DNS Lockup

[Guest]

A brief history and thanks to those that helped. I accidently (very tired)
deleted a users computer from the server. I eventually bypassed/reset the
local admin password and got back into the station. I unjoined the station
and reboot. I am now trying to rejoin the station to re-establish the
connection to the server but get an error message:

The following Error occurred validating "our domain" (which is correctly
typed and used on other stations) The condition may be caused by a DNS
Lookup. Keeping in mind that I did switch from this exact setting as domain
to workgroup in attempt to reboot and switch it back to join the network.
Thanks pAc

 

[Herb Martin]

A brief history and thanks to those that helped. I accidently (very tired)
deleted a users computer from the server. I eventually bypassed/reset the
local admin password and got back into the station. I unjoined the station
and reboot. I am now trying to rejoin the station to re-establish the
connection to the server but get an error message:

The following Error occurred validating "our domain" (which is correctly
typed and used on other stations) The condition may be caused by a DNS
Lookup. Keeping in mind that I did switch from this exact setting as domain
to workgroup in attempt to reboot and switch it back to join the network.
Thanks pAc

Well then, the first thing to check would be the DNS
settings on the machine NIC->IP.

This should be STRICTLY the internal DNS servers
for your network.

Show us your IPConfig /all from the DC, and from
the affected workstation. (Paste the text into a message,
do not type it nor use a graphic image.)

 

[Guest]

Thanks Herb, before I get into "who" "where" lol. I have done some reading
and none of probably has anything to do with nothing. I am logged into the
station locally as Admin. From there I changed the connection from Domain to
workgroup to correct a previous problem. Now that I am trying to switch back
to Domain do you think the problem it doesn't recognize the domain is because
I am logged in locally and under Admin. Admin is not a listed user on the
network: well not this local one? In the meantime. Your request, can they
be more specific for I am a beancounter and not much of a bite counter. I
can tell your that this particular workstation along with the other 10 have
"Obtain IP Address Automatically".

 

[Guest]

Also, on the system/station in question I have no problems mapping network
drives so we can access files on the server. The ultimate goal is to be able
to rejoin the network so at next login the user can log in to the domain and
have his/her local files back. It is currently set on workstation and
clearly because it is not domain the logon is only local access for Admin.
hmmm.

 

[Guest]

And then some. Trying to answer before asked. Pinging the server address
from the workstation works fine. I do see a message when looked up on the
server that I am sure is related : Events Viewer: Because of repeated network
problems time service has not been able to find a domain controller to sinc
with. The service will wait 960 minutes before trying again. No syncs will
take place during.

 

[Herb Martin]

You should fix you DNS which is likely the problem.


--
DNS for AD
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) If you have more than one Domain, every DNS server must
be able to resolve ALL domains (either directly or indirectly)

netdiag /fix

....or maybe:

dcdiag /fix

(Win2003 can do this from Support tools):
nltest /dsregdns /serverC-ServerNameGoesHere
http://support.microsoft.com/kb/q260371/

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.

Single Label domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]

 

[Guest]

Herb, I did an IPConfig on the station and see something odd that I don't see
on the other stations.
Primary Suffix "Domain.net"
Node Type "Hybrid"

But under
DNS Suffix Search List it shows two domains. Each are the domain I am
trying to connect with. The first is spelled correctly but the second is
spelled incorrectly. I did not see this duplication on the other stations.
The other stations only show one DNS Suffix Search with the correctly spelled
Domain?

You mentioned netdiag/fx. Is this done from the server and should I have
everyone out prior to doing anything from the server as not to effect the
work being done by others?

Thanks, Paul

You should fix you DNS which is likely the problem.


--
DNS for AD
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) If you have more than one Domain, every DNS server must
be able to resolve ALL domains (either directly or indirectly)

netdiag /fix

....or maybe:

dcdiag /fix

(Win2003 can do this from Support tools):
nltest /dsregdns /serverC-ServerNameGoesHere
http://support.microsoft.com/kb/q260371/

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.

