This is in regards to this post of yours I am running out of places to get
help and you seem to know your stuff could you help me?

http://groups.google.com/groups?hl=e...gbl%26rnum%3D5

I am getting 4004 and 4015 errors windows 2003 server this is one forest and
a single domain.



I Open Active Directory Users and Computers.

- Under the View menu, select Advanced.

- Expand your mydomain.com node, then expand System, then expand

MicrosoftDNS

When I look in this area I see.

mydomain.comCNF:c75a95b2-51de-41a7-88a1-57a4146e9197

mydomain.comCNF:267b3130-a21e-4f79-84c7-777ce8fccca2

mydomain.comCNF:10e5fb6c-55a5-4617-b252-63d0b82e4f6d

mydomain.com

RootDNSServers

Is this normal or is it corruption?



IF I open ADSI edit and look under

DC=domaindnszones, dc=wausauhomes, dc=com

MicrosoftDNS

I do not see mydomain under adsi edit here at all I do see all my reverse
lookup zones though. And a bunch of stuff like this:

DC=..InProgress-40805F2200AA3B48-0.20.172.in-addr.arpa

DC=..InProgress-408C1B682E817945-mydomain.com

DC=..InProgress-408C1B862E81ED7B-wausauhomes.com

I have like 15 entries like this.

In news:%23Vm%(E-Mail Removed),
Chris T. <(E-Mail Removed)> posted their thoughts, then I offered mine
> This is in regards to this post of yours I am running out of places
> to get
> help and you seem to know your stuff could you help me?
>
>
http://groups.google.com/groups?hl=e...gbl%26rnum%3D5
>
> I am getting 4004 and 4015 errors windows 2003 server this is one
> forest and
> a single domain.
>
>
>
> I Open Active Directory Users and Computers.
>
> - Under the View menu, select Advanced.
>
> - Expand your mydomain.com node, then expand System, then expand
>
> MicrosoftDNS
>
> When I look in this area I see.
>
> mydomain.comCNF:c75a95b2-51de-41a7-88a1-57a4146e9197
>
> mydomain.comCNF:267b3130-a21e-4f79-84c7-777ce8fccca2
>
> mydomain.comCNF:10e5fb6c-55a5-4617-b252-63d0b82e4f6d
>
> mydomain.com
>
> RootDNSServers
>
> Is this normal or is it corruption?
>
>
>
> IF I open ADSI edit and look under
>
> DC=domaindnszones, dc=wausauhomes, dc=com
>
> MicrosoftDNS
>
> I do not see mydomain under adsi edit here at all I do see all my
> reverse
> lookup zones though. And a bunch of stuff like this:
>
> DC=..InProgress-40805F2200AA3B48-0.20.172.in-addr.arpa
>
> DC=..InProgress-408C1B682E817945-mydomain.com
>
> DC=..InProgress-408C1B862E81ED7B-wausauhomes.com
>
> I have like 15 entries like this.


The "CNF"s mean they are duplicates. This seems to point to a replication
issue. But you only have one DC you say or two DCs? If you have two DCs, are
they separated by a firewall or a Proxy or ISA server or an ADSL line with
MTU altered settings?

In addition to the information I asked above, can you run:

netdiag /v /fix > c:\netdiag.txt
dcdiag /v > c:\dcdiag.txt

and post those two files please?

Thanks


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================

Here is everything you asked for. Thank you for you help.



I have 7 Domain Controllers two at the main office and one at each branch
plant. They all are running DNS. There are no firewalls in place at all
between the system I think the duplicates happened because myself and
another network tech here where creating zones at the same time and that is
how the corruption happened. How do I clean this out of active directory do
I uninstall dns and reinstall. Do I delete all the zones? I found this
article on Microsoft website about removing DNS and reinstalling it: Q294328



Is this the recommend approach for this problem?



Should I delete the CNFs with ADSI Edit if they are duplicates?



> DC=..InProgress-40805F2200AA3B48-0.20.172.in-addr.arpa
>
> DC=..InProgress-408C1B682E817945-mydomain.com



Should I delete this Inprogress stuff which is under DomainDNSZones
MicrosoftDNS?







In addition to this I was getting a duplicate zone error a few days ago with
event id 4515

So I removed the duplicate zone from DomainDNSZones

Was that the right thing to do? From what I read on the news groups that is
what is recommended



----------------------------------------------------

The zone mydomain.com was previously loaded from the directory partition
MicrosoftDNS but another copy of the zone has been found in directory
partition DomainDnsZones.mydomain.com. The DNS Server will ignore this new
copy of the zone. Please resolve this conflict as soon as possible.

If an administrator has moved this zone from one directory partition to
another this may be a harmless transient condition. In this case, no action
is necessary. The deletion of the original copy of the zone should soon
replicate to this server.

If there are two copies of this zone in two different directory partitions
but this is not a transient caused by a zone move operation then one of
these copies should be deleted as soon as possible to resolve this conflict.

To change the replication scope of an application directory partition
containing DNS zones and for more details on storing DNS zones in the
application directory partitions, please see Help and Support.



For more information, see Help and Support Center at





Dcdiag





Domain Controller Diagnosis



Performing initial setup:

* Verifying that the local machine dc, is a DC.

* Connecting to directory service on server dc.

* Collecting site info.

* Identifying all servers.

* Identifying all NC cross-refs.

* Found 8 DC(s). Testing 1 of them.

Done gathering initial info.



Doing initial required tests



Testing server: Wausau\DC

Starting test: Connectivity

* Active Directory LDAP Services Check

* Active Directory RPC Services Check

......................... DC passed test Connectivity



Doing primary tests



Testing server: Wausau\DC

Starting test: Replications

* Replications Check

* Replication Latency Check

* Replication Site Latency Check

......................... DC passed test Replications

Test omitted by user request: Topology

Test omitted by user request: CutoffServers

Starting test: NCSecDesc

* Security Permissions Check for

DC=ForestDnsZones,DC=mydomain,DC=com

(NDNC,Version 2)

* Security Permissions Check for

DC=DomainDnsZones,DC=mydomain,DC=com

(NDNC,Version 2)

* Security Permissions Check for

CN=Schema,CN=Configuration,DC=mydomain,DC=com

(Schema,Version 2)

* Security Permissions Check for

CN=Configuration,DC=mydomain,DC=com

(Configuration,Version 2)

* Security Permissions Check for

DC=mydomain,DC=com

(Domain,Version 2)

......................... DC passed test NCSecDesc

Starting test: NetLogons

* Network Logons Privileges Check

......................... DC passed test NetLogons

Starting test: Advertising

The DC DC is advertising itself as a DC and having a DS.

