NIC W2K server connect to Internet & LAN as
> > follow
> >
> > ISP--> DSL modem --> static PUBLIC IP Router -->
> > 1. Static PUBLIC WAN NIC
> > 2. Static Internal LAN NIC --> all users PC
> >
> > This server are running with Spoonproxy sw, DNS w/AD, DC,
> > DHCP, s/w firewall (the default setting from MS, actually
> > if i was setup this server I won't use AD and dual NIC...
> > more headache but no choice now, cannot reinstall from
> > scratch cause the ONLY live server to handle 15-20 users.
> >
> > Actually users just using email, internet and run
> > centralize application thoruh mapping drive network, so
> > no need AD or DNS I guess, but I think to let to change
> > it.
> >
> > In the past this server running ok until around 3 weeks
> > ago begin problem even though no changes in the server.
> > So now every morning need to reboot and also on lunch
> > time otherwise after 6 or more hours cannot ping to FQDN
> > even though ping to any IP works, so users cannot get to
> > internet.
> > That's really weird and make me headache.
> >
> > I also try run netdiag to see if somebody could help to
> > check it. I list it at very bottom here.
> >
> > Computer Name: NTSERVER1
> > DNS Host Name: ntserver1.craft.local
> > System info : Windows 2000 Server (Build 2195)
> >
> > Netcard queries test . . . . . . . : Passed
> >
> >
> > Per interface results:
> >
> > Adapter : Local Area Connection
> >
> > Netcard queries test . . . : Passed
> >
> > Host Name. . . . . . . . . : ntserver1
> > IP Address . . . . . . . . : 10.1.1.10
> > Subnet Mask. . . . . . . . : 255.255.255.0
> > Default Gateway. . . . . . :
> > Dns Servers. . . . . . . . : 10.1.1.10
> >
> >
> > AutoConfiguration results. . . . . . : Passed
> >
> > Default gateway test . . . : Skipped
> > [WARNING] No gateways defined for this
> > adapter.
> >
> > NetBT name test. . . . . . : Passed
> > [WARNING] At least one of the <00> 'WorkStation
> > Service', <03> 'Messenger Service', <20> 'WINS' names is
> > missing.
> >
> > WINS service test. . . . . : Skipped
> > There are no WINS servers configured for this
> > interface.
> >
> > Adapter : WAN
> >
> > Netcard queries test . . . : Passed
> >
> > Host Name. . . . . . . . . : ntserver1
> > IP Address . . . . . . . . : 216.xxx.xxx.aaa
> > Subnet Mask. . . . . . . . : 255.255.255.248
> > Default Gateway. . . . . . : 216.xxx.xxx.bbb
> > NetBIOS over Tcpip . . . . : Disabled
> > Dns Servers. . . . . . . . : 10.1.1.10
> >
> >
> > AutoConfiguration results. . . . . . : Passed
> >
> > Default gateway test . . . : Passed
> >
> > NetBT name test. . . . . . : Skipped
> > NetBT is disabled on this interface. [Test
> > skipped]
> >
> > WINS service test. . . . . : Skipped
> > NetBT is disable on this interface. [Test
> > skipped].
> >
> > Adapter : IPX Internal Interface
> >
> > Netcard queries test . . . : Passed
> >
> > Ipx configration
> > Network Number . . . . : 3bf8a0c6
> > Node . . . . . . . . . : 000000000001
> > Frame type . . . . . . : Ethernet II
> >
> >
> >
> > Adapter : IpxLoopbackAdapter
> >
> > Netcard queries test . . . : Passed
> >
> > Ipx configration
> > Network Number . . . . : 3bf8a0c6
> > Node . . . . . . . . . : 000000000002
> > Frame type . . . . . . : 802.2
> >
> >
> >
> > Adapter : NDISWANIPX
> >
> > Netcard queries test . . . : Passed
> >
> > Ipx configration
> > Network Number . . . . : 00000000
> > Node . . . . . . . . . : 601120524153
> > Frame type . . . . . . : Ethernet II
> >
> >
> > Global results:
> >
> > Domain membership test . . . . . . : Passed
> >
> >
> > NetBT transports test. . . . . . . : Passed
> > List of NetBt transports currently configured:
> > NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
> > 1 NetBt transport currently configured.
> >
> >
> > Autonet address test . . . . . . . : Passed
> >
> >
> > IP loopback ping test. . . . . . . : Passed
> >
> >
> > Default gateway test . . . . . . . : Passed
> >
> >
> > NetBT name test. . . . . . . . . . : Passed
> > [WARNING] You don't have a single interface with the
> > <00> 'WorkStation Service', <03> 'Messenger Service',
> > <20> 'WINS' names defined.
> >
> >
> > Winsock test . . . . . . . . . . . : Passed
> >
> >
> > DNS test . . . . . . . . . . . . . : Passed
> > PASS - All the DNS entries for DC are registered on
> > DNS server '10.1.1.10' and other DCs also have some of
> > the names registered.
> >
> >
> > Redir and Browser test . . . . . . : Passed
> > List of NetBt transports currently bound to the Redir
> > NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
> > The redir is bound to 1 NetBt transport.
> >
> > List of NetBt transports currently bound to the
> > browser
> > NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
> > The browser is bound to 1 NetBt transport.
> >
> >
> > DC discovery test. . . . . . . . . : Passed
> >
> >
> > DC list test . . . . . . . . . . . : Passed
> >
> >
> > Trust relationship test. . . . . . : Skipped
> >
> >
> > Kerberos test. . . . . . . . . . . : Passed
> >
> >
> > LDAP test. . . . . . . . . . . . . : Passed
> >
> >
> > Bindings test. . . . . . . . . . . : Passed
> >
> >
> > WAN configuration test . . . . . . : Skipped
> > No active remote access connections.
> >
> >
> > Modem diagnostics test . . . . . . : Passed
> >
> >
> > Netware configuration
> > You are not logged in to your preferred server .
> > Netware User Name. . . . . . . :
> > Netware Server Name. . . . . . :
> > Netware Tree Name. . . . . . . :
> > Netware Workstation Context. . :
> >
> > IP Security test . . . . . . . . . : Passed
> > IPSec policy service is active, but no policy is
> > assigned.
> >
> > The command completed successfully
> >
> >
> >
> >
> >
> > If anybody could help, really appreciate it.
> > I am in the dead end now.
> >
> > Thanks,
> > Joe
>
>
>
> --
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ============================
> --
> When responding to posts, please "Reply to Group" via your
> newsreader so that others may learn and benefit from your
> issue. To respond directly to me remove the nospam. from my
> email. ==========================================
> http://www.lonestaramerica.com/
> ==========================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ==========================================
> Keep a back up of your OE settings and folders with
> OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ==========================================
Anonymous
July 27, 2004 1:15:43 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:74639a37.0407270521.5e08ba34@posting.google.com,
Joe <joebio91@hotmail.com> posted a question
Then Kevin replied inline:
> I do netdiag/fix successfully, reboot server but after
> several hours
> the server cannot ping to FQDN even though ping IP still
> ok (same
> problem).
>
> I saw in the event log that around those time the problem
> happened is
> Warning: 5781 source: Netlogon (dynamic registration
> ...., because no
> dns server available). Data in byte = 0000:b4 05 00 00

5781 events can be a serious problem, to properly diagnose a 5781 I need to
see these three items:
1. ipconfig /all
2. AD domain name from ADUsers&Computers
3. List of forward lookup zone names in DNS.

>
> If I do nslookup the result is
> DNS timeout
> can't find server name for address 10.1.1.10
> Default server: unknown
> Address: 10.1.1.10

You can ignore the nslookup message, all it is telling you is it can't find
the PTR record that has the server's name (hence the can't find server name
for address 10.1.1.10) You can also create the PTR in the reverse lookup
zone.

>
> If I do nslookup externally, it's works fine (ping
> yahoo.com/ca with
> reply)
> But internally, nope..but actually i don't think we need
> DNS server
> locally.

Yes, you do need DNS, you should get that out of your mind now. Your DC's
record is in DNS, and that is where all the clients expect to find it. If
they can't find the DCs records you'll spend a lot of time waiting on you
system.

>
> This DNS server installation is I think default setup
> when you setup
> DC AD in server W2K. So basically just need to be able to
> connect
> internet from client's machine, even though let say no
> DNS...no
> problem. But because already installed and AD integrated
> so I have
> just use it and make it works like before.

AD usually works great, if DNS is properly configured. The most important
thing to keep in mind is all clients must use the local DNS server that has
the AD domain zone, only. No ISP's DNS in any position on any Domain member.
Fo rinternet access configure DNS with a forwarder to your ISP.

Also since the DC is multi-homed it will need some extra configuation to
keep the DC from registering records on the external interfaces. This must
be done in the registry, after you make the registry entries you have to
manually create the record for the (same as parent folder) in the domain
zone that has the IP of the NIC with file sharing enabled.

1. Configure DNS to listen only on the internal IP that has file sharing
enabled.
2. Add this registry entry with regedt32.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

Registry value: DnsAvoidRegisterRecords
Data type: REG_MULTI_SZ

LdapIpAddress

3. OPen the forward lookup zone for the AD domain, right click select New
host, leave the name field blank and give it the IP of the internal
interface with File sharing enabled. Do NOT enable "Delete this record if it
becomes stale". Click OK to create the record anyway when it pops up (same
as parent folder) is not a valid host name.

4. Right click on Network places, choose properties, in the "Advanced" menu
select "Advanced settings" make sure the internal interface is at the top of
the connections pane, and the File sharing is in the Bindings pane on the
interface.


300202 - HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/?id=300202

825036 - Best practices for DNS client settings in Windows 2000 Server and
in Windows Server 2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;825036



--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
--
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your
issue. To respond directly to me remove the nospam. from my
email. ==========================================
http://www.lonestaramerica.com/
==========================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
==========================================
Keep a back up of your OE settings and folders with
OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
==========================================
Anonymous
July 27, 2004 3:00:52 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:74639a37.0407270700.4208591e@posting.google.com,
Joe <joebio91@hotmail.com> posted a question
Then Kevin replied below:
> Forgot to add:
>
> Forwarder to pri & sec ISP DNS server.

This may also be a problem if you are using your ISP's DNS that they use for
Authoritative DNS lookups.
Many ISP's especially the large ones, disable recursion on their
Authoritative DNS servers and they cannot be used as DNS forwarders. Check
your DNS event log for 7063 events, if you are getting these you need to
change your DNS forwarders. You can also use nslookup to see if the ISP's
DNS is recursive.

Use this command:
nslookup -d2 <domain> <ispdnsaddress>

Look in the answer section for "recursion avail"


--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
--
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your
issue. To respond directly to me remove the nospam. from my
email. ==========================================
http://www.lonestaramerica.com/
==========================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
==========================================
Keep a back up of your OE settings and folders with
OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
==========================================
Anonymous
July 27, 2004 3:16:24 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:74639a37.0407270749.51fb9822@posting.google.com,
Joe <joebio91@hotmail.com> posted a question
Then Kevin replied below:
> UPDATED INFO:
>
> I do test using netdiag /test:D ns /v and below is the
> result (with
> certain COMMENT INLINE), probably helpfull for expert to
> see it and
> help to analyze what's the problem.

In addition, I notice in the nediag that this is also a Global catalog.
You need to change the registry entry on my previous post to this:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

Registry value: DnsAvoidRegisterRecords
Data type: REG_MULTI_SZ

LdapIpAddress
GcIpAddress

Then also manually add a (same as parent folder) record in the
gc._msdcs.craft.local. sub folder.


--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
--
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your
issue. To respond directly to me remove the nospam. from my
email. ==========================================
http://www.lonestaramerica.com/
==========================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
==========================================
Keep a back up of your OE settings and folders with
OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
==========================================
July 27, 2004 6:44:10 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

All users are using XP Pro with auto IP because in the server also
running DHCP server. So if auto IP then the DNS is using ??? which
assigned by server, right?

For the following, is the value is LdapIpAddress (literally/the word
itself?) or IP of server. Btw the data type is REG_SZ only.

