Registration DNS server unable to interpret format

M

mark

I posted this question in microsoft.public.win2000.dns
yesterday, and thought I should ask the readers of this group
if they have any insight:

Please read this message all the way through before replying. I
know the error message I'm quoting is a common problem when DNS
isn't configured properly, but I've investigated that angle and
I suspect I've got a different sort of problem here.


I've got one Windows 2000 DC in our environment that repeatedly
logs the following error:


----------
Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5774
Date: 28/02/2005
Time: 08:53:23
User: N/A
Computer: DCSERVERNAME
Description:
Registration of the DNS record '_ldap._tcp. ._sites.europe.domain.com.
600 IN SRV 0 100 389 DCSERVERNAME.europe.domain.com.' failed with the
following error:
DNS server unable to interpret format.
Data:
0000: 29 23 00 00 )#..
----------


There are also errors registering similar records for _kerberos
and _gc.


I have verified that the DNS servers and zones referenced in this
server's IP config are configured to allow updates (secure only).
Other servers including DCs register their records with these DNS
servers without error. I have reviewed Microsoft articles 266054 &
259277.


It seems as if this DC is trying to register using an invalid
value for the site name. Note in the error message the repeated
periods between _tcp and _sites. This is where the site name
should go, but the error shows a blank space.


I've verified that the server is in the correct site from AD
Sites and Services.


The _ldap, _kerberos, and _gc SRV records do exist in DNS in the
correct site path. They have a date/time stamp from two days ago,
but this error has been logged for months.


Any ideas on this mystery? This server is current SP3, and I was
preparing to install SP4 when I discovered these errors. I was
considering moving the server to a different site and then back,
because I'm leaning towards the theory that the server doesn't
have its own site information configured properly. However I
wanted to check for advice before trying that.


Thanks!
/mark
 
H

Herb Martin

Any ideas on this mystery? This server is current SP3, and I was
preparing to install SP4 when I discovered these errors. I was
considering moving the server to a different site and then back,
because I'm leaning towards the theory that the server doesn't
have its own site information configured properly. However I
wanted to check for advice before trying that.
Click to expand...

I would try DCDiag as a first step -- certainly
on the affective DC and perhaps the others.

There is a good chance you have changed the
Sites and Services (at some point) but that it
didn't replicate fully.


netdiag /fix

....or maybe:

dcdiag /fix


Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.
 
P

ptwilliams

Moving the server to another site seems like a good idea. But create an
overlapping site and then delete the old one.

I'd also be tempted to delete the _msdcs sub-domain too. But this will
depend on the size of your environment. If you've a small environment, this
is more than doable; if you've a large environment, it's probably not such a
good idea ;-)

So, create a new site and link the subnet to this site and then delete the
old site.
Restart netlogon to repopulate the new site information.


--

Paul Williams

http://www.msresource.net/
http://forums.msresource.net/

I posted this question in microsoft.public.win2000.dns
yesterday, and thought I should ask the readers of this group
if they have any insight:

Please read this message all the way through before replying. I
know the error message I'm quoting is a common problem when DNS
isn't configured properly, but I've investigated that angle and
I suspect I've got a different sort of problem here.


I've got one Windows 2000 DC in our environment that repeatedly
logs the following error:


----------
Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5774
Date: 28/02/2005
Time: 08:53:23
User: N/A
Computer: DCSERVERNAME
Description:
Registration of the DNS record '_ldap._tcp. ._sites.europe.domain.com.
600 IN SRV 0 100 389 DCSERVERNAME.europe.domain.com.' failed with the
following error:
DNS server unable to interpret format.
Data:
0000: 29 23 00 00 )#..
----------


There are also errors registering similar records for _kerberos
and _gc.


I have verified that the DNS servers and zones referenced in this
server's IP config are configured to allow updates (secure only).
Other servers including DCs register their records with these DNS
servers without error. I have reviewed Microsoft articles 266054 &
259277.


It seems as if this DC is trying to register using an invalid
value for the site name. Note in the error message the repeated
periods between _tcp and _sites. This is where the site name
should go, but the error shows a blank space.


I've verified that the server is in the correct site from AD
Sites and Services.


The _ldap, _kerberos, and _gc SRV records do exist in DNS in the
correct site path. They have a date/time stamp from two days ago,
but this error has been logged for months.


Any ideas on this mystery? This server is current SP3, and I was
preparing to install SP4 when I discovered these errors. I was
considering moving the server to a different site and then back,
because I'm leaning towards the theory that the server doesn't
have its own site information configured properly. However I
wanted to check for advice before trying that.


Thanks!
/mark
 
M

mark

I've run DCDIAG and NETDIAG /fix. DCDIAG didn't have
any complaints other than noticing the errors in the
event log I've already mentioned. NETDIAG had the
follow when I used the /FIX parameter:

-------------------------
DNS test . . . . . . . . . . . . . : Failed
[FATAL] Failed to fix: DC DNS entry _ldap._tcp. re-registeration on
DNS server '192.116.103.32' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry _gc._tcp. re-registeration on
DNS server '192.116.103.32' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry _ldap._tcp. re-registeration on
DNS server '192.116.103.32' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry _kerberos._tcp.
re-registeration on DNS server '192.116.103.32' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry _ldap._tcp. re-registeration on
DNS server '192.116.103.32' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry _kerberos._tcp.
re-registeration on DNS server '192.116.103.32' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Fix Failed: netdiag failed to re-register missing DNS
entries for this DC on DNS server '192.116.103.32'.
[FATAL] No DNS servers have the DNS records for this DC registered.
----------------------------------

These are all the same problem that generates the
errors in the event logs. There were no other FAIL
errors in the NETDIAG results. There were no
replication related errors mentioned by NETDIAG or
DCDIAG, and the Directory Service event log is clean.

I also happened to check the netlogon.dns file that
the netlogon service generates. It also lists the
bogus entries with "_ldap._tcp. ._sites.dc" and other
dot-space-dot addresses missing the site name.

This is not a small environment, and the DC in
question is in a site with other DCs, servers
including Exchange, and many many users, so I would
not try the new site strategy including reassigning
subnets etc. Rebuilding this DC would involve less
risk, not that I'm anxious to do that either.

I had originally envisioned the following process:
Use AD Sites and Services MOVE command to move the server to another site
Allow replication to complete
Restart Netlogon service on this DC
Use AD Sites and Services MOVE command to move
Click to expand...
the server back to its intended site.
Do you think this process might help?

There is no separate _msdcs sub-domain dns zone
because this is Windows 2000, not 2003.

Thank you both for your help so far, any other
ideas?
/mark
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Registration DNS server unable to interpret format 1
Invalid DNS entries in Netlogon.dns 1
SRV Records 1
Cannot recreate Active Directory records within Forward Lookup Zone 1
Active Directory + dns = Error 2
AD & BIND: domain listing is slow 3
DNS, DCDiag and Netdiag errors in a Single-label domain 2
DNS Nightmare - Can't create forward zone 28

Top