Single-label domain question

[Guest]

I have done alot of reading on single-label domains this morning as i am
tracking a 1054 userenv error with 5719 netlogon errors. I am posting here
to see if i can have a question answered:

Our domain name is partsfortrucks.com, when our clients join/logon to the
domain we just put in 'pft'. Does this constitute a single-label domain? And
if not, is this going to cause similar effects.

An ipconfig on any client in the domain show the primary DNS Suffix as
partsfortrucks.com.
our outside internet name is the same as our inside (b4 my time here)

W2K SP4 domain. mix of NT, 2K Pro and XP clients.
AD Integrated DNS

Just curious, as I am new to the AD DNS topics and very interested.

 

[Herb Martin]

I have done alot of reading on single-label domains this morning as i am
tracking a 1054 userenv error with 5719 netlogon errors. I am posting here
to see if i can have a question answered:

Our domain name is partsfortrucks.com, when our clients join/logon to the
domain we just put in 'pft'. Does this constitute a single-label domain? And
if not, is this going to cause similar effects.

If you Domain name is partsfortrucks.com then this is a
TWO label domain name "partsfortrucks" and "com".

If you are using the NetBIOS name for logon then that is
irrelevant to the two label DNS name. (It is a BIT unusual
but certainly legal for you to have a different NetBIOS name
than the main portion of your DNS Name ptf ~ partsfortrucks

An ipconfig on any client in the domain show the primary DNS Suffix as
partsfortrucks.com.

It is really the DOMAIN name that matters -- but that
primary suffix SHOULD MATCH the actual domain name.

What is the name in AD Users/Computer and of your DNS zone?

If it is partsfortrucks.com then you have a two-label domain
name.

our outside internet name is the same as our inside (b4 my time here)

Irrelevant except that it is practically impossible for you to
have a public DNS name that is single label so if they are
the same you do NOT have a single label name.

W2K SP4 domain. mix of NT, 2K Pro and XP clients.
AD Integrated DNS

Just curious, as I am new to the AD DNS topics and very interested.

DNS for AD (General checklist):

1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) If you have more than one Domain, every DNS server must
be able to resolve ALL domains (either directly or indirectly)

netdiag /fix

....or maybe:

dcdiag /fix

(Win2003 can do this from Support tools):
nltest /dsregdns /serverC-ServerNameGoesHere
http://support.microsoft.com/kb/q260371/

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.

Single Label domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]

 

[Kevin D. Goodknecht Sr. [MVP]]

In

I have done alot of reading on single-label domains this
morning as i am tracking a 1054 userenv error with 5719
netlogon errors. I am posting here to see if i can have
a question answered: http://www.eventid.net/display.asp?eventid=1054&eventno=1393&source=Userenv&phase=1

http://www.eventid.net/display.asp?eventid=5719&eventno=104&source=NETLOGON&phase=1



Our domain name is partsfortrucks.com, when our clients
join/logon to the domain we just put in 'pft'. Does this
constitute a single-label domain?

No.

And if not, is this

going to cause similar effects.

The NetBIOS name is usually a single-label name. As long as the DNS name as
seen in ADU&C is a multi-label name that matches the Primary DNS suffix of
the DC and the zone name in DNS there should be no problem.

An ipconfig on any client in the domain show the primary
DNS Suffix as partsfortrucks.com.
our outside internet name is the same as our inside (b4
my time here)

The fact that the external name is the same as the internal name make it
impossible for the internal DNS to resolve names from the external DNS for
the name without adding records or delegations for those names to the
internal DNS. You are further hampered in the fact that for all domain
members the domain name must resolve to the IP address on all DCs for which
file sharing is enabled on. This allows access to the SYSVOL DFS share at
\\partsfortrucks.com\SYSVOL if the domain name does not resolve to the DCs
address you will see USERENV errors.
You can also see these USERENV errors if the DC is multi-homed and the
internal interface that has file sharing enabled is not at the top of the
binding order or if one or more of the required services are disabled.

A useful tool for diagnosing errors a Netdiag and Dcdiag from the server
support tools on the CD. We can help you diagnose these if you post the
following information:
ipconfig /all
Domain name from ADU&C
List of forward lookup zone names in DNS
results from a 'net start' command (without the quotes)
results from Netdiag /v and dcdiag /v will give a lot of help.

 

[Guest]

Wow, thanks to both of you for your responses.
The name of my dns zone is partsfortrucks.com.