Registry value: DnsAvoidRegisterRecords
> Data type: REG_MULTI_SZ
>
> LdapIpAddress


This server installed SpoonProxy so we don't use sharing

1. Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : ntserver1
Primary DNS Suffix . . . . . . . : craft.local
Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : craft.local

Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : craft.local
Description . . . . . . . . . . . : D-Link DFE-530TX PCI Fast
Ethernet Adapter (Rev A)
Physical Address. . . . . . . . . : 00-50-BA-FB-A4-FB

DHCP Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 10.1.1.10

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . :

DNS Servers . . . . . . . . . . . : 10.1.1.10

Ethernet adapter WAN:



Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : D-Link DFE-530TX PCI Fast
Ethernet Adapter (Rev A) #2
Physical Address. . . . . . . . . : 00-50-BA-FB-8E-9D

DHCP Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 216.xxx.xxx.aaa

Subnet Mask . . . . . . . . . . . : 255.255.255.248

Default Gateway . . . . . . . . . : 216.xxx.xxx.bbb

DNS Servers . . . . . . . . . . . : 10.1.1.10
NetBIOS over Tcpip. . . . . . . . : Disabled



2. craft.local

3. craft.local (subfolder _msdcs, _sites, _tcp, _udp)
ntserver1 host 10.1.1.10

Same as parent folder:
SOA ntserver1.craft.local
Host 216.xxx.xxx.aaa
Host 10.1.1.10

4. Porbably you need it. DCdiag result (THERE IS AN ERROR I mark it
below, is that related??):
DC Diagnosis

Performing initial setup:
* Verifing that the local machine ntserver1, is a DC.
* Connecting to directory service on server ntserver1.
* Collecting site info.
* Identifying all servers.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.

Doing initial non skippeable tests

Testing server: Default-First-Site-Name\NTSERVER1
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... NTSERVER1 passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\NTSERVER1
Starting test: Replications
* Replications Check
......................... NTSERVER1 passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=craft,DC=local
* Security Permissions Check for
CN=Configuration,DC=craft,DC=local
* Security Permissions Check for
DC=craft,DC=local
......................... NTSERVER1 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
......................... NTSERVER1 passed test NetLogons
Starting test: Advertising
The DC NTSERVER1 is advertising itself as a DC and having a
DS.
The DC NTSERVER1 is advertising as an LDAP server
The DC NTSERVER1 is advertising as having a writeable
directory
The DC NTSERVER1 is advertising as a Key Distribution Center
The DC NTSERVER1 is advertising as a time server
The DS NTSERVER1 is advertising as a GC.
......................... NTSERVER1 passed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=NTSERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=craft,DC=local
Role Domain Owner = CN=NTDS
Settings,CN=NTSERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=craft,DC=local
Role PDC Owner = CN=NTDS
Settings,CN=NTSERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=craft,DC=local
Role Rid Owner = CN=NTDS
Settings,CN=NTSERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=craft,DC=local
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=NTSERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=craft,DC=local
......................... NTSERVER1 passed test
KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 1606 to 1073741823
* ntserver1.craft.local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 1106 to 1605
* rIDNextRID: 1151
* rIDPreviousAllocationPool is 1106 to 1605
......................... NTSERVER1 passed test RidManager
Starting test: MachineAccount
* SPN found :LDAP/ntserver1.craft.local/craft.local
* SPN found :LDAP/ntserver1.craft.local
* SPN found :LDAP/NTSERVER1
* SPN found :LDAP/ntserver1.craft.local/craft
* SPN found
:LDAP/373fab7a-a60a-4e42-b30c-bd28276c8fc5._msdcs.craft.local
* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/373fab7a-a60a-4e42-b30c-bd28276c8fc5/craft.local
* SPN found :HOST/ntserver1.craft.local/craft.local
* SPN found :HOST/ntserver1.craft.local
* SPN found :HOST/NTSERVER1
* SPN found :HOST/ntserver1.craft.local/craft
* SPN found :GC/ntserver1.craft.local/craft.local
......................... NTSERVER1 passed test
MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
IsmServ Service is stopped on [NTSERVER1]
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: RPCLOCATOR
* Checking Service: w32time
* Checking Service: TrkWks
* Checking Service: TrkSvr
* Checking Service: NETLOGON
* Checking Service: Dnscache
* Checking Service: NtFrs
SMTPSVC Service is stopped on [NTSERVER1]
......................... NTSERVER1 failed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
NTSERVER1 is in domain DC=craft,DC=local
Checking for CN=NTSERVER1,OU=Domain
Controllers,DC=craft,DC=local in domain DC=craft,DC=local on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=NTSERVER1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=craft,DC=local
in domain CN=Configuration,DC=craft,DC=local on 1 servers
Object is up-to-date on all servers.
......................... NTSERVER1 passed test
ObjectsReplicated
Starting test: frssysvol
* The File Replication Service Event log test
The SYSVOL has been shared, and the AD is no longer
prevented from starting by the File Replication Service.
......................... NTSERVER1 passed test frssysvol
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the
last 15 minutes.
......................... NTSERVER1 passed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0xC0002711
Time Generated: 07/27/2004 16:48:58
Event String: Unable to start a DCOM Server:

{0C0A3666-30C9-11D0-8F20-00805F2CD064} as /. The

error: ***************************************************ERROR
##########

"%2"

Happened while starting this command:

C:\WINNT\System32\mdm.exe -Embedding
......................... NTSERVER1 failed test systemlog

Running enterprise tests on : craft.local
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside
the scope

provided by the command line arguments provided.
......................... craft.local passed test Intersite
Starting test: FsmoCheck
GC Name: \\ntserver1.craft.local
Locator Flags: 0xe00001fd
PDC Name: \\ntserver1.craft.local
Locator Flags: 0xe00001fd
Time Server Name: \\ntserver1.craft.local
Locator Flags: 0xe00001fd
Preferred Time Server Name: \\ntserver1.craft.local
Locator Flags: 0xe00001fd
KDC Name: \\ntserver1.craft.local
Locator Flags: 0xe00001fd
......................... craft.local passed test FsmoCheck






"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message news:<eIrqCR#cEHA.384@TK2MSFTNGP10.phx.gbl>...
> In news:74639a37.0407270521.5e08ba34@posting.google.com,
> Joe <joebio91@hotmail.com> posted a question
> Then Kevin replied inline:
> > I do netdiag/fix successfully, reboot server but after
> > several hours
> > the server cannot ping to FQDN even though ping IP still
> > ok (same
> > problem).
> >
> > I saw in the event log that around those time the problem
> > happened is
> > Warning: 5781 source: Netlogon (dynamic registration
> > ...., because no
> > dns server available). Data in byte = 0000:b4 05 00 00
>
> 5781 events can be a serious problem, to properly diagnose a 5781 I need to
> see these three items:
> 1. ipconfig /all
> 2. AD domain name from ADUsers&Computers
> 3. List of forward lookup zone names in DNS.
>
> >
> > If I do nslookup the result is
> > DNS timeout
> > can't find server name for address 10.1.1.10
> > Default server: unknown
> > Address: 10.1.1.10
>
> You can ignore the nslookup message, all it is telling you is it can't find
> the PTR record that has the server's name (hence the can't find server name
> for address 10.1.1.10) You can also create the PTR in the reverse lookup
> zone.
>
> >
> > If I do nslookup externally, it's works fine (ping
> > yahoo.com/ca with
> > reply)
> > But internally, nope..but actually i don't think we need
> > DNS server
> > locally.
>
> Yes, you do need DNS, you should get that out of your mind now. Your DC's
> record is in DNS, and that is where all the clients expect to find it. If
> they can't find the DCs records you'll spend a lot of time waiting on you
> system.
>
> >
> > This DNS server installation is I think default setup
> > when you setup
> > DC AD in server W2K. So basically just need to be able to
> > connect
> > internet from client's machine, even though let say no
> > DNS...no
> > problem. But because already installed and AD integrated
> > so I have
> > just use it and make it works like before.
>
> AD usually works great, if DNS is properly configured. The most important
> thing to keep in mind is all clients must use the local DNS server that has
> the AD domain zone, only. No ISP's DNS in any position on any Domain member.
> Fo rinternet access configure DNS with a forwarder to your ISP.
>
> Also since the DC is multi-homed it will need some extra configuation to
> keep the DC from registering records on the external interfaces. This must
> be done in the registry, after you make the registry entries you have to
> manually create the record for the (same as parent folder) in the domain
> zone that has the IP of the NIC with file sharing enabled.
>
> 1. Configure DNS to listen only on the internal IP that has file sharing
> enabled.
> 2. Add this registry entry with regedt32.
> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
>
> Registry value: DnsAvoidRegisterRecords
> Data type: REG_MULTI_SZ
>
> LdapIpAddress
>
> 3. OPen the forward lookup zone for the AD domain, right click select New
> host, leave the name field blank and give it the IP of the internal
> interface with File sharing enabled. Do NOT enable "Delete this record if it
> becomes stale". Click OK to create the record anyway when it pops up (same
> as parent folder) is not a valid host name.
>
> 4. Right click on Network places, choose properties, in the "Advanced" menu
> select "Advanced settings" make sure the internal interface is at the top of
> the connections pane, and the File sharing is in the Bindings pane on the
> interface.
>
>
> 300202 - HOW TO: Configure DNS for Internet Access in Windows 2000
> http://support.microsoft.com/?id=300202
>
> 825036 - Best practices for DNS client settings in Windows 2000 Server and
> in Windows Server 2003
> http://support.microsoft.com/default.aspx?scid=kb;en-us;825036
>
>
>
> --
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ============================
> --
> When responding to posts, please "Reply to Group" via your
> newsreader so that others may learn and benefit from your
> issue. To respond directly to me remove the nospam. from my
> email. ==========================================
> http://www.lonestaramerica.com/
> ==========================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ==========================================
> Keep a back up of your OE settings and folders with
> OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ==========================================
Anonymous
July 27, 2004 9:09:53 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:74639a37.0407271344.2f8fe9a3@posting.google.com,
Joe <joebio91@hotmail.com> posted a question
Then Kevin replied below:
> All users are using XP Pro with auto IP because in the
> server also
> running DHCP server. So if auto IP then the DNS is using
> ??? which
> assigned by server, right?
>
> For the following, is the value is LdapIpAddress
> (literally/the word
> itself?) or IP of server. Btw the data type is REG_SZ
> only.

No the data type is REG_MULTI_SZ you must use regedt32, for that data type.
The actual data is
LdapIpAddress
GcIpAddress

I noticed this was a global Catalog from a later post so you add both in the
data field.

Create the (same as parent folder) records only for the private addresses in
the domain zone and in the gc._msdcs sub folder.

>
> Registry value: DnsAvoidRegisterRecords
>> Data type: REG_MULTI_SZ
>>
>> LdapIpAddress
>
>
> This server installed SpoonProxy so we don't use sharing
>
> 1. Windows 2000 IP Configuration
>
> Host Name . . . . . . . . . . . . : ntserver1
> Primary DNS Suffix . . . . . . . : craft.local
> Node Type . . . . . . . . . . . . : Hybrid
>
> IP Routing Enabled. . . . . . . . : No
>
> WINS Proxy Enabled. . . . . . . . : No
>
> DNS Suffix Search List. . . . . . : craft.local
>
> Ethernet adapter Local Area Connection:
>
>
>
> Connection-specific DNS Suffix . : craft.local
> Description . . . . . . . . . . . : D-Link DFE-530TX PCI
> Fast
> Ethernet Adapter (Rev A)
> Physical Address. . . . . . . . . : 00-50-BA-FB-A4-FB
>
> DHCP Enabled. . . . . . . . . . . : No
>
> IP Address. . . . . . . . . . . . : 10.1.1.10
>
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
>
> Default Gateway . . . . . . . . . :
>
> DNS Servers . . . . . . . . . . . : 10.1.1.10
>
> Ethernet adapter WAN:
>
>
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : D-Link DFE-530TX PCI
> Fast
> Ethernet Adapter (Rev A) #2
> Physical Address. . . . . . . . . : 00-50-BA-FB-8E-9D
>
> DHCP Enabled. . . . . . . . . . . : No
>
> IP Address. . . . . . . . . . . . : 216.xxx.xxx.aaa
>
> Subnet Mask . . . . . . . . . . . : 255.255.255.248
>
> Default Gateway . . . . . . . . . : 216.xxx.xxx.bbb
>
> DNS Servers . . . . . . . . . . . : 10.1.1.10
> NetBIOS over Tcpip. . . . . . . . : Disabled
>
>
>
> 2. craft.local
>
> 3. craft.local (subfolder _msdcs, _sites, _tcp, _udp)
> ntserver1 host 10.1.1.10
>
> Same as parent folder:
> SOA ntserver1.craft.local
> Host 216.xxx.xxx.aaa<---------you don't want this record
> Host 10.1.1.10




>
> 4. Porbably you need it. DCdiag result (THERE IS AN ERROR
> I mark it
> below, is that related??):
> DC Diagnosis
>
> Starting test: Services
> * Checking Service: Dnscache
> * Checking Service: NtFrs
> * Checking Service: IsmServ
> IsmServ Service is stopped on [NTSERVER1]
> * Checking Service: kdc
> * Checking Service: SamSs
> * Checking Service: LanmanServer
> * Checking Service: LanmanWorkstation
> * Checking Service: RpcSs
> * Checking Service: RPCLOCATOR
> * Checking Service: w32time
> * Checking Service: TrkWks
> * Checking Service: TrkSvr
> * Checking Service: NETLOGON
> * Checking Service: Dnscache
> * Checking Service: NtFrs
> SMTPSVC Service is stopped on [NTSERVER1]
> ......................... NTSERVER1 failed test
> Services
> kccevent
> Starting test: systemlog
> * The System Event log test
> An Error Event occured. EventID: 0xC0002711
> Time Generated: 07/27/2004 16:48:58
> Event String: Unable to start a DCOM Server:
>
> {0C0A3666-30C9-11D0-8F20-00805F2CD064} as /. The
>
> error:
> ***************************************************ERROR
> ##########
>
> "%2"
>
> Happened while starting this command:
>
> C:\WINNT\System32\mdm.exe -Embedding
> ......................... NTSERVER1 failed test
> systemlog

I don't know about the DCOM error, I'll research it, may have something to
do with the Intersite Messaging Service not running, but don't take that as
a fact. I just don't know at this time, it's out of my realm of expertise.

