In
Jason88 said:
Thanks Ace.
I do have a single label name(e.g.,mydomain, not
mydomain.com), but now my 2nd Windows 2000 server can ping
FirstServer.mydomain without problem. Root zone deleted.
And one more thing, what do you mean the SRV record in the
zone? Do I need to start the DNS in the 2nd Windows 2000
server?
Jason
Hi Jason,
Unfortunate for the single label name. Recommend a reinstall with a new
proper name. Depending on your scenario, it either could be easy or
difficult.
THe SRV records are those funky looking folders that the netlogon service
creates in your DNS zone. They are:
_msdcs
_sites
_tcp
_udp
If they don;t exist, well, AD will malfunction and pretty much come to a
stand still.
Here's more info on single label names and how to "bandaid" it until you
come up with a resolve on how to rename it:
http://support.microsoft.com/?id=300684
Here's a post I made a few days ago for someone else suggesting ways to
rename. Read thru the whole conversation and you can see what you're facing
(unfortunately)...
Repost...
============================================
continued.....
This is a common problem lately. Many posts on it. Recently (yesterday) I
posted something similar that will apply to you. I copied/pasted it below.
Yes, The DC is Windows Server 2000 SP4.
And, yes, the computer in question is the only one having this issue.
And, no, when I ping our domain I get "Unknown host"
C:\>ping CREDENTALS
Unknown host CREDENTALS.
I have entered the two registry entries that were suggested in
http://support.microsoft.com/default.aspx?scid=kb;en-us;300684&FR=1
in the DC now, although I have not had a chance to reboot that
machine yet. Once I do will this fix the "Unknown host CREDENTALS."
problem as well or could this all be very simply fixed by adding a
".com" to my domain?
<name snipped>
This is a common problem lately. Many posts on it. Recently (yesterday) I
posted something similar that will apply to you. I copied/pasted it below.
First of all, you can try using
http://support.microsoft.com/?id=300684
for a reg entry to force it to update. Need to do it on your clients too,
but XP won;t work properly. You may still get problems with GPOs applying
since the GetGPOList function onthe client side references the domain FQDN,
such as:
\\domain.com\sysvol\domain.COM\Policies
But when it tries to go to what you have, such as:
\\DOM\etc...
It perceives DOM as a host name, and may not resolve properly.
Here's my other post that may help in resolving this to help rename
it....Read the whole thing so you'll know what's involved.
==========================================
Ace Fekay,
If I were to just rename the domain from CREDENTALS to
CREDENTALS.net and disjoin all the affected workstations from
CREDENTALS and join it to CREDENTALS.net would it reset the user
profiles?
First, you can't just rename a domain, unless you're still in mixed mode
with an NT4 BDC still present. If still in mixed mode, you can add an NT4
BDC, trash the W2k DC, promote the NT4 BDC to a PDC, then manually set the
DNS Suffix in TCP/IP properties to the new domain name, credentials.net,
(which would be the name you choose for the AD DNS domain name, but keep the
NetBIOS domain name as CREDENTIALS for backward capatilibity), then upgrade
it to a W2k DC. This way the machines that are still joined will still be
joined to the same domain.
Otherwise if the domain is in Native mode, you'll need to follow the ADMT
method I previously mentioned.
And no about disjoining and rejoining to the new domain with the old
profiles. When you manually rejoin, a new profile is created. You may find
that you can manually force the new profiles to use the old profile one
machine at a time, but I don;t think that's what you want to do. ADMT will
do that for you.
Keep in mind you want to follow DNS naming methods. One thing I noticed is
you're using uppercase. It's not that it won't work, but to keep things
consistent with DNS RFCs (looks good too), name it credentials.net, not
CREDENTIALS.net.
From what I have read in researching this problem it sure does seem
that single label domains cause lots of problems and sometimes even
questionable and/or slow connections. But, likewise, I have also
read things that lead me to think migrating AD off CREDENTALS and
over to CREDENTALS.net could possibly cause more problems domain wide
than just the one machine I have now. If I ever have to set up a new
domain or rebuild the old one for some reason other than one machine
I'll defiantly use the appropriate formatting (I wasn't the one who
set this up anyway, that guy quit). For now should the 2
registry entries discussed previously in
http://support.microsoft.com/default.aspx?scid=kb;en-us;300684&FR=1
fix this problem for the one machine?
<snip>
If the domain is in mixed mode, it will be alot easier for you. If not, the
ADMT will work, but I would read up on it first and test it. I can provide
links if needed. I've migrated quite a few domains and have to say it's the
easier method if the domain is presently in mixed mode. To find the present
mode, rt-click the domain name in ADUC, properties. Look at the bottom of
the general tab.
Also, Kevin has a big point about GPOs and how the GetGPOList function works
when a machine logs on and looks for the GPOs. That reg entry has to be made
system wide....
=================================
--
Regards,
Ace
Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
