Archived from groups: microsoft.public.win2000.dns (
More info?)
Thanks the both of you for your help. I do appreciate your expertise.
1. my workstation:
Windows IP Configuration
Host Name . . . . . . . . . . . . : JON
Primary Dns Suffix . . . . . . . : americantaxfunding.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : americantaxfunding.com
Ethernet adapter Local Area Connection 2:
Connection-specific DNS Suffix . : americantaxfunding.com
Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast
Ethe
rnet NIC
Physical Address. . . . . . . . . : 00-50-BF-60-ED-90
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.65
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.246
DNS Servers . . . . . . . . . . . : 192.168.1.246
192.168.1.254
Primary WINS Server . . . . . . . : 192.168.1.246
Lease Obtained. . . . . . . . . . : Thursday, February 17, 2005
12:46:55
PM
Lease Expires . . . . . . . . . . : Friday, February 18, 2005
12:46:55 A
M
A Windows 2003 server running dns but not a dhcp:
Windows IP Configuration
Host Name . . . . . . . . . . . . : npbts01
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection 1:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI TX NIC
(3C90
5B-TX) #2
Physical Address. . . . . . . . . : 00-10-4B-68-83-C8
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.251
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.251
192.168.1.254
Primary WINS Server . . . . . . . : 192.168.1.254
A Windows 2000 Server running dns and dhcp (has two network adapters):
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : npbfs05
Primary DNS Suffix . . . . . . . : americantaxfunding.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : americantaxfunding.com
Ethernet adapter Local Area Connection 2:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
Adapter
#2
Physical Address. . . . . . . . . : 00-30-48-70-76-6B
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.254
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.254
192.168.1.246
Primary WINS Server . . . . . . . : 192.168.1.254
Ethernet adapter Local Area Connection 1:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
Adapter
Physical Address. . . . . . . . . : 00-30-48-70-76-6A
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.253
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.253
192.168.1.246
Primary WINS Server . . . . . . . : 192.168.1.253
A Windows 2003 server running dns and dhcp (the culprit):
Windows IP Configuration
Host Name . . . . . . . . . . . . : npbex01
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : americantaxfunding.com
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : americantaxfunding.com
Description . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI TX NIC
(3C90
5B-TX)
Physical Address. . . . . . . . . : 00-10-5A-9A-7B-68
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.246
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.246
192.168.1.254
Primary WINS Server . . . . . . . : 192.168.1.246
Note: Please remember that the Windows 2003 servers all had a correct FQDN
before being dcpromed into Active Directory. Also, if you look at the More
Setting
in Computer Name tab (after the warning about changing a domain controllers
name)
you see that the Primary Dns Suffix is correct: americantaxfunding.com
2. americantaxfunding.com
3. Under Forward Lookup Zones, americantaxfunding.com
(I also have Reverse Lookup Zones)
4. "Secure" updates are allowed
5. Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40961
Date: 2/17/2005
Time: 3:56:03 PM
User: N/A
Computer: NPBEX01
Description:
The Security System could not establish a secured connection with the server
ldap/njfs02.americantaxfunding.com. No authentication protocol was available.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 8b 01 00 c0 ‹..À
Event Type: Warning
Event Source: NETLOGON
Event Category: None
Event ID: 5781
Date: 2/17/2005
Time: 12:16:49 PM
User: N/A
Computer: NPBEX01
Description:
Dynamic registration or deletion of one or more DNS records associated with
DNS domain 'americantaxfunding.com.' failed. These records are used by other
computers to locate this server as a domain controller (if the specified
domain is an Active Directory domain) or as an LDAP server (if the specified
domain is an application partition).
Possible causes of failure include:
- TCP/IP properties of the network connections of this computer contain
wrong IP address(es) of the preferred and alternate DNS servers
- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone
authoritative for the DNS records that failed registration
USER ACTION
Fix possible misconfiguration(s) specified above and initiate registration
or deletion of the DNS records by running 'nltest.exe /dsregdns' from the
command prompt or by restarting Net Logon service. Nltest.exe is available in
the Microsoft Windows Server Resource Kit CD.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2a 23 00 00 *#..
"Ace Fekay [MVP]" wrote:
> In news:0752AC3B-27F2-43CA-A38C-9B629807D86E@microsoft.com,
> pingboy <pingboy@discussions.microsoft.com> made a post then I commented
> below
> > Kevin,
> >
> > Thanks for hanging in there with me. You helped my yesterday also
> > regarding the dns not dynamically updating on the w2k3 server. This
> > problem is just an extension of the other and I know are related. I
> > did try deleting the keys and recreating them.
> >
> > Yesterday, I did the credential suggestion, and created a new user
> > and made the user a member of DHCP administrators, DNSAdmins, and a
> > domain user. I don't know if it needs more than that. The article
> > didn't specify. Also when I put in the information for the dhcp dns
> > credentials, I put the user name for the user name, and the short
> > domain name for the domain, not the example.com domain name, if you
> > know what I mean.
> >
> > The other thing I did yesterday, which was suggested by someone else
> > on anther board was to add the server as a member of the
> > dnsupdateproxy group.
> >
> > Have you ever looked at your dhcp log in c:\windows\system32\dhcp?
> > Mine looks like this:
> >
> > Microsoft DHCP Service Activity Log
> <snippe>
>
> Looks like your domain name is:
> americantaxfunding.com
>
> Is that correct? That name, if it is the AD DNS domain name, is not a single
> label name, However, if that is not your Primary DNS Suffix on ALL of your
> machines, including (and especially) your DCs, then you have a disjointed
> namespace. The script provided by Kevin should be able to fix it, but if
> there are other mitigating cirucumstances, such as an incorrectly spelled
> zone, corruption, etc, that will cause more probs than we can list.
>
> To better assist you and help diagnose it and give you recommendations,
> we'll need some specifi config info, such as:
>
> 1. An unedited ipconfig /all from one of your DCs and a client. You can copy
> and paste that from the command prompt into your reply to the newsgroup.
> 2. The Domain name that shows up in your ADUC (Active Dir Users & Computers)
> 3. The name (exact spelling of the zone in DNS
> 4. Are updates are set to allow in the properties of that zone in #3?
> 5. Any and all pertinent Event Log errors from all of the Event logs from
> the DC (post the Event ID #s please).
>
> Thanks
>
> --
> Regards,
> Ace
>
> Please direct all replies ONLY to the Microsoft public newsgroups
> so all can benefit.
>
> This posting is provided "AS-IS" with no warranties or guarantees
> and confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
> Microsoft Windows MVP - Windows Server - Directory Services
>
> --Â?
> =================================
>
>
>