Single Label domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]


--
Herb Martin

And then some. Trying to answer before asked. Pinging the server address
from the workstation works fine. I do see a message when looked up on the
server that I am sure is related : Events Viewer: Because of repeated network
problems time service has not been able to find a domain controller to sinc
with. The service will wait 960 minutes before trying again. No syncs will
take place during.

 

[Herb Martin]

Herb, I did an IPConfig on the station and see something odd that I don't see
on the other stations.
Primary Suffix "Domain.net"
Node Type "Hybrid"

All stations should have their domain name
set in System Control Panel.

But under
DNS Suffix Search List it shows two domains. Each are the domain I am
trying to connect with. The first is spelled correctly but the second is
spelled incorrectly.

Then you should correct it, but suffix lists beyond
the machine name are merely a convenience for the
user (don't need to type full names.)

Multiples or a suffix that is the same as the machines
domain name is worthless (actually slows the machine
slightly sometimes.)

I did not see this duplication on the other stations.
The other stations only show one DNS Suffix Search with the correctly spelled
Domain?

You mentioned netdiag/fx. Is this done from the server and should I have
everyone out prior to doing anything from the server as not to effect the
work being done by others?

NetDiag can also be done on clients. DCDiag only
makes sense when performed on the DC.

I cannot help you unless I can see the output.

Thanks, Paul

You should fix you DNS which is likely the problem.


--
DNS for AD
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) If you have more than one Domain, every DNS server must
be able to resolve ALL domains (either directly or indirectly)

netdiag /fix

....or maybe:

dcdiag /fix

(Win2003 can do this from Support tools):
nltest /dsregdns /serverC-ServerNameGoesHere
http://support.microsoft.com/kb/q260371/

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.

Single Label domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]


--
Herb Martin

And then some. Trying to answer before asked. Pinging the server address
from the workstation works fine. I do see a message when looked up on the
server that I am sure is related : Events Viewer: Because of repeated network
problems time service has not been able to find a domain controller to sinc
with. The service will wait 960 minutes before trying again. No

syncs
will

take place during.


:

Also, on the system/station in question I have no problems mapping network
drives so we can access files on the server. The ultimate goal is

to be
able

to rejoin the network so at next login the user can log in to the

domain
and

have his/her local files back. It is currently set on workstation and
clearly because it is not domain the logon is only local access for Admin.
hmmm.

:

Thanks Herb, before I get into "who" "where" lol. I have done

some
reading

and none of probably has anything to do with nothing. I am logged into the
station locally as Admin. From there I changed the connection

from
Domain to

workgroup to correct a previous problem. Now that I am trying to switch back
to Domain do you think the problem it doesn't recognize the domain

is
because

I am logged in locally and under Admin. Admin is not a listed

user on
the

network: well not this local one? In the meantime. Your request,

can
they

be more specific for I am a beancounter and not much of a bite counter. I
can tell your that this particular workstation along with the

other 10
have

"Obtain IP Address Automatically".

:

A brief history and thanks to those that helped. I accidently (very
tired)
deleted a users computer from the server. I eventually bypassed/reset the
local admin password and got back into the station. I

unjoined
the

station
and reboot. I am now trying to rejoin the station to

re-establish
the

connection to the server but get an error message:

The following Error occurred validating "our domain" (which is correctly
typed and used on other stations) The condition may be caused

by
a DNS

Lookup. Keeping in mind that I did switch from this exact

setting
as

domain
to workgroup in attempt to reboot and switch it back to join

the
network.

Thanks pAc

Well then, the first thing to check would be the DNS
settings on the machine NIC->IP.

This should be STRICTLY the internal DNS servers
for your network.

Show us your IPConfig /all from the DC, and from
the affected workstation. (Paste the text into a message,
do not type it nor use a graphic image.)

 

[Guest]

If I IPConfig/all at prompt how do I get it from there to here so you can
look at it. I can't copy and paste from the prompt. Is there a way to get
the settings and paste it here via notepad or other?

Herb, I did an IPConfig on the station and see something odd that I don't see
on the other stations.
Primary Suffix "Domain.net"
Node Type "Hybrid"

All stations should have their domain name
set in System Control Panel.

