single-label or disjoint namespace?

Archived from groups: microsoft.public.win2000.dns (More info?)

How do I figure out if I have a single-label dns name or a disjoint
namespace? And when I figure out which one it is, is it correctable?

Thanks for any suggestions/help.

Background info:

dhcp xp clients not dynamically updating on w2k3 server.

More background info:

Is my system unusual as far as on the XP clients, the FQDN or Full computer
name = "name." not "name.domain.com". And this is the same for my 2003
servers. I have for sometime believed that I have a disjoint namespace issue
or aka single-label dns name. I have tried to fix it, but with no luck. What
happened on the 2003 servers is once I dcpromoed them, they lost there FQDN
and reverted to "name." I believe that this is my problem. My SOA for my 2003
servers are all "name." but for my 2000 servers they are "name.domain.com".
15 answers Last reply
More about single label disjoint namespace
  1. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:8111C172-C3F7-4009-AE4E-FCA164C4027E@microsoft.com,
    pingboy <pingboy@discussions.microsoft.com> commented
    Then Kevin replied below:
    > How do I figure out if I have a single-label dns name or
    > a disjoint namespace? And when I figure out which one it
    > is, is it correctable?
    >
    > Thanks for any suggestions/help.
    >
    > Background info:
    >
    > dhcp xp clients not dynamically updating on w2k3 server.
    >
    > More background info:
    >
    > Is my system unusual as far as on the XP clients, the
    > FQDN or Full computer name = "name." not
    > "name.domain.com". And this is the same for my 2003
    > servers. I have for sometime believed that I have a
    > disjoint namespace issue or aka single-label dns name. I
    > have tried to fix it, but with no luck. What happened on
    > the 2003 servers is once I dcpromoed them, they lost
    > there FQDN and reverted to "name." I believe that this is
    > my problem. My SOA for my 2003 servers are all "name."
    > but for my 2000 servers they are "name.domain.com".

    If the domain name in ADU&C is a single-label name (domain vs. domain.com)
    you have a single-label DNS domain name.
    From what you said, this sounds like a dis-jointed namespace because the DC
    is "name" and not "name.domain.com"

    You are in luck though MSPSS released a script last year in a KB article and
    it works great for fixing an incorrect primary DNS suffix on a DC, yours is
    incorrect since it doesn't have one.

    257623 Domain Controller's Domain Name System Suffix Does Not Match Domain
    Name
    http://support.microsoft.com/?id=257623&sd=RMVP

    I'm not sure how this happened unless you didn't join the Win2k3 as a member
    before you dcpromoed it.

    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
  2. Archived from groups: microsoft.public.win2000.dns (More info?)

    Thanks Kevin,

    I've run that script in the past, but it didn't change anything. I have even
    tried suggestion from this article,
    http://support.microsoft.com/default.aspx?scid=kb;en-us;888048 , but that
    didn't work either. The server was definately a member server before being
    dcpromoed.

    "Kevin D. Goodknecht Sr. [MVP]" wrote:

    > In news:8111C172-C3F7-4009-AE4E-FCA164C4027E@microsoft.com,
    > pingboy <pingboy@discussions.microsoft.com> commented
    > Then Kevin replied below:
    > > How do I figure out if I have a single-label dns name or
    > > a disjoint namespace? And when I figure out which one it
    > > is, is it correctable?
    > >
    > > Thanks for any suggestions/help.
    > >
    > > Background info:
    > >
    > > dhcp xp clients not dynamically updating on w2k3 server.
    > >
    > > More background info:
    > >
    > > Is my system unusual as far as on the XP clients, the
    > > FQDN or Full computer name = "name." not
    > > "name.domain.com". And this is the same for my 2003
    > > servers. I have for sometime believed that I have a
    > > disjoint namespace issue or aka single-label dns name. I
    > > have tried to fix it, but with no luck. What happened on
    > > the 2003 servers is once I dcpromoed them, they lost
    > > there FQDN and reverted to "name." I believe that this is
    > > my problem. My SOA for my 2003 servers are all "name."
    > > but for my 2000 servers they are "name.domain.com".
    >
    > If the domain name in ADU&C is a single-label name (domain vs. domain.com)
    > you have a single-label DNS domain name.
    > From what you said, this sounds like a dis-jointed namespace because the DC
    > is "name" and not "name.domain.com"
    >
    > You are in luck though MSPSS released a script last year in a KB article and
    > it works great for fixing an incorrect primary DNS suffix on a DC, yours is
    > incorrect since it doesn't have one.
    >
    > 257623 Domain Controller's Domain Name System Suffix Does Not Match Domain
    > Name
    > http://support.microsoft.com/?id=257623&sd=RMVP
    >
    > I'm not sure how this happened unless you didn't join the Win2k3 as a member
    > before you dcpromoed it.
    >
    > --
    > Best regards,
    > Kevin D4 Dad Goodknecht Sr. [MVP]
    > Hope This Helps
    > ===================================
    > When responding to posts, please "Reply to Group"
    > via your newsreader so that others may learn and
    > benefit from your issue, to respond directly to
    > me remove the nospam. from my email address.
    > ===================================
    > http://www.lonestaramerica.com/
    > ===================================
    > Use Outlook Express?... Get OE_Quotefix:
    > It will strip signature out and more
    > http://home.in.tum.de/~jain/software/oe-quotefix/
    > ===================================
    > Keep a back up of your OE settings and folders
    > with OEBackup:
    > http://www.oehelp.com/OEBackup/Default.aspx
    > ===================================
    >
    >
    >
  3. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:ED553D14-7D85-49A6-B002-72FED1DB8735@microsoft.com,
    pingboy <pingboy@discussions.microsoft.com> commented
    Then Kevin replied below:
    > Thanks Kevin,
    >
    > I've run that script in the past, but it didn't change
    > anything. I have even tried suggestion from this article,
    > http://support.microsoft.com/default.aspx?scid=kb;en-us;888048
    > , but that didn't work either. The server was definately
    > a member server before being dcpromoed.