Yes, I am getting userenv errors, also getting netlogon errors which map to
1-3 seconds before each userenv error. checked network connectivity can ping
the DC/dns server by name and by host. (from client to server and vice versa).

When i run a netdiag from both client and DC i get the following error:
'The procedure entry point DnsGetPrimaryDomainName_UTP8 could not be located
in the Dynamic Link Library dnsapi.dll'

ipconfig /all:

Connection-specific DNS Suffix . : partsfortrucks.com
Description . . . . . . . . . . . : Linksys Wireless-G PCI Adapter
with
SpeedBooster
Physical Address. . . . . . . . . : 00-0F-66-1C-66-35
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.1.0.118
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.1.0.254
DHCP Server . . . . . . . . . . . : 192.1.0.200
DNS Servers . . . . . . . . . . . : 192.1.0.4
192.1.0.200
Primary WINS Server . . . . . . . : 192.1.0.200
Lease Obtained. . . . . . . . . . : Thursday, March 24, 2005 8:09:52
AM
Lease Expires . . . . . . . . . . : Sunday, March 27, 2005 8:09:52 AM

Domain Name from ADU&C:
partsfortrucks.com

Only one forward lookup zone name:
partsfortrucks.com

What will 'netstart' do?

Netdiag does not function.

Thank-you again guys!


When researching a bit on this error i stumbled across the 'single-label'
issue which someone suggected that this may be the cause.

 

[Herb Martin]

Is your DNS/domain name set in System Control Panel?

It really should be set there -- especially for DCs. (Not
just on the NICs as "connection specific" -- in fact, if
properly set in the System CP it probably does NOT
need to be set on the NIC for most machines.)

You may get errors if you machine doesn't know it's
"own domain name" in System CP->Computer Name
tab (on modern machines.)

You may get errors due to missing a reverse zone --these
are not a serious problem, but can be easily fixed by
creating the proper reverse zone and making it dynamic
as well (Machines try to register both forward and reverse.)

BTW: It is very odd that you are not using LOCALLY
ADMINISTERED (private) address ranges:

IP Address. . . . . . . . . . . . : 192.1.0.118

It is doubtful that you 'own' the above (192.1.0.x) network.

A better choice would be 192.168.0.x, but this is not likely
a part of the problem you are reporting.

What firewalls (including computer/personal ones) are you
running?

 

[Kevin D. Goodknecht Sr. [MVP]]

In

Wow, thanks to both of you for your responses.
The name of my dns zone is partsfortrucks.com.

Yes, I am getting userenv errors, also getting netlogon
errors which map to
1-3 seconds before each userenv error. checked network
connectivity can ping
the DC/dns server by name and by host. (from client to
server and vice versa).

When i run a netdiag from both client and DC i get the
following error:
'The procedure entry point DnsGetPrimaryDomainName_UTP8
could not be located
in the Dynamic Link Library dnsapi.dll'

I'm not sure what this error means but wel will try to work around it for
now.
I should have sais unedited ipconfig /all, important parts of this is
missing.

Please post the full unedited ipconfig /all
That said, where are these DNS servers?
This is for the DC isn't it?
DNS is recommended to be run on a DC because only on a DC can you get secure
updates only on the DNS zone (When Active Directory integrated)

ipconfig /all:

Connection-specific DNS Suffix . : partsfortrucks.com
Description . . . . . . . . . . . : Linksys
Wireless-G PCI Adapter
with
SpeedBooster
Physical Address. . . . . . . . . :
00-0F-66-1C-66-35
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.1.0.118
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.1.0.254
DHCP Server . . . . . . . . . . . : 192.1.0.200
DNS Servers . . . . . . . . . . . : 192.1.0.4
192.1.0.200
Primary WINS Server . . . . . . . : 192.1.0.200
Lease Obtained. . . . . . . . . . : Thursday,
March 24, 2005 8:09:52
AM
Lease Expires . . . . . . . . . . : Sunday, March
27, 2005 8:09:52 AM

Domain Name from ADU&C:
partsfortrucks.com

Only one forward lookup zone name:
partsfortrucks.com

What will 'netstart' do?

The command is net start with a space, it will show the list of running
services.

When researching a bit on this error i stumbled across
the 'single-label'
issue which someone suggected that this may be the cause.

This does n't appear to be a single-label domain, it may be disjointed but I
need to see the full ipconfig /all
I'll also repeat what Herb posted, you are aware this is a public IP address
range you are using which may be part of the problem. It belongs to BBN
Communications.
http://www.dnsstuff.com/tools/whois.ch?ip=192.1.0.4