But under
DNS Suffix Search List it shows two domains. Each are the domain I am
trying to connect with. The first is spelled correctly but the second is
spelled incorrectly.

Then you should correct it, but suffix lists beyond
the machine name are merely a convenience for the
user (don't need to type full names.)

Multiples or a suffix that is the same as the machines
domain name is worthless (actually slows the machine
slightly sometimes.)

I did not see this duplication on the other stations.
The other stations only show one DNS Suffix Search with the correctly spelled
Domain?

You mentioned netdiag/fx. Is this done from the server and should I have
everyone out prior to doing anything from the server as not to effect the
work being done by others?

NetDiag can also be done on clients. DCDiag only
makes sense when performed on the DC.

I cannot help you unless I can see the output.

Thanks, Paul

You should fix you DNS which is likely the problem.


--
DNS for AD
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) If you have more than one Domain, every DNS server must
be able to resolve ALL domains (either directly or indirectly)

netdiag /fix

....or maybe:

dcdiag /fix

(Win2003 can do this from Support tools):
nltest /dsregdns /serverC-ServerNameGoesHere
http://support.microsoft.com/kb/q260371/

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.

Single Label domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]


--
Herb Martin


And then some. Trying to answer before asked. Pinging the server address
from the workstation works fine. I do see a message when looked up on the
server that I am sure is related : Events Viewer: Because of repeated
network
problems time service has not been able to find a domain controller to
sinc
with. The service will wait 960 minutes before trying again. No syncs
will
take place during.


:

Also, on the system/station in question I have no problems mapping
network
drives so we can access files on the server. The ultimate goal is to be
able
to rejoin the network so at next login the user can log in to the domain
and
have his/her local files back. It is currently set on workstation and
clearly because it is not domain the logon is only local access for
Admin.
hmmm.

:

Thanks Herb, before I get into "who" "where" lol. I have done some
reading
and none of probably has anything to do with nothing. I am logged
into the
station locally as Admin. From there I changed the connection from
Domain to
workgroup to correct a previous problem. Now that I am trying to
switch back
to Domain do you think the problem it doesn't recognize the domain is
because
I am logged in locally and under Admin. Admin is not a listed user on
the
network: well not this local one? In the meantime. Your request, can
they
be more specific for I am a beancounter and not much of a bite
counter. I
can tell your that this particular workstation along with the other 10
have
"Obtain IP Address Automatically".

:

A brief history and thanks to those that helped. I accidently
(very
tired)
deleted a users computer from the server. I eventually
bypassed/reset the
local admin password and got back into the station. I unjoined
the
station
and reboot. I am now trying to rejoin the station to re-establish
the
connection to the server but get an error message:

The following Error occurred validating "our domain" (which is
correctly
typed and used on other stations) The condition may be caused by
a DNS
Lookup. Keeping in mind that I did switch from this exact setting
as
domain
to workgroup in attempt to reboot and switch it back to join the
network.
Thanks pAc

Well then, the first thing to check would be the DNS
settings on the machine NIC->IP.

This should be STRICTLY the internal DNS servers
for your network.

Show us your IPConfig /all from the DC, and from
the affected workstation. (Paste the text into a message,
do not type it nor use a graphic image.)

 

[Phillip Windell]

The mouse will work with it.

1. Select the text with the mouse.
2. Hit the enter key. This pastes it to the clipboard.
3. Crtl-V will paste it into the message at the cursor location.


--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

If I IPConfig/all at prompt how do I get it from there to here so you can
look at it. I can't copy and paste from the prompt. Is there a way to get
the settings and paste it here via notepad or other?

Herb, I did an IPConfig on the station and see something odd that I

don't
see

on the other stations.
Primary Suffix "Domain.net"
Node Type "Hybrid"

All stations should have their domain name
set in System Control Panel.

But under
DNS Suffix Search List it shows two domains. Each are the domain I am
trying to connect with. The first is spelled correctly but the second is
spelled incorrectly.

Then you should correct it, but suffix lists beyond
the machine name are merely a convenience for the
user (don't need to type full names.)

