W2K3: Domain not reachable via DNS-name

G

Gross, Michael

Hi,

at the moment I'm confronted with some very strange events in an Active
Directory forest.

The affected forest contains only one domain - the forest root domain.
It's the domain for one site with approx. 20 users with Windows XP SP1
Clients. Forest and domain are working in Windows 2003 native mode.

The problem is strange: Within the local network no workstation is able
to connect to the domain via its DNS-Name. However, resolving the domain
via its NetBIOS name works correctly.

Example: While using Microsoft's tool nltest to test connectivity to the
domain via it's DNS Name I'll get the following result:

DsGetDcName failed: Status = 1355 0x54b ERROR_NO_SUCH_DOMAIN

But using nltest /dsgetdc with the domain's NetBios name works still
accurate.

Due to these facts, I'm not able to take a workstaton in the domain via
it's DNS-Name. Further on, everytime a workstation that's member of the
domain starts, event id 15 from AutoEnrollment is logged. This message
says that Active Directory can't be reached.

Meanwhile I've done a lot of debugging to get rid of this problem:

- of course, all workstations are using the local DNS Server
- all SRV entries in DNS are correct
- the DC also is registred with the correct IP-address in the DNS server
(forward and reverese!)
- I'm able to ping the domain's DNS-Name and resolve it with nslookup
- already deleted the zone and created it new, even I've re-installed
the DNS-Server
- there are _no_ errors in the DC's event log
- cleared DNS-Cache on the server and the clients.

By the way, there is another strange problem: All workstatons in the
domain are registered as Windows NT 4.0 workstations in the properties
of the computer account on the domain controller. All workstations
should be Windows XP SP1.

I've _no_ idea what to do anymore. Withal, eventid.net has no real
resolution for the AutoEnrollment problem.

Any ideas?
Thanks,
Michael
 
C

Chriss3 [MVP]

Sounds very wired that they are listed as NT4.0 Computers in the directory,
has theses computers been upgraded from NT4.0?

--
Regards
Christoffer Andersson
Microsoft MVP - Directory Services

No email replies please - reply in the newsgroup
 
G

Gross, Michael

Hi,
Sounds very wired that they are listed as NT4.0 Computers in the
directory, has theses computers been upgraded from NT4.0?
Click to expand...

no. They became a clean install of Windows XP SP1.

Regards,
Michael
 
T

Tony Eversole

Install the W2k3 Support Tools and run dcdiag and netdiag and look for errors there for starters.

--
Tony Eversole MCSE, MCSA, Net+, A+
Hi,

at the moment I'm confronted with some very strange events in an Active
Directory forest.

The affected forest contains only one domain - the forest root domain.
It's the domain for one site with approx. 20 users with Windows XP SP1
Clients. Forest and domain are working in Windows 2003 native mode.

The problem is strange: Within the local network no workstation is able
to connect to the domain via its DNS-Name. However, resolving the domain
via its NetBIOS name works correctly.

Example: While using Microsoft's tool nltest to test connectivity to the
domain via it's DNS Name I'll get the following result:

DsGetDcName failed: Status = 1355 0x54b ERROR_NO_SUCH_DOMAIN

But using nltest /dsgetdc with the domain's NetBios name works still
accurate.

Due to these facts, I'm not able to take a workstaton in the domain via
it's DNS-Name. Further on, everytime a workstation that's member of the
domain starts, event id 15 from AutoEnrollment is logged. This message
says that Active Directory can't be reached.

Meanwhile I've done a lot of debugging to get rid of this problem:

- of course, all workstations are using the local DNS Server
- all SRV entries in DNS are correct
- the DC also is registred with the correct IP-address in the DNS server
(forward and reverese!)
- I'm able to ping the domain's DNS-Name and resolve it with nslookup
- already deleted the zone and created it new, even I've re-installed
the DNS-Server
- there are _no_ errors in the DC's event log
- cleared DNS-Cache on the server and the clients.

By the way, there is another strange problem: All workstatons in the
domain are registered as Windows NT 4.0 workstations in the properties
of the computer account on the domain controller. All workstations
should be Windows XP SP1.

I've _no_ idea what to do anymore. Withal, eventid.net has no real
resolution for the AutoEnrollment problem.

Any ideas?
Thanks,
Michael
 
G

Gross, Michael

Tony said:
Install the W2k3 Support Tools and run dcdiag and netdiag and look
for errors there for starters.
Click to expand...

Already done. No Errors at all. Nether on the clients nor on the DC.
 
G

Gregmaxkowal

*Hi,

at the moment I'm confronted with some very strange events in an
Active
Directory forest.

The affected forest contains only one domain - the forest root
domain.
It's the domain for one site with approx. 20 users with Windows XP
SP1
Clients. Forest and domain are working in Windows 2003 native mode.

The problem is strange: Within the local network no workstation is
able
to connect to the domain via its DNS-Name. However, resolving the
domain
via its NetBIOS name works correctly.

Example: While using Microsoft's tool nltest to test connectivity to
the
domain via it's DNS Name I'll get the following result:

DsGetDcName failed: Status = 1355 0x54b ERROR_NO_SUCH_DOMAIN

But using nltest /dsgetdc with the domain's NetBios name works still
accurate.

Due to these facts, I'm not able to take a workstaton in the domain
via
it's DNS-Name. Further on, everytime a workstation that's member of
the
domain starts, event id 15 from AutoEnrollment is logged. This
message
says that Active Directory can't be reached.

Meanwhile I've done a lot of debugging to get rid of this problem:

- of course, all workstations are using the local DNS Server
- all SRV entries in DNS are correct
- the DC also is registred with the correct IP-address in the DNS
server
(forward and reverese!)
- I'm able to ping the domain's DNS-Name and resolve it with
nslookup
- already deleted the zone and created it new, even I've
re-installed
the DNS-Server
- there are _no_ errors in the DC's event log
- cleared DNS-Cache on the server and the clients.

By the way, there is another strange problem: All workstatons in the
domain are registered as Windows NT 4.0 workstations in the
properties
of the computer account on the domain controller. All workstations
should be Windows XP SP1.

I've _no_ idea what to do anymore. Withal, eventid.net has no real
resolution for the AutoEnrollment problem.

Any ideas?
Thanks,
Michael *
Click to expand...

Michael,

I am having exactly the same issues that you are describing.
Did you manage to resolve it in the end, and if so, what was the
solution?

Kind regards,

Greg
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Cannot join Windows XP SP2 PC to 2000 Domain 1
AD/DNS Issue 6
Domain name on install 17
No access to Win2003 domain 0
DNS-Urgent-Help -Please 2
DNS Problems 1
Trust Relationships with single label DNS name 1
ADMT and Identical DNS Domain Name 1

Top