    As this article stated maybe those keys are corrupted in the registry. Did
    you delete and recreate the keys as the article states?

    You might even be able to delete those keys and use the script to re-create
    them.


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
  4. Archived from groups: microsoft.public.win2000.dns (More info?)

    Kevin,

    Thanks for hanging in there with me. You helped my yesterday also regarding
    the dns not dynamically updating on the w2k3 server. This problem is just an
    extension of the other and I know are related. I did try deleting the keys
    and recreating them.

    Yesterday, I did the credential suggestion, and created a new user and made
    the user a member of DHCP administrators, DNSAdmins, and a domain user. I
    don't know if it needs more than that. The article didn't specify. Also when
    I put in the information for the dhcp dns credentials, I put the user name
    for the user name, and the short domain name for the domain, not the
    example.com domain name, if you know what I mean.

    The other thing I did yesterday, which was suggested by someone else on
    anther board was to add the server as a member of the dnsupdateproxy group.

    Have you ever looked at your dhcp log in c:\windows\system32\dhcp? Mine
    looks like this:

    Microsoft DHCP Service Activity Log


    Event ID Meaning
    00 The log was started.
    01 The log was stopped.
    02 The log was temporarily paused due to low disk space.
    10 A new IP address was leased to a client.
    11 A lease was renewed by a client.
    12 A lease was released by a client.
    13 An IP address was found to be in use on the network.
    14 A lease request could not be satisfied because the scope's
    address pool was exhausted.
    15 A lease was denied.
    16 A lease was deleted.
    17 A lease was expired.
    20 A BOOTP address was leased to a client.
    21 A dynamic BOOTP address was leased to a client.
    22 A BOOTP request could not be satisfied because the scope's
    address pool for BOOTP was exhausted.
    23 A BOOTP IP address was deleted after checking to see it was
    not in use.
    24 IP address cleanup operation has began.
    25 IP address cleanup statistics.
    30 DNS update request to the named DNS server
    31 DNS update failed
    32 DNS update successful
    50+ Codes above 50 are used for Rogue Server Detection information.

    ID,Date,Time,Description,IP Address,Host Name,MAC Address
    00,02/17/05,14:25:27,Started,,,,

    55,02/17/05,14:25:28,Authorized(servicing),,americantaxfunding.com,,

    30,02/17/05,14:28:34,DNS Update Request,57.1.168.192,HEATHER.,,

    30,02/17/05,14:28:34,DNS Update
    Request,57.1.168.192,HEATHER.americantaxfunding.com,,

    11,02/17/05,14:28:34,Renew,192.168.1.57,HEATHER.americantaxfunding.com,006097B54042,

    32,02/17/05,14:43:37,DNS Update Successful,192.168.1.57,HEATHER.,,

    31,02/17/05,14:43:37,DNS Update
    Failed,192.168.1.57,HEATHER.americantaxfunding.com,-1,

    "Kevin D. Goodknecht Sr. [MVP]" wrote:

    > In news:ED553D14-7D85-49A6-B002-72FED1DB8735@microsoft.com,
    > pingboy <pingboy@discussions.microsoft.com> commented
    > Then Kevin replied below:
    > > Thanks Kevin,
    > >
    > > I've run that script in the past, but it didn't change
    > > anything. I have even tried suggestion from this article,
    > > http://support.microsoft.com/default.aspx?scid=kb;en-us;888048
    > > , but that didn't work either. The server was definately
    > > a member server before being dcpromoed.
    >
    > As this article stated maybe those keys are corrupted in the registry. Did
    > you delete and recreate the keys as the article states?
    >
    > You might even be able to delete those keys and use the script to re-create
    > them.
    >
    >
    > --
    > Best regards,
    > Kevin D4 Dad Goodknecht Sr. [MVP]
    > Hope This Helps
    > ===================================
    > When responding to posts, please "Reply to Group"
    > via your newsreader so that others may learn and
    > benefit from your issue, to respond directly to
    > me remove the nospam. from my email address.
    > ===================================
    > http://www.lonestaramerica.com/
    > ===================================
    > Use Outlook Express?... Get OE_Quotefix:
    > It will strip signature out and more
    > http://home.in.tum.de/~jain/software/oe-quotefix/
    > ===================================
    > Keep a back up of your OE settings and folders
    > with OEBackup:
    > http://www.oehelp.com/OEBackup/Default.aspx
    > ===================================
    >
    >
    >
  5. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:0752AC3B-27F2-43CA-A38C-9B629807D86E@microsoft.com,
    pingboy <pingboy@discussions.microsoft.com> made a post then I commented
    below
    > Kevin,
    >
    > Thanks for hanging in there with me. You helped my yesterday also
    > regarding the dns not dynamically updating on the w2k3 server. This
    > problem is just an extension of the other and I know are related. I
    > did try deleting the keys and recreating them.
    >
    > Yesterday, I did the credential suggestion, and created a new user
    > and made the user a member of DHCP administrators, DNSAdmins, and a
    > domain user. I don't know if it needs more than that. The article
    > didn't specify. Also when I put in the information for the dhcp dns
    > credentials, I put the user name for the user name, and the short
    > domain name for the domain, not the example.com domain name, if you
    > know what I mean.
    >
    > The other thing I did yesterday, which was suggested by someone else
    > on anther board was to add the server as a member of the
    > dnsupdateproxy group.
    >
    > Have you ever looked at your dhcp log in c:\windows\system32\dhcp?
    > Mine looks like this:
    >
    > Microsoft DHCP Service Activity Log
    <snippe>

    Looks like your domain name is:
    americantaxfunding.com

    Is that correct? That name, if it is the AD DNS domain name, is not a single
    label name, However, if that is not your Primary DNS Suffix on ALL of your
    machines, including (and especially) your DCs, then you have a disjointed
    namespace. The script provided by Kevin should be able to fix it, but if
    there are other mitigating cirucumstances, such as an incorrectly spelled
    zone, corruption, etc, that will cause more probs than we can list.

    To better assist you and help diagnose it and give you recommendations,
    we'll need some specifi config info, such as:

    1. An unedited ipconfig /all from one of your DCs and a client. You can copy
    and paste that from the command prompt into your reply to the newsgroup.
    2. The Domain name that shows up in your ADUC (Active Dir Users & Computers)
    3. The name (exact spelling of the zone in DNS
    4. Are updates are set to allow in the properties of that zone in #3?
    5. Any and all pertinent Event Log errors from all of the Event logs from
    the DC (post the Event ID #s please).

    Thanks

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services

    --?
    =================================
  6. Archived from groups: microsoft.public.win2000.dns (More info?)

    Thanks the both of you for your help. I do appreciate your expertise.

    1. my workstation:

    Windows IP Configuration

    Host Name . . . . . . . . . . . . : JON
    Primary Dns Suffix . . . . . . . : americantaxfunding.com
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : americantaxfunding.com

    Ethernet adapter Local Area Connection 2:

    Connection-specific DNS Suffix . : americantaxfunding.com
    Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast
    Ethe
    rnet NIC
    Physical Address. . . . . . . . . : 00-50-BF-60-ED-90
    Dhcp Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    IP Address. . . . . . . . . . . . : 192.168.1.65
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.1.1
    DHCP Server . . . . . . . . . . . : 192.168.1.246
    DNS Servers . . . . . . . . . . . : 192.168.1.246
    192.168.1.254
    Primary WINS Server . . . . . . . : 192.168.1.246
    Lease Obtained. . . . . . . . . . : Thursday, February 17, 2005
    12:46:55
    PM
    Lease Expires . . . . . . . . . . : Friday, February 18, 2005
    12:46:55 A
    M


    A Windows 2003 server running dns but not a dhcp:

    Windows IP Configuration

    Host Name . . . . . . . . . . . . : npbts01
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No

    Ethernet adapter Local Area Connection 1:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI TX NIC
    (3C90
    5B-TX) #2
    Physical Address. . . . . . . . . : 00-10-4B-68-83-C8
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.1.251
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.1.1
    DNS Servers . . . . . . . . . . . : 192.168.1.251
    192.168.1.254
    Primary WINS Server . . . . . . . : 192.168.1.254


    A Windows 2000 Server running dns and dhcp (has two network adapters):