The DC DC is advertising as an LDAP server

The DC DC is advertising as having a writeable directory

The DC DC is advertising as a Key Distribution Center

The DC DC is advertising as a time server

The DS DC is advertising as a GC.

......................... DC passed test Advertising

Starting test: KnowsOfRoleHolders

Role Schema Owner = CN=NTDS
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
=com

Role Domain Owner = CN=NTDS
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
=com

Role PDC Owner = CN=NTDS
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
=com

Role Rid Owner = CN=NTDS
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
=com

Role Infrastructure Update Owner = CN=NTDS
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
=com

......................... DC passed test KnowsOfRoleHolders

Starting test: RidManager

* Available RID Pool for the Domain is 6109 to 1073741823

* dc.mydomain.com is the RID Master

* DsBind with RID Master was successful

* rIDAllocationPool is 5609 to 6108

* rIDPreviousAllocationPool is 5609 to 6108

* rIDNextRID: 5646

......................... DC passed test RidManager

Starting test: MachineAccount

* SPN found :LDAP/dc.mydomain.com/mydomain.com

* SPN found :LDAP/dc.mydomain.com

* SPN found :LDAP/DC

* SPN found :LDAP/dc.mydomain.com/MYDOMAIN

* SPN found
:LDAP/146ddf16-8e52-48bb-aff0-c70d60c56d7e._msdcs.mydomain.com

* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/146ddf16-8e52-48bb-aff0-c70d60c56d7e/m
ydomain.com

* SPN found :HOST/dc.mydomain.com/mydomain.com

* SPN found :HOST/dc.mydomain.com

* SPN found :HOST/DC

* SPN found :HOST/dc.mydomain.com/MYDOMAIN

* SPN found :GC/dc.mydomain.com/mydomain.com

......................... DC passed test MachineAccount

Starting test: Services

* Checking Service: Dnscache

* Checking Service: NtFrs

* Checking Service: IsmServ

* Checking Service: kdc

* Checking Service: SamSs

* Checking Service: LanmanServer

* Checking Service: LanmanWorkstation

* Checking Service: RpcSs

* Checking Service: w32time

* Checking Service: NETLOGON

......................... DC passed test Services

Test omitted by user request: OutboundSecureChannels

Starting test: ObjectsReplicated

DC is in domain DC=mydomain,DC=com

Checking for CN=DC,OU=Domain Controllers,DC=mydomain,DC=com in
domain DC=mydomain,DC=com on 1 servers

Object is up-to-date on all servers.

Checking for CN=NTDS
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
=com in domain CN=Configuration,DC=mydomain,DC=com on 1 servers

Object is up-to-date on all servers.

......................... DC passed test ObjectsReplicated

Starting test: frssysvol

* The File Replication Service SYSVOL ready test

File Replication Service's SYSVOL is ready

......................... DC passed test frssysvol

Starting test: frsevent

* The File Replication Service Event log test

......................... DC passed test frsevent

Starting test: kccevent

* The KCC Event log test

Found no KCC errors in Directory Service Event log in the last 15
minutes.

......................... DC passed test kccevent

Starting test: systemlog

* The System Event log test

Found no errors in System Event log in the last 60 minutes.

......................... DC passed test systemlog

Test omitted by user request: VerifyReplicas

Starting test: VerifyReferences

The system object reference (serverReference)


CN=DC,OU=Domain Controllers,DC=mydomain,DC=com and backlink on



CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC=com


are correct.

The system object reference (frsComputerReferenceBL)


CN=DC,CN=Domain System Volume (SYSVOL share),CN=File Replication
Service,CN=System,DC=mydomain,DC=com


and backlink on CN=DC,OU=Domain Controllers,DC=mydomain,DC=com are


correct.

The system object reference (serverReferenceBL)


CN=DC,CN=Domain System Volume (SYSVOL share),CN=File Replication
Service,CN=System,DC=mydomain,DC=com


and backlink on


CN=NTDS
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
=com


are correct.

......................... DC passed test VerifyReferences

Test omitted by user request: VerifyEnterpriseReferences



Running partition tests on : ForestDnsZones

Starting test: CrossRefValidation

......................... ForestDnsZones passed test
CrossRefValidation

Starting test: CheckSDRefDom

......................... ForestDnsZones passed test CheckSDRefDom



Running partition tests on : DomainDnsZones

Starting test: CrossRefValidation

......................... DomainDnsZones passed test
CrossRefValidation

Starting test: CheckSDRefDom

......................... DomainDnsZones passed test CheckSDRefDom



Running partition tests on : Schema

Starting test: CrossRefValidation

......................... Schema passed test CrossRefValidation

Starting test: CheckSDRefDom

......................... Schema passed test CheckSDRefDom



Running partition tests on : Configuration

Starting test: CrossRefValidation

......................... Configuration passed test
CrossRefValidation

Starting test: CheckSDRefDom

......................... Configuration passed test CheckSDRefDom



Running partition tests on : mydomain

Starting test: CrossRefValidation

......................... mydomain passed test CrossRefValidation

Starting test: CheckSDRefDom

......................... mydomain passed test CheckSDRefDom



Running enterprise tests on : mydomain.com

Starting test: Intersite

Skipping site Wausau, this site is outside the scope provided by
the


command line arguments provided.

Skipping site Waverly, this site is outside the scope provided by
the


command line arguments provided.

Skipping site Corning, this site is outside the scope provided by
the


command line arguments provided.

Skipping site LakeWales, this site is outside the scope provided by


the command line arguments provided.

Skipping site SouthHill, this site is outside the scope provided by


the command line arguments provided.

Skipping site Paulding, this site is outside the scope provided by
the


command line arguments provided.

Skipping site Charleston, this site is outside the scope provided
by


the command line arguments provided.

