Tom's Hardware > Forum > General Networking > Network General Discussions > Window 2003 DNS errors, please help!!

Window 2003 DNS errors, please help!!

Forum General Networking : Network General Discussions - Window 2003 DNS errors, please help!!

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!
Ask the community Add a reply
Word :    Username :           
 
Thrawn717   05-10-2006 at 11:51:38 PM

Hi All,
Here is the problem that I am having with my network explained from square one. I’ll explain everything from beginning to present.

First let me start by explaining my network lay out.

I have 1 main server (PDC) at the my main site and 1 DC at each of my 2 off site locations. The names of these are Jelly (PDC), Isleta (DC), and Butter2 (DC). All of these locations are connected to each other thru a VWAN that is maintained by my ISP.

On my main server I had two NICs that were both setup with the following IP addresses 192.168.1.8, 192.168.1.10.
Which both of these NICs are set up to be my Primary and Secondary DNS servers.

On March 14th one of the NICs in Jelly (PDC) went out. I replaced it with a new NIC and assigned it with the IP address of the old. But I forgot to uninstall the old one in Windows so I still had a ghost NIC installed which was conflicting with the new NIC. But since I first posted this problem someone has told me how to uninstall ghost hardware so I am no longer having conflicts with that. I have also disabled one of the NICs like several other people have suggested.

But ever since this has happened I have been getting replication errors in my logs. These are the warnings and errors that I have been getting..


Quote :


Event Properties

Source: NTDS KCC
Category: Knowledge Consistency
Type: Warning
Event ID: 1925

The attempt to establish a replication link for the following writable directory partition failed.

Directory partition:
CN=Configuration,DC=PBJFS,DC=local
Source domain controller:
CN=NTDS Settings,CN=TEST-9AH1A7UHOC,CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,DC=PBJFS,DC=local
Source domain controller address:
74e6c8df-1beb-49ae-9929-1f778d0b3143._msdcs.PBJFS.local
Intersite transport (if any):


This domain controller will be unable to replicate with the source domain controller until this problem is corrected.

User Action
Verify if the source domain controller is accessible or network connectivity is available.

Additional Data
Error value:
8524 The DSA operation is unable to proceed because of a DNS lookup failure.




Quote :


Event Properties

Source: NTDS Replication
Category: DS RPC Client
Type: Error
Event ID: 2087

Active Directory could not resolve the following DNS host name of the source domain controller to an IP address. This error prevents additions, deletions and changes in Active Directory from replicating between one or more domain controllers in the forest. Security groups, group policy, users and computers and their passwords will be inconsistent between domain controllers until this error is resolved, potentially affecting logon authentication and access to network resources.

Source domain controller:
BERNALILLO
Failing DNS host name:
4b2ee228-5395-452f-967c-139b1ac65dc9._msdcs.PBJFS.local

NOTE: By default, only up to 10 DNS failures are shown for any given 12 hour period, even if more than 10 failures occur. To log all individual failure events, set the following diagnostics registry value to 1:

Registry Path:
HKLMSystemCurrentControlSetServicesNTDSDiagnostics22 DS RPC Client

User Action:

1) If the source domain controller is no longer functioning or its operating system has been reinstalled with a different computer name or NTDSDSA object GUID, remove the source domain controller's metadata with ntdsutil.exe, using the steps outlined in MSKB article 216498.

2) Confirm that the source domain controller is running Active directory and is accessible on the network by typing "net view <source DC name>" or "ping <source DC name>".

3) Verify that the source domain controller is using a valid DNS server for DNS services, and that the source domain controller's host record and CNAME record are correctly registered, using the DNS Enhanced version of DCDIAG.EXE available on http://www.microsoft.com/dns

dcdiag /test:dns

4) Verify that that this destination domain controller is using a valid DNS server for DNS services, by running the DNS Enhanced version of DCDIAG.EXE command on the console of the destination domain controller, as follows:

dcdiag /test:dns

5) For further analysis of DNS error failures see KB 824449:
http://support.microsoft.com/?kbid=824449

Additional Data
Error value:
11004 The requested name is valid, but no data of the requested type was found.



After talking to several people in other forums they have told me to do a dcdiag.exe test. Here are the results of those tests on all 3 servers. The first will be on the (PDC) main server “Jelly”, followed by Butter2 (DC), then Isleta (DC).

(Jelly PDC)

Quote :



Domain Controller Diagnosis

Performing initial setup:
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-SiteJELLY
Starting test: Connectivity
......................... JELLY passed test Connectivity

Doing primary tests

Testing server: Default-First-SiteJELLY

DNS Tests are running and not hung. Please wait a few minutes...

