I run the company and need to pay attention to technical matters. I
examined the event viewer. What is have listed below are shorted
version of the event. My impression is the event viewer should be
relatively clean.

I asked the Sys Admin to fix these issues. That was weeks ago. Am I
overreacting? I'm thinking the network should be without blemish.
We're using IP addresses to map over the Wan and I prefer FQDN. I told
the Sys Admin it's only three servers and 25 computers -and it
shouldn't be too esoteric to fix things.
Anyway have a look at these persistent events and let me know if I'm
too concerned.

Event Type: Error
Event Source: NETLOGON
Event ID: 5775
Deregistration of the DNS record
'_gc._tcp.Warehouse._sites.laeyeworks.com. 600 IN SRV 0 100 3268
LADC1.laeyeworks.com.' failed with the following error:
DNS operation refused.

Event Type: Error
Event Source: NETLOGON
Description:
The File Replication Service is having trouble enabling replication
from EYEWORKS-BDC to EYEWORKS-PDC2 for c:\winnt\sysvol\domain using
the DNS name eyeworks-bdc.laeyeworks.com. FRS will keep retrying.
Following are some of the reasons you would see this warning.

[1] FRS can not correctly resolve the DNS name eyeworks-
bdc.laeyeworks.com from this computer.
[2] FRS is not running on eyeworks-bdc.laeyeworks.com.
[3] The topology information in the Active Directory for this replica
has not yet replicated to all the Domain Controllers.


Event Source: DNS
Event ID: 4004
Description:
The DNS server was unable to complete directory service enumeration of
zone .. This DNS server is configured to use information obtained
from Active Directory for this zone and is unable to load the zone
without it. Check that the Active Directory is functioning properly
and repeat enumeration of the zone. The event data contains the
error.

Event Type: Error
Event Source: NTDS KCC
Event ID: 1311
Description:
The Directory Service consistency checker has determined that either
(a) there is not enough physical connectivity published via the Active
Directory Sites and Services Manager to create a spanning tree
connecting all the sites containing the Partition
CN=Configuration,DC=laeyeworks,DC=com, or (b) replication cannot be
performed with one or more critical servers in order for changes to
propagate across all sites (most often due to the servers being
unreachable).

For (a), please use the Active Directory Sites and Services Manager to
do one of the following:
1. Publish sufficient site connectivity information such that the
system can infer a route by which this Partition can reach this site.
This option is preferred.
2. Add an ntdsConnection object to a Domain Controller that contains
the Partition CN=Configuration,DC=laeyeworks,DC=com in this site from
a Domain Controller that contains the same Partition in another
site.
For (b), please see previous events logged by the NTDS KCC source that
identify the servers that could not be contacted.

These are the most glaring examples. It's just over the wire, a Wan,
office to factory, a three mile distance. With such a tiny network I'd
think our SysAdmin could easily correct these anomalies.

Thanks
Mark S

Hello Parvardigar,

Please give some more infos about the kind of server, Domain controller DNS
DHCP etc. and how they are located. Also what Operating system with which
SP you run.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.

> I run the company and need to pay attention to technical matters. I
> examined the event viewer. What is have listed below are shorted
> version of the event. My impression is the event viewer should be
> relatively clean.
>
> I asked the Sys Admin to fix these issues. That was weeks ago. Am I
> overreacting? I'm thinking the network should be without blemish.
> We're using IP addresses to map over the Wan and I prefer FQDN. I told
> the Sys Admin it's only three servers and 25 computers -and it
> shouldn't be too esoteric to fix things.
> Anyway have a look at these persistent events and let me know if I'm
> too concerned.
> Event Type: Error
> Event Source: NETLOGON
> Event ID: 5775
> Deregistration of the DNS record
> '_gc._tcp.Warehouse._sites.laeyeworks.com. 600 IN SRV 0 100 3268
> LADC1.laeyeworks.com.' failed with the following error:
> DNS operation refused.
> Event Type: Error
> Event Source: NETLOGON
> Description:
> The File Replication Service is having trouble enabling replication
> from EYEWORKS-BDC to EYEWORKS-PDC2 for c:\winnt\sysvol\domain using
> the DNS name eyeworks-bdc.laeyeworks.com. FRS will keep retrying.
> Following are some of the reasons you would see this warning.
> [1] FRS can not correctly resolve the DNS name eyeworks-
> bdc.laeyeworks.com from this computer.
> [2] FRS is not running on eyeworks-bdc.laeyeworks.com.
> [3] The topology information in the Active Directory for this replica
> has not yet replicated to all the Domain Controllers.
> Event Source: DNS
> Event ID: 4004
> Description:
> The DNS server was unable to complete directory service enumeration of
> zone .. This DNS server is configured to use information obtained
> from Active Directory for this zone and is unable to load the zone
> without it. Check that the Active Directory is functioning properly
> and repeat enumeration of the zone. The event data contains the
> error.
> Event Type: Error
> Event Source: NTDS KCC
> Event ID: 1311
> Description:
> The Directory Service consistency checker has determined that either
> (a) there is not enough physical connectivity published via the Active
> Directory Sites and Services Manager to create a spanning tree
> connecting all the sites containing the Partition
> CN=Configuration,DC=laeyeworks,DC=com, or (b) replication cannot be
> performed with one or more critical servers in order for changes to
> propagate across all sites (most often due to the servers being
> unreachable).
> For (a), please use the Active Directory Sites and Services Manager to
> do one of the following:
> 1. Publish sufficient site connectivity information such that the
> system can infer a route by which this Partition can reach this site.
> This option is preferred.
> 2. Add an ntdsConnection object to a Domain Controller that contains
> the Partition CN=Configuration,DC=laeyeworks,DC=com in this site from
> a Domain Controller that contains the same Partition in another
> site.
> For (b), please see previous events logged by the NTDS KCC source that
> identify the servers that could not be contacted.
> These are the most glaring examples. It's just over the wire, a Wan,
> office to factory, a three mile distance. With such a tiny network I'd
> think our SysAdmin could easily correct these anomalies.
>
> Thanks
> Mark S