--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
--
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your
issue. To respond directly to me remove the nospam. from my
email. ==========================================
http://www.lonestaramerica.com/
==========================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
==========================================
Keep a back up of your OE settings and folders with
OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
==========================================
July 27, 2004 9:10:53 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

So the "Value Name" is DnsAvoidRegisterRecords
and "Value data" is LdapIpAddress, GcIpAddress ???

I am not sure how to put 2 entry in value data.
So please clarify, thanks.

gc._msdcs.craft.local. is this mean

Under hobbycraft.local zone file --> _msdcs --> gc --> (no _msdcs
within this subfolder), need to create and the subfolder??

So I need to create also the subfolder??
and then a record, what's the IP address should I used? 10.1.1.10?

Sorry if many questions, because I never do this one so just to make
sure I don't screw up live server.

Thanks for your help so far. Really appreciate it.

IHL&G,
Joe

"Give your time & energy only to the themes at the heart of your
life."


"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message news:<O$I3mU$cEHA.2908@TK2MSFTNGP10.phx.gbl>...
> In news:74639a37.0407270749.51fb9822@posting.google.com,
> Joe <joebio91@hotmail.com> posted a question
> Then Kevin replied below:
> > UPDATED INFO:
> >
> > I do test using netdiag /test:D ns /v and below is the
> > result (with
> > certain COMMENT INLINE), probably helpfull for expert to
> > see it and
> > help to analyze what's the problem.
>
> In addition, I notice in the nediag that this is also a Global catalog.
> You need to change the registry entry on my previous post to this:
> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
>
> Registry value: DnsAvoidRegisterRecords
> Data type: REG_MULTI_SZ
>
> LdapIpAddress
> GcIpAddress
>
> Then also manually add a (same as parent folder) record in the
> gc._msdcs.craft.local. sub folder.
>
>
> --
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ============================
> --
> When responding to posts, please "Reply to Group" via your
> newsreader so that others may learn and benefit from your
> issue. To respond directly to me remove the nospam. from my
> email. ==========================================
> http://www.lonestaramerica.com/
> ==========================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ==========================================
> Keep a back up of your OE settings and folders with
> OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ==========================================
July 28, 2004 1:10:36 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

No event 7063 and if I try use public domain to do nslookup -d2 ....
it works fine, but if use craft.local doesn't work and I think should
won't work right...cause local domain not public registered domain.

"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message news:<e5#14L$cEHA.1356@TK2MSFTNGP09.phx.gbl>...
> In news:74639a37.0407270700.4208591e@posting.google.com,
> Joe <joebio91@hotmail.com> posted a question
> Then Kevin replied below:
> > Forgot to add:
> >
> > Forwarder to pri & sec ISP DNS server.
>
> This may also be a problem if you are using your ISP's DNS that they use for
> Authoritative DNS lookups.
> Many ISP's especially the large ones, disable recursion on their
> Authoritative DNS servers and they cannot be used as DNS forwarders. Check
> your DNS event log for 7063 events, if you are getting these you need to
> change your DNS forwarders. You can also use nslookup to see if the ISP's
> DNS is recursive.
>
> Use this command:
> nslookup -d2 <domain> <ispdnsaddress>
>
> Look in the answer section for "recursion avail"
>
>
> --
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ============================
> --
> When responding to posts, please "Reply to Group" via your
> newsreader so that others may learn and benefit from your
> issue. To respond directly to me remove the nospam. from my
> email. ==========================================
> http://www.lonestaramerica.com/
> ==========================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ==========================================
> Keep a back up of your OE settings and folders with
> OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ==========================================
July 28, 2004 1:33:12 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

I see also in the System Log:

Source: DCOM
Event ID: 10001
Desc: Unable to start DCOM server as /.The error " Thy system cannot
find the file specified." Happened while starting this command:
c:\winnt\system32\mdm.exe -Embedding

Is this related with DNS problem?

Also Event 5781 (NetLogon) always occured everytime rebooted and login
after
Error Source: server
Event ID: 2511
Desc: The server service was unable to recreate the share .....
because the directory c:\....\... no longer exists.

Is this also related?


joebio91@hotmail.com (Joe) wrote in message news:<74639a37.0407261119.ada381f@posting.google.com>...
> We are experience problem which in the beginning I thought related to
> ISP DNS problem because after server reboot in the morning because
> cannot connect to internet several hours later (probably 6 hours or
> more) we cannot connect internet again eventually I see that ping to
> public IP no problem but ping to domain name is problem so I call and
> try troubleshoot with ISP and find conclusion that our server problem.
> This problem resolve everytime we reboot the server, if we just reboot
> the DSL modem and router without reboot the server still cannot ping
> the domain (FQDN) even though able to ping any public IP.
>
> FYI:
> This dual NIC W2K server connect to Internet & LAN as follow
>
> ISP--> DSL modem --> static PUBLIC IP Router -->
> 1. Static PUBLIC WAN NIC
> 2. Static Internal LAN NIC --> all users PC
>
> This server are running with Spoonproxy sw, DNS w/AD, DC, DHCP, s/w
> firewall (the default setting from MS, actually if i was setup this
> server I won't use AD and dual NIC... more headache but no choice now,
> cannot reinstall from scratch cause the ONLY live server to handle
> 15-20 users.
>
> Actually users just using email, internet and run centralize
> application thoruh mapping drive network, so no need AD or DNS I
> guess, but I think to let to change it.
>
> In the past this server running ok until around 3 weeks ago begin
> problem even though no changes in the server. So now every morning
> need to reboot and also on lunch time otherwise after 6 or more hours
> cannot ping to FQDN even though ping to any IP works, so users cannot
> get to internet.
> That's really weird and make me headache.
>
> I also try run netdiag to see if somebody could help to check it. I
> list it at very bottom here.
>
> Computer Name: NTSERVER1
> DNS Host Name: ntserver1.craft.local
> System info : Windows 2000 Server (Build 2195)
>
> Netcard queries test . . . . . . . : Passed
>
>
> Per interface results:
>
> Adapter : Local Area Connection
>
> Netcard queries test . . . : Passed
>
> Host Name. . . . . . . . . : ntserver1
> IP Address . . . . . . . . : 10.1.1.10
> Subnet Mask. . . . . . . . : 255.255.255.0
> Default Gateway. . . . . . :
> Dns Servers. . . . . . . . : 10.1.1.10
>
>
> AutoConfiguration results. . . . . . : Passed
>
> Default gateway test . . . : Skipped
> [WARNING] No gateways defined for this adapter.
>
> NetBT name test. . . . . . : Passed
> [WARNING] At least one of the <00> 'WorkStation Service', <03>
> 'Messenger Service', <20> 'WINS' names is missing.
>
> WINS service test. . . . . : Skipped
> There are no WINS servers configured for this interface.
>
> Adapter : WAN
>
> Netcard queries test . . . : Passed
>
> Host Name. . . . . . . . . : ntserver1
> IP Address . . . . . . . . : 216.xxx.xxx.aaa
> Subnet Mask. . . . . . . . : 255.255.255.248
> Default Gateway. . . . . . : 216.xxx.xxx.bbb
> NetBIOS over Tcpip . . . . : Disabled
> Dns Servers. . . . . . . . : 10.1.1.10
>
>
> AutoConfiguration results. . . . . . : Passed
>
> Default gateway test . . . : Passed
>
> NetBT name test. . . . . . : Skipped
> NetBT is disabled on this interface. [Test skipped]
>
> WINS service test. . . . . : Skipped
> NetBT is disable on this interface. [Test skipped].
>
> Adapter : IPX Internal Interface
>
> Netcard queries test . . . : Passed
>
> Ipx configration
> Network Number . . . . : 3bf8a0c6
> Node . . . . . . . . . : 000000000001
> Frame type . . . . . . : Ethernet II
>
>
>
> Adapter : IpxLoopbackAdapter
>
> Netcard queries test . . . : Passed
>
> Ipx configration
> Network Number . . . . : 3bf8a0c6
> Node . . . . . . . . . : 000000000002
> Frame type . . . . . . : 802.2
>
>
>
> Adapter : NDISWANIPX
>
> Netcard queries test . . . : Passed
>
> Ipx configration
> Network Number . . . . : 00000000
> Node . . . . . . . . . : 601120524153
> Frame type . . . . . . : Ethernet II
>
>
> Global results:
>
> Domain membership test . . . . . . : Passed
>
>
> NetBT transports test. . . . . . . : Passed
> List of NetBt transports currently configured:
> NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
> 1 NetBt transport currently configured.
>
>
> Autonet address test . . . . . . . : Passed
>
>
> IP loopback ping test. . . . . . . : Passed
>
>
> Default gateway test . . . . . . . : Passed
>
>
> NetBT name test. . . . . . . . . . : Passed
> [WARNING] You don't have a single interface with the <00>
> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names
> defined.
>
>
> Winsock test . . . . . . . . . . . : Passed
>
>
> DNS test . . . . . . . . . . . . . : Passed
> PASS - All the DNS entries for DC are registered on DNS server
> '10.1.1.10' and other DCs also have some of the names registered.
>
>
> Redir and Browser test . . . . . . : Passed
> List of NetBt transports currently bound to the Redir
> NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
> The redir is bound to 1 NetBt transport.
>
> List of NetBt transports currently bound to the browser
> NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
> The browser is bound to 1 NetBt transport.
>
>
> DC discovery test. . . . . . . . . : Passed
>
>
> DC list test . . . . . . . . . . . : Passed
>
>
> Trust relationship test. . . . . . : Skipped
>
>
> Kerberos test. . . . . . . . . . . : Passed
>
>
> LDAP test. . . . . . . . . . . . . : Passed
>
>
> Bindings test. . . . . . . . . . . : Passed
>
>
> WAN configuration test . . . . . . : Skipped
> No active remote access connections.
>
>
> Modem diagnostics test . . . . . . : Passed
>
>
> Netware configuration
> You are not logged in to your preferred server .
> Netware User Name. . . . . . . :
> Netware Server Name. . . . . . :
> Netware Tree Name. . . . . . . :
> Netware Workstation Context. . :
>
> IP Security test . . . . . . . . . : Passed
> IPSec policy service is active, but no policy is assigned.
>
> The command completed successfully
>
>
>
>
>
> If anybody could help, really appreciate it.
> I am in the dead end now.
>
> Thanks,
> Joe
Anonymous
July 28, 2004 2:16:12 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:74639a37.0407271610.12ab7cd9@posting.google.com,
Joe <joebio91@hotmail.com> posted a question
Then Kevin replied below:
> So the "Value Name" is DnsAvoidRegisterRecords
> and "Value data" is LdapIpAddress, GcIpAddress ???
>
> I am not sure how to put 2 entry in value data.
> So please clarify, thanks.

If you use regedt32 when you get to the data portion you put one in in top
of the other.

LdapIpAddress
GcIpAddress


> gc._msdcs.craft.local. is this mean
>
> Under hobbycraft.local zone file --> _msdcs --> gc -->
> (no _msdcs
> within this subfolder), need to create and the subfolder??

The gc subfolder is in the _msdcs folder, it actually resolves
gc._msdcs.hobbycraft.local.

Win2k3 puts the _msdcs.hobbycraft.local in its own zone.


