Active Directory and no _msdcs in DNS - Help Please

K

Keeper

Dear Group,

I'll try this fast and simple first.

I've set up two networks recently. The first one running a Windows
2000 server and another one running a Windows 2003 server.

The Windows 2000 domain hasn't any known problems with DNS. All of
the AD integration seems to be in place. Under the forward lookup
zone one their's the _msdcs, _sites, _tcp, and _udp records.

In the 2003 domain, their is only the forward lookup zone. It looks
like it's not even AD integrated, but it is. AD cannot communicate
with DNS. The dcdiag.exe tool claims that it cannot resolve the
servers GUID to an IP address. This is because it's not there.

The only differences between the two are that the 2000 domain has a
subdomain to help protect AD from the outside. The 2003 has just the
one primary domain.

Anybody got any ideas? I thought that first I would manually put the
entry's in. The other is to uninstall AD and reinstall. This is
painfull also and hopefully not necessary. I'm mostly curious as to
how this has happened.

Thanks,

Keeper
 
M

Matjaz Ladava [MVP]

Is the dynamic update enabled on the zone in WS2k3 DNS ? Do you have any
entries in DNS event log ? Is your WS2k3 server pointing to its own DNS
server ? Are this two domains in the separete forests (Win 2000 and 2003).

--
Regards

Matjaz Ladava, MCSE, MCSA, MCT, MVP
Microsoft MVP - Active Directory
(e-mail address removed), (e-mail address removed)
http://ladava.com
 
K

Keeper

matjaz,

Dynamic update is enabled. I have it set for "secure updates only" in
the zone properties.

I've cleared the event log about a week ago. During this past week
I've only received DNS started and DNS shutdown messages. I was
having event id: 4004 errors on a couple of occasions before. As I
recall, this was an error stating that Active Directory couldn't
communicate with the DNS service. One of the reasons for this may be
that the AD was starting before the DNS service. But I later learned
from running "DCDIAG.EXE" that I'm missing crucial AD DNS entries.
ie:_MSDC, _Sites, etc...

My reason for mentioning both domains was that I've managed to do
something right in the 2000 domain and something wrong in the 2003
domain. It was only to show that I've done it correctly at least once
and to enphasize that I'm running a 2003 domain. These two domains
don't communicate with each other in any way.

You can also see my messages and reply's in
microsoft.public.win2000.dns. A gentleman by that name of Kevin has
been trying to help. I appreciate anything that you can do for me.
If I can't get it fixed by the end of the week I'll have to reinstall
and reconfigure my server. I'd rather find out why it's broke so I
don't repeat my mistakes.

Thanks again,

Keeper
 
K

Keeper

matjaz,

Thanks again but I think I fixed it. I deleted the zone and recreated
it. I stopped and started the netlogon service and fixed! I also did
a ipconfig /flushdns but I don't think that this did anything.

Keeper
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

DNS and Active Directory 8
No _msdcs or any other AD DNS entries 7
DNS on Active Directory 3
Active Directory/DNS issue 2
missing _msdcs, _sites, _tcp, _udp 8
Forest Trusts and DNS 3
domain.local for Windows 2003 Active Directory 2
How do GC's register _MSDCS info in the DNS root from a child doma 5

Top