Hello

I own, and manage, a small company. I am able to maintain a stable
network without the experience of a System Administrator. When extreme
difficulties develop I have an independent support company that
remotely administers, and if it is a crisis, they send over to our
site a tech support team.

We are connected over a WAN from the corporate office to our remote
Warehouse. The Warehouse workers connect via a Citrix Session to
process orders using the Navision Database at the corporate office. At
the corporate office we have the Domain Controller and the Terminal
Server.

The difficulties arose several months ago. I couldn’t access the
Warehouse after opening Network places. I couldn’t access the
Warehouse using RDP.

The independent company’s tech people inspected the BDC at the
Warehouse. They indicated the troubles to be DNS, and that they were
unable to repair, correct, and /or configure DNS.

I would want to be able to fix this computer’s DNS situation, Windows
2000 SP4, serving as a Backup Domain Controller to a healthy state.
Here is the problem: this company indicated we could keep working
under these unusually conditions but that we should replace the Dell
Optiplex with a new computer installed with Server 2003. That would be
a great solution; however, we simply cannot afford to buy the
replacement computer.

Is it possible to correct this problem? I can’t image we are without a
remedy. Why I say that is because for the last several years this
computer performed without a glitch. Somehow last year something went
amiss with DNS. And I can’t image this situation cannot be corrected.

Here are the shortened notes from Event Viewer:

NETLOGON Event ID 5774 Computer: EYEWORKS-BDC Description:
Registration of the DNS record ‘_kpasswd._udp.laeyeworks.com. 600 IN
SRV 0 100 464 eyeworks-bdc.laeyeworks.com ‘ failed with the following
error. DNS operation refused.

NETLOGON Event ID 5774 Computer: EYEWORKS-BDC Description:
Registration of the DNS record ‘_kpasswd._tcp.laeyeworks.com. 600 IN
SRV 0 100 464 eyeworks-bdc.laeyeworks.com ‘ failed with the following
error. DNS operation refused.

NETLOGON: Registration of the DNS record
‘_idap._tcp.dc_msdcs.laeyeworks.com. 600 IN SRV 0 100 464 eyeworks-
bdc.laeyeworks.com ‘ failed with the following error. DNS operation
refused.

These sample type NETLOGON errors are plentiful. The workers do logon
into their machines but it must local credentials that are accepted
because if I use a special Admin login that login attempt fails.

Next Event NTDS KCC Event ID: 1311 Description: The directory service
consistency checker has determined that either there is not enough
physical connectivity published via the Active Directory Sites and
Services Manager to create a spanny tree connecting all the sites
containing the Partition;
CN=configuration, DC=laeyeworks, DC=com or replication cannot be
performed with one or more critical servers in order for changes to
propagate across all sites (most of due to the servers being
unreachable.

And the text continues with additional information.

Event NTDS KCC Event ID: 1566
Event NtFrs Event ID: 13508 Description: File Replication Service is
having trouble enabling replication from EYEWORKS-PDC2 to EYEWORKS-BCD
for c:\winnt\sysvol\domain using the DNS name eyeworks-
pdc2.laeyeworks.com. FRS will keep retrying.

This independent company has contracts with large corporations, and
government agencies. We respect their insights, and have a healthy
relationship with them. However, I have in inclination to believe this
issue can be corrected without having to replace this machine. I would
appreciate any suggestions if we can correct the severe DNS failures
inherent in this computer’s operating system.

Sincerely
John Marhsall

Hello Parvardigar,

How is the connection between main and remote office? Router to router or
VPN connection? Please post an unedited ipconfig /all from both DC/DNS servers.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hello
>
> I own, and manage, a small company. I am able to maintain a stable
> network without the experience of a System Administrator. When extreme
> difficulties develop I have an independent support company that
> remotely administers, and if it is a crisis, they send over to our
> site a tech support team.
>
> We are connected over a WAN from the corporate office to our remote
> Warehouse. The Warehouse workers connect via a Citrix Session to
> process orders using the Navision Database at the corporate office. At
> the corporate office we have the Domain Controller and the Terminal
> Server.
>
> The difficulties arose several months ago. I couldn't access the
> Warehouse after opening Network places. I couldn't access the
> Warehouse using RDP.
>
> The independent company's tech people inspected the BDC at the
> Warehouse. They indicated the troubles to be DNS, and that they were
> unable to repair, correct, and /or configure DNS.
>
> I would want to be able to fix this computer's DNS situation, Windows
> 2000 SP4, serving as a Backup Domain Controller to a healthy state.
> Here is the problem: this company indicated we could keep working
> under these unusually conditions but that we should replace the Dell
> Optiplex with a new computer installed with Server 2003. That would be
> a great solution; however, we simply cannot afford to buy the
> replacement computer.
>
> Is it possible to correct this problem? I can't image we are without a
> remedy. Why I say that is because for the last several years this
> computer performed without a glitch. Somehow last year something went
> amiss with DNS. And I can't image this situation cannot be corrected.
>
> Here are the shortened notes from Event Viewer:
>
> NETLOGON Event ID 5774 Computer: EYEWORKS-BDC Description:
> Registration of the DNS record '_kpasswd._udp.laeyeworks.com. 600 IN
> SRV 0 100 464 eyeworks-bdc.laeyeworks.com ' failed with the following
> error. DNS operation refused.
>
> NETLOGON Event ID 5774 Computer: EYEWORKS-BDC Description:
> Registration of the DNS record '_kpasswd._tcp.laeyeworks.com. 600 IN
> SRV 0 100 464 eyeworks-bdc.laeyeworks.com ' failed with the following
> error. DNS operation refused.
>
> NETLOGON: Registration of the DNS record
> '_idap._tcp.dc_msdcs.laeyeworks.com. 600 IN SRV 0 100 464 eyeworks-
> bdc.laeyeworks.com ' failed with the following error. DNS operation
> refused.
>
> These sample type NETLOGON errors are plentiful. The workers do logon
> into their machines but it must local credentials that are accepted
> because if I use a special Admin login that login attempt fails.
>
> Next Event NTDS KCC Event ID: 1311 Description: The directory service
> consistency checker has determined that either there is not enough
> physical connectivity published via the Active Directory Sites and
> Services Manager to create a spanny tree connecting all the sites
> containing the Partition;
> CN=configuration, DC=laeyeworks, DC=com or replication cannot be
> performed with one or more critical servers in order for changes to
> propagate across all sites (most of due to the servers being
> unreachable.
> And the text continues with additional information.
>
> Event NTDS KCC Event ID: 1566
> Event NtFrs Event ID: 13508 Description: File Replication Service is
> having trouble enabling replication from EYEWORKS-PDC2 to EYEWORKS-BCD
> for c:\winnt\sysvol\domain using the DNS name eyeworks-
> pdc2.laeyeworks.com. FRS will keep retrying.
> This independent company has contracts with large corporations, and
> government agencies. We respect their insights, and have a healthy
> relationship with them. However, I have in inclination to believe this
> issue can be corrected without having to replace this machine. I would
> appreciate any suggestions if we can correct the severe DNS failures
> inherent in this computer's operating system.
>
> Sincerely
> John Marhsall