> So I need to create also the subfolder??
> and then a record, what's the IP address should I used?
> 10.1.1.10?

You don't need to create a sub folder it belongs in the gc subfolder, and
yes use 10.1.1.10 if theat is the private IP of the DC.


> Sorry if many questions, because I never do this one so
> just to make
> sure I don't screw up live server.

No problem, I completely understand.

--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
--
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your
issue. To respond directly to me remove the nospam. from my
email. ==========================================
http://www.lonestaramerica.com/
==========================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
==========================================
Keep a back up of your OE settings and folders with
OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
==========================================
Anonymous
July 28, 2004 3:47:08 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:74639a37.0407271610.12ab7cd9@posting.google.com,
Joe <joebio91@hotmail.com> asked for help and I offered my suggestions
below:
> So the "Value Name" is DnsAvoidRegisterRecords
> and "Value data" is LdapIpAddress, GcIpAddress ???
>
> I am not sure how to put 2 entry in value data.
> So please clarify, thanks.
>
> gc._msdcs.craft.local. is this mean
>
> Under hobbycraft.local zone file --> _msdcs --> gc --> (no _msdcs
> within this subfolder), need to create and the subfolder??
>
> So I need to create also the subfolder??
> and then a record, what's the IP address should I used? 10.1.1.10?
>
> Sorry if many questions, because I never do this one so just to make
> sure I don't screw up live server.
>
> Thanks for your help so far. Really appreciate it.
>
> IHL&G,
> Joe

What Kevin is saying is to create this Multi string value. Do not choose
"String". The Multi Sting value (REG_MULTI_SZ) allows you to put in multiple
values. It will show up as a little box that you would first put in
LdapIpAddress, then hit enter to go to the next line, then type in
GcIpAddress.

Then you go into DNS and under the:
gc._msdcs.craft.local. sub folder, manually add your GC's IP address.

Same with the LdapIpAddress. To manually create that, you need to first
delete any existing LdapIpAddress. They are the ones that show up as (same
as parent) with just an IP address. Then manually create the new
LdapIpAddress you want to create by rt-clicking your zone, new Host record,
leave the hostname part blank and just give it the IP address of your inside
IP of your multihomed DC.

With all due respect sir, honestly, this additional administrative overhead,
altering default registry values and DC/AD functionality, is more the reason
not to mutli home a DC. It's actually *highly* recommended to purchase a
$39.00 Linksys DSL/Cable router to give you secure Internet access and offer
NAT and let the DC be a DC on the internal network and be done with these
headaches. Those routers are very easy to setup. I can have one setup and
running in less than 5 minutes. This also relieves your DC of running the
WinPoet (PPPoE) software, and NAT services under RRAS, which is alot of
additional overhead, which I'm assuming you have installed since you have an
ADSL line.

No disrepect implied here, just trying to point out facts about multihomed
DCs/DNS servers and trying to make your job easier.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
--
=================================
July 28, 2004 1:35:04 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Another thing after I did changes sometime ago to solve the problem.
Now if I do nslookup, it's gonna give me "can't find server name
address for 10.1.1.10 "
So something wrong somewhere?

Btw what GC =? Global Catalogue??

> Then you go into DNS and under the:
> gc._msdcs.craft.local. sub folder, manually add your GC's IP address.

So the GC IP is internal IP address, right?!

> Same with the LdapIpAddress. To manually create that, you need to first
> delete any existing LdapIpAddress. They are the ones that show up as (same
> as parent) with just an IP address. Then manually create the new
> LdapIpAddress you want to create by rt-clicking your zone, new Host record,
> leave the hostname part blank and just give it the IP address of your inside
> IP of your multihomed DC.

So LdapIpAddress that exists are 10.1.1.10 and 216.xxx.xxx.aaa
So I delete both and recreate just 10.1.1.10 only?

There is also ntserver1 as A record to 10.1.1.10 exist, do I need to
delete and recreate or leave or delete it too.
But the SOA and Name Server even though have (same as parent), but I
shouldn't delete it right?!

Ace, actually as I mention in the beginning of this thread and I
listed here for easier to see

FYI:
This dual NIC W2K server connect to Internet & LAN as follow

ISP--> DSL modem --> static PUBLIC IP Router -->
1. Static PUBLIC WAN NIC
2. Static Internal LAN NIC --> all users PC

This server are running with Spoonproxy sw, DNS w/AD, DC, DHCP, s/w
firewall (the default setting from MS, actually if i was setup this
server I won't use AD and dual NIC... more headache but no choice now,
cannot reinstall from scratch cause the ONLY live server to handle
15-20 users.

Actually users just using email, internet and run centralize
application thoruh mapping drive network, so no need AD or DNS I
guess.
********************************


So there is a router but because this server and LAN setup by previous
netadmin so I couldn't change much, especially this is live server and
the only one server for 15-20 users.

I wish could reinstalled this server from scratch, it's make my life
easier.

So for now I just want to make this server work fine like before
although you could suggest me the detail about make this sever network
better without changing much, so if possible later on I could change
it with permission of my boss.

So instead of using NAT from the router, the previous netadmin setup
router and server with static IP and server has dual NIC (no installed
PPPoE s/w on server) and run Spoonproxy s/w so client with internal IP
could connect to internet.

I don't understand why he set it up that way, probably because to
allow access admin remotely. But if use NAT the server could just
mapping the internal IP with public IP in router and open port for
remote adm then, isn't it?
Or install VPN server in this server and pass the VPN access in the
router, i think.


During this troubleshooting period, I just could test if the set up ok
or still problem JUST twice a day -- at night and early in the morning
before reboot again, because in the morning I set to reboot server
automatically before user come in and also in the lunch time so during
working hour users doesn't exp problem when try to connect to internet
(the problem usually begin in interval 5-7 hours). I really hope this
problem resolve soon.
I really appreciate for both of your assistance. Without you guys, I
don't know what i could do.


"Ace Fekay [MVP]" <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in message news:<OAryVWFdEHA.3392@tk2msftngp13.phx.gbl>...
> In news:74639a37.0407271610.12ab7cd9@posting.google.com,
> Joe <joebio91@hotmail.com> asked for help and I offered my suggestions
> below:
> > So the "Value Name" is DnsAvoidRegisterRecords
> > and "Value data" is LdapIpAddress, GcIpAddress ???
> >
> > I am not sure how to put 2 entry in value data.
> > So please clarify, thanks.
> >
> > gc._msdcs.craft.local. is this mean
> >
> > Under hobbycraft.local zone file --> _msdcs --> gc --> (no _msdcs
> > within this subfolder), need to create and the subfolder??
> >
> > So I need to create also the subfolder??
> > and then a record, what's the IP address should I used? 10.1.1.10?
> >
> > Sorry if many questions, because I never do this one so just to make
> > sure I don't screw up live server.
> >
> > Thanks for your help so far. Really appreciate it.
> >
> > IHL&G,
> > Joe
>
> What Kevin is saying is to create this Multi string value. Do not choose
> "String". The Multi Sting value (REG_MULTI_SZ) allows you to put in multiple
> values. It will show up as a little box that you would first put in
> LdapIpAddress, then hit enter to go to the next line, then type in
> GcIpAddress.
>
> Then you go into DNS and under the:
> gc._msdcs.craft.local. sub folder, manually add your GC's IP address.
>
> Same with the LdapIpAddress. To manually create that, you need to first
> delete any existing LdapIpAddress. They are the ones that show up as (same
> as parent) with just an IP address. Then manually create the new
> LdapIpAddress you want to create by rt-clicking your zone, new Host record,
> leave the hostname part blank and just give it the IP address of your inside
> IP of your multihomed DC.
>
> With all due respect sir, honestly, this additional administrative overhead,
> altering default registry values and DC/AD functionality, is more the reason
> not to mutli home a DC. It's actually *highly* recommended to purchase a
> $39.00 Linksys DSL/Cable router to give you secure Internet access and offer
> NAT and let the DC be a DC on the internal network and be done with these
> headaches. Those routers are very easy to setup. I can have one setup and
> running in less than 5 minutes. This also relieves your DC of running the
> WinPoet (PPPoE) software, and NAT services under RRAS, which is alot of
> additional overhead, which I'm assuming you have installed since you have an
> ADSL line.
>
> No disrepect implied here, just trying to point out facts about multihomed
> DCs/DNS servers and trying to make your job easier.
>
> --
> Regards,
> Ace
>
> Please direct all replies ONLY to the Microsoft public newsgroups
> so all can benefit.
>
> This posting is provided "AS-IS" with no warranties or guarantees
> and confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
> Microsoft Windows MVP - Windows Server - Directory Services
>
> Security Is Like An Onion, It Has Layers
> HAM AND EGGS: A day's work for a chicken;
> A lifetime commitment for a pig.
Anonymous
July 28, 2004 11:17:02 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:74639a37.0407280835.3f7f14cb@posting.google.com,
Joe <joebio91@hotmail.com> posted a question
Then Kevin replied below:
> Another thing after I did changes sometime ago to solve
> the problem.
> Now if I do nslookup, it's gonna give me "can't find
> server name
> address for 10.1.1.10 "
> So something wrong somewhere?

No, nothing is "wrong", this is just a message from nslookup, which is
performing a reverse lookup on the IP of the DNS server it is using.
You can:
a. Ignore the message because because a reverse lookup is not required for
proper AD operation.
b. Create a reverse lookup zone named 1.1.10.in-addr.arpa. and place a PTR
with IP number 10 and your server's name ntserver1.craft.local.

>
> Btw what GC =? Global Catalogue??
>
>> Then you go into DNS and under the:
>> gc._msdcs.craft.local. sub folder, manually add your
>> GC's IP address.

Yes in your case this server is a Global Catalog and its private IP is
10.1.1.10.

>
> So the GC IP is internal IP address, right?!

Right!

>
>> Same with the LdapIpAddress. To manually create that,
>> you need to first delete any existing LdapIpAddress.
>> They are the ones that show up as (same as parent) with
>> just an IP address. Then manually create the new
>> LdapIpAddress you want to create by rt-clicking your
>> zone, new Host record, leave the hostname part blank and
>> just give it the IP address of your inside IP of your
>> multihomed DC.
>
> So LdapIpAddress that exists are 10.1.1.10 and
> 216.xxx.xxx.aaa
> So I delete both and recreate just 10.1.1.10 only?

When you put in the reg entriy and restart the netlogon service, these
records will go away, you need to recreate them with the server's internal
IP.

>
> There is also ntserver1 as A record to 10.1.1.10 exist,
> do I need to
> delete and recreate or leave or delete it too.

Leave that record alone, DNS creates that record for the IP it is listening
on.
There is a different reg entry that changes this behavior, we're not going t
here!


> But the SOA and Name Server even though have (same as
> parent), but I
> shouldn't delete it right?!
>
> Ace, actually as I mention in the beginning of this
> thread and I
> listed here for easier to see
>
> FYI:
> This dual NIC W2K server connect to Internet & LAN as
> follow
>
> ISP--> DSL modem --> static PUBLIC IP Router -->
> 1. Static PUBLIC WAN NIC
> 2. Static Internal LAN NIC --> all users PC
>
> This server are running with Spoonproxy sw, DNS w/AD, DC,
> DHCP, s/w
> firewall (the default setting from MS, actually if i was
> setup this
> server I won't use AD and dual NIC... more headache but
> no choice now,
> cannot reinstall from scratch cause the ONLY live server
> to handle
> 15-20 users.

I haven't seen any reson for even thinking about a re-install yet.

>
> Actually users just using email, internet and run
> centralize
> application thoruh mapping drive network, so no need AD
> or DNS I
> guess.
> ********************************
>
>
> So there is a router but because this server and LAN
> setup by previous
> netadmin so I couldn't change much, especially this is
> live server and
> the only one server for 15-20 users.
>
> I wish could reinstalled this server from scratch, it's
> make my life
> easier.
>
> So for now I just want to make this server work fine like
> before
> although you could suggest me the detail about make this
> sever network
> better without changing much, so if possible later on I
> could change
> it with permission of my boss.
>
> So instead of using NAT from the router, the previous
> netadmin setup
> router and server with static IP and server has dual NIC
> (no installed
> PPPoE s/w on server) and run Spoonproxy s/w so client
> with internal IP
> could connect to internet.

They could connect to the internet with out Spoonproxy, but that is another
story the proxy may be there for other reasons, does it have AV scanning in
it?
Does the Proxy have a DNS proxy in it? If it does possibly that is the
problem.