Multiples or a suffix that is the same as the machines
domain name is worthless (actually slows the machine
slightly sometimes.)

I did not see this duplication on the other stations.
The other stations only show one DNS Suffix Search with the correctly spelled
Domain?

You mentioned netdiag/fx. Is this done from the server and should I have
everyone out prior to doing anything from the server as not to effect the
work being done by others?

NetDiag can also be done on clients. DCDiag only
makes sense when performed on the DC.

I cannot help you unless I can see the output.

Thanks, Paul

:

You should fix you DNS which is likely the problem.


--
DNS for AD
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) If you have more than one Domain, every DNS server must
be able to resolve ALL domains (either directly or indirectly)

netdiag /fix

....or maybe:

dcdiag /fix

(Win2003 can do this from Support tools):
nltest /dsregdns /serverC-ServerNameGoesHere
http://support.microsoft.com/kb/q260371/

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.

Single Label domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]


--
Herb Martin


And then some. Trying to answer before asked. Pinging the server address
from the workstation works fine. I do see a message when looked

up on
the

server that I am sure is related : Events Viewer: Because of repeated
network
problems time service has not been able to find a domain controller to
sinc
with. The service will wait 960 minutes before trying again. No syncs
will
take place during.


:

Also, on the system/station in question I have no problems mapping
network
drives so we can access files on the server. The ultimate goal

is
to be

able
to rejoin the network so at next login the user can log in to

the
domain

and
have his/her local files back. It is currently set on

workstation
and

clearly because it is not domain the logon is only local access for
Admin.
hmmm.

:

Thanks Herb, before I get into "who" "where" lol. I have done some
reading
and none of probably has anything to do with nothing. I am logged
into the
station locally as Admin. From there I changed the connection from
Domain to
workgroup to correct a previous problem. Now that I am trying to
switch back
to Domain do you think the problem it doesn't recognize the

domain
is

because
I am logged in locally and under Admin. Admin is not a listed user on
the
network: well not this local one? In the meantime. Your

request,
can

they
be more specific for I am a beancounter and not much of a bite
counter. I
can tell your that this particular workstation along with the other 10
have
"Obtain IP Address Automatically".

:

A brief history and thanks to those that helped. I accidently
(very
tired)
deleted a users computer from the server. I eventually
bypassed/reset the
local admin password and got back into the station. I unjoined
the
station
and reboot. I am now trying to rejoin the station to re-establish
the
connection to the server but get an error message:

The following Error occurred validating "our domain" (which is
correctly
typed and used on other stations) The condition may be

caused
by

a DNS
Lookup. Keeping in mind that I did switch from this exact setting
as
domain
to workgroup in attempt to reboot and switch it back to

join
the

network.
Thanks pAc

Well then, the first thing to check would be the DNS
settings on the machine NIC->IP.

This should be STRICTLY the internal DNS servers
for your network.

Show us your IPConfig /all from the DC, and from
the affected workstation. (Paste the text into a message,
do not type it nor use a graphic image.)

 

[Herb Martin]

If I IPConfig/all at prompt how do I get it from there to here so you can
look at it. I can't copy and paste from the prompt. Is there a way to get
the settings and paste it here via notepad or other?

Either by redirecting to a file >config.txt
or by using the marking in the command propt.

Alt-Space -> Edit -> Mark (then the same for Copy),
but I prefer to set the properties of all of my command
prompt shortcuts to allow for "QuickEdit".

With QuickEdit enabled, the mouse can be used to Mark
(in a natural manner) and Right Click with a block marked
copies it to the clipboard for pasting.


Also note, that for commands that send (some) output to
"StdError" (instead of StdOutput) you will have trouble
with the "redirection" method using the greater than sign.

Xcopy and NSlookup are examples of this (I am sure for
Xcopy, pretty sure for NSLookup). The following fixes
such problems:

xcopy Source Destination >result.txt 2>&1

The order of the two redirection elements (">") IS
CRITICAL. First send the Standard output to the file,
then the Error output to the 'same place'. Even if it
doesn't make logical sense, that is the way it is done.