On Oct 17, 9:15 am, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
> Hello Parvardigar,
>
> Please give some more infos about the kind of server, Domain controller DNS
> DHCP etc. and how they are located. Also what Operating system with which
> SP you run.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
>
>
>
> > I run the company and need to pay attention to technical matters. I
> > examined the event viewer. What is have listed below are shorted
> > version of the event. My impression is the event viewer should be
> > relatively clean.
>
> > I asked the Sys Admin to fix these issues. That was weeks ago. Am I
> > overreacting? I'm thinking the network should be without blemish.
> > We're using IP addresses to map over the Wan and I prefer FQDN. I told
> > the Sys Admin it's only three servers and 25 computers -and it
> > shouldn't be too esoteric to fix things.
> > Anyway have a look at these persistent events and let me know if I'm
> > too concerned.
> > Event Type: Error
> > Event Source: NETLOGON
> > Event ID: 5775
> > Deregistration of the DNS record
> > '_gc._tcp.Warehouse._sites.laeyeworks.com. 600 IN SRV 0 100 3268
> > LADC1.laeyeworks.com.' failed with the following error:
> > DNS operation refused.
> > Event Type: Error
> > Event Source: NETLOGON
> > Description:
> > The File Replication Service is having trouble enabling replication
> > from EYEWORKS-BDC to EYEWORKS-PDC2 for c:\winnt\sysvol\domain using
> > the DNS name eyeworks-bdc.laeyeworks.com. FRS will keep retrying.
> > Following are some of the reasons you would see this warning.
> > [1] FRS can not correctly resolve the DNS name eyeworks-
> > bdc.laeyeworks.com from this computer.
> > [2] FRS is not running on eyeworks-bdc.laeyeworks.com.
> > [3] The topology information in the Active Directory for this replica
> > has not yet replicated to all the Domain Controllers.
> > Event Source: DNS
> > Event ID: 4004
> > Description:
> > The DNS server was unable to complete directory service enumeration of
> > zone .. This DNS server is configured to use information obtained
> > from Active Directory for this zone and is unable to load the zone
> > without it. Check that the Active Directory is functioning properly
> > and repeat enumeration of the zone. The event data contains the
> > error.
> > Event Type: Error
> > Event Source: NTDS KCC
> > Event ID: 1311
> > Description:
> > The Directory Service consistency checker has determined that either
> > (a) there is not enough physical connectivity published via the Active
> > Directory Sites and Services Manager to create a spanning tree
> > connecting all the sites containing the Partition
> > CN=Configuration,DC=laeyeworks,DC=com, or (b) replication cannot be
> > performed with one or more critical servers in order for changes to
> > propagate across all sites (most often due to the servers being
> > unreachable).
> > For (a), please use the Active Directory Sites and Services Manager to
> > do one of the following:
> > 1. Publish sufficient site connectivity information such that the
> > system can infer a route by which this Partition can reach this site.
> > This option is preferred.
> > 2. Add an ntdsConnection object to a Domain Controller that contains
> > the Partition CN=Configuration,DC=laeyeworks,DC=com in this site from
> > a Domain Controller that contains the same Partition in another
> > site.
> > For (b), please see previous events logged by the NTDS KCC source that
> > identify the servers that could not be contacted.
> > These are the most glaring examples. It's just over the wire, a Wan,
> > office to factory, a three mile distance. With such a tiny network I'd
> > think our SysAdmin could easily correct these anomalies.
>
> > Thanks
> > Mark S- Hide quoted text -
>
> - Show quoted text -

Thanks. On the company side its a windows 2000 server PDC (Domain
Controller; DNS; Active Directory; DHCP) and windows 2000 terminal
server client running Citrix Metaframe XP. On the PDC is our database
application, Windows Navision. Users overseas log in Citrix to use
Navision. Users from the factory side (BDC windows 2000) log in to
Citrix, and process orders using Navision. Logging into Citrix to
process accounts, orders, payables and so forth with their published
apps -seamless no problems). It boils down to DNS over the Wan. If
factory workers need files off the PDC we used to simply map over
FQDN. For years. Now with our new Sys Admin I'm struggling to
communicate that, to me, the event viewer is cluttered with warnings -
and can he please fix this. We're working with mapping using IP
addresses from the factory to the files on the PDC. I feel the network
isn't fully optimized, isn't fully operational. I hope this helps.
Thanks