    Windows 2000 IP Configuration

    Host Name . . . . . . . . . . . . : npbfs05
    Primary DNS Suffix . . . . . . . : americantaxfunding.com
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : americantaxfunding.com

    Ethernet adapter Local Area Connection 2:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
    Adapter
    #2
    Physical Address. . . . . . . . . : 00-30-48-70-76-6B
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.1.254
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.1.1
    DNS Servers . . . . . . . . . . . : 192.168.1.254
    192.168.1.246
    Primary WINS Server . . . . . . . : 192.168.1.254

    Ethernet adapter Local Area Connection 1:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network
    Adapter

    Physical Address. . . . . . . . . : 00-30-48-70-76-6A
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.1.253
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.1.1
    DNS Servers . . . . . . . . . . . : 192.168.1.253
    192.168.1.246
    Primary WINS Server . . . . . . . : 192.168.1.253


    A Windows 2003 server running dns and dhcp (the culprit):

    Windows IP Configuration

    Host Name . . . . . . . . . . . . : npbex01
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : americantaxfunding.com

    Ethernet adapter Local Area Connection:

    Connection-specific DNS Suffix . : americantaxfunding.com
    Description . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI TX NIC
    (3C90
    5B-TX)
    Physical Address. . . . . . . . . : 00-10-5A-9A-7B-68
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.1.246
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.1.1
    DNS Servers . . . . . . . . . . . : 192.168.1.246
    192.168.1.254
    Primary WINS Server . . . . . . . : 192.168.1.246


    Note: Please remember that the Windows 2003 servers all had a correct FQDN
    before being dcpromed into Active Directory. Also, if you look at the More
    Setting
    in Computer Name tab (after the warning about changing a domain controllers
    name)
    you see that the Primary Dns Suffix is correct: americantaxfunding.com


    2. americantaxfunding.com

    3. Under Forward Lookup Zones, americantaxfunding.com
    (I also have Reverse Lookup Zones)

    4. "Secure" updates are allowed

    5. Event Type: Warning
    Event Source: LSASRV
    Event Category: SPNEGO (Negotiator)
    Event ID: 40961
    Date: 2/17/2005
    Time: 3:56:03 PM
    User: N/A
    Computer: NPBEX01
    Description:
    The Security System could not establish a secured connection with the server
    ldap/njfs02.americantaxfunding.com. No authentication protocol was available.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 8b 01 00 c0 ‹..À

    Event Type: Warning
    Event Source: NETLOGON
    Event Category: None
    Event ID: 5781
    Date: 2/17/2005
    Time: 12:16:49 PM
    User: N/A
    Computer: NPBEX01
    Description:
    Dynamic registration or deletion of one or more DNS records associated with
    DNS domain 'americantaxfunding.com.' failed. These records are used by other
    computers to locate this server as a domain controller (if the specified
    domain is an Active Directory domain) or as an LDAP server (if the specified
    domain is an application partition).

    Possible causes of failure include:
    - TCP/IP properties of the network connections of this computer contain
    wrong IP address(es) of the preferred and alternate DNS servers
    - Specified preferred and alternate DNS servers are not running
    - DNS server(s) primary for the records to be registered is not running
    - Preferred or alternate DNS servers are configured with wrong root hints
    - Parent DNS zone contains incorrect delegation to the child zone
    authoritative for the DNS records that failed registration

    USER ACTION
    Fix possible misconfiguration(s) specified above and initiate registration
    or deletion of the DNS records by running 'nltest.exe /dsregdns' from the
    command prompt or by restarting Net Logon service. Nltest.exe is available in
    the Microsoft Windows Server Resource Kit CD.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 2a 23 00 00 *#..


    "Ace Fekay [MVP]" wrote:

    > In news:0752AC3B-27F2-43CA-A38C-9B629807D86E@microsoft.com,
    > pingboy <pingboy@discussions.microsoft.com> made a post then I commented
    > below
    > > Kevin,
    > >
    > > Thanks for hanging in there with me. You helped my yesterday also
    > > regarding the dns not dynamically updating on the w2k3 server. This
    > > problem is just an extension of the other and I know are related. I
    > > did try deleting the keys and recreating them.
    > >
    > > Yesterday, I did the credential suggestion, and created a new user
    > > and made the user a member of DHCP administrators, DNSAdmins, and a
    > > domain user. I don't know if it needs more than that. The article
    > > didn't specify. Also when I put in the information for the dhcp dns
    > > credentials, I put the user name for the user name, and the short
    > > domain name for the domain, not the example.com domain name, if you
    > > know what I mean.
    > >
    > > The other thing I did yesterday, which was suggested by someone else
    > > on anther board was to add the server as a member of the
    > > dnsupdateproxy group.
    > >
    > > Have you ever looked at your dhcp log in c:\windows\system32\dhcp?
    > > Mine looks like this:
    > >
    > > Microsoft DHCP Service Activity Log
    > <snippe>
    >
    > Looks like your domain name is:
    > americantaxfunding.com
    >
    > Is that correct? That name, if it is the AD DNS domain name, is not a single
    > label name, However, if that is not your Primary DNS Suffix on ALL of your
    > machines, including (and especially) your DCs, then you have a disjointed
    > namespace. The script provided by Kevin should be able to fix it, but if
    > there are other mitigating cirucumstances, such as an incorrectly spelled
    > zone, corruption, etc, that will cause more probs than we can list.
    >
    > To better assist you and help diagnose it and give you recommendations,
    > we'll need some specifi config info, such as:
    >
    > 1. An unedited ipconfig /all from one of your DCs and a client. You can copy
    > and paste that from the command prompt into your reply to the newsgroup.
    > 2. The Domain name that shows up in your ADUC (Active Dir Users & Computers)
    > 3. The name (exact spelling of the zone in DNS
    > 4. Are updates are set to allow in the properties of that zone in #3?
    > 5. Any and all pertinent Event Log errors from all of the Event logs from
    > the DC (post the Event ID #s please).
    >
    > Thanks
    >
    > --
    > Regards,
    > Ace
    >
    > Please direct all replies ONLY to the Microsoft public newsgroups
    > so all can benefit.
    >
    > This posting is provided "AS-IS" with no warranties or guarantees
    > and confers no rights.
    >
    > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > Microsoft Windows MVP - Windows Server - Directory Services
    >
    > --Â?
    > =================================
    >
    >
    >
  7. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:A772FE84-215F-4E8E-A201-96F882A0C3BA@microsoft.com,
    pingboy <pingboy@discussions.microsoft.com> commented
    Then Kevin replied below:
    > Thanks the both of you for your help. I do appreciate
    > your expertise.

    It looks like both of the Win2k3 machines are in trouble, neither have a
    Primary DNS suffix. Is there any way to make a remote desktop connection to
    these servers?
    The reason I ask is that below you stated this:
    > Also, if you look at the More Setting
    > in Computer Name tab (after the warning about changing a
    > domain controllers name)
    > you see that the Primary Dns Suffix is correct:
    > americantaxfunding.com

    The problem is that this setting is supposed to be grayed out on A DC and
    you should not have access this part anyway.


    > A Windows 2003 server running dns but not a dhcp:
    >
    > Windows IP Configuration
    >
    > Host Name . . . . . . . . . . . . : npbts01
    > Primary Dns Suffix . . . . . . . :
    > Node Type . . . . . . . . . . . . : Hybrid
    > IP Routing Enabled. . . . . . . . : No
    > WINS Proxy Enabled. . . . . . . . : No
    >
    > Ethernet adapter Local Area Connection 1:
    >
    > Connection-specific DNS Suffix . :
    > Description . . . . . . . . . . . : 3Com EtherLink XL
    > 10/100 PCI TX NIC (3C90
    > 5B-TX) #2
    > Physical Address. . . . . . . . . : 00-10-4B-68-83-C8
    > DHCP Enabled. . . . . . . . . . . : No
    > IP Address. . . . . . . . . . . . : 192.168.1.251
    > Subnet Mask . . . . . . . . . . . : 255.255.255.0
    > Default Gateway . . . . . . . . . : 192.168.1.1
    > DNS Servers . . . . . . . . . . . : 192.168.1.251
    > 192.168.1.254
    > Primary WINS Server . . . . . . . : 192.168.1.254
    >

    > A Windows 2003 server running dns and dhcp (the culprit):
    >
    > Windows IP Configuration
    >
    > Host Name . . . . . . . . . . . . : npbex01
    > Primary Dns Suffix . . . . . . . :
    > Node Type . . . . . . . . . . . . : Hybrid
    > IP Routing Enabled. . . . . . . . : No
    > WINS Proxy Enabled. . . . . . . . : No
    > DNS Suffix Search List. . . . . . :
    > americantaxfunding.com
    >
    > Ethernet adapter Local Area Connection:
    >
    > Connection-specific DNS Suffix . :
    > americantaxfunding.com Description . . . . . . . . . .
    > . : 3Com EtherLink XL 10/100 PCI TX NIC (3C90
    > 5B-TX)
    > Physical Address. . . . . . . . . : 00-10-5A-9A-7B-68
    > DHCP Enabled. . . . . . . . . . . : No
    > IP Address. . . . . . . . . . . . : 192.168.1.246
    > Subnet Mask . . . . . . . . . . . : 255.255.255.0
    > Default Gateway . . . . . . . . . : 192.168.1.1
    > DNS Servers . . . . . . . . . . . : 192.168.1.246
    > 192.168.1.254
    > Primary WINS Server . . . . . . . : 192.168.1.246
    >
    >
    >
    > Note: Please remember that the Windows 2003 servers all
    > had a correct FQDN before being dcpromed into Active
    > Directory. Also, if you look at the More Setting
    > in Computer Name tab (after the warning about changing a
    > domain controllers name)
    > you see that the Primary Dns Suffix is correct:
    > americantaxfunding.com