--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
--
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your
issue. To respond directly to me remove the nospam. from my
email. ==========================================
http://www.lonestaramerica.com/
==========================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
==========================================
Keep a back up of your OE settings and folders with
OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
==========================================
Anonymous
July 29, 2004 1:28:16 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:uJ$5gFQdEHA.3476@tk2msftngp13.phx.gbl,
Kevin D. Goodknecht Sr. [MVP] <admin@nospam.WFTX.US> asked for help and I
offered my suggestions below:
> In news:74639a37.0407280835.3f7f14cb@posting.google.com,
> Joe <joebio91@hotmail.com> posted a question
> Then Kevin replied below:
>> Another thing after I did changes sometime ago to solve
>> the problem.
>> Now if I do nslookup, it's gonna give me "can't find
>> server name
>> address for 10.1.1.10 "
>> So something wrong somewhere?
>
> No, nothing is "wrong", this is just a message from nslookup, which is
> performing a reverse lookup on the IP of the DNS server it is using.
> You can:
> a. Ignore the message because because a reverse lookup is not
> required for proper AD operation.
> b. Create a reverse lookup zone named 1.1.10.in-addr.arpa. and place
> a PTR with IP number 10 and your server's name ntserver1.craft.local.
>
>>
>> Btw what GC =? Global Catalogue??
>>
>>> Then you go into DNS and under the:
>>> gc._msdcs.craft.local. sub folder, manually add your
>>> GC's IP address.
>
> Yes in your case this server is a Global Catalog and its private IP is
> 10.1.1.10.
>
>>
>> So the GC IP is internal IP address, right?!
>
> Right!
>
>>
>>> Same with the LdapIpAddress. To manually create that,
>>> you need to first delete any existing LdapIpAddress.
>>> They are the ones that show up as (same as parent) with
>>> just an IP address. Then manually create the new
>>> LdapIpAddress you want to create by rt-clicking your
>>> zone, new Host record, leave the hostname part blank and
>>> just give it the IP address of your inside IP of your
>>> multihomed DC.
>>
>> So LdapIpAddress that exists are 10.1.1.10 and
>> 216.xxx.xxx.aaa
>> So I delete both and recreate just 10.1.1.10 only?
>
> When you put in the reg entriy and restart the netlogon service, these
> records will go away, you need to recreate them with the server's
> internal IP.
>
>>
>> There is also ntserver1 as A record to 10.1.1.10 exist,
>> do I need to
>> delete and recreate or leave or delete it too.
>
> Leave that record alone, DNS creates that record for the IP it is
> listening on.
> There is a different reg entry that changes this behavior, we're not
> going t here!
>
>
>> But the SOA and Name Server even though have (same as
>> parent), but I
>> shouldn't delete it right?!
>>
>> Ace, actually as I mention in the beginning of this
>> thread and I
>> listed here for easier to see
>>
>> FYI:
>> This dual NIC W2K server connect to Internet & LAN as
>> follow
>>
>> ISP--> DSL modem --> static PUBLIC IP Router -->
>> 1. Static PUBLIC WAN NIC
>> 2. Static Internal LAN NIC --> all users PC
>>
>> This server are running with Spoonproxy sw, DNS w/AD, DC,
>> DHCP, s/w
>> firewall (the default setting from MS, actually if i was
>> setup this
>> server I won't use AD and dual NIC... more headache but
>> no choice now,
>> cannot reinstall from scratch cause the ONLY live server
>> to handle
>> 15-20 users.
>
> I haven't seen any reson for even thinking about a re-install yet.
>
>>
>> Actually users just using email, internet and run
>> centralize
>> application thoruh mapping drive network, so no need AD
>> or DNS I
>> guess.
>> ********************************
>>
>>
>> So there is a router but because this server and LAN
>> setup by previous
>> netadmin so I couldn't change much, especially this is
>> live server and
>> the only one server for 15-20 users.
>>
>> I wish could reinstalled this server from scratch, it's
>> make my life
>> easier.
>>
>> So for now I just want to make this server work fine like
>> before
>> although you could suggest me the detail about make this
>> sever network
>> better without changing much, so if possible later on I
>> could change
>> it with permission of my boss.
>>
>> So instead of using NAT from the router, the previous
>> netadmin setup
>> router and server with static IP and server has dual NIC
>> (no installed
>> PPPoE s/w on server) and run Spoonproxy s/w so client
>> with internal IP
>> could connect to internet.
>
> They could connect to the internet with out Spoonproxy, but that is
> another story the proxy may be there for other reasons, does it have
> AV scanning in it?
> Does the Proxy have a DNS proxy in it? If it does possibly that is the
> problem.
>

I'm starting to think that as well.

Also agree that no need to reinstall, just reconfigure who the router is.
When Joe is mentioning 'router', I am assuming its this dual homed machine
in question, unless I misread it and there is actually a router connected to
the DSL modem?

I was suggesting to get a Linksys router. If VPN is needed, they have a
router that has VPN features, but costs a little more money. Very well worth
it. Once its working, I would suggest to point the gateway address at the
new router, then remove the extra NIC from the dual homed machine, take out
that reg entry, and let it do its thing, be a DC. No reason to reinstall.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
--
=================================
July 29, 2004 11:36:24 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

Yes, there is Netgear simple router connect to DSL modem and from this
router connect to dual homed W2K SP3 Server.
Thank you for the info and suggestion Ace.

"Ace Fekay [MVP]" <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in message news:<OcXo0uQdEHA.3212@TK2MSFTNGP12.phx.gbl>...
> In news:uJ$5gFQdEHA.3476@tk2msftngp13.phx.gbl,
> Kevin D. Goodknecht Sr. [MVP] <admin@nospam.WFTX.US> asked for help and I
> offered my suggestions below:
> > In news:74639a37.0407280835.3f7f14cb@posting.google.com,
> > Joe <joebio91@hotmail.com> posted a question
> > Then Kevin replied below:
> >> Another thing after I did changes sometime ago to solve
> >> the problem.
> >> Now if I do nslookup, it's gonna give me "can't find
> >> server name
> >> address for 10.1.1.10 "
> >> So something wrong somewhere?
> >
> > No, nothing is "wrong", this is just a message from nslookup, which is
> > performing a reverse lookup on the IP of the DNS server it is using.
> > You can:
> > a. Ignore the message because because a reverse lookup is not
> > required for proper AD operation.
> > b. Create a reverse lookup zone named 1.1.10.in-addr.arpa. and place
> > a PTR with IP number 10 and your server's name ntserver1.craft.local.
> >
> >>
> >> Btw what GC =? Global Catalogue??
> >>
> >>> Then you go into DNS and under the:
> >>> gc._msdcs.craft.local. sub folder, manually add your
> >>> GC's IP address.
> >
> > Yes in your case this server is a Global Catalog and its private IP is
> > 10.1.1.10.
> >
> >>
> >> So the GC IP is internal IP address, right?!
> >
> > Right!
> >
> >>
> >>> Same with the LdapIpAddress. To manually create that,
> >>> you need to first delete any existing LdapIpAddress.
> >>> They are the ones that show up as (same as parent) with
> >>> just an IP address. Then manually create the new
> >>> LdapIpAddress you want to create by rt-clicking your
> >>> zone, new Host record, leave the hostname part blank and
> >>> just give it the IP address of your inside IP of your
> >>> multihomed DC.
> >>
> >> So LdapIpAddress that exists are 10.1.1.10 and
> >> 216.xxx.xxx.aaa
> >> So I delete both and recreate just 10.1.1.10 only?
> >
> > When you put in the reg entriy and restart the netlogon service, these
> > records will go away, you need to recreate them with the server's
> > internal IP.
> >
> >>
> >> There is also ntserver1 as A record to 10.1.1.10 exist,
> >> do I need to
> >> delete and recreate or leave or delete it too.
> >
> > Leave that record alone, DNS creates that record for the IP it is
> > listening on.
> > There is a different reg entry that changes this behavior, we're not
> > going t here!
> >
> >
> >> But the SOA and Name Server even though have (same as
> >> parent), but I
> >> shouldn't delete it right?!
> >>
> >> Ace, actually as I mention in the beginning of this
> >> thread and I
> >> listed here for easier to see
> >>
> >> FYI:
> >> This dual NIC W2K server connect to Internet & LAN as
> >> follow
> >>
> >> ISP--> DSL modem --> static PUBLIC IP Router -->
> >> 1. Static PUBLIC WAN NIC
> >> 2. Static Internal LAN NIC --> all users PC
> >>
> >> This server are running with Spoonproxy sw, DNS w/AD, DC,
> >> DHCP, s/w
> >> firewall (the default setting from MS, actually if i was
> >> setup this
> >> server I won't use AD and dual NIC... more headache but
> >> no choice now,
> >> cannot reinstall from scratch cause the ONLY live server
> >> to handle
> >> 15-20 users.
> >
> > I haven't seen any reson for even thinking about a re-install yet.
> >
> >>
> >> Actually users just using email, internet and run
> >> centralize
> >> application thoruh mapping drive network, so no need AD
> >> or DNS I
> >> guess.
> >> ********************************
> >>
> >>
> >> So there is a router but because this server and LAN
> >> setup by previous
> >> netadmin so I couldn't change much, especially this is
> >> live server and
> >> the only one server for 15-20 users.
> >>
> >> I wish could reinstalled this server from scratch, it's
> >> make my life
> >> easier.
> >>
> >> So for now I just want to make this server work fine like
> >> before
> >> although you could suggest me the detail about make this
> >> sever network
> >> better without changing much, so if possible later on I
> >> could change
> >> it with permission of my boss.
> >>
> >> So instead of using NAT from the router, the previous
> >> netadmin setup
> >> router and server with static IP and server has dual NIC
> >> (no installed
> >> PPPoE s/w on server) and run Spoonproxy s/w so client
> >> with internal IP
> >> could connect to internet.
> >
> > They could connect to the internet with out Spoonproxy, but that is
> > another story the proxy may be there for other reasons, does it have
> > AV scanning in it?
> > Does the Proxy have a DNS proxy in it? If it does possibly that is the
> > problem.
> >
>
> I'm starting to think that as well.
>
> Also agree that no need to reinstall, just reconfigure who the router is.
> When Joe is mentioning 'router', I am assuming its this dual homed machine
> in question, unless I misread it and there is actually a router connected to
> the DSL modem?
>
> I was suggesting to get a Linksys router. If VPN is needed, they have a
> router that has VPN features, but costs a little more money. Very well worth
> it. Once its working, I would suggest to point the gateway address at the
> new router, then remove the extra NIC from the dual homed machine, take out
> that reg entry, and let it do its thing, be a DC. No reason to reinstall.
>
> --
> Regards,
> Ace
>
> Please direct all replies ONLY to the Microsoft public newsgroups
> so all can benefit.
>
> This posting is provided "AS-IS" with no warranties or guarantees
> and confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
> Microsoft Windows MVP - Windows Server - Directory Services
>
> Security Is Like An Onion, It Has Layers
> HAM AND EGGS: A day's work for a chicken;
> A lifetime commitment for a pig.
July 29, 2004 11:54:47 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message news:<uJ$5gFQdEHA.3476@tk2msftngp13.phx.gbl>...
> In news:74639a37.0407280835.3f7f14cb@posting.google.com,
> Joe <joebio91@hotmail.com> posted a question
> Then Kevin replied below:
> > Another thing after I did changes sometime ago to solve
> > the problem.
> > Now if I do nslookup, it's gonna give me "can't find
> > server name
> > address for 10.1.1.10 "
> > So something wrong somewhere?
>
> No, nothing is "wrong", this is just a message from nslookup, which is
> performing a reverse lookup on the IP of the DNS server it is using.
> You can:
> a. Ignore the message because because a reverse lookup is not required for
> proper AD operation.
> b. Create a reverse lookup zone named 1.1.10.in-addr.arpa. and place a PTR
> with IP number 10 and your server's name ntserver1.craft.local.
>
> >
> > Btw what GC =? Global Catalogue??
> >
> >> Then you go into DNS and under the:
> >> gc._msdcs.craft.local. sub folder, manually add your
> >> GC's IP address.
>
> Yes in your case this server is a Global Catalog and its private IP is
> 10.1.1.10.
>
> >
> > So the GC IP is internal IP address, right?!
>
> Right!
>
> >
> >> Same with the LdapIpAddress. To manually create that,
> >> you need to first delete any existing LdapIpAddress.
> >> They are the ones that show up as (same as parent) with
> >> just an IP address. Then manually create the new
> >> LdapIpAddress you want to create by rt-clicking your
> >> zone, new Host record, leave the hostname part blank and
> >> just give it the IP address of your inside IP of your
> >> multihomed DC.
> >
> > So LdapIpAddress that exists are 10.1.1.10 and
> > 216.xxx.xxx.aaa
> > So I delete both and recreate just 10.1.1.10 only?
>
> When you put in the reg entriy and restart the netlogon service, these
> records will go away, you need to recreate them with the server's internal
> IP.
>
> >
> > There is also ntserver1 as A record to 10.1.1.10 exist,
> > do I need to
> > delete and recreate or leave or delete it too.
>
> Leave that record alone, DNS creates that record for the IP it is listening
> on.
> There is a different reg entry that changes this behavior, we're not going t
> here!
>
>
> > But the SOA and Name Server even though have (same as
> > parent), but I
> > shouldn't delete it right?!
> >
> > Ace, actually as I mention in the beginning of this
> > thread and I
> > listed here for easier to see
> >
> > FYI:
> > This dual NIC W2K server connect to Internet & LAN as
> > follow
> >
> > ISP--> DSL modem --> static PUBLIC IP Router -->
> > 1. Static PUBLIC WAN NIC
> > 2. Static Internal LAN NIC --> all users PC
> >
> > This server are running with Spoonproxy sw, DNS w/AD, DC,
> > DHCP, s/w
> > firewall (the default setting from MS, actually if i was
> > setup this
> > server I won't use AD and dual NIC... more headache but
> > no choice now,
> > cannot reinstall from scratch cause the ONLY live server
> > to handle
> > 15-20 users.
>
> I haven't seen any reson for even thinking about a re-install yet.
>
> >
> > Actually users just using email, internet and run
> > centralize
> > application thoruh mapping drive network, so no need AD
> > or DNS I
> > guess.
> > ********************************
> >
> >
> > So there is a router but because this server and LAN
> > setup by previous
> > netadmin so I couldn't change much, especially this is
> > live server and
> > the only one server for 15-20 users.
> >
> > I wish could reinstalled this server from scratch, it's
> > make my life
> > easier.
> >
> > So for now I just want to make this server work fine like
> > before
> > although you could suggest me the detail about make this
> > sever network
> > better without changing much, so if possible later on I
> > could change
> > it with permission of my boss.
> >
> > So instead of using NAT from the router, the previous
> > netadmin setup
> > router and server with static IP and server has dual NIC
> > (no installed
> > PPPoE s/w on server) and run Spoonproxy s/w so client
> > with internal IP
> > could connect to internet.
>
> They could connect to the internet with out Spoonproxy, but that is another
> story the proxy may be there for other reasons, does it have AV scanning in
> it?
> Does the Proxy have a DNS proxy in it? If it does possibly that is the
> problem.
>