Hello Parvardigar,

It seems to be an DNS/Replication problem. Maybe start here:
http://www.eventid.net/display.asp?e...%20KCC&phase=1

http://technet2.microsoft.com/window....mspx?mfr=true

http://support.microsoft.com/kb/214745/en-us

http://www.eventid.net/display.asp?e...ce=DNS&phase=1

http://support.microsoft.com/kb/259277

Additional would be nice if you can post an unedited ipconfig /all from btoh
DC's here. Just for your info, since windows 2000 there is no longer a PDC/BDC
concept. You have just Domain controllers which are all the same except for
the 5 FSMO roles.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.

> On Oct 17, 9:15 am, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
>
>> Hello Parvardigar,
>>
>> Please give some more infos about the kind of server, Domain
>> controller DNS DHCP etc. and how they are located. Also what
>> Operating system with which SP you run.
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers
>> no rights.
>>> I run the company and need to pay attention to technical matters. I
>>> examined the event viewer. What is have listed below are shorted
>>> version of the event. My impression is the event viewer should be
>>> relatively clean.
>>>
>>> I asked the Sys Admin to fix these issues. That was weeks ago. Am I
>>> overreacting? I'm thinking the network should be without blemish.
>>> We're using IP addresses to map over the Wan and I prefer FQDN. I
>>> told
>>> the Sys Admin it's only three servers and 25 computers -and it
>>> shouldn't be too esoteric to fix things.
>>> Anyway have a look at these persistent events and let me know if I'm
>>> too concerned.
>>> Event Type: Error
>>> Event Source: NETLOGON
>>> Event ID: 5775
>>> Deregistration of the DNS record
>>> '_gc._tcp.Warehouse._sites.laeyeworks.com. 600 IN SRV 0 100 3268
>>> LADC1.laeyeworks.com.' failed with the following error:
>>> DNS operation refused.
>>> Event Type: Error
>>> Event Source: NETLOGON
>>> Description:
>>> The File Replication Service is having trouble enabling replication
>>> from EYEWORKS-BDC to EYEWORKS-PDC2 for c:\winnt\sysvol\domain using
>>> the DNS name eyeworks-bdc.laeyeworks.com. FRS will keep retrying.
>>> Following are some of the reasons you would see this warning.
>>> [1] FRS can not correctly resolve the DNS name eyeworks-
>>> bdc.laeyeworks.com from this computer.
>>> [2] FRS is not running on eyeworks-bdc.laeyeworks.com.
>>> [3] The topology information in the Active Directory for this
>>> replica
>>> has not yet replicated to all the Domain Controllers.
>>> Event Source: DNS
>>> Event ID: 4004
>>> Description:
>>> The DNS server was unable to complete directory service enumeration
>>> of
>>> zone .. This DNS server is configured to use information obtained
>>> from Active Directory for this zone and is unable to load the zone
>>> without it. Check that the Active Directory is functioning properly
>>> and repeat enumeration of the zone. The event data contains the
>>> error.
>>> Event Type: Error
>>> Event Source: NTDS KCC
>>> Event ID: 1311
>>> Description:
>>> The Directory Service consistency checker has determined that either
>>> (a) there is not enough physical connectivity published via the
>>> Active
>>> Directory Sites and Services Manager to create a spanning tree
>>> connecting all the sites containing the Partition
>>> CN=Configuration,DC=laeyeworks,DC=com, or (b) replication cannot be
>>> performed with one or more critical servers in order for changes to
>>> propagate across all sites (most often due to the servers being
>>> unreachable).
>>> For (a), please use the Active Directory Sites and Services Manager
>>> to
>>> do one of the following:
>>> 1. Publish sufficient site connectivity information such that the
>>> system can infer a route by which this Partition can reach this
>>> site.
>>> This option is preferred.
>>> 2. Add an ntdsConnection object to a Domain Controller that contains
>>> the Partition CN=Configuration,DC=laeyeworks,DC=com in this site
>>> from
>>> a Domain Controller that contains the same Partition in another
>>> site.
>>> For (b), please see previous events logged by the NTDS KCC source
>>> that
>>> identify the servers that could not be contacted.
>>> These are the most glaring examples. It's just over the wire, a Wan,
>>> office to factory, a three mile distance. With such a tiny network
>>> I'd
>>> think our SysAdmin could easily correct these anomalies.
>>> Thanks
>>> Mark S- Hide quoted text -
>> - Show quoted text -
>>
> Thanks. On the company side its a windows 2000 server PDC (Domain
> Controller; DNS; Active Directory; DHCP) and windows 2000 terminal
> server client running Citrix Metaframe XP. On the PDC is our database
> application, Windows Navision. Users overseas log in Citrix to use
> Navision. Users from the factory side (BDC windows 2000) log in to
> Citrix, and process orders using Navision. Logging into Citrix to
> process accounts, orders, payables and so forth with their published
> apps -seamless no problems). It boils down to DNS over the Wan. If
> factory workers need files off the PDC we used to simply map over
> FQDN. For years. Now with our new Sys Admin I'm struggling to
> communicate that, to me, the event viewer is cluttered with warnings -
> and can he please fix this. We're working with mapping using IP
> addresses from the factory to the files on the PDC. I feel the network
> isn't fully optimized, isn't fully operational. I hope this helps.
> Thanks
>

