Hello:

We have an Exchange 2003 Server SP2 running on a W2k3 SP1 box. There are two
DC's for the domain, both of them DNS Servers. All three servers are on the
same VLAN.

The problem we are experiencing is the following. Some time to time, the
Exchange server looses connection with AD. For example, running Active
Directory Users and Computers will display you an error indicating that the
domain could not be contacted. System Attendant would log lots of error
saying that there are no available domain controllers.

If you PING the DCs by their IP addresses, they reply fine. However, if you
PING them by their FQDN, the names are never resolved. The exchange box has
both DCs/DNS configured correctly.

However (and this is the strange part), if you stop and restart the Windows
Service "DNS Client Service", then all communication with the DCs is
restablished, and now you can PING the DCs by using their FQDNs. However, 30
to 1 hour later the problem happens again.

As a workaround, we hardcoded on the hosts file the FQDNs of the DCs, but
the server has some other less serious erratic behaviour that could be due to
this problem, so we really want to solve it out.

Thanks.

Luis Carlos Delgado (Costa Rica) wrote:
> Hello:
>
> We have an Exchange 2003 Server SP2 running on a W2k3 SP1 box. There
> are two DC's for the domain, both of them DNS Servers. All three
> servers are on the same VLAN.
>
> The problem we are experiencing is the following. Some time to time,
> the Exchange server looses connection with AD. For example, running
> Active Directory Users and Computers will display you an error
> indicating that the domain could not be contacted. System Attendant
> would log lots of error saying that there are no available domain
> controllers.
>
> If you PING the DCs by their IP addresses, they reply fine. However,
> if you PING them by their FQDN, the names are never resolved. The
> exchange box has both DCs/DNS configured correctly.
>
> However (and this is the strange part), if you stop and restart the
> Windows Service "DNS Client Service", then all communication with the
> DCs is restablished, and now you can PING the DCs by using their
> FQDNs. However, 30 to 1 hour later the problem happens again.
>
> As a workaround, we hardcoded on the hosts file the FQDNs of the DCs,
> but the server has some other less serious erratic behaviour that
> could be due to this problem, so we really want to solve it out.

This behavior is typical of having an external DNS in TCP/IP properties. In
an AD environment no external or ISP's DNS should be used in TCP/IP
properties, in any position. Use only DNS servers that support the AD
domain, in all positions, on all interfaces.


--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

Hello Kevin:

Thanks for your reply.

The server has one interface only. It's primary DNS server is one DC/DNS.
The secondary DNS is the other DC/DNS. So, there are no external DNS's
configured.

Now, the server's Exchange SMTP connector, on the advanced outbound
properties, has two ISPs DNS configured. But this is configured on Exchange
itself, not on the TCP/IP properties. Would you suggest erasing/changing this
configuration on the Exchange System Manager? What do you think?

Thanks.
"Kevin D. Goodknecht Sr. [MVP]" wrote:

> Luis Carlos Delgado (Costa Rica) wrote:
> > Hello:
> >
> > We have an Exchange 2003 Server SP2 running on a W2k3 SP1 box. There
> > are two DC's for the domain, both of them DNS Servers. All three
> > servers are on the same VLAN.
> >
> > The problem we are experiencing is the following. Some time to time,
> > the Exchange server looses connection with AD. For example, running
> > Active Directory Users and Computers will display you an error
> > indicating that the domain could not be contacted. System Attendant
> > would log lots of error saying that there are no available domain
> > controllers.
> >
> > If you PING the DCs by their IP addresses, they reply fine. However,
> > if you PING them by their FQDN, the names are never resolved. The
> > exchange box has both DCs/DNS configured correctly.
> >
> > However (and this is the strange part), if you stop and restart the
> > Windows Service "DNS Client Service", then all communication with the
> > DCs is restablished, and now you can PING the DCs by using their
> > FQDNs. However, 30 to 1 hour later the problem happens again.
> >
> > As a workaround, we hardcoded on the hosts file the FQDNs of the DCs,
> > but the server has some other less serious erratic behaviour that
> > could be due to this problem, so we really want to solve it out.
>
> This behavior is typical of having an external DNS in TCP/IP properties. In
> an AD environment no external or ISP's DNS should be used in TCP/IP
> properties, in any position. Use only DNS servers that support the AD
> domain, in all positions, on all interfaces.
>
>
> --
> Best regards,
> Kevin D. Goodknecht Sr. [MVP]
> Hope This Helps
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> http://support.wftx.us/
> https://secure.lsaol.com/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ===================================
>
>
>

Luis Carlos Delgado (Costa Rica) wrote:
> Hello Kevin:
>
> Thanks for your reply.
>
> The server has one interface only. It's primary DNS server is one
> DC/DNS. The secondary DNS is the other DC/DNS. So, there are no
> external DNS's configured.
>
> Now, the server's Exchange SMTP connector, on the advanced outbound
> properties, has two ISPs DNS configured. But this is configured on
> Exchange itself, not on the TCP/IP properties. Would you suggest
> erasing/changing this configuration on the Exchange System Manager?
> What do you think?

The DNS servers configured in the SMTP virtual server are used only by the
SMTP virtual server. This has all the symptoms of having an incorrect DNS in
TCP/IP properties, possibly from a GPO.
Run this in a command prompt:
gpresult /v


--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================