......................... mydomain.com passed test Intersite

Starting test: FsmoCheck

GC Name: \\dc.mydomain.com

Locator Flags: 0xe00003fd

PDC Name: \\dc.mydomain.com

Locator Flags: 0xe00003fd

Time Server Name: \\dc.mydomain.com

Locator Flags: 0xe00003fd

Preferred Time Server Name: \\dc.mydomain.com

Locator Flags: 0xe00003fd

KDC Name: \\dc.mydomain.com

Locator Flags: 0xe00003fd

......................... mydomain.com passed test FsmoCheck







"Ace Fekay [MVP]"
<PleaseSubstituteMyActualFirstName&(E-Mail Removed)> wrote in
message news:(E-Mail Removed)...
> In news:%23Vm%(E-Mail Removed),
> Chris T. <(E-Mail Removed)> posted their thoughts, then I offered
mine
> > This is in regards to this post of yours I am running out of places
> > to get
> > help and you seem to know your stuff could you help me?
> >
> >
>
http://groups.google.com/groups?hl=e...gbl%26rnum%3D5
> >
> > I am getting 4004 and 4015 errors windows 2003 server this is one
> > forest and
> > a single domain.
> >
> >
> >
> > I Open Active Directory Users and Computers.
> >
> > - Under the View menu, select Advanced.
> >
> > - Expand your mydomain.com node, then expand System, then expand
> >
> > MicrosoftDNS
> >
> > When I look in this area I see.
> >
> > mydomain.comCNF:c75a95b2-51de-41a7-88a1-57a4146e9197
> >
> > mydomain.comCNF:267b3130-a21e-4f79-84c7-777ce8fccca2
> >
> > mydomain.comCNF:10e5fb6c-55a5-4617-b252-63d0b82e4f6d
> >
> > mydomain.com
> >
> > RootDNSServers
> >
> > Is this normal or is it corruption?
> >
> >
> >
> > IF I open ADSI edit and look under
> >
> > DC=domaindnszones, dc=wausauhomes, dc=com
> >
> > MicrosoftDNS
> >
> > I do not see mydomain under adsi edit here at all I do see all my
> > reverse
> > lookup zones though. And a bunch of stuff like this:
> >
> > DC=..InProgress-40805F2200AA3B48-0.20.172.in-addr.arpa
> >
> > DC=..InProgress-408C1B682E817945-mydomain.com
> >
> > DC=..InProgress-408C1B862E81ED7B-wausauhomes.com
> >
> > I have like 15 entries like this.
>
>
> The "CNF"s mean they are duplicates. This seems to point to a replication
> issue. But you only have one DC you say or two DCs? If you have two DCs,
are
> they separated by a firewall or a Proxy or ISA server or an ADSL line with
> MTU altered settings?
>
> In addition to the information I asked above, can you run:
>
> netdiag /v /fix > c:\netdiag.txt
> dcdiag /v > c:\dcdiag.txt
>
> and post those two files please?
>
> Thanks
>
>
> --
> Regards,
> Ace
>
> Please direct all replies to the newsgroup so all can benefit.
> This posting is provided "AS-IS" with no warranties and confers no
> rights.
>
> Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
> Microsoft Windows MVP - Active Directory
>
> HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
> pig. --
> =================================
>
>

The server will not let me post the netdiag becuase it is to large 184kb.

What should I do?