On Oct 17, 2:25 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
> Hello Parvardigar,
>
> It seems to be an DNS/Replication problem. Maybe start here:http://www.eventid.net/display.asp?e...=524&source=NT...
>
> http://technet2.microsoft.com/window...fa4c9981-5749-...
>
> http://support.microsoft.com/kb/214745/en-us
>
> http://www.eventid.net/display.asp?e...=334&source=DN...
>
> http://support.microsoft.com/kb/259277
>
> Additional would be nice if you can post an unedited ipconfig /all from btoh
> DC's here. Just for your info, since windows 2000 there is no longer a PDC/BDC
> concept. You have just Domain controllers which are all the same except for
> the 5 FSMO roles.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
>
>
>
> > On Oct 17, 9:15 am, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
>
> >> Hello Parvardigar,
>
> >> Please give some more infos about the kind of server, Domain
> >> controller DNS DHCP etc. and how they are located. Also what
> >> Operating system with which SP you run.
>
> >> Best regards
>
> >> Meinolf Weber
> >> Disclaimer: This posting is provided "AS IS" with no warranties, and
> >> confers
> >> no rights.
> >>> I run the company and need to pay attention to technical matters. I
> >>> examined the event viewer. What is have listed below are shorted
> >>> version of the event. My impression is the event viewer should be
> >>> relatively clean.
>
> >>> I asked the Sys Admin to fix these issues. That was weeks ago. Am I
> >>> overreacting? I'm thinking the network should be without blemish.
> >>> We're using IP addresses to map over the Wan and I prefer FQDN. I
> >>> told
> >>> the Sys Admin it's only three servers and 25 computers -and it
> >>> shouldn't be too esoteric to fix things.
> >>> Anyway have a look at these persistent events and let me know if I'm
> >>> too concerned.
> >>> Event Type: Error
> >>> Event Source: NETLOGON
> >>> Event ID: 5775
> >>> Deregistration of the DNS record
> >>> '_gc._tcp.Warehouse._sites.laeyeworks.com. 600 IN SRV 0 100 3268
> >>> LADC1.laeyeworks.com.' failed with the following error:
> >>> DNS operation refused.
> >>> Event Type: Error
> >>> Event Source: NETLOGON
> >>> Description:
> >>> The File Replication Service is having trouble enabling replication
> >>> from EYEWORKS-BDC to EYEWORKS-PDC2 for c:\winnt\sysvol\domain using
> >>> the DNS name eyeworks-bdc.laeyeworks.com. FRS will keep retrying.
> >>> Following are some of the reasons you would see this warning.
> >>> [1] FRS can not correctly resolve the DNS name eyeworks-
> >>> bdc.laeyeworks.com from this computer.
> >>> [2] FRS is not running on eyeworks-bdc.laeyeworks.com.
> >>> [3] The topology information in the Active Directory for this
> >>> replica
> >>> has not yet replicated to all the Domain Controllers.
> >>> Event Source: DNS
> >>> Event ID: 4004
> >>> Description:
> >>> The DNS server was unable to complete directory service enumeration
> >>> of
> >>> zone .. This DNS server is configured to use information obtained
> >>> from Active Directory for this zone and is unable to load the zone
> >>> without it. Check that the Active Directory is functioning properly
> >>> and repeat enumeration of the zone. The event data contains the
> >>> error.
> >>> Event Type: Error
> >>> Event Source: NTDS KCC
> >>> Event ID: 1311
> >>> Description:
> >>> The Directory Service consistency checker has determined that either
> >>> (a) there is not enough physical connectivity published via the
> >>> Active
> >>> Directory Sites and Services Manager to create a spanning tree
> >>> connecting all the sites containing the Partition
> >>> CN=Configuration,DC=laeyeworks,DC=com, or (b) replication cannot be
> >>> performed with one or more critical servers in order for changes to
> >>> propagate across all sites (most often due to the servers being
> >>> unreachable).
> >>> For (a), please use the Active Directory Sites and Services Manager
> >>> to
> >>> do one of the following:
> >>> 1. Publish sufficient site connectivity information such that the
> >>> system can infer a route by which this Partition can reach this
> >>> site.
> >>> This option is preferred.
> >>> 2. Add an ntdsConnection object to a Domain Controller that contains
> >>> the Partition CN=Configuration,DC=laeyeworks,DC=com in this site
> >>> from
> >>> a Domain Controller that contains the same Partition in another
> >>> site.
> >>> For (b), please see previous events logged by the NTDS KCC source
> >>> that
> >>> identify the servers that could not be contacted.
> >>> These are the most glaring examples. It's just over the wire, a Wan,
> >>> office to factory, a three mile distance. With such a tiny network
> >>> I'd
> >>> think our SysAdmin could easily correct these anomalies.
> >>> Thanks
> >>> Mark S- Hide quoted text -
> >> - Show quoted text -
>
> > Thanks. On the company side its a windows 2000 server PDC (Domain
> > Controller; DNS; Active Directory; DHCP) and windows 2000 terminal
> > server client running Citrix Metaframe XP. On the PDC is our database
> > application, Windows Navision. Users overseas log in Citrix to use
> > Navision. Users from the factory side (BDC windows 2000) log in to
> > Citrix, and process orders using Navision. Logging into Citrix to
> > process accounts, orders, payables and so forth with their published
> > apps -seamless no problems). It boils down to DNS over the Wan. If
> > factory workers need files off the PDC we used to simply map over
> > FQDN. For years. Now with our new Sys Admin I'm struggling to
> > communicate that, to me, the event viewer is cluttered with warnings -
> > and can he please fix this. We're working with mapping using IP
> > addresses from the factory to the files on the PDC. I feel the network
> > isn't fully optimized, isn't fully operational. I hope this helps.
> > Thanks- Hide quoted text -
>
> - Show quoted text -