The proxy is just for internet, email, ftp, etc no AV within or DNS.
Just simple small utility/software.
I don't know if there is another purpose for that proxy as far as I know that's it.
Hopefully after this last changes I made and the server working ok.
Till now still the dns/ping fqdn after 6 hours or so will fail :( 
I will let you know the result.
Please works my 'baby'.......
Anonymous
July 29, 2004 2:46:29 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:74639a37.0407290654.985cefe@posting.google.com,
Joe <joebio91@hotmail.com> posted a question
Then Kevin replied below:
> The proxy is just for internet, email, ftp, etc no AV
> within or DNS.
> Just simple small utility/software.
> I don't know if there is another purpose for that proxy
> as far as I know that's it.
> Hopefully after this last changes I made and the server
> working ok.
> Till now still the dns/ping fqdn after 6 hours or so will
> fail :( 
> I will let you know the result.
> Please works my 'baby'.......


Then as far as I can tell this proxy serves no real purpose, your router can
do this, too. If they can use the router for the gateway. The proxy will
only serve as a point of failure.
I use a proxy, but my proxy is there for its Anti-virus capabilities, it
scans email and websites for viruses and malicious code.
If all your clients can ping the router I suggest you keep the proxy out of
the picture.

--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
--
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your
issue. To respond directly to me remove the nospam. from my
email. ==========================================
http://www.lonestaramerica.com/
==========================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
==========================================
Keep a back up of your OE settings and folders with
OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
==========================================
Anonymous
July 29, 2004 4:16:23 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

"Joe" <joebio91@hotmail.com> wrote in message
news:74639a37.0407290636.45de67e7@posting.google.com...
> Yes, there is Netgear simple router connect to DSL modem and from this
> router connect to dual homed W2K SP3 Server.
> Thank you for the info and suggestion Ace.
>

No problem. So you already have a router. May I ask why the W2k machine is
mutlihomed? Is it because you are running that Spoonproxy ?

Ace
July 29, 2004 5:59:08 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

FYI:
In the zone file (craft.local) has "Allow Dynamic Update" = Only secure update.
Is this the cause? should choose NO or other option?

joebio91@hotmail.com (Joe) wrote in message news:<74639a37.0407290654.985cefe@posting.google.com>...
> "Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message news:<uJ$5gFQdEHA.3476@tk2msftngp13.phx.gbl>...
> > In news:74639a37.0407280835.3f7f14cb@posting.google.com,
> > Joe <joebio91@hotmail.com> posted a question
> > Then Kevin replied below:
> > > Another thing after I did changes sometime ago to solve
> > > the problem.
> > > Now if I do nslookup, it's gonna give me "can't find
> > > server name
> > > address for 10.1.1.10 "
> > > So something wrong somewhere?
> >
> > No, nothing is "wrong", this is just a message from nslookup, which is
> > performing a reverse lookup on the IP of the DNS server it is using.
> > You can:
> > a. Ignore the message because because a reverse lookup is not required for
> > proper AD operation.
> > b. Create a reverse lookup zone named 1.1.10.in-addr.arpa. and place a PTR
> > with IP number 10 and your server's name ntserver1.craft.local.
> >
> > >
> > > Btw what GC =? Global Catalogue??
> > >
> > >> Then you go into DNS and under the:
> > >> gc._msdcs.craft.local. sub folder, manually add your
> > >> GC's IP address.
> >
> > Yes in your case this server is a Global Catalog and its private IP is
> > 10.1.1.10.
> >
> > >
> > > So the GC IP is internal IP address, right?!
> >
> > Right!
> >
> > >
> > >> Same with the LdapIpAddress. To manually create that,
> > >> you need to first delete any existing LdapIpAddress.
> > >> They are the ones that show up as (same as parent) with
> > >> just an IP address. Then manually create the new
> > >> LdapIpAddress you want to create by rt-clicking your
> > >> zone, new Host record, leave the hostname part blank and
> > >> just give it the IP address of your inside IP of your
> > >> multihomed DC.
> > >
> > > So LdapIpAddress that exists are 10.1.1.10 and
> > > 216.xxx.xxx.aaa
> > > So I delete both and recreate just 10.1.1.10 only?
> >
> > When you put in the reg entriy and restart the netlogon service, these
> > records will go away, you need to recreate them with the server's internal
> > IP.
> >
> > >
> > > There is also ntserver1 as A record to 10.1.1.10 exist,
> > > do I need to
> > > delete and recreate or leave or delete it too.
> >
> > Leave that record alone, DNS creates that record for the IP it is listening
> > on.
> > There is a different reg entry that changes this behavior, we're not going t
> > here!
> >
> >
> > > But the SOA and Name Server even though have (same as
> > > parent), but I
> > > shouldn't delete it right?!
> > >
> > > Ace, actually as I mention in the beginning of this
> > > thread and I
> > > listed here for easier to see
> > >
> > > FYI:
> > > This dual NIC W2K server connect to Internet & LAN as
> > > follow
> > >
> > > ISP--> DSL modem --> static PUBLIC IP Router -->
> > > 1. Static PUBLIC WAN NIC
> > > 2. Static Internal LAN NIC --> all users PC
> > >
> > > This server are running with Spoonproxy sw, DNS w/AD, DC,
> > > DHCP, s/w
> > > firewall (the default setting from MS, actually if i was
> > > setup this
> > > server I won't use AD and dual NIC... more headache but
> > > no choice now,
> > > cannot reinstall from scratch cause the ONLY live server
> > > to handle
> > > 15-20 users.
> >
> > I haven't seen any reson for even thinking about a re-install yet.
> >
> > >
> > > Actually users just using email, internet and run
> > > centralize
> > > application thoruh mapping drive network, so no need AD
> > > or DNS I
> > > guess.
> > > ********************************
> > >
> > >
> > > So there is a router but because this server and LAN
> > > setup by previous
> > > netadmin so I couldn't change much, especially this is
> > > live server and
> > > the only one server for 15-20 users.
> > >
> > > I wish could reinstalled this server from scratch, it's
> > > make my life
> > > easier.
> > >
> > > So for now I just want to make this server work fine like
> > > before
> > > although you could suggest me the detail about make this
> > > sever network
> > > better without changing much, so if possible later on I
> > > could change
> > > it with permission of my boss.
> > >
> > > So instead of using NAT from the router, the previous
> > > netadmin setup
> > > router and server with static IP and server has dual NIC
> > > (no installed
> > > PPPoE s/w on server) and run Spoonproxy s/w so client
> > > with internal IP
> > > could connect to internet.
> >
> > They could connect to the internet with out Spoonproxy, but that is another
> > story the proxy may be there for other reasons, does it have AV scanning in
> > it?
> > Does the Proxy have a DNS proxy in it? If it does possibly that is the
> > problem.
> >
>
> The proxy is just for internet, email, ftp, etc no AV within or DNS.
> Just simple small utility/software.
> I don't know if there is another purpose for that proxy as far as I know that's it.
> Hopefully after this last changes I made and the server working ok.
> Till now still the dns/ping fqdn after 6 hours or so will fail :( 
> I will let you know the result.
> Please works my 'baby'.......
Anonymous
July 29, 2004 8:47:58 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:74639a37.0407291259.52bb858c@posting.google.com,
Joe <joebio91@hotmail.com> posted a question
Then Kevin replied below:
> FYI:
> In the zone file (craft.local) has "Allow Dynamic Update"
> = Only secure update.
> Is this the cause? should choose NO or other option?

Secure updates is fine so long as updates getting done. You don't want to
choose No because you DC needs to register its records in the zone, setting
the zone to No will cause errors on the DC and any other client that is
registering in DNS.



--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
--
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your
issue. To respond directly to me remove the nospam. from my
email. ==========================================
http://www.lonestaramerica.com/
==========================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
==========================================
Keep a back up of your OE settings and folders with
OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
==========================================
July 30, 2004 4:06:03 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

Oh Nightmare, I don't know what happened but now from all clients
cannot see the server, none network printer available, cannot ping to
internet at all even though server rebooted.
But ping to external nic with 216.xxx.xxx.aaa no problem but to the
gateway/Netgear router or public internet IP time out :( (

Oh my God, I am in trouble now....I don't know how to solve it, I try
to change back to original setting but still doesn't work.
I try use enable sharing for internal NIC and then the remote
connection cut off and I am not able to connect to that server (use
static IP). So I couldn't try to solve it remotely and this morning
(now when I write is 3 am in the morning) at 8 am they are gonna use
it the program that running in the server through network (Ooopss it's
gonna big a mess if I couldn't solve it...their business depend on
this prog that run in the server.... I am dead man).
I write this NOT to blame you guys, you have already patient to guide
me, thank you very much but somehow I don't know why the system screw
up. I need to throw out my frustation only somewhere......
I hope at least running like before, reboot every 6 hours than now
nobody can use it.......Oh God please help me, I pray.

I try to find the dual home/ multihomed setup for TCP/IP but not much
and not helping me.

And the bad thing about this Google forum is taking 3-9 hours to be
posted available....so harder to interaction asap.

If you have any suggestion, pls let me know asap, thanks.