"Chris T." <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Here is everything you asked for. Thank you for you help.
>
>
>
> I have 7 Domain Controllers two at the main office and one at each branch
> plant. They all are running DNS. There are no firewalls in place at all
> between the system I think the duplicates happened because myself and
> another network tech here where creating zones at the same time and that
is
> how the corruption happened. How do I clean this out of active directory
do
> I uninstall dns and reinstall. Do I delete all the zones? I found this
> article on Microsoft website about removing DNS and reinstalling it:
Q294328
>
>
>
> Is this the recommend approach for this problem?
>
>
>
> Should I delete the CNFs with ADSI Edit if they are duplicates?
>
>
>
> > DC=..InProgress-40805F2200AA3B48-0.20.172.in-addr.arpa
> >
> > DC=..InProgress-408C1B682E817945-mydomain.com
>
>
>
> Should I delete this Inprogress stuff which is under DomainDNSZones
> MicrosoftDNS?
>
>
>
>
>
>
>
> In addition to this I was getting a duplicate zone error a few days ago
with
> event id 4515
>
> So I removed the duplicate zone from DomainDNSZones
>
> Was that the right thing to do? From what I read on the news groups that
is
> what is recommended
>
>
>
> ----------------------------------------------------
>
> The zone mydomain.com was previously loaded from the directory partition
> MicrosoftDNS but another copy of the zone has been found in directory
> partition DomainDnsZones.mydomain.com. The DNS Server will ignore this new
> copy of the zone. Please resolve this conflict as soon as possible.
>
> If an administrator has moved this zone from one directory partition to
> another this may be a harmless transient condition. In this case, no
action
> is necessary. The deletion of the original copy of the zone should soon
> replicate to this server.
>
> If there are two copies of this zone in two different directory partitions
> but this is not a transient caused by a zone move operation then one of
> these copies should be deleted as soon as possible to resolve this
conflict.
>
> To change the replication scope of an application directory partition
> containing DNS zones and for more details on storing DNS zones in the
> application directory partitions, please see Help and Support.
>
>
>
> For more information, see Help and Support Center at
>
>
>
>
>
> Dcdiag
>
>
>
>
>
> Domain Controller Diagnosis
>
>
>
> Performing initial setup:
>
> * Verifying that the local machine dc, is a DC.
>
> * Connecting to directory service on server dc.
>
> * Collecting site info.
>
> * Identifying all servers.
>
> * Identifying all NC cross-refs.
>
> * Found 8 DC(s). Testing 1 of them.
>
> Done gathering initial info.
>
>
>
> Doing initial required tests
>
>
>
> Testing server: Wausau\DC
>
> Starting test: Connectivity
>
> * Active Directory LDAP Services Check
>
> * Active Directory RPC Services Check
>
> ......................... DC passed test Connectivity
>
>
>
> Doing primary tests
>
>
>
> Testing server: Wausau\DC
>
> Starting test: Replications
>
> * Replications Check
>
> * Replication Latency Check
>
> * Replication Site Latency Check
>
> ......................... DC passed test Replications
>
> Test omitted by user request: Topology
>
> Test omitted by user request: CutoffServers
>
> Starting test: NCSecDesc
>
> * Security Permissions Check for
>
> DC=ForestDnsZones,DC=mydomain,DC=com
>
> (NDNC,Version 2)
>
> * Security Permissions Check for
>
> DC=DomainDnsZones,DC=mydomain,DC=com
>
> (NDNC,Version 2)
>
> * Security Permissions Check for
>
> CN=Schema,CN=Configuration,DC=mydomain,DC=com
>
> (Schema,Version 2)
>
> * Security Permissions Check for
>
> CN=Configuration,DC=mydomain,DC=com
>
> (Configuration,Version 2)
>
> * Security Permissions Check for
>
> DC=mydomain,DC=com
>
> (Domain,Version 2)
>
> ......................... DC passed test NCSecDesc
>
> Starting test: NetLogons
>
> * Network Logons Privileges Check
>
> ......................... DC passed test NetLogons
>
> Starting test: Advertising
>
> The DC DC is advertising itself as a DC and having a DS.
>
> The DC DC is advertising as an LDAP server
>
> The DC DC is advertising as having a writeable directory
>
> The DC DC is advertising as a Key Distribution Center
>
> The DC DC is advertising as a time server
>
> The DS DC is advertising as a GC.
>
> ......................... DC passed test Advertising
>
> Starting test: KnowsOfRoleHolders
>
> Role Schema Owner = CN=NTDS
>
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
> =com
>
> Role Domain Owner = CN=NTDS
>
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
> =com
>
> Role PDC Owner = CN=NTDS
>
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
> =com
>
> Role Rid Owner = CN=NTDS
>
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
> =com
>
> Role Infrastructure Update Owner = CN=NTDS
>
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
> =com
>
> ......................... DC passed test KnowsOfRoleHolders
>
> Starting test: RidManager
>
> * Available RID Pool for the Domain is 6109 to 1073741823
>
> * dc.mydomain.com is the RID Master
>
> * DsBind with RID Master was successful
>
> * rIDAllocationPool is 5609 to 6108
>
> * rIDPreviousAllocationPool is 5609 to 6108
>
> * rIDNextRID: 5646
>
> ......................... DC passed test RidManager
>
> Starting test: MachineAccount
>
> * SPN found :LDAP/dc.mydomain.com/mydomain.com
>
> * SPN found :LDAP/dc.mydomain.com
>
> * SPN found :LDAP/DC
>
> * SPN found :LDAP/dc.mydomain.com/MYDOMAIN
>
> * SPN found
> :LDAP/146ddf16-8e52-48bb-aff0-c70d60c56d7e._msdcs.mydomain.com
>
> * SPN found
>
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/146ddf16-8e52-48bb-aff0-c70d60c56d7e/m
> ydomain.com
>
> * SPN found :HOST/dc.mydomain.com/mydomain.com
>
> * SPN found :HOST/dc.mydomain.com
>
> * SPN found :HOST/DC
>
> * SPN found :HOST/dc.mydomain.com/MYDOMAIN
>
> * SPN found :GC/dc.mydomain.com/mydomain.com
>
> ......................... DC passed test MachineAccount
>
> Starting test: Services
>
> * Checking Service: Dnscache
>
> * Checking Service: NtFrs
>
> * Checking Service: IsmServ
>
> * Checking Service: kdc
>
> * Checking Service: SamSs
>
> * Checking Service: LanmanServer
>
> * Checking Service: LanmanWorkstation
>
> * Checking Service: RpcSs
>
> * Checking Service: w32time
>
> * Checking Service: NETLOGON
>
> ......................... DC passed test Services
>
> Test omitted by user request: OutboundSecureChannels
>
> Starting test: ObjectsReplicated
>
> DC is in domain DC=mydomain,DC=com
>
> Checking for CN=DC,OU=Domain Controllers,DC=mydomain,DC=com in
> domain DC=mydomain,DC=com on 1 servers
>
> Object is up-to-date on all servers.
>
> Checking for CN=NTDS
>
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
> =com in domain CN=Configuration,DC=mydomain,DC=com on 1 servers
>
> Object is up-to-date on all servers.
>
> ......................... DC passed test ObjectsReplicated
>
> Starting test: frssysvol
>
> * The File Replication Service SYSVOL ready test
>
> File Replication Service's SYSVOL is ready
>
> ......................... DC passed test frssysvol
>
> Starting test: frsevent
>
> * The File Replication Service Event log test
>
> ......................... DC passed test frsevent
>
> Starting test: kccevent
>
> * The KCC Event log test
>
> Found no KCC errors in Directory Service Event log in the last 15
> minutes.
>
> ......................... DC passed test kccevent
>
> Starting test: systemlog
>
> * The System Event log test
>
> Found no errors in System Event log in the last 60 minutes.
>
> ......................... DC passed test systemlog
>
> Test omitted by user request: VerifyReplicas
>
> Starting test: VerifyReferences
>
> The system object reference (serverReference)
>
>
> CN=DC,OU=Domain Controllers,DC=mydomain,DC=com and backlink on
>
>
>
> CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC=com
>
>
> are correct.
>
> The system object reference (frsComputerReferenceBL)
>
>
> CN=DC,CN=Domain System Volume (SYSVOL share),CN=File Replication
> Service,CN=System,DC=mydomain,DC=com
>
>
> and backlink on CN=DC,OU=Domain Controllers,DC=mydomain,DC=com
are
>
>
> correct.
>
> The system object reference (serverReferenceBL)
>
>
> CN=DC,CN=Domain System Volume (SYSVOL share),CN=File Replication
> Service,CN=System,DC=mydomain,DC=com
>
>
> and backlink on
>
>
> CN=NTDS
>
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
> =com
>
>
> are correct.
>
> ......................... DC passed test VerifyReferences
>
> Test omitted by user request: VerifyEnterpriseReferences
>
>
>
> Running partition tests on : ForestDnsZones
>
> Starting test: CrossRefValidation
>
> ......................... ForestDnsZones passed test
> CrossRefValidation
>
> Starting test: CheckSDRefDom
>
> ......................... ForestDnsZones passed test
CheckSDRefDom
>
>
>
> Running partition tests on : DomainDnsZones
>
> Starting test: CrossRefValidation
>
> ......................... DomainDnsZones passed test
> CrossRefValidation
>
> Starting test: CheckSDRefDom
>
> ......................... DomainDnsZones passed test
CheckSDRefDom
>
>
>
> Running partition tests on : Schema
>
> Starting test: CrossRefValidation
>
> ......................... Schema passed test CrossRefValidation
>
> Starting test: CheckSDRefDom
>
> ......................... Schema passed test CheckSDRefDom
>
>
>
> Running partition tests on : Configuration
>
> Starting test: CrossRefValidation
>
> ......................... Configuration passed test
> CrossRefValidation
>
> Starting test: CheckSDRefDom
>
> ......................... Configuration passed test CheckSDRefDom
>
>
>
> Running partition tests on : mydomain
>
> Starting test: CrossRefValidation
>
> ......................... mydomain passed test CrossRefValidation
>
> Starting test: CheckSDRefDom
>
> ......................... mydomain passed test CheckSDRefDom
>
>
>
> Running enterprise tests on : mydomain.com
>
> Starting test: Intersite
>
> Skipping site Wausau, this site is outside the scope provided by
> the
>
>
> command line arguments provided.
>
> Skipping site Waverly, this site is outside the scope provided by
> the
>
>
> command line arguments provided.
>
> Skipping site Corning, this site is outside the scope provided by
> the
>
>
> command line arguments provided.
>
> Skipping site LakeWales, this site is outside the scope provided
by
>
>
> the command line arguments provided.
>
> Skipping site SouthHill, this site is outside the scope provided
by
>
>
> the command line arguments provided.
>
> Skipping site Paulding, this site is outside the scope provided
by
> the
>
>
> command line arguments provided.
>
> Skipping site Charleston, this site is outside the scope provided
> by
>
>
> the command line arguments provided.
>
> ......................... mydomain.com passed test Intersite
>
> Starting test: FsmoCheck
>
> GC Name: \\dc.mydomain.com
>
> Locator Flags: 0xe00003fd
>
> PDC Name: \\dc.mydomain.com
>
> Locator Flags: 0xe00003fd
>
> Time Server Name: \\dc.mydomain.com
>
> Locator Flags: 0xe00003fd
>
> Preferred Time Server Name: \\dc.mydomain.com
>
> Locator Flags: 0xe00003fd
>
> KDC Name: \\dc.mydomain.com
>
> Locator Flags: 0xe00003fd
>
> ......................... mydomain.com passed test FsmoCheck
>
>
>
>
>
>
>
> "Ace Fekay [MVP]"
> <PleaseSubstituteMyActualFirstName&(E-Mail Removed)> wrote in
> message news:(E-Mail Removed)...
> > In news:%23Vm%(E-Mail Removed),
> > Chris T. <(E-Mail Removed)> posted their thoughts, then I offered
> mine
> > > This is in regards to this post of yours I am running out of places
> > > to get
> > > help and you seem to know your stuff could you help me?
> > >
> > >
> >
>
http://groups.google.com/groups?hl=e...gbl%26rnum%3D5
> > >
> > > I am getting 4004 and 4015 errors windows 2003 server this is one
> > > forest and
> > > a single domain.
> > >
> > >
> > >
> > > I Open Active Directory Users and Computers.
> > >
> > > - Under the View menu, select Advanced.
> > >
> > > - Expand your mydomain.com node, then expand System, then expand
> > >
> > > MicrosoftDNS
> > >
> > > When I look in this area I see.
> > >
> > > mydomain.comCNF:c75a95b2-51de-41a7-88a1-57a4146e9197
> > >
> > > mydomain.comCNF:267b3130-a21e-4f79-84c7-777ce8fccca2
> > >
> > > mydomain.comCNF:10e5fb6c-55a5-4617-b252-63d0b82e4f6d
> > >
> > > mydomain.com
> > >
> > > RootDNSServers
> > >
> > > Is this normal or is it corruption?
> > >
> > >
> > >
> > > IF I open ADSI edit and look under
> > >
> > > DC=domaindnszones, dc=wausauhomes, dc=com
> > >
> > > MicrosoftDNS
> > >
> > > I do not see mydomain under adsi edit here at all I do see all my
> > > reverse
> > > lookup zones though. And a bunch of stuff like this:
> > >
> > > DC=..InProgress-40805F2200AA3B48-0.20.172.in-addr.arpa
> > >
> > > DC=..InProgress-408C1B682E817945-mydomain.com
> > >
> > > DC=..InProgress-408C1B862E81ED7B-wausauhomes.com
> > >
> > > I have like 15 entries like this.
> >
> >
> > The "CNF"s mean they are duplicates. This seems to point to a
replication
> > issue. But you only have one DC you say or two DCs? If you have two DCs,
> are
> > they separated by a firewall or a Proxy or ISA server or an ADSL line
with
> > MTU altered settings?
> >
> > In addition to the information I asked above, can you run:
> >
> > netdiag /v /fix > c:\netdiag.txt
> > dcdiag /v > c:\dcdiag.txt
> >
> > and post those two files please?
> >
> > Thanks
> >
> >
> > --
> > Regards,
> > Ace
> >
> > Please direct all replies to the newsgroup so all can benefit.
> > This posting is provided "AS-IS" with no warranties and confers no
> > rights.
> >
> > Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
> > Microsoft Windows MVP - Active Directory
> >
> > HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
> > pig. --
> > =================================
> >
> >
>
>