Thanks for sparing the moment to look into this.

Here it is:
PDC

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : eyeworks-pdc2
Primary DNS Suffix . . . . . . . : laeyeworks.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : laeyeworks.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC7761 Gigabit Server
Adapter
Physical Address. . . . . . . . . : 00-19-BB-23-A2-69
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.254.5
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.254.254
DNS Servers . . . . . . . . . . . : 192.168.254.5
Primary WINS Server . . . . . . . : 192.168.254.5

BDC

Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : eyeworks-bdc
Primary DNS Suffix . . . . . . . : laeyeworks.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : laeyeworks.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 3Com 3C920 Integrated Fast
Ethernet
Controller (3C905C-TX Compatible)
Physical Address. . . . . . . . . : 00-B0-D0-7D-54-A9
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.253.45
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.253.253
DNS Servers . . . . . . . . . . . : 192.168.254.5
Primary WINS Server . . . . . . . : 192.168.253.45

Hello Parvardigar,

I would also make the so called "BDC" a DNS server and use Active directory
integrated zones at first. If both have fully replicated, configure both
DNS servers as preferred DNS on the NIC itself and secondary the other.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.

> On Oct 17, 2:25 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
>
>> Hello Parvardigar,
>>
>> It seems to be an DNS/Replication problem. Maybe start
>> here:http://www.eventid.net/display.asp?e...entno=524&sour
>> ce=NT...
>>
>> http://technet2.microsoft.com/window...fa4c9981-5749-
>> ...
>>
>> http://support.microsoft.com/kb/214745/en-us
>>
>> http://www.eventid.net/display.asp?e...=334&source=DN
>> ...
>>
>> http://support.microsoft.com/kb/259277
>>
>> Additional would be nice if you can post an unedited ipconfig /all
>> from btoh DC's here. Just for your info, since windows 2000 there is
>> no longer a PDC/BDC concept. You have just Domain controllers which
>> are all the same except for the 5 FSMO roles.
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers
>> no rights.
>>> On Oct 17, 9:15 am, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
>>>
>>>> Hello Parvardigar,
>>>>
>>>> Please give some more infos about the kind of server, Domain
>>>> controller DNS DHCP etc. and how they are located. Also what
>>>> Operating system with which SP you run.
>>>>
>>>> Best regards
>>>>
>>>> Meinolf Weber
>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>> and
>>>> confers
>>>> no rights.
>>>>> I run the company and need to pay attention to technical matters.
>>>>> I examined the event viewer. What is have listed below are shorted
>>>>> version of the event. My impression is the event viewer should be
>>>>> relatively clean.
>>>>>
>>>>> I asked the Sys Admin to fix these issues. That was weeks ago. Am
>>>>> I
>>>>> overreacting? I'm thinking the network should be without blemish.
>>>>> We're using IP addresses to map over the Wan and I prefer FQDN. I
>>>>> told
>>>>> the Sys Admin it's only three servers and 25 computers -and it
>>>>> shouldn't be too esoteric to fix things.
>>>>> Anyway have a look at these persistent events and let me know if
>>>>> I'm
>>>>> too concerned.
>>>>> Event Type: Error
>>>>> Event Source: NETLOGON
>>>>> Event ID: 5775
>>>>> Deregistration of the DNS record
>>>>> '_gc._tcp.Warehouse._sites.laeyeworks.com. 600 IN SRV 0 100 3268
>>>>> LADC1.laeyeworks.com.' failed with the following error:
>>>>> DNS operation refused.
>>>>> Event Type: Error
>>>>> Event Source: NETLOGON
>>>>> Description:
>>>>> The File Replication Service is having trouble enabling
>>>>> replication
>>>>> from EYEWORKS-BDC to EYEWORKS-PDC2 for c:\winnt\sysvol\domain
>>>>> using
>>>>> the DNS name eyeworks-bdc.laeyeworks.com. FRS will keep retrying.
>>>>> Following are some of the reasons you would see this warning.
>>>>> [1] FRS can not correctly resolve the DNS name eyeworks-
>>>>> bdc.laeyeworks.com from this computer.
>>>>> [2] FRS is not running on eyeworks-bdc.laeyeworks.com.
>>>>> [3] The topology information in the Active Directory for this
>>>>> replica
>>>>> has not yet replicated to all the Domain Controllers.
>>>>> Event Source: DNS
>>>>> Event ID: 4004
>>>>> Description:
>>>>> The DNS server was unable to complete directory service
>>>>> enumeration
>>>>> of
>>>>> zone .. This DNS server is configured to use information obtained
