create account error

[tanh]

i want create user store on active directory, when i click finish
button, an error message said: "Network path not found".

i also check on even viewer, there are error message

"Registration of the DNS record '_ldap._tcp.dc._msdcs.domainname.com.
600 IN SRV 0 100 389 servername.domainname.com.' failed with the
following error:
DNS operation refused.

Registration of the DNS record
'_kerberos._tcp.Default-First-Site-Name._sites.domainname.com. 600 IN
SRV 0 100 88 servername.domainname.com.' failed with the following
error:
DNS operation refused.

i can't access Domain controller security policy and Domain security
policy.

what is error? how can i restore this problem?


tanh

 

[a-davew [MSFT]]

You need to check the DNS settings on the server you are currently
connected to. It appears that it is trying to register it's DNS settings
with a DNS Server that doesn not allow dynamic update, or it can't find the
DNS server. Make sure that all the computers in your network are pointing
to a single DNS server (for troubleshooting purposes). Make sure that DNS
server allows for Dynamic Updates for you DNS zone. Make sure that your
DNS server is ONLY looking at itself for DNS resolution. If you need to
resolve IP addresses on the internet, you can place your ISP's DNS servers
as forwarders in the DNS server.

This problem is almost definately related to name resolution. To fix the
problem, eliminate ALL extraneous name resolution methods, including WINS
where possible and point everyone to a Dynamically Updatabale DNS server on
the network. On the DCs, be sure to do the following after you have fixed
the IP settings:

net stop netlogon
ipconfig /flushdns
ipconfig /registerdns
net start netlogon

Wait 5 minutes and make sure that everyone is registered inside of DNS, and
that there are records in the _MSDCS subdomain of your DNS domain for each
of your domain controllers. Any DC that is not listed under _MSDCS is not
going to be "reachable" and you won't be able to perform any actions that
require access to the FSMO roles that server holds.

If a DC doesn't register with DNS, you have either a connectivity problem,
or you didn't eliminate the extra DNS settings (which may require a reboot,
although it's rather arbitrary when it asks for a reboot).

David Waldron
MCSE+I, MCP+I, MCDBA, MCSA, MCT
Microsoft Enterprise Support
EPS Directory Services Team
(e-mail address removed)

 

[tanh]

the connection between server and DNS server had some problems.
Now it run well.
Thanks

tan