Ace have anymore ideas?



"Chris T." <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> The server will not let me post the netdiag becuase it is to large 184kb.
>
> What should I do?
>
>
> "Chris T." <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > Here is everything you asked for. Thank you for you help.
> >
> >
> >
> > I have 7 Domain Controllers two at the main office and one at each
branch
> > plant. They all are running DNS. There are no firewalls in place at all
> > between the system I think the duplicates happened because myself and
> > another network tech here where creating zones at the same time and that
> is
> > how the corruption happened. How do I clean this out of active directory
> do
> > I uninstall dns and reinstall. Do I delete all the zones? I found this
> > article on Microsoft website about removing DNS and reinstalling it:
> Q294328
> >
> >
> >
> > Is this the recommend approach for this problem?
> >
> >
> >
> > Should I delete the CNFs with ADSI Edit if they are duplicates?
> >
> >
> >
> > > DC=..InProgress-40805F2200AA3B48-0.20.172.in-addr.arpa
> > >
> > > DC=..InProgress-408C1B682E817945-mydomain.com
> >
> >
> >
> > Should I delete this Inprogress stuff which is under DomainDNSZones
> > MicrosoftDNS?
> >
> >
> >
> >
> >
> >
> >
> > In addition to this I was getting a duplicate zone error a few days ago
> with
> > event id 4515
> >
> > So I removed the duplicate zone from DomainDNSZones
> >
> > Was that the right thing to do? From what I read on the news groups that
> is
> > what is recommended
> >
> >
> >
> > ----------------------------------------------------
> >
> > The zone mydomain.com was previously loaded from the directory partition
> > MicrosoftDNS but another copy of the zone has been found in directory
> > partition DomainDnsZones.mydomain.com. The DNS Server will ignore this
new
> > copy of the zone. Please resolve this conflict as soon as possible.
> >
> > If an administrator has moved this zone from one directory partition to
> > another this may be a harmless transient condition. In this case, no
> action
> > is necessary. The deletion of the original copy of the zone should soon
> > replicate to this server.
> >
> > If there are two copies of this zone in two different directory
partitions
> > but this is not a transient caused by a zone move operation then one of
> > these copies should be deleted as soon as possible to resolve this
> conflict.
> >
> > To change the replication scope of an application directory partition
> > containing DNS zones and for more details on storing DNS zones in the
> > application directory partitions, please see Help and Support.
> >
> >
> >
> > For more information, see Help and Support Center at
> >
> >
> >
> >
> >
> > Dcdiag
> >
> >
> >
> >
> >
> > Domain Controller Diagnosis
> >
> >
> >
> > Performing initial setup:
> >
> > * Verifying that the local machine dc, is a DC.
> >
> > * Connecting to directory service on server dc.
> >
> > * Collecting site info.
> >
> > * Identifying all servers.
> >
> > * Identifying all NC cross-refs.
> >
> > * Found 8 DC(s). Testing 1 of them.
> >
> > Done gathering initial info.
> >
> >
> >
> > Doing initial required tests
> >
> >
> >
> > Testing server: Wausau\DC
> >
> > Starting test: Connectivity
> >
> > * Active Directory LDAP Services Check
> >
> > * Active Directory RPC Services Check
> >
> > ......................... DC passed test Connectivity
> >
> >
> >
> > Doing primary tests
> >
> >
> >
> > Testing server: Wausau\DC
> >
> > Starting test: Replications
> >
> > * Replications Check
> >
> > * Replication Latency Check
> >
> > * Replication Site Latency Check
> >
> > ......................... DC passed test Replications
> >
> > Test omitted by user request: Topology
> >
> > Test omitted by user request: CutoffServers
> >
> > Starting test: NCSecDesc
> >
> > * Security Permissions Check for
> >
> > DC=ForestDnsZones,DC=mydomain,DC=com
> >
> > (NDNC,Version 2)
> >
> > * Security Permissions Check for
> >
> > DC=DomainDnsZones,DC=mydomain,DC=com
> >
> > (NDNC,Version 2)
> >
> > * Security Permissions Check for
> >
> > CN=Schema,CN=Configuration,DC=mydomain,DC=com
> >
> > (Schema,Version 2)
> >
> > * Security Permissions Check for
> >
> > CN=Configuration,DC=mydomain,DC=com
> >
> > (Configuration,Version 2)
> >
> > * Security Permissions Check for
> >
> > DC=mydomain,DC=com
> >
> > (Domain,Version 2)
> >
> > ......................... DC passed test NCSecDesc
> >
> > Starting test: NetLogons
> >
> > * Network Logons Privileges Check
> >
> > ......................... DC passed test NetLogons
> >
> > Starting test: Advertising
> >
> > The DC DC is advertising itself as a DC and having a DS.
> >
> > The DC DC is advertising as an LDAP server
> >
> > The DC DC is advertising as having a writeable directory
> >
> > The DC DC is advertising as a Key Distribution Center
> >
> > The DC DC is advertising as a time server
> >
> > The DS DC is advertising as a GC.
> >
> > ......................... DC passed test Advertising
> >
> > Starting test: KnowsOfRoleHolders
> >
> > Role Schema Owner = CN=NTDS
> >
>
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
> > =com
> >
> > Role Domain Owner = CN=NTDS
> >
>
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
> > =com
> >
> > Role PDC Owner = CN=NTDS
> >
>
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
> > =com
> >
> > Role Rid Owner = CN=NTDS
> >
>
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
> > =com
> >
> > Role Infrastructure Update Owner = CN=NTDS
> >
>
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
> > =com
> >
> > ......................... DC passed test KnowsOfRoleHolders
> >
> > Starting test: RidManager
> >
> > * Available RID Pool for the Domain is 6109 to 1073741823
> >
> > * dc.mydomain.com is the RID Master
> >
> > * DsBind with RID Master was successful
> >
> > * rIDAllocationPool is 5609 to 6108
> >
> > * rIDPreviousAllocationPool is 5609 to 6108
> >
> > * rIDNextRID: 5646
> >
> > ......................... DC passed test RidManager
> >
> > Starting test: MachineAccount
> >
> > * SPN found :LDAP/dc.mydomain.com/mydomain.com
> >
> > * SPN found :LDAP/dc.mydomain.com
> >
> > * SPN found :LDAP/DC
> >
> > * SPN found :LDAP/dc.mydomain.com/MYDOMAIN
> >
> > * SPN found
> > :LDAP/146ddf16-8e52-48bb-aff0-c70d60c56d7e._msdcs.mydomain.com
> >
> > * SPN found
> >
>
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/146ddf16-8e52-48bb-aff0-c70d60c56d7e/m
> > ydomain.com
> >
> > * SPN found :HOST/dc.mydomain.com/mydomain.com
> >
> > * SPN found :HOST/dc.mydomain.com
> >
> > * SPN found :HOST/DC
> >
> > * SPN found :HOST/dc.mydomain.com/MYDOMAIN
> >
> > * SPN found :GC/dc.mydomain.com/mydomain.com
> >
> > ......................... DC passed test MachineAccount
> >
> > Starting test: Services
> >
> > * Checking Service: Dnscache
> >
> > * Checking Service: NtFrs
> >
> > * Checking Service: IsmServ
> >
> > * Checking Service: kdc
> >
> > * Checking Service: SamSs
> >
> > * Checking Service: LanmanServer
> >
> > * Checking Service: LanmanWorkstation
> >
> > * Checking Service: RpcSs
> >
> > * Checking Service: w32time
> >
> > * Checking Service: NETLOGON
> >
> > ......................... DC passed test Services
> >
> > Test omitted by user request: OutboundSecureChannels
> >
> > Starting test: ObjectsReplicated
> >
> > DC is in domain DC=mydomain,DC=com
> >
> > Checking for CN=DC,OU=Domain Controllers,DC=mydomain,DC=com in
> > domain DC=mydomain,DC=com on 1 servers
> >
> > Object is up-to-date on all servers.
> >
> > Checking for CN=NTDS
> >
>
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
> > =com in domain CN=Configuration,DC=mydomain,DC=com on 1 servers