>>>>> from Active Directory for this zone and is unable to load the zone
>>>>> without it. Check that the Active Directory is functioning
>>>>> properly
>>>>> and repeat enumeration of the zone. The event data contains the
>>>>> error.
>>>>> Event Type: Error
>>>>> Event Source: NTDS KCC
>>>>> Event ID: 1311
>>>>> Description:
>>>>> The Directory Service consistency checker has determined that
>>>>> either
>>>>> (a) there is not enough physical connectivity published via the
>>>>> Active
>>>>> Directory Sites and Services Manager to create a spanning tree
>>>>> connecting all the sites containing the Partition
>>>>> CN=Configuration,DC=laeyeworks,DC=com, or (b) replication cannot
>>>>> be
>>>>> performed with one or more critical servers in order for changes
>>>>> to
>>>>> propagate across all sites (most often due to the servers being
>>>>> unreachable).
>>>>> For (a), please use the Active Directory Sites and Services
>>>>> Manager
>>>>> to
>>>>> do one of the following:
>>>>> 1. Publish sufficient site connectivity information such that the
>>>>> system can infer a route by which this Partition can reach this
>>>>> site.
>>>>> This option is preferred.
>>>>> 2. Add an ntdsConnection object to a Domain Controller that
>>>>> contains
>>>>> the Partition CN=Configuration,DC=laeyeworks,DC=com in this site
>>>>> from
>>>>> a Domain Controller that contains the same Partition in another
>>>>> site.
>>>>> For (b), please see previous events logged by the NTDS KCC source
>>>>> that
>>>>> identify the servers that could not be contacted.
>>>>> These are the most glaring examples. It's just over the wire, a
>>>>> Wan,
>>>>> office to factory, a three mile distance. With such a tiny network
>>>>> I'd
>>>>> think our SysAdmin could easily correct these anomalies.
>>>>> Thanks
>>>>> Mark S- Hide quoted text -
>>>> - Show quoted text -
>>>>
>>> Thanks. On the company side its a windows 2000 server PDC (Domain
>>> Controller; DNS; Active Directory; DHCP) and windows 2000 terminal
>>> server client running Citrix Metaframe XP. On the PDC is our
>>> database application, Windows Navision. Users overseas log in Citrix
>>> to use Navision. Users from the factory side (BDC windows 2000) log
>>> in to Citrix, and process orders using Navision. Logging into Citrix
>>> to process accounts, orders, payables and so forth with their
>>> published apps -seamless no problems). It boils down to DNS over the
>>> Wan. If factory workers need files off the PDC we used to simply map
>>> over FQDN. For years. Now with our new Sys Admin I'm struggling to
>>> communicate that, to me, the event viewer is cluttered with warnings
>>> - and can he please fix this. We're working with mapping using IP
>>> addresses from the factory to the files on the PDC. I feel the
>>> network isn't fully optimized, isn't fully operational. I hope this
>>> helps. Thanks- Hide quoted text -
>>>
>> - Show quoted text -
>>
> Thanks for sparing the moment to look into this.
>
> Here it is:
> PDC
> Windows 2000 IP Configuration
>
> Host Name . . . . . . . . . . . . : eyeworks-pdc2
> Primary DNS Suffix . . . . . . . : laeyeworks.com
> Node Type . . . . . . . . . . . . : Hybrid
> IP Routing Enabled. . . . . . . . : No
> WINS Proxy Enabled. . . . . . . . : No
> DNS Suffix Search List. . . . . . : laeyeworks.com
> Ethernet adapter Local Area Connection:
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : HP NC7761 Gigabit Server
> Adapter
> Physical Address. . . . . . . . . : 00-19-BB-23-A2-69
> DHCP Enabled. . . . . . . . . . . : No
> IP Address. . . . . . . . . . . . : 192.168.254.5
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . : 192.168.254.254
> DNS Servers . . . . . . . . . . . : 192.168.254.5
> Primary WINS Server . . . . . . . : 192.168.254.5
> BDC
>
> Windows 2000 IP Configuration
>
> Host Name . . . . . . . . . . . . : eyeworks-bdc
> Primary DNS Suffix . . . . . . . : laeyeworks.com
> Node Type . . . . . . . . . . . . : Hybrid
> IP Routing Enabled. . . . . . . . : No
> WINS Proxy Enabled. . . . . . . . : No
> DNS Suffix Search List. . . . . . : laeyeworks.com
> Ethernet adapter Local Area Connection:
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : 3Com 3C920 Integrated Fast
> Ethernet
> Controller (3C905C-TX Compatible)
> Physical Address. . . . . . . . . : 00-B0-D0-7D-54-A9
> DHCP Enabled. . . . . . . . . . . : No
> IP Address. . . . . . . . . . . . : 192.168.253.45
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . : 192.168.253.253
> DNS Servers . . . . . . . . . . . : 192.168.254.5
> Primary WINS Server . . . . . . . : 192.168.253.45

