Dear Group,

I'll try this fast and simple first.

I've set up two networks recently. The first one running a Windows
2000 server and another one running a Windows 2003 server.

The Windows 2000 domain hasn't any known problems with DNS. All of
the AD integration seems to be in place. Under the forward lookup
zone one their's the _msdcs, _sites, _tcp, and _udp records.

In the 2003 domain, their is only the forward lookup zone. It looks
like it's not even AD integrated, but it is. AD cannot communicate
with DNS. The dcdiag.exe tool claims that it cannot resolve the
servers GUID to an IP address. This is because it's not there.

The only differences between the two are that the 2000 domain has a
subdomain to help protect AD from the outside. The 2003 has just the
one primary domain.

Anybody got any ideas? I thought that first I would manually put the
entry's in. The other is to uninstall AD and reinstall. This is
painfull also and hopefully not necessary. I'm mostly curious as to
how this has happened.

Thanks,

Keeper

Is the dynamic update enabled on the zone in WS2k3 DNS ? Do you have any
entries in DNS event log ? Is your WS2k3 server pointing to its own DNS
server ? Are this two domains in the separete forests (Win 2000 and 2003).

--
Regards

Matjaz Ladava, MCSE, MCSA, MCT, MVP
Microsoft MVP - Active Directory
(E-Mail Removed), (E-Mail Removed)
http://ladava.com

"Keeper" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Dear Group,
>
> I'll try this fast and simple first.
>
> I've set up two networks recently. The first one running a Windows
> 2000 server and another one running a Windows 2003 server.
>
> The Windows 2000 domain hasn't any known problems with DNS. All of
> the AD integration seems to be in place. Under the forward lookup
> zone one their's the _msdcs, _sites, _tcp, and _udp records.
>
> In the 2003 domain, their is only the forward lookup zone. It looks
> like it's not even AD integrated, but it is. AD cannot communicate
> with DNS. The dcdiag.exe tool claims that it cannot resolve the
> servers GUID to an IP address. This is because it's not there.
>
> The only differences between the two are that the 2000 domain has a
> subdomain to help protect AD from the outside. The 2003 has just the
> one primary domain.
>
> Anybody got any ideas? I thought that first I would manually put the
> entry's in. The other is to uninstall AD and reinstall. This is
> painfull also and hopefully not necessary. I'm mostly curious as to
> how this has happened.
>
> Thanks,
>
> Keeper
>

matjaz,

Dynamic update is enabled. I have it set for "secure updates only" in
the zone properties.

I've cleared the event log about a week ago. During this past week
I've only received DNS started and DNS shutdown messages. I was
having event id: 4004 errors on a couple of occasions before. As I
recall, this was an error stating that Active Directory couldn't
communicate with the DNS service. One of the reasons for this may be
that the AD was starting before the DNS service. But I later learned
from running "DCDIAG.EXE" that I'm missing crucial AD DNS entries.
ie:_MSDC, _Sites, etc...

My reason for mentioning both domains was that I've managed to do
something right in the 2000 domain and something wrong in the 2003
domain. It was only to show that I've done it correctly at least once
and to enphasize that I'm running a 2003 domain. These two domains
don't communicate with each other in any way.

You can also see my messages and reply's in
microsoft.public.win2000.dns. A gentleman by that name of Kevin has
been trying to help. I appreciate anything that you can do for me.
If I can't get it fixed by the end of the week I'll have to reinstall
and reconfigure my server. I'd rather find out why it's broke so I
don't repeat my mistakes.

Thanks again,

Keeper



On Sun, 30 Nov 2003 20:02:13 +0100, "Matjaz Ladava [MVP]"
<matjaz@_nospam_ladava.com> wrote:

>Is the dynamic update enabled on the zone in WS2k3 DNS ? Do you have any
>entries in DNS event log ? Is your WS2k3 server pointing to its own DNS
>server ? Are this two domains in the separete forests (Win 2000 and 2003).

matjaz,

Thanks again but I think I fixed it. I deleted the zone and recreated
it. I stopped and started the netlogon service and fixed! I also did
a ipconfig /flushdns but I don't think that this did anything.

Keeper



On Sun, 30 Nov 2003 20:02:13 +0100, "Matjaz Ladava [MVP]"
<matjaz@_nospam_ladava.com> wrote:

>Is the dynamic update enabled on the zone in WS2k3 DNS ? Do you have any
>entries in DNS event log ? Is your WS2k3 server pointing to its own DNS
>server ? Are this two domains in the separete forests (Win 2000 and 2003).