> >
> > Object is up-to-date on all servers.
> >
> > ......................... DC passed test ObjectsReplicated
> >
> > Starting test: frssysvol
> >
> > * The File Replication Service SYSVOL ready test
> >
> > File Replication Service's SYSVOL is ready
> >
> > ......................... DC passed test frssysvol
> >
> > Starting test: frsevent
> >
> > * The File Replication Service Event log test
> >
> > ......................... DC passed test frsevent
> >
> > Starting test: kccevent
> >
> > * The KCC Event log test
> >
> > Found no KCC errors in Directory Service Event log in the last
15
> > minutes.
> >
> > ......................... DC passed test kccevent
> >
> > Starting test: systemlog
> >
> > * The System Event log test
> >
> > Found no errors in System Event log in the last 60 minutes.
> >
> > ......................... DC passed test systemlog
> >
> > Test omitted by user request: VerifyReplicas
> >
> > Starting test: VerifyReferences
> >
> > The system object reference (serverReference)
> >
> >
> > CN=DC,OU=Domain Controllers,DC=mydomain,DC=com and backlink on
> >
> >
> >
> > CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC=com
> >
> >
> > are correct.
> >
> > The system object reference (frsComputerReferenceBL)
> >
> >
> > CN=DC,CN=Domain System Volume (SYSVOL share),CN=File
Replication
> > Service,CN=System,DC=mydomain,DC=com
> >
> >
> > and backlink on CN=DC,OU=Domain Controllers,DC=mydomain,DC=com
> are
> >
> >
> > correct.
> >
> > The system object reference (serverReferenceBL)
> >
> >
> > CN=DC,CN=Domain System Volume (SYSVOL share),CN=File
Replication
> > Service,CN=System,DC=mydomain,DC=com
> >
> >
> > and backlink on
> >
> >
> > CN=NTDS
> >
>
Settings,CN=DC,CN=Servers,CN=Wausau,CN=Sites,CN=Configuration,DC=mydomain,DC
> > =com
> >
> >
> > are correct.
> >
> > ......................... DC passed test VerifyReferences
> >
> > Test omitted by user request: VerifyEnterpriseReferences
> >
> >
> >
> > Running partition tests on : ForestDnsZones
> >
> > Starting test: CrossRefValidation
> >
> > ......................... ForestDnsZones passed test
> > CrossRefValidation
> >
> > Starting test: CheckSDRefDom
> >
> > ......................... ForestDnsZones passed test
> CheckSDRefDom
> >
> >
> >
> > Running partition tests on : DomainDnsZones
> >
> > Starting test: CrossRefValidation
> >
> > ......................... DomainDnsZones passed test
> > CrossRefValidation
> >
> > Starting test: CheckSDRefDom
> >
> > ......................... DomainDnsZones passed test
> CheckSDRefDom
> >
> >
> >
> > Running partition tests on : Schema
> >
> > Starting test: CrossRefValidation
> >
> > ......................... Schema passed test CrossRefValidation
> >
> > Starting test: CheckSDRefDom
> >
> > ......................... Schema passed test CheckSDRefDom
> >
> >
> >
> > Running partition tests on : Configuration
> >
> > Starting test: CrossRefValidation
> >
> > ......................... Configuration passed test
> > CrossRefValidation
> >
> > Starting test: CheckSDRefDom
> >
> > ......................... Configuration passed test
CheckSDRefDom
> >
> >
> >
> > Running partition tests on : mydomain
> >
> > Starting test: CrossRefValidation
> >
> > ......................... mydomain passed test
CrossRefValidation
> >
> > Starting test: CheckSDRefDom
> >
> > ......................... mydomain passed test CheckSDRefDom
> >
> >
> >
> > Running enterprise tests on : mydomain.com
> >
> > Starting test: Intersite
> >
> > Skipping site Wausau, this site is outside the scope provided
by
> > the
> >
> >
> > command line arguments provided.
> >
> > Skipping site Waverly, this site is outside the scope provided
by
> > the
> >
> >
> > command line arguments provided.
> >
> > Skipping site Corning, this site is outside the scope provided
by
> > the
> >
> >
> > command line arguments provided.
> >
> > Skipping site LakeWales, this site is outside the scope
provided
> by
> >
> >
> > the command line arguments provided.
> >
> > Skipping site SouthHill, this site is outside the scope
provided
> by
> >
> >
> > the command line arguments provided.
> >
> > Skipping site Paulding, this site is outside the scope provided
> by
> > the
> >
> >
> > command line arguments provided.
> >
> > Skipping site Charleston, this site is outside the scope
provided
> > by
> >
> >
> > the command line arguments provided.
> >
> > ......................... mydomain.com passed test Intersite
> >
> > Starting test: FsmoCheck
> >
> > GC Name: \\dc.mydomain.com
> >
> > Locator Flags: 0xe00003fd
> >
> > PDC Name: \\dc.mydomain.com
> >
> > Locator Flags: 0xe00003fd
> >
> > Time Server Name: \\dc.mydomain.com
> >
> > Locator Flags: 0xe00003fd
> >
> > Preferred Time Server Name: \\dc.mydomain.com
> >
> > Locator Flags: 0xe00003fd
> >
> > KDC Name: \\dc.mydomain.com
> >
> > Locator Flags: 0xe00003fd
> >
> > ......................... mydomain.com passed test FsmoCheck
> >
> >
> >
> >
> >
> >
> >
> > "Ace Fekay [MVP]"
> > <PleaseSubstituteMyActualFirstName&(E-Mail Removed)> wrote in
> > message news:(E-Mail Removed)...
> > > In news:%23Vm%(E-Mail Removed),
> > > Chris T. <(E-Mail Removed)> posted their thoughts, then I offered
> > mine
> > > > This is in regards to this post of yours I am running out of places
> > > > to get
> > > > help and you seem to know your stuff could you help me?
> > > >
> > > >
> > >
> >
>
http://groups.google.com/groups?hl=e...gbl%26rnum%3D5
> > > >
> > > > I am getting 4004 and 4015 errors windows 2003 server this is one
> > > > forest and
> > > > a single domain.
> > > >
> > > >
> > > >
> > > > I Open Active Directory Users and Computers.
> > > >
> > > > - Under the View menu, select Advanced.
> > > >
> > > > - Expand your mydomain.com node, then expand System, then expand
> > > >
> > > > MicrosoftDNS
> > > >
> > > > When I look in this area I see.
> > > >
> > > > mydomain.comCNF:c75a95b2-51de-41a7-88a1-57a4146e9197
> > > >
> > > > mydomain.comCNF:267b3130-a21e-4f79-84c7-777ce8fccca2
> > > >
> > > > mydomain.comCNF:10e5fb6c-55a5-4617-b252-63d0b82e4f6d
> > > >
> > > > mydomain.com
> > > >
> > > > RootDNSServers
> > > >
> > > > Is this normal or is it corruption?
> > > >
> > > >
> > > >
> > > > IF I open ADSI edit and look under
> > > >
> > > > DC=domaindnszones, dc=wausauhomes, dc=com
> > > >
> > > > MicrosoftDNS
> > > >
> > > > I do not see mydomain under adsi edit here at all I do see all my
> > > > reverse
> > > > lookup zones though. And a bunch of stuff like this:
> > > >
> > > > DC=..InProgress-40805F2200AA3B48-0.20.172.in-addr.arpa
> > > >
> > > > DC=..InProgress-408C1B682E817945-mydomain.com
> > > >
> > > > DC=..InProgress-408C1B862E81ED7B-wausauhomes.com
> > > >
> > > > I have like 15 entries like this.
> > >
> > >
> > > The "CNF"s mean they are duplicates. This seems to point to a
> replication
> > > issue. But you only have one DC you say or two DCs? If you have two
DCs,
> > are
> > > they separated by a firewall or a Proxy or ISA server or an ADSL line
> with
> > > MTU altered settings?
> > >
> > > In addition to the information I asked above, can you run:
> > >
> > > netdiag /v /fix > c:\netdiag.txt
> > > dcdiag /v > c:\dcdiag.txt
> > >
> > > and post those two files please?
> > >
> > > Thanks
> > >
> > >
> > > --
> > > Regards,
> > > Ace
> > >
> > > Please direct all replies to the newsgroup so all can benefit.
> > > This posting is provided "AS-IS" with no warranties and confers no
> > > rights.
> > >
> > > Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
> > > Microsoft Windows MVP - Active Directory
> > >
> > > HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
> > > pig. --
> > > =================================
> > >
> > >
> >
> >
>
>