On Oct 18, 9:10 am, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
> Hello Parvardigar,
>
> I would also make the so called "BDC" a DNS server and use Active directory
> integrated zones at first. If both have fully replicated, configure both
> DNS servers as preferred DNS on the NIC itself and secondary the other.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
>
>
>
> > On Oct 17, 2:25 pm, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
>
> >> Hello Parvardigar,
>
> >> It seems to be an DNS/Replication problem. Maybe start
> >> here:http://www.eventid.net/display.asp?e...entno=524&sour
> >> ce=NT...
>
> >>http://technet2.microsoft.com/window...fa4c9981-5749-
> >> ...
>
> >>http://support.microsoft.com/kb/214745/en-us
>
> >>http://www.eventid.net/display.asp?e...=334&source=DN
> >> ...
>
> >>http://support.microsoft.com/kb/259277
>
> >> Additional would be nice if you can post an unedited ipconfig /all
> >> from btoh DC's here. Just for your info, since windows 2000 there is
> >> no longer a PDC/BDC concept. You have just Domain controllers which
> >> are all the same except for the 5 FSMO roles.
>
> >> Best regards
>
> >> Meinolf Weber
> >> Disclaimer: This posting is provided "AS IS" with no warranties, and
> >> confers
> >> no rights.
> >>> On Oct 17, 9:15 am, Meinolf Weber <meiweb(nospam)@gmx.de> wrote:
>
> >>>> Hello Parvardigar,
>
> >>>> Please give some more infos about the kind of server, Domain
> >>>> controller DNS DHCP etc. and how they are located. Also what
> >>>> Operating system with which SP you run.
>
> >>>> Best regards
>
> >>>> Meinolf Weber
> >>>> Disclaimer: This posting is provided "AS IS" with no warranties,
> >>>> and
> >>>> confers
> >>>> no rights.
> >>>>> I run the company and need to pay attention to technical matters.
> >>>>> I examined the event viewer. What is have listed below are shorted
> >>>>> version of the event. My impression is the event viewer should be
> >>>>> relatively clean.
>
> >>>>> I asked the Sys Admin to fix these issues. That was weeks ago. Am
> >>>>> I
> >>>>> overreacting? I'm thinking the network should be without blemish.
> >>>>> We're using IP addresses to map over the Wan and I prefer FQDN. I
> >>>>> told
> >>>>> the Sys Admin it's only three servers and 25 computers -and it
> >>>>> shouldn't be too esoteric to fix things.
> >>>>> Anyway have a look at these persistent events and let me know if
> >>>>> I'm
> >>>>> too concerned.
> >>>>> Event Type: Error
> >>>>> Event Source: NETLOGON
> >>>>> Event ID: 5775
> >>>>> Deregistration of the DNS record
> >>>>> '_gc._tcp.Warehouse._sites.laeyeworks.com. 600 IN SRV 0 100 3268
> >>>>> LADC1.laeyeworks.com.' failed with the following error:
> >>>>> DNS operation refused.
> >>>>> Event Type: Error
> >>>>> Event Source: NETLOGON
> >>>>> Description:
> >>>>> The File Replication Service is having trouble enabling
> >>>>> replication
> >>>>> from EYEWORKS-BDC to EYEWORKS-PDC2 for c:\winnt\sysvol\domain
> >>>>> using
> >>>>> the DNS name eyeworks-bdc.laeyeworks.com. FRS will keep retrying.
> >>>>> Following are some of the reasons you would see this warning.
> >>>>> [1] FRS can not correctly resolve the DNS name eyeworks-
> >>>>> bdc.laeyeworks.com from this computer.
> >>>>> [2] FRS is not running on eyeworks-bdc.laeyeworks.com.
> >>>>> [3] The topology information in the Active Directory for this
> >>>>> replica
> >>>>> has not yet replicated to all the Domain Controllers.
> >>>>> Event Source: DNS
> >>>>> Event ID: 4004
> >>>>> Description:
> >>>>> The DNS server was unable to complete directory service
> >>>>> enumeration
> >>>>> of
> >>>>> zone .. This DNS server is configured to use information obtained
> >>>>> from Active Directory for this zone and is unable to load the zone
> >>>>> without it. Check that the Active Directory is functioning
> >>>>> properly
> >>>>> and repeat enumeration of the zone. The event data contains the
> >>>>> error.
> >>>>> Event Type: Error
> >>>>> Event Source: NTDS KCC
> >>>>> Event ID: 1311
> >>>>> Description:
> >>>>> The Directory Service consistency checker has determined that
> >>>>> either
> >>>>> (a) there is not enough physical connectivity published via the
> >>>>> Active
> >>>>> Directory Sites and Services Manager to create a spanning tree
> >>>>> connecting all the sites containing the Partition
