AD is not writing required DNS records to DNS

[GVEC.net Webmaster]

My active directory seems to be up and running, but it doesnt pass the test
for DNS and doesn't allow me to do a admt password migration (due to dns
issues). I have DNS running on the same server and it automatically receives
soa, ns, and an a record for the computer name, but that's it. I've tried
both standard (with dynamic updates enabled) and active directory zones.
Here is the result of pertinent dcdiag tests. Any ides? Thanks

C:\Documents and Settings\Administrator>dcdiag /test:registerindns
/dnsdomainl
dgvec.net /v
Starting test: RegisterInDNS
DNS configuration is sufficient to allow this domain controller to
dynamically register the domain controller Locator records in DNS.

The DNS configuration is sufficient to allow this computer to
dynamically
register the A record corresponding to its DNS name.

......................... GVECWebServer passed test RegisterInDNS

C:\Documents and Settings\Administrator>dcdiag /test:connectivity

Domain Controller Diagnosis

Performing initial setup:
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\GVECWEBSERVER
Starting test: Connectivity
2084a322-47c4-4ee0-95d0-7f580e484444._msdcs.oldgvec.net's server
GUID D
NS name could not be resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(2084a322-47c4-4ee0-95d0-7f580e484444._msdcs.oldgvec.net) couldn't
be
resolved, the server name (GVECWebServer.oldgvec.net) resolved to
the
IP address (192.168.64.250) and was pingable. Check that the IP
address is registered correctly with the DNS server.
......................... GVECWEBSERVER failed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\GVECWEBSERVER

Running enterprise tests on : oldgvec.net

 

[ptwilliams]

To start with, try running netdiag /fix on GVECWebServer.

Although I prefer to point the DCs at a common DNS server, restart netlogon
on the DCs then use replmon to push and/ or pull replication as necessary.
Once replication is complete, and DNS is updated, you can switch the DCs
back to pointing at what they were -unless of course that's not an internal
DNS server in which case you need to rethink about where they point.

Also, use AD-Integrated zones --much better than standard.

 

[Herb Martin]

My active directory seems to be up and running, but it doesnt pass the test
for DNS and doesn't allow me to do a admt password migration (due to dns
issues). I have DNS running on the same server and it automatically receives
soa, ns, and an a record for the computer name, but that's it. I've tried
both standard (with dynamic updates enabled) and active directory zones.
Here is the result of pertinent dcdiag tests. Any ides? Thanks

Although the following suggests the DCDiag command
that you are already using there is more in this that might
help you:


DNS for AD
1) Dynamic for the zone supporting AD
2) All internal DNS clients NIC\IP properties must specify SOLELY
that internal, dynamic DNS server (set.)
3) DCs and even DNS servers are DNS clients too -- see #2
4) If you have more than one Domain, every DNS server must
be able to resolve ALL domains (either directly or indirectly)

netdiag /fix

....or maybe:

dcdiag /fix

(Win2003 can do this from Support tools):
nltest /dsregdns /serverC-ServerNameGoesHere
http://support.microsoft.com/kb/q260371/

Ensure that DNS zones/domains are fully replicated to all DNS
servers for that (internal) zone/domain.

Also useful may be running DCDiag on each DC, sending the
output to a text file, and searching for FAIL, ERROR, WARN.

Single Label domain zone names are a problem Google:
[ "SINGLE LABEL" domain names DNS 2000 | 2003 microsoft: ]

 

[Brandon McCombs]

My active directory seems to be up and running, but it doesnt pass the test
for DNS and doesn't allow me to do a admt password migration (due to dns
issues). I have DNS running on the same server and it automatically receives
soa, ns, and an a record for the computer name, but that's it. I've tried
both standard (with dynamic updates enabled) and active directory zones.
Here is the result of pertinent dcdiag tests. Any ides? Thanks

C:\Documents and Settings\Administrator>dcdiag /test:registerindns
/dnsdomainl
dgvec.net /v
Starting test: RegisterInDNS
DNS configuration is sufficient to allow this domain controller to
dynamically register the domain controller Locator records in DNS.

The DNS configuration is sufficient to allow this computer to
dynamically
register the A record corresponding to its DNS name.

......................... GVECWebServer passed test RegisterInDNS

C:\Documents and Settings\Administrator>dcdiag /test:connectivity

Domain Controller Diagnosis

Performing initial setup:
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\GVECWEBSERVER
Starting test: Connectivity
2084a322-47c4-4ee0-95d0-7f580e484444._msdcs.oldgvec.net's server
GUID D
NS name could not be resolved to an

well, the problem is pretty clear. You are missing a DNS entry. You need to
add the above record as a service record to your DNS configuration. The above
alphanumerica string is the GUID of the domain controller and must be an entry
within DNS. Fix that and you will at least get past the current error.

 

[GVEC.net Webmaster]

netdiag /fix took care of it. Thanks a bunch.