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
  8. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:Ob38yqVFFHA.2296@TK2MSFTNGP15.phx.gbl,
    Kevin D. Goodknecht Sr. [MVP] <admin@nospam.WFTX.US> made a post then I
    commented below
    > In news:A772FE84-215F-4E8E-A201-96F882A0C3BA@microsoft.com,
    > pingboy <pingboy@discussions.microsoft.com> commented
    > Then Kevin replied below:
    >> Thanks the both of you for your help. I do appreciate
    >> your expertise.
    >
    > It looks like both of the Win2k3 machines are in trouble, neither
    > have a Primary DNS suffix. Is there any way to make a remote desktop
    > connection to these servers?
    > The reason I ask is that below you stated this:
    >> Also, if you look at the More Setting
    >> in Computer Name tab (after the warning about changing a
    >> domain controllers name)
    >> you see that the Primary Dns Suffix is correct:
    >> americantaxfunding.com
    >
    > The problem is that this setting is supposed to be grayed out on A DC
    > and you should not have access this part anyway.

    Kevin, I would like to add, IIRC, on a Win2003 DC, it is possible to change
    that name (shouldn't be grayed out), but I do not have an installation in
    front of me to confirm that, and also I believe it depends on functional
    levels too.

    As for the SPNEGO error on NPBEX01, that is probably due to no PTR in the
    reverse zone, since it has no Primary DNS Suffix to register into the
    forward zone. I am willing to bet that is happening on NPBTS01 as well for
    the same reason.

    Also, want to mention that the multihomed NPBFS05 is problematic with two
    NICs on the same subnet, unless of course, the NICs are teamed. If they are
    teamed, no problem, if not, then we may have an issue there since they are
    on the same subnet.

    Pingboy, may I ask why they are on the same subnet?
    Is teaming possible with these NICs? (Look at the NIC documentation).

    Look in the registry on NPBTS01 and NPBEX01 for these entries below. Can you
    tell me what they are? I'm expecting to find "americantaxfunding.com".

    "HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Domain" (should say
    americantaxfunding.com).

    "HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NV Domain" (should
    say americantaxfunding.com).

    "HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\SyncDomainWithMembership",
    (should be a value of 1)

    Thanks

    Ace
  9. Archived from groups: microsoft.public.win2000.dns (More info?)

    Thank you again for sticking in there.

    As far as the reg settings they are what you wrote.

    As far as the nics, I'm not and have never been crazy about having
    two nics, but that is the way it was when I got here. There was
    even another server with two nics, but that was just retired for
    the new 2003 server. I have read numerous articles on multihomed
    computer issues with browsing and so forth, but in my humble
    opinion, I don't think this is the issue here.


    As far as the reverse lookup zones, in the 192.168.1.x zone, I have
    two workstations with PTR records, both have the FQDN format. These
    are getting their IPs from the 2000 server, as mentioned before, that
    server is DDNS fine. The other records are all server PTR records and
    server NS records. On a side note, in the past, to get rid of other
    errors, when I first noticed the disjoint namespace issue months ago,
    and in order to get AD replication working (it is still working fine),
    I would add extra records to conteract the disjoint name. Whereever I
    would see a "name." for a 2003 server, I would add a "name.domain.com"
    record. So I do have a PTR record for all three 2003 servers in the
    192.168.1.x reverse lookup zone, but for two(npbex01 and npbts01)
    out of the three 2003 servers, they are in the "name.domain.com" format,
    not the "name." format. Do I need to add a "name." PTR record?

    On a sort of side note, two days ago, when trying to diagnose the issue
    I tried using Group Policy to force the dns suffix. Actually, it is
    forcing the dns suffix. I know it is working for two reasons. One, the
    two workstations that are updating from the 2000 server have changed
    from "name." to "name.domain.com" just after the change in the group
    policy. Two, when I look at the dhcp log, I notice all of the other
    workstations have changed from "name." to "name.domain.com".

    Thanks again guys.