> >>>>> CN=Configuration,DC=laeyeworks,DC=com, or (b) replication cannot
> >>>>> be
> >>>>> performed with one or more critical servers in order for changes
> >>>>> to
> >>>>> propagate across all sites (most often due to the servers being
> >>>>> unreachable).
> >>>>> For (a), please use the Active Directory Sites and Services
> >>>>> Manager
> >>>>> to
> >>>>> do one of the following:
> >>>>> 1. Publish sufficient site connectivity information such that the
> >>>>> system can infer a route by which this Partition can reach this
> >>>>> site.
> >>>>> This option is preferred.
> >>>>> 2. Add an ntdsConnection object to a Domain Controller that
> >>>>> contains
> >>>>> the Partition CN=Configuration,DC=laeyeworks,DC=com in this site
> >>>>> from
> >>>>> a Domain Controller that contains the same Partition in another
> >>>>> site.
> >>>>> For (b), please see previous events logged by the NTDS KCC source
> >>>>> that
> >>>>> identify the servers that could not be contacted.
> >>>>> These are the most glaring examples. It's just over the wire, a
> >>>>> Wan,
> >>>>> office to factory, a three mile distance. With such a tiny network
> >>>>> I'd
> >>>>> think our SysAdmin could easily correct these anomalies.
> >>>>> Thanks
> >>>>> Mark S- Hide quoted text -
> >>>> - Show quoted text -
>
> >>> Thanks. On the company side its a windows 2000 server PDC (Domain
> >>> Controller; DNS; Active Directory; DHCP) and windows 2000 terminal
> >>> server client running Citrix Metaframe XP. On the PDC is our
> >>> database application, Windows Navision. Users overseas log in Citrix
> >>> to use Navision. Users from the factory side (BDC windows 2000) log
> >>> in to Citrix, and process orders using Navision. Logging into Citrix
> >>> to process accounts, orders, payables and so forth with their
> >>> published apps -seamless no problems). It boils down to DNS over the
> >>> Wan. If factory workers need files off the PDC we used to simply map
> >>> over FQDN. For years. Now with our new Sys Admin I'm struggling to
> >>> communicate that, to me, the event viewer is cluttered with warnings
> >>> - and can he please fix this. We're working with mapping using IP
> >>> addresses from the factory to the files on the PDC. I feel the
> >>> network isn't fully optimized, isn't fully operational. I hope this
> >>> helps. Thanks- Hide quoted text -
>
> >> - Show quoted text -
>
> > Thanks for sparing the moment to look into this.
>
> > Here it is:
> > PDC
> > Windows 2000 IP Configuration
>
> > Host Name . . . . . . . . . . . . : eyeworks-pdc2
> > Primary DNS Suffix . . . . . . . : laeyeworks.com
> > Node Type . . . . . . . . . . . . : Hybrid
> > IP Routing Enabled. . . . . . . . : No
> > WINS Proxy Enabled. . . . . . . . : No
> > DNS Suffix Search List. . . . . . : laeyeworks.com
> > Ethernet adapter Local Area Connection:
>
> > Connection-specific DNS Suffix . :
> > Description . . . . . . . . . . . : HP NC7761 Gigabit Server
> > Adapter
> > Physical Address. . . . . . . . . : 00-19-BB-23-A2-69
> > DHCP Enabled. . . . . . . . . . . : No
> > IP Address. . . . . . . . . . . . : 192.168.254.5
> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > Default Gateway . . . . . . . . . : 192.168.254.254
> > DNS Servers . . . . . . . . . . . : 192.168.254.5
> > Primary WINS Server . . . . . . . : 192.168.254.5
> > BDC
>
> > Windows 2000 IP Configuration
>
> > Host Name . . . . . . . . . . . . : eyeworks-bdc
> > Primary DNS Suffix . . . . . . . : laeyeworks.com
> > Node Type . . . . . . . . . . . . : Hybrid
> > IP Routing Enabled. . . . . . . . : No
> > WINS Proxy Enabled. . . . . . . . : No
> > DNS Suffix Search List. . . . . . : laeyeworks.com
> > Ethernet adapter Local Area Connection:
>
> > Connection-specific DNS Suffix . :
> > Description . . . . . . . . . . . : 3Com 3C920 Integrated Fast
> > Ethernet
> > Controller (3C905C-TX Compatible)
> > Physical Address. . . . . . . . . : 00-B0-D0-7D-54-A9
> > DHCP Enabled. . . . . . . . . . . : No
> > IP Address. . . . . . . . . . . . : 192.168.253.45
> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > Default Gateway . . . . . . . . . : 192.168.253.253
> > DNS Servers . . . . . . . . . . . : 192.168.254.5
> > Primary WINS Server . . . . . . . : 192.168.253.45- Hide quoted text -
>
> - Show quoted text -

This is good news. Thanks for assisting in tackling this problem.