Regards,
Joe


"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message news:<ebBh6MYdEHA.3928@TK2MSFTNGP09.phx.gbl>...
> In news:74639a37.0407290654.985cefe@posting.google.com,
> Joe <joebio91@hotmail.com> posted a question
> Then Kevin replied below:
> > The proxy is just for internet, email, ftp, etc no AV
> > within or DNS.
> > Just simple small utility/software.
> > I don't know if there is another purpose for that proxy
> > as far as I know that's it.
> > Hopefully after this last changes I made and the server
> > working ok.
> > Till now still the dns/ping fqdn after 6 hours or so will
> > fail :( 
> > I will let you know the result.
> > Please works my 'baby'.......
>
>
> Then as far as I can tell this proxy serves no real purpose, your router can
> do this, too. If they can use the router for the gateway. The proxy will
> only serve as a point of failure.
> I use a proxy, but my proxy is there for its Anti-virus capabilities, it
> scans email and websites for viruses and malicious code.
> If all your clients can ping the router I suggest you keep the proxy out of
> the picture.
>
> --
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ============================
> --
> When responding to posts, please "Reply to Group" via your
> newsreader so that others may learn and benefit from your
> issue. To respond directly to me remove the nospam. from my
> email. ==========================================
> http://www.lonestaramerica.com/
> ==========================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ==========================================
> Keep a back up of your OE settings and folders with
> OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ==========================================
Anonymous
July 30, 2004 11:10:27 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:74639a37.0407292306.6dc4558c@posting.google.com,
Joe <joebio91@hotmail.com> asked for help and I offered my suggestions
below:
> Oh Nightmare, I don't know what happened but now from all clients
> cannot see the server, none network printer available, cannot ping to
> internet at all even though server rebooted.
> But ping to external nic with 216.xxx.xxx.aaa no problem but to the
> gateway/Netgear router or public internet IP time out :( (
>
> Oh my God, I am in trouble now....I don't know how to solve it, I try
> to change back to original setting but still doesn't work.
> I try use enable sharing for internal NIC and then the remote
> connection cut off and I am not able to connect to that server (use
> static IP). So I couldn't try to solve it remotely and this morning
> (now when I write is 3 am in the morning) at 8 am they are gonna use
> it the program that running in the server through network (Ooopss it's
> gonna big a mess if I couldn't solve it...their business depend on
> this prog that run in the server.... I am dead man).
> I write this NOT to blame you guys, you have already patient to guide
> me, thank you very much but somehow I don't know why the system screw
> up. I need to throw out my frustation only somewhere......
> I hope at least running like before, reboot every 6 hours than now
> nobody can use it.......Oh God please help me, I pray.
>
> I try to find the dual home/ multihomed setup for TCP/IP but not much
> and not helping me.
>
> And the bad thing about this Google forum is taking 3-9 hours to be
> posted available....so harder to interaction asap.
>
> If you have any suggestion, pls let me know asap, thanks.
>
> Regards,
> Joe
>


Well, you shouldn't go thru Google, for one. Use Outlook Express and setup a
newsgroup account, the servername is news.microsoft.com, the group to
subscribe to is microsoft.public.win2000.dns. Just look for this post:

Sorry to hear you are in this predicament. Not sure what happened, thought
you had it all fixed.

Newsgroups: microsoft.public.win2000.dns
Subject: Dual home DNS w/ AD doesn't work after several hours
Date: 26 Jul 2004 12:19:21 -0700
From: joebio91@hotmail.com (Joe)

Joe, maybe if your network were simplified, such as removing the spoonproxy
(you're not using it anyway), remove the extra NIC, and just use the router
for Internet access instead of this dual homed server, it may just work.

--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.
--
=================================
July 30, 2004 1:26:55 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

But thanks God this morning after the server reboot and users can
connect without problem as usual, just I am sure about the DNS that
not working after several hours, hopefully it's resolved.
Thanks very much for both of you.

joebio91@hotmail.com (Joe) wrote in message news:<74639a37.0407292306.6dc4558c@posting.google.com>...
> Oh Nightmare, I don't know what happened but now from all clients
> cannot see the server, none network printer available, cannot ping to
> internet at all even though server rebooted.
> But ping to external nic with 216.xxx.xxx.aaa no problem but to the
> gateway/Netgear router or public internet IP time out :( (
>
> Oh my God, I am in trouble now....I don't know how to solve it, I try
> to change back to original setting but still doesn't work.
> I try use enable sharing for internal NIC and then the remote
> connection cut off and I am not able to connect to that server (use
> static IP). So I couldn't try to solve it remotely and this morning
> (now when I write is 3 am in the morning) at 8 am they are gonna use
> it the program that running in the server through network (Ooopss it's
> gonna big a mess if I couldn't solve it...their business depend on
> this prog that run in the server.... I am dead man).
> I write this NOT to blame you guys, you have already patient to guide
> me, thank you very much but somehow I don't know why the system screw
> up. I need to throw out my frustation only somewhere......
> I hope at least running like before, reboot every 6 hours than now
> nobody can use it.......Oh God please help me, I pray.
>
> I try to find the dual home/ multihomed setup for TCP/IP but not much
> and not helping me.
>
> And the bad thing about this Google forum is taking 3-9 hours to be
> posted available....so harder to interaction asap.
>
> If you have any suggestion, pls let me know asap, thanks.
>
> Regards,
> Joe
>
>
> "Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message news:<ebBh6MYdEHA.3928@TK2MSFTNGP09.phx.gbl>...
> > In news:74639a37.0407290654.985cefe@posting.google.com,
> > Joe <joebio91@hotmail.com> posted a question
> > Then Kevin replied below:
> > > The proxy is just for internet, email, ftp, etc no AV
> > > within or DNS.
> > > Just simple small utility/software.
> > > I don't know if there is another purpose for that proxy
> > > as far as I know that's it.
> > > Hopefully after this last changes I made and the server
> > > working ok.
> > > Till now still the dns/ping fqdn after 6 hours or so will
> > > fail :( 
> > > I will let you know the result.
> > > Please works my 'baby'.......
> >
> >
> > Then as far as I can tell this proxy serves no real purpose, your router can
> > do this, too. If they can use the router for the gateway. The proxy will
> > only serve as a point of failure.
> > I use a proxy, but my proxy is there for its Anti-virus capabilities, it
> > scans email and websites for viruses and malicious code.
> > If all your clients can ping the router I suggest you keep the proxy out of
> > the picture.
> >
> > --
> > Best regards,
> > Kevin D4 Dad Goodknecht Sr. [MVP]
> > Hope This Helps
> > ============================
> > --
> > When responding to posts, please "Reply to Group" via your
> > newsreader so that others may learn and benefit from your
> > issue. To respond directly to me remove the nospam. from my
> > email. ==========================================
> > http://www.lonestaramerica.com/
> > ==========================================
> > Use Outlook Express?... Get OE_Quotefix:
> > It will strip signature out and more
> > http://home.in.tum.de/~jain/software/oe-quotefix/
> > ==========================================
> > Keep a back up of your OE settings and folders with
> > OEBackup:
> > http://www.oehelp.com/OEBackup/Default.aspx
> > ==========================================
July 30, 2004 9:09:34 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Thanks God, at least the users could use the centralize app today and
network printing without problem.
Just some computer cannot be connected remotely from server althoug could
ping it.
and the internet still doesn't work after several hours, also there are
several error in the system log
Source: userenv
eventid: 1000
the search for AD object fail with (87)

Windows cannot query for the list of GPO

Is this related becaus eof DNS?

At least users can work, that's better ...FIuuhh

I am so dumb...ho wcome I use Google posting, actually in the long time ago
I ve ever use Outlook Express for newsgroup ;((
Otherwise it's gonna be faster for communication.
Thanks Ace.


--
Regards,
Yohannes Tedjasukmana
MultiSoft Solutions Inc.

Tel:905-629-3640 Ext.122
Fax: 905-629-2910
yohannes@multisoftonline.com


"Ace Fekay [MVP]"
<PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> wrote in
message news:o S8fUXidEHA.3944@tk2msftngp13.phx.gbl...
> In news:74639a37.0407292306.6dc4558c@posting.google.com,
> Joe <joebio91@hotmail.com> asked for help and I offered my suggestions
> below:
> > Oh Nightmare, I don't know what happened but now from all clients
> > cannot see the server, none network printer available, cannot ping to
> > internet at all even though server rebooted.
> > But ping to external nic with 216.xxx.xxx.aaa no problem but to the
> > gateway/Netgear router or public internet IP time out :( (
> >
> > Oh my God, I am in trouble now....I don't know how to solve it, I try
> > to change back to original setting but still doesn't work.
> > I try use enable sharing for internal NIC and then the remote
> > connection cut off and I am not able to connect to that server (use
> > static IP). So I couldn't try to solve it remotely and this morning
> > (now when I write is 3 am in the morning) at 8 am they are gonna use
> > it the program that running in the server through network (Ooopss it's
> > gonna big a mess if I couldn't solve it...their business depend on
> > this prog that run in the server.... I am dead man).
> > I write this NOT to blame you guys, you have already patient to guide
> > me, thank you very much but somehow I don't know why the system screw
> > up. I need to throw out my frustation only somewhere......
> > I hope at least running like before, reboot every 6 hours than now
> > nobody can use it.......Oh God please help me, I pray.
> >
> > I try to find the dual home/ multihomed setup for TCP/IP but not much
> > and not helping me.
> >
> > And the bad thing about this Google forum is taking 3-9 hours to be
> > posted available....so harder to interaction asap.
> >
> > If you have any suggestion, pls let me know asap, thanks.
> >
> > Regards,
> > Joe
> >
>
>
> Well, you shouldn't go thru Google, for one. Use Outlook Express and setup
a
> newsgroup account, the servername is news.microsoft.com, the group to
> subscribe to is microsoft.public.win2000.dns. Just look for this post:
>
> Sorry to hear you are in this predicament. Not sure what happened, thought
> you had it all fixed.
>
> Newsgroups: microsoft.public.win2000.dns
> Subject: Dual home DNS w/ AD doesn't work after several hours
> Date: 26 Jul 2004 12:19:21 -0700
> From: joebio91@hotmail.com (Joe)
>
> Joe, maybe if your network were simplified, such as removing the
spoonproxy
> (you're not using it anyway), remove the extra NIC, and just use the
router
> for Internet access instead of this dual homed server, it may just work.
>
> --
> Regards,
> Ace
>
> Please direct all replies ONLY to the Microsoft public newsgroups
> so all can benefit.
>
> This posting is provided "AS-IS" with no warranties or guarantees
> and confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
> Microsoft Windows MVP - Windows Server - Directory Services
>
> Security Is Like An Onion, It Has Layers
> HAM AND EGGS: A day's work for a chicken;
> A lifetime commitment for a pig.
> --
> =================================
>
>
Anonymous
July 30, 2004 9:09:35 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:o AtwqkndEHA.3632@TK2MSFTNGP11.phx.gbl,
Joe <joebio91@hotmail.com> posted a question
Then Kevin replied below:
> Thanks God, at least the users could use the centralize
> app today and network printing without problem.
> Just some computer cannot be connected remotely from
> server althoug could ping it.
> and the internet still doesn't work after several hours,
> also there are several error in the system log
> Source: userenv
> eventid: 1000
> the search for AD object fail with (87)
>
> Windows cannot query for the list of GPO
>
> Is this related becaus eof DNS?

If you are getting userenv 1000 events, it is usually because it is looking
at the wrong interface for the SYSVOL share, possibly because the private IP
is not getting published for the domain name(step 2 & 3 below), or the
private interface is not at the top of the binding order (step 4 below).

1. In the DNS management console, on the properties of the DNS server,
interfaces tab, set DNS to only listen on the private IP you want in DNS for

the server.

2. Add this registry entry with regedt32 to stop the (same as parent folder)
records.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

Registry value: DnsAvoidRegisterRecords
Data type: REG_MULTI_SZ

LdapIpAddress

(If the DC is also a Global Catalog see note below)

3. Create a new host in DNS, leave the name field blank, give it the IP of
the internal interface. Win2k barks at you saying (same as parent folder) is
not a valid host name, click OK to create the record anyway.

4. Right click on Network places, choose properties, in the Advanced menu
select Advanced settings. Make sure the internal interface is at the top of
the connections pane and File sharing is enabled on the internal interface.


Note-

If the DC is also a Global Catalog use this registry entry:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

Registry value: DnsAvoidRegisterRecords
Data type: REG_MULTI_SZ

LdapIpAddress
GcIpAddress

And in addition to the (same as parent folder) record in the domain zone for

the domain name, expand _msdcs, open gc create new host with name field

blank and give it the IP of the internal interface. This resolves as

gc._msdcs.forestroot.



--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
--
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your
issue. To respond directly to me remove the nospam. from my
email. ==========================================
http://www.lonestaramerica.com/
==========================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
==========================================
Keep a back up of your OE settings and folders with
OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
==========================================
Anonymous
July 31, 2004 12:23:53 AM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:o AtwqkndEHA.3632@TK2MSFTNGP11.phx.gbl,
Joe <joebio91@hotmail.com> asked for help and I offered my suggestions
below:
> Thanks God, at least the users could use the centralize app today and
> network printing without problem.
> Just some computer cannot be connected remotely from server althoug
> could ping it.
> and the internet still doesn't work after several hours, also there
> are several error in the system log
> Source: userenv
> eventid: 1000
> the search for AD object fail with (87)
>
> Windows cannot query for the list of GPO
>
> Is this related becaus eof DNS?
>
> At least users can work, that's better ...FIuuhh
>
> I am so dumb...ho wcome I use Google posting, actually in the long
> time ago I ve ever use Outlook Express for newsgroup ;((
> Otherwise it's gonna be faster for communication.
> Thanks Ace.
>
>
>
You;re welcome Joe. OEx is easier than using any web interface to interact
with any newsgroup.