In news:(E-Mail Removed),
Chris T. <(E-Mail Removed)> posted their thoughts, then I offered mine
> Here is everything you asked for. Thank you for you help.
>
>
>
> I have 7 Domain Controllers two at the main office and one at each
> branch
> plant. They all are running DNS. There are no firewalls in place at
> all
> between the system I think the duplicates happened because myself and
> another network tech here where creating zones at the same time and
> that is
> how the corruption happened. How do I clean this out of active
> directory do
> I uninstall dns and reinstall. Do I delete all the zones? I found this
> article on Microsoft website about removing DNS and reinstalling it:
> Q294328
>
>
>
> Is this the recommend approach for this problem?
>
>
>
> Should I delete the CNFs with ADSI Edit if they are duplicates?
>
>
>
>> DC=..InProgress-40805F2200AA3B48-0.20.172.in-addr.arpa
>>
>> DC=..InProgress-408C1B682E817945-mydomain.com
>
>
>
> Should I delete this Inprogress stuff which is under DomainDNSZones
> MicrosoftDNS?
>
>
>
>
>
>
>
> In addition to this I was getting a duplicate zone error a few days
> ago with
> event id 4515
>
> So I removed the duplicate zone from DomainDNSZones
>
> Was that the right thing to do? From what I read on the news groups
> that is
> what is recommended
>