Running partition tests on : TAPI3Directory

Running partition tests on : ForestDnsZones

Running partition tests on : DomainDnsZones

Running partition tests on : Schema

Running partition tests on : Configuration

Running partition tests on : PBJFS

Running enterprise tests on : PBJFS.local
Starting test: DNS
Test results for domain controllers:

DC: jelly.PBJFS.local
Domain: PBJFS.local


TEST: Delegations (Del)
Warning: DNS server: jelly.sv.jelly.local.org. IP: <Unavailable> Failure:Missing glue A record

Summary of DNS test results:

Auth Basc Forw Del Dyn RReg Ext
________________________________________________________________
Domain: PBJFS.local
jelly PASS PASS PASS FAIL PASS PASS n/a

......................... PBJFS.local failed test DNS



(Butter2 DC)

Quote :


Domain Controller Diagnosis

Performing initial setup:
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-SiteBUTTER2
Starting test: Connectivity
......................... BUTTER2 passed test Connectivity

Doing primary tests

Testing server: Default-First-SiteBUTTER2
Starting test: Replications
REPLICATION-RECEIVED LATENCY WARNING
BUTTER2: Current time is 2006-04-06 16:14:11.
CN=Schema,CN=Configuration,DC=PBJFS,DC=local
Last replication recieved from BERNALILLO at 2005-10-22 09:56:52.
WARNING: This latency is over the Tombstone Lifetime of 60 days!
CN=Configuration,DC=PBJFS,DC=local
Last replication recieved from BERNALILLO at 2005-10-22 09:57:23.
WARNING: This latency is over the Tombstone Lifetime of 60 days!
DC=PBJFS,DC=local
Last replication recieved from BERNALILLO at 2005-10-22 09:56:53.
WARNING: This latency is over the Tombstone Lifetime of 60 days!
......................... BUTTER2 passed test Replications
Starting test: NCSecDesc
......................... BUTTER2 passed test NCSecDesc
Starting test: NetLogons
......................... BUTTER2 passed test NetLogons
Starting test: Advertising
......................... BUTTER2 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... BUTTER2 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... BUTTER2 passed test RidManager
Starting test: MachineAccount
......................... BUTTER2 passed test MachineAccount
Starting test: Services
......................... BUTTER2 passed test Services
Starting test: ObjectsReplicated
......................... BUTTER2 passed test ObjectsReplicated
Starting test: frssysvol
......................... BUTTER2 passed test frssysvol
Starting test: frsevent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... BUTTER2 failed test frsevent
Starting test: kccevent
An Error Event occured. EventID: 0xC000066D
Time Generated: 04/06/2006 16:06:00
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x80000785
Time Generated: 04/06/2006 16:06:00
Event String: The attempt to establish a replication link for
An Error Event occured. EventID: 0xC000066D
Time Generated: 04/06/2006 16:06:01
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x80000785
Time Generated: 04/06/2006 16:06:01
Event String: The attempt to establish a replication link for
An Error Event occured. EventID: 0xC000066D
Time Generated: 04/06/2006 16:06:01
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x80000785
Time Generated: 04/06/2006 16:06:01
Event String: The attempt to establish a replication link for
An Warning Event occured. EventID: 0x80000785
Time Generated: 04/06/2006 16:06:01
Event String: The attempt to establish a replication link for
An Warning Event occured. EventID: 0x80000785
Time Generated: 04/06/2006 16:06:22
Event String: The attempt to establish a replication link for
......................... BUTTER2 failed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0xC0000007
Time Generated: 04/06/2006 15:17:34
Event String: The kerberos subsystem encountered a PAC
An Error Event occured. EventID: 0x00000457
Time Generated: 04/06/2006 16:03:49
(Event String could not be retrieved)
......................... BUTTER2 failed test systemlog
Starting test: VerifyReferences
......................... BUTTER2 passed test VerifyReferences

Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom

Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom

Running partition tests on : PBJFS
Starting test: CrossRefValidation
......................... PBJFS passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... PBJFS passed test CheckSDRefDom

Running enterprise tests on : PBJFS.local
Starting test: Intersite
......................... PBJFS.local passed test Intersite
Starting test: FsmoCheck
......................... PBJFS.local passed test FsmoCheck




(Isleta DC)

Quote :


Domain Controller Diagnosis

Performing initial setup:
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-SiteISLETA
Starting test: Connectivity
......................... ISLETA passed test Connectivity

Doing primary tests

Testing server: Default-First-SiteISLETA

DNS Tests are running and not hung. Please wait a few minutes...