See what Kevin said about the reg entries.

Ace
August 3, 2004 10:58:32 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

Still the same problem exist, after several hours the ping using fqdn dns
fail even from server itseft to public domain.

Before it's happened always there is a event id #5871 and also everytime
reboot.

I notice that after dns fail and I run the netdiag /test:D ns /v compare WITH
after reboot (because after reboot the ping to fqdn domain works ok), have
different.

I list below for comparison and analisys.

AFTER FAIL:

Netcard queries test . . . . . . . : Passed



Per interface results:

Adapter : Local Area Connection

Netcard queries test . . . : Passed

Adapter : WAN

Netcard queries test . . . : Passed

Adapter : IPX Internal Interface

Netcard queries test . . . : Passed

Adapter : IpxLoopbackAdapter

Netcard queries test . . . : Passed

Adapter : NDISWANIPX

Netcard queries test . . . : Passed


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
1 NetBt transport currently configured.


DNS test . . . . . . . . . . . . . : Failed
[WARNING] Cannot find a primary authoritative DNS server for the
name
'ntserver1.craft.local.'. [ERROR_TIMEOUT]
The name 'ntserver1.craft.local.' may not be registered in DNS.
[WARNING] Cannot find a primary authoritative DNS server for the
name
'ntserver1.craft.local.'. [ERROR_TIMEOUT]
The name 'ntserver1.craft.local.' may not be registered in DNS.
[WARNING] The DNS entries for this DC cannot be verified right now on
DNS server 10.1.1.10, ERROR_TIMEOUT.
[FATAL] No DNS servers have the DNS records for this DC registered.

The command completed successfully



AFTER REBOOT:


Netcard queries test . . . . . . . : Passed



Per interface results:

Adapter : Local Area Connection

Netcard queries test . . . : Passed

Adapter : WAN

Netcard queries test . . . : Passed

Adapter : IPX Internal Interface

Netcard queries test . . . : Passed

Adapter : IpxLoopbackAdapter

Netcard queries test . . . : Passed

Adapter : NDISWANIPX

Netcard queries test . . . : Passed


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{8A7AEEE3-F3B6-48F1-93F5-6D39CAC7C19E}
1 NetBt transport currently configured.


DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server
'10.1.1.10'.


The command completed successfully



I have followed all the instruction but somehow still doesn't resolve the
problem, even though there are progresses.
Hopefully there is another way to solve this weird thing.

--
Regards,
Joe


"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:uQaee7ndEHA.644@tk2msftngp13.phx.gbl...
> In news:o AtwqkndEHA.3632@TK2MSFTNGP11.phx.gbl,
> Joe <joebio91@hotmail.com> posted a question
> Then Kevin replied below:
> > Thanks God, at least the users could use the centralize
> > app today and network printing without problem.
> > Just some computer cannot be connected remotely from
> > server althoug could ping it.
> > and the internet still doesn't work after several hours,
> > also there are several error in the system log
> > Source: userenv
> > eventid: 1000
> > the search for AD object fail with (87)
> >
> > Windows cannot query for the list of GPO
> >
> > Is this related becaus eof DNS?
>
> If you are getting userenv 1000 events, it is usually because it is
looking
> at the wrong interface for the SYSVOL share, possibly because the private
IP
> is not getting published for the domain name(step 2 & 3 below), or the
> private interface is not at the top of the binding order (step 4 below).
>
> 1. In the DNS management console, on the properties of the DNS server,
> interfaces tab, set DNS to only listen on the private IP you want in DNS
for
>
> the server.
>
> 2. Add this registry entry with regedt32 to stop the (same as parent
folder)
> records.
> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
>
> Registry value: DnsAvoidRegisterRecords
> Data type: REG_MULTI_SZ
>
> LdapIpAddress
>
> (If the DC is also a Global Catalog see note below)
>
> 3. Create a new host in DNS, leave the name field blank, give it the IP of
> the internal interface. Win2k barks at you saying (same as parent folder)
is
> not a valid host name, click OK to create the record anyway.
>
> 4. Right click on Network places, choose properties, in the Advanced menu
> select Advanced settings. Make sure the internal interface is at the top
of
> the connections pane and File sharing is enabled on the internal
interface.
>
>
> Note-
>
> If the DC is also a Global Catalog use this registry entry:
>
> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
>
> Registry value: DnsAvoidRegisterRecords
> Data type: REG_MULTI_SZ
>
> LdapIpAddress
> GcIpAddress
>
> And in addition to the (same as parent folder) record in the domain zone
for
>
> the domain name, expand _msdcs, open gc create new host with name field
>
> blank and give it the IP of the internal interface. This resolves as
>
> gc._msdcs.forestroot.
>
>
>
> --
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ============================
> --
> When responding to posts, please "Reply to Group" via your
> newsreader so that others may learn and benefit from your
> issue. To respond directly to me remove the nospam. from my
> email. ==========================================
> http://www.lonestaramerica.com/
> ==========================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ==========================================
> Keep a back up of your OE settings and folders with
> OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ==========================================
>
>
Anonymous
August 3, 2004 10:58:33 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:o tqPH0aeEHA.236@tk2msftngp13.phx.gbl,
Joe <joebio91@hotmail.com> posted a question
Then Kevin replied below:
> Still the same problem exist, after several hours the
> ping using fqdn dns fail even from server itseft to
> public domain.
>
> Before it's happened always there is a event id #5871 and
> also everytime reboot.
>
> I notice that after dns fail and I run the netdiag
> /test:D ns /v compare WITH after reboot (because after
> reboot the ping to fqdn domain works ok), have different.

This thread has gotten so long I don't remember if you said DNS was
configured with a forwarder and what the forwarder was.

It definitely looks like the DNS service is failing, when you look in the
Services console, does the service say it is stopped or running?




--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
--
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your
issue. To respond directly to me remove the nospam. from my
email. ==========================================
http://www.lonestaramerica.com/
==========================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
==========================================
Keep a back up of your OE settings and folders with
OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
==========================================
August 4, 2004 8:10:25 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

I know, it's pretty long....but what can I do.

The internal NIC using forwarder to ISP DNS (142.77.1.1 & 5)
When the ping to FQDN domain failed, the DNS server service still runs also
netlogon.
After I restart DNS server service, the event id 6702 comes up (still canot
ping to fqdn domain) and afterward I restart Netlogon service and event id
5781 comes up (still canot ping to fqdn domain).
Also from log I see that after the time ping FQDN domain failed (around 1.49
pm) around 2.25 pm begin quite many event id 1000 (userenv) shows up.

I notice that after every time server reboot, there is a 5781 event id but
ping FQDN still ok but after exactly 6 hours 20 minutes, that's the 1st time
event id 5781 show up again in event log, ping FQDN fail and afterward every
exact 2 hours interval there are 5781.

What other thing you could suggest for resolving this weird problem??

If you need very detail info about this server configuration, etc...I will
send it to you but to the email address not publish in this thread. If you
need it, please let me know your email address to send to.
--
Regards,
Joe


"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:uIvNuSbeEHA.2440@tk2msftngp13.phx.gbl...
> In news:o tqPH0aeEHA.236@tk2msftngp13.phx.gbl,
> Joe <joebio91@hotmail.com> posted a question
> Then Kevin replied below:
> > Still the same problem exist, after several hours the
> > ping using fqdn dns fail even from server itseft to
> > public domain.
> >
> > Before it's happened always there is a event id #5871 and
> > also everytime reboot.
> >
> > I notice that after dns fail and I run the netdiag
> > /test:D ns /v compare WITH after reboot (because after
> > reboot the ping to fqdn domain works ok), have different.
>
> This thread has gotten so long I don't remember if you said DNS was
> configured with a forwarder and what the forwarder was.
>
> It definitely looks like the DNS service is failing, when you look in the
> Services console, does the service say it is stopped or running?
>
>
>
>
> --
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ============================
> --
> When responding to posts, please "Reply to Group" via your
> newsreader so that others may learn and benefit from your
> issue. To respond directly to me remove the nospam. from my
> email. ==========================================
> http://www.lonestaramerica.com/
> ==========================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ==========================================
> Keep a back up of your OE settings and folders with
> OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ==========================================
>
>
Anonymous
August 4, 2004 8:10:26 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:edoW26leEHA.1652@TK2MSFTNGP10.phx.gbl,
Joe <joebio91@hotmail.com> wrote their comments
Then Kevin replied inline below:
> I know, it's pretty long....but what can I do.
>
> The internal NIC using forwarder to ISP DNS (142.77.1.1 &
> 5)

Internal NIC using a forwarder to ISP?
All your NICs must be using the internal DNS, no exceptions, no ISP's DNS in
any position.

> When the ping to FQDN domain failed, the DNS server
> service still runs also netlogon.
> After I restart DNS server service, the event id 6702
> comes up (still canot ping to fqdn domain) and afterward
> I restart Netlogon service and event id 5781 comes up
> (still canot ping to fqdn domain).
> Also from log I see that after the time ping FQDN domain
> failed (around 1.49 pm) around 2.25 pm begin quite many
> event id 1000 (userenv) shows up.
>
> I notice that after every time server reboot, there is a
> 5781 event id but ping FQDN still ok but after exactly 6
> hours 20 minutes, that's the 1st time event id 5781 show
> up again in event log, ping FQDN fail and afterward every
> exact 2 hours interval there are 5781.
>
> What other thing you could suggest for resolving this
> weird problem??
>

This is getting to the point it might be easier and faster if I could remote
into this server. Follow the instructions in my signature line to email me,
you never want to post your email unmunged in a public forum.

Email me this:
1.Unedited ipconfig /all (text format)
2.Domain name from AD Users & Computers
3.Exported List of Forward lookup zones in DNS
4.Exported List of records in your AD forward lookup zone.


--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
--
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your
issue. To respond directly to me remove the nospam. from my
email.
==========================================
http://www.lonestaramerica.com/
==========================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
==========================================
Keep a back up of your OE settings and folders with
OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
==========================================
August 4, 2004 9:47:02 PM

Archived from groups: microsoft.public.win2000.dns (More info?)

I send to you an email with your requested. Thanks.

--
Regards,
Joe


"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:o wfQSPmeEHA.3612@TK2MSFTNGP12.phx.gbl...
> In news:edoW26leEHA.1652@TK2MSFTNGP10.phx.gbl,
> Joe <joebio91@hotmail.com> wrote their comments
> Then Kevin replied inline below:
> > I know, it's pretty long....but what can I do.
> >
> > The internal NIC using forwarder to ISP DNS (142.77.1.1 &
> > 5)
>
> Internal NIC using a forwarder to ISP?
> All your NICs must be using the internal DNS, no exceptions, no ISP's DNS
in
> any position.
>
> > When the ping to FQDN domain failed, the DNS server
> > service still runs also netlogon.
> > After I restart DNS server service, the event id 6702
> > comes up (still canot ping to fqdn domain) and afterward
> > I restart Netlogon service and event id 5781 comes up
> > (still canot ping to fqdn domain).
> > Also from log I see that after the time ping FQDN domain
> > failed (around 1.49 pm) around 2.25 pm begin quite many
> > event id 1000 (userenv) shows up.
> >
> > I notice that after every time server reboot, there is a
> > 5781 event id but ping FQDN still ok but after exactly 6
> > hours 20 minutes, that's the 1st time event id 5781 show
> > up again in event log, ping FQDN fail and afterward every
> > exact 2 hours interval there are 5781.
> >
> > What other thing you could suggest for resolving this
> > weird problem??
> >
>
> This is getting to the point it might be easier and faster if I could
remote
> into this server. Follow the instructions in my signature line to email
me,
> you never want to post your email unmunged in a public forum.
>
> Email me this:
> 1.Unedited ipconfig /all (text format)
> 2.Domain name from AD Users & Computers
> 3.Exported List of Forward lookup zones in DNS
> 4.Exported List of records in your AD forward lookup zone.
>
>
> --
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ============================
> --
> When responding to posts, please "Reply to Group" via your
> newsreader so that others may learn and benefit from your
> issue. To respond directly to me remove the nospam. from my
> email.
> ==========================================
> http://www.lonestaramerica.com/
> ==========================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ==========================================
> Keep a back up of your OE settings and folders with
> OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ==========================================
>
>
!