    "Ace Fekay [MVP]" wrote:

    > In news:Ob38yqVFFHA.2296@TK2MSFTNGP15.phx.gbl,
    > Kevin D. Goodknecht Sr. [MVP] <admin@nospam.WFTX.US> made a post then I
    > commented below
    > > In news:A772FE84-215F-4E8E-A201-96F882A0C3BA@microsoft.com,
    > > pingboy <pingboy@discussions.microsoft.com> commented
    > > Then Kevin replied below:
    > >> Thanks the both of you for your help. I do appreciate
    > >> your expertise.
    > >
    > > It looks like both of the Win2k3 machines are in trouble, neither
    > > have a Primary DNS suffix. Is there any way to make a remote desktop
    > > connection to these servers?
    > > The reason I ask is that below you stated this:
    > >> Also, if you look at the More Setting
    > >> in Computer Name tab (after the warning about changing a
    > >> domain controllers name)
    > >> you see that the Primary Dns Suffix is correct:
    > >> americantaxfunding.com
    > >
    > > The problem is that this setting is supposed to be grayed out on A DC
    > > and you should not have access this part anyway.
    >
    > Kevin, I would like to add, IIRC, on a Win2003 DC, it is possible to change
    > that name (shouldn't be grayed out), but I do not have an installation in
    > front of me to confirm that, and also I believe it depends on functional
    > levels too.
    >
    > As for the SPNEGO error on NPBEX01, that is probably due to no PTR in the
    > reverse zone, since it has no Primary DNS Suffix to register into the
    > forward zone. I am willing to bet that is happening on NPBTS01 as well for
    > the same reason.
    >
    > Also, want to mention that the multihomed NPBFS05 is problematic with two
    > NICs on the same subnet, unless of course, the NICs are teamed. If they are
    > teamed, no problem, if not, then we may have an issue there since they are
    > on the same subnet.
    >
    > Pingboy, may I ask why they are on the same subnet?
    > Is teaming possible with these NICs? (Look at the NIC documentation).
    >
    > Look in the registry on NPBTS01 and NPBEX01 for these entries below. Can you
    > tell me what they are? I'm expecting to find "americantaxfunding.com".
    >
    > "HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Domain" (should say
    > americantaxfunding.com).
    >
    > "HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NV Domain" (should
    > say americantaxfunding.com).
    >
    > "HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\SyncDomainWithMembership",
    > (should be a value of 1)
    >
    > Thanks
    >
    > Ace
    >
    >
    >
    >
  10. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:%23EnkkmWFFHA.228@TK2MSFTNGP15.phx.gbl,
    Ace Fekay [MVP] <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com>
    commented
    Then Kevin replied below:
    > Kevin, I would like to add, IIRC, on a Win2003 DC, it is
    > possible to change
    > that name (shouldn't be grayed out), but I do not have an
    > installation in
    > front of me to confirm that, and also I believe it
    > depends on functional
    > levels too.

    I don't have a Win2k3 DC in front of me either, but I do manage a couple
    remotely. Those settings are grayed out in the remote desktop, that is what
    I have to go on. I'm not sure of the functional level of one, but I know the
    other is Windows 2000 functional level because it has a Win2k replica. (You
    remember the two I was telling you about last week) Maybe the setting is
    just grayed out in the remote desktop, or maybe it is the functional level.
    I would like to verify this though, I really hate to tell someone wrong
    information.


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
  11. Archived from groups: microsoft.public.win2000.dns (More info?)

    Kevin,

    I think I may have confused the whole matter when I
    mentioned that information. You are correct, on a DC
    it is grayed out and on a non dc it isn't grayed
    out, remote or not remote. I was just mentioning
    it because, even though it is grayed out, you can still
    click on change, you will get a warning stating that
    you cannot change a DC's name, but you can ignore the
    warning and move on to the next window "computer name
    changes" and then click More, and move on to the
    "DNS suffix and Netbios computer name" window.

    Thanks again. Hope this helps.

    "Kevin D. Goodknecht Sr. [MVP]" wrote:

    > In news:%23EnkkmWFFHA.228@TK2MSFTNGP15.phx.gbl,
    > Ace Fekay [MVP] <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com>
    > commented
    > Then Kevin replied below:
    > > Kevin, I would like to add, IIRC, on a Win2003 DC, it is
    > > possible to change
    > > that name (shouldn't be grayed out), but I do not have an
    > > installation in
    > > front of me to confirm that, and also I believe it
    > > depends on functional
    > > levels too.
    >
    > I don't have a Win2k3 DC in front of me either, but I do manage a couple
    > remotely. Those settings are grayed out in the remote desktop, that is what
    > I have to go on. I'm not sure of the functional level of one, but I know the
    > other is Windows 2000 functional level because it has a Win2k replica. (You
    > remember the two I was telling you about last week) Maybe the setting is
    > just grayed out in the remote desktop, or maybe it is the functional level.
    > I would like to verify this though, I really hate to tell someone wrong
    > information.
    >
    >
    > --
    > Best regards,
    > Kevin D4 Dad Goodknecht Sr. [MVP]
    > Hope This Helps
    > ===================================
    > When responding to posts, please "Reply to Group"
    > via your newsreader so that others may learn and
    > benefit from your issue, to respond directly to
    > me remove the nospam. from my email address.
    > ===================================
    > http://www.lonestaramerica.com/
    > ===================================
    > Use Outlook Express?... Get OE_Quotefix:
    > It will strip signature out and more
    > http://home.in.tum.de/~jain/software/oe-quotefix/
    > ===================================
    > Keep a back up of your OE settings and folders
    > with OEBackup:
    > http://www.oehelp.com/OEBackup/Default.aspx
    > ===================================
    >
    >
    >
  12. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:E139FC2D-5D0F-4C47-A630-CE03EA386D6E@microsoft.com,
    pingboy <pingboy@discussions.microsoft.com> commented
    Then Kevin replied below:
    > Kevin,
    >
    > I think I may have confused the whole matter when I
    > mentioned that information. You are correct, on a DC
    > it is grayed out and on a non dc it isn't grayed
    > out, remote or not remote. I was just mentioning
    > it because, even though it is grayed out, you can still
    > click on change, you will get a warning stating that
    > you cannot change a DC's name, but you can ignore the
    > warning and move on to the next window "computer name
    > changes" and then click More, and move on to the
    > "DNS suffix and Netbios computer name" window.

    Did you delete and recreate those registry keys noted in that article?
    These keys may be corrupted.

    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
  13. Archived from groups: microsoft.public.win2000.dns (More info?)

    Kevin,

    I sure did.

    "Kevin D. Goodknecht Sr. [MVP]" wrote:

    > In news:E139FC2D-5D0F-4C47-A630-CE03EA386D6E@microsoft.com,
    > pingboy <pingboy@discussions.microsoft.com> commented
    > Then Kevin replied below:
    > > Kevin,
    > >
    > > I think I may have confused the whole matter when I
    > > mentioned that information. You are correct, on a DC
    > > it is grayed out and on a non dc it isn't grayed
    > > out, remote or not remote. I was just mentioning
    > > it because, even though it is grayed out, you can still
    > > click on change, you will get a warning stating that
    > > you cannot change a DC's name, but you can ignore the
    > > warning and move on to the next window "computer name
    > > changes" and then click More, and move on to the
    > > "DNS suffix and Netbios computer name" window.
    >
    > Did you delete and recreate those registry keys noted in that article?
    > These keys may be corrupted.
    >
    > --
    > Best regards,
    > Kevin D4 Dad Goodknecht Sr. [MVP]
    > Hope This Helps
    > ===================================
    > When responding to posts, please "Reply to Group"
    > via your newsreader so that others may learn and
    > benefit from your issue, to respond directly to
    > me remove the nospam. from my email address.
    > ===================================
    > http://www.lonestaramerica.com/
    > ===================================
    > Use Outlook Express?... Get OE_Quotefix:
    > It will strip signature out and more
    > http://home.in.tum.de/~jain/software/oe-quotefix/
    > ===================================
    > Keep a back up of your OE settings and folders
    > with OEBackup:
    > http://www.oehelp.com/OEBackup/Default.aspx
    > ===================================
    >
    >
    >
  14. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:E6AA5C82-EB67-4C6B-8628-2B3B7C567F17@microsoft.com,
    pingboy <pingboy@discussions.microsoft.com> commented
    Then Kevin replied below:
    > Kevin,
    >
    > I sure did.

    This one is totally off the wall, I've never seen or heard of any Domain
    Controllers exhibiting this behavior. Make a call to MS PSS. It may be
    something silly, but we've covered everything concerning the Primary DNS
    suffix on a DC and it still isn't right.

    Without connecting remotely, which MS PSS will do, I don't know what to tell
    you to do.


    --
    Best regards,
    Kevin D4 Dad Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
  15. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:e62nF7hFFHA.3120@TK2MSFTNGP12.phx.gbl,
    Kevin D. Goodknecht Sr. [MVP] <admin@nospam.WFTX.US> made a post then I
    commented below

    > This one is totally off the wall, I've never seen or heard of any
    > Domain Controllers exhibiting this behavior. Make a call to MS PSS.
    > It may be something silly, but we've covered everything concerning
    > the Primary DNS suffix on a DC and it still isn't right.
    >
    > Without connecting remotely, which MS PSS will do, I don't know what
    > to tell you to do.

    I agree. If this is exhibiting this sort of behavior, it seems this would be
    a new one to me too, unless we're missing something in the diagnosis.

    Just to try something out, I would try to change the domain name in the GUI
    to a blank, then change it again back to what it is supposed to be. Or
    maybem just demote it and promote it back into the domain with prior to
    that, set the Primary DNS Suffix first.

    Ace
Ask a new question

Read More

Servers DNS Windows XP Windows