Thanks for posting that data. Don't worry about the netdiag at this time.
Your dcdiag actually looks good, unless I missed something.

Yes, that was the correct thing to do. For the CNF's, yes DELETE them.
Delete the inprogress stuff as well. You really can't do anything with them
anyway. You NEED to coordinate your efforts with the other admins. Too many
chiefs.... etc, can cause problems in this business.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================

In news:uEb%(E-Mail Removed),
Chris T. <(E-Mail Removed)> posted their thoughts, then I offered mine
> Ace have anymore ideas?
>


Did my other post help?

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================

Yes, that answers my questions thanks for all the help.

"Ace Fekay [MVP]"
<PleaseSubstituteMyActualFirstName&(E-Mail Removed)> wrote in
message news:(E-Mail Removed)...
> In news:(E-Mail Removed),
> Chris T. <(E-Mail Removed)> posted their thoughts, then I offered
mine
> > Here is everything you asked for. Thank you for you help.
> >
> >
> >
> > I have 7 Domain Controllers two at the main office and one at each
> > branch
> > plant. They all are running DNS. There are no firewalls in place at
> > all
> > between the system I think the duplicates happened because myself and
> > another network tech here where creating zones at the same time and
> > that is
> > how the corruption happened. How do I clean this out of active
> > directory do
> > I uninstall dns and reinstall. Do I delete all the zones? I found this
> > article on Microsoft website about removing DNS and reinstalling it:
> > Q294328
> >
> >
> >
> > Is this the recommend approach for this problem?
> >
> >
> >
> > Should I delete the CNFs with ADSI Edit if they are duplicates?
> >
> >
> >
> >> DC=..InProgress-40805F2200AA3B48-0.20.172.in-addr.arpa
> >>
> >> DC=..InProgress-408C1B682E817945-mydomain.com
> >
> >
> >
> > Should I delete this Inprogress stuff which is under DomainDNSZones
> > MicrosoftDNS?
> >
> >
> >
> >
> >
> >
> >
> > In addition to this I was getting a duplicate zone error a few days
> > ago with
> > event id 4515
> >
> > So I removed the duplicate zone from DomainDNSZones
> >
> > Was that the right thing to do? From what I read on the news groups
> > that is
> > what is recommended
> >
>
> Thanks for posting that data. Don't worry about the netdiag at this time.
> Your dcdiag actually looks good, unless I missed something.
>
> Yes, that was the correct thing to do. For the CNF's, yes DELETE them.
> Delete the inprogress stuff as well. You really can't do anything with
them
> anyway. You NEED to coordinate your efforts with the other admins. Too
many
> chiefs.... etc, can cause problems in this business.
>
> --
> Regards,
> Ace
>
> Please direct all replies to the newsgroup so all can benefit.
> This posting is provided "AS-IS" with no warranties and confers no
> rights.
>
> Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
> Microsoft Windows MVP - Active Directory
>
> HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
> pig. --
> =================================
>
>

In news:(E-Mail Removed),
Chris T. <(E-Mail Removed)> posted their thoughts, then I offered mine
> Yes, that answers my questions thanks for all the help.
>



My pleasure.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================