Running partition tests on : ForestDnsZones

Running partition tests on : DomainDnsZones

Running partition tests on : Schema

Running partition tests on : Configuration

Running partition tests on : PBJFS

Running enterprise tests on : PBJFS.local
Starting test: DNS
Test results for domain controllers:

DC: isleta.PBJFS.local
Domain: PBJFS.local


TEST: Forwarders/Root hints (Forw)
Error: Root hints list has invalid root hint server: a.root-servers.net. (198.41.0.4)
Error: Root hints list has invalid root hint server: b.root-servers.net. (192.228.79.201)
Error: Root hints list has invalid root hint server: c.root-servers.net. (192.33.4.12)
Error: Root hints list has invalid root hint server: d.root-servers.net. (128.8.10.90)
Error: Root hints list has invalid root hint server: e.root-servers.net. (192.203.230.10)
Error: Root hints list has invalid root hint server: f.root-servers.net. (192.5.5.241)
Error: Root hints list has invalid root hint server: g.root-servers.net. (192.112.36.4)
Error: Root hints list has invalid root hint server: h.root-servers.net. (128.63.2.53)
Error: Root hints list has invalid root hint server: i.root-servers.net. (192.36.148.17)
Error: Root hints list has invalid root hint server: j.root-servers.net. (192.58.128.30)
Error: Root hints list has invalid root hint server: k.root-servers.net. (193.0.14.129)
Error: Root hints list has invalid root hint server: l.root-servers.net. (198.32.64.12)
Error: Root hints list has invalid root hint server: m.root-servers.net. (202.12.27.33)

TEST: Delegations (Del)
Warning: DNS server: jelly.sv.jelly.local.org. IP: <Unavailable> Failure:Missing glue A record

Summary of test results for DNS servers used by the above domain controllers:

DNS server: 128.63.2.53 (h.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.63.2.53

DNS server: 128.8.10.90 (d.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.8.10.90

DNS server: 192.112.36.4 (g.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.112.36.4

DNS server: 192.203.230.10 (e.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.203.230.10

DNS server: 192.228.79.201 (b.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.228.79.201

DNS server: 192.33.4.12 (c.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.33.4.12

DNS server: 192.36.148.17 (i.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.36.148.17

DNS server: 192.5.5.241 (f.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.5.5.241

DNS server: 192.58.128.30 (j.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.58.128.30

DNS server: 193.0.14.129 (k.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 193.0.14.129

DNS server: 198.32.64.12 (l.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 198.32.64.12

DNS server: 198.41.0.4 (a.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 198.41.0.4

DNS server: 202.12.27.33 (m.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 202.12.27.33

Summary of DNS test results:

Auth Basc Forw Del Dyn RReg Ext
________________________________________________________________
Domain: PBJFS.local
isleta PASS PASS FAIL FAIL PASS PASS n/a

......................... PBJFS.local failed test DNS




These are the results of the dcdiag.exe /test:dns test that I ran. Could anyone please tell me what is going on and how do I fix this issue.

I have also tryed to run netdiag.exe but I keep getting an error stating the following:

Entry point not found:
The Procedure entry point DnsGetMaxNumberofAddresToRegister could not be loacted in the dynamic link library, DNSAPI.dll.

Thanks

Add a reply
Sponsored Links
Register or log in to remove.
folken   05-11-2006 at 01:47:23 AM
- 0 +

Hm... I've never had a setup with two nics in one machine being the primary and secondary dns. I guess if it was working before though that must not be the issue.

Are you able to ping jelly from the other sites via ip and full dns name (ie, jelly.domain.com)? If you can't ping the machine via dns name then it definatly isn't going to replicate :)

Check your forward lookup zone on all of the domain controllers and see what host record they have in there for jelly. Does it show an IP and if so is it the right one?

I have never givin one computer two IPs on two nics and hooked it up to the same network before. I wonder if there need to be two host entries in the forward lookup zone for each network card. Or if two entries were created when you added the other nic and they are conflicting. I guess if you see two entries for jelly right now try removing one. I could see dns getting confused by trying to resolve one host to two IPs, lol.

Reply to folken
kyoshiro   05-12-2006 at 11:48:50 PM
- 0 +

Yeah it gets confused. Remove the gateway and dns entries from one the NICs.

Reply to kyoshiro
Ask the community Add a reply
Tom's Hardware > Forum > General Networking > Network General Discussions > Window 2003 DNS errors, please help!!
Go to:

There are 1113 identified and unidentified users. To see the list of identified users, Click here.

Forum map
Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 0.410 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
Sponsored links
  • Ask the community now
  • Publish
Ad
Related Topics
See all relatives topics
They won a badge
Join us in greeting them