DNS Issues Preventing ADPREP /Forestprep From Working

  • Thread starter Douglas H. Quebbeman
  • Start date
D

Douglas H. Quebbeman

Hello all,

I've been reading through past traffic here and on other groups
and mailing lists, with a lot of heat centered around simliar problems,
but none close enough to be the fix I need.

We have a mixed-mode Windows 2000 enterprise; a main office and two
satellite offices, each on its own subnet and domain. The domain names
of each site are "bogus" in that they are not registered with the InterNIC.
Each site's domain has its own server which is a DC. The server here in the
main office is also running MSDE to support an accounting app and Exchange 5.5.

The hard drive is failing on one of the remote servers, and TPTB decided it
was time to buy them a new server rather than fix the existing one, so we
bought a Dell PowerEdge 1600 that will be running Windows 2003 Server Standard
Edition.

In trying to prepare the Active Directory forest with ADPREP, I discovered
that Active Directory, and seemingly DNS, have been failing to replicate
between the offices since about April, which if memory fails me was about the
time we upgraded the servers to Win2k SP4.

Our bogus domain names are 'tegjeff.com', 'tegshv.com', and 'tegevv.com',
so I considered the single-label domain problem, but it doesn't seem to
apply.

The first anomaly I see in the NETDIAG output is one I've seen so much
discussion about:

DNS test . . . . . . . . . . . . . : Passed
[WARNING] Cannot find a primary authoritative DNS server for the name
'jeffserver.tegjeff.com.'. [RCODE_SERVER_FAILURE]
The name 'jeffserver.tegjeff.com.' may not be registered in DNS.

I use RRAS to connect the two outbound servers to our main office in a WAN
and have working trusts established. Users aren't having any problems.

I had a 'Duplicate Name' problem that would occur as the remotes log in,
but something I changed has made that go away; the duplicate name was the
name of our home office server, and you'd see it in conflict with nbtstat -n
but as I say that is seemingly fixed.

I guess I should stop spewing... let me dump the output from netdiag /fix
and from dcdiag /fix, in the hope that this will provide some info that
someone can use in directing me towards the light...

Thanks in advance for any and all help,
-doug quebbeman
senile systems administrator
the estopinal group


...........................................

Computer Name: JEFFSERVER
DNS Host Name: jeffserver.tegjeff.com
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 6 Model 8 Stepping 6, GenuineIntel
List of installed hotfixes :
KB329115
KB820888
KB822831
KB823182
KB823559
KB823980
KB824105
KB824141
KB824146
KB825119
KB826232
KB828028
KB828035
KB828741
KB828749
KB829558
KB830352
KB835732
KB837001
KB839643
KB839645
KB840315
KB841872
KB841873
KB842526
Q147222
Q295688
Q816093
Q828026


Netcard queries test . . . . . . . : Passed
[WARNING] The net card 'RAS Async Adapter' may not be working because it has not received any packets.



Per interface results:

Adapter : Local Area Connection 2

Netcard queries test . . . : Passed

Host Name. . . . . . . . . : jeffserver.tegjeff.com
IP Address . . . . . . . . : 192.168.1.100
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.107
Primary WINS Server. . . . : 192.168.1.100
Dns Servers. . . . . . . . : 192.168.1.100


AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Passed

NetBT name test. . . . . . : Passed

WINS service test. . . . . : Passed

Adapter : {0B9E90CB-BFD0-49B7-8989-FF4FAA07D221}

Netcard queries test . . . : Passed

Host Name. . . . . . . . . : jeffserver
IP Address . . . . . . . . : 192.168.1.240
Subnet Mask. . . . . . . . : 255.255.255.255
Default Gateway. . . . . . :
Dns Servers. . . . . . . . : 127.0.0.1


AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Skipped
[WARNING] No gateways defined for this adapter.

NetBT name test. . . . . . : Passed
No remote names have been found.

WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.

Adapter : {C12801D2-A677-4C9A-AC21-A2EF8637C5F4}

Netcard queries test . . . : Passed

Host Name. . . . . . . . . : jeffserver
IP Address . . . . . . . . : 192.168.3.250
Subnet Mask. . . . . . . . : 255.255.255.255
Default Gateway. . . . . . :
Dns Servers. . . . . . . . : 192.168.3.100


AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Skipped
[WARNING] No gateways defined for this adapter.

NetBT name test. . . . . . : Passed
No remote names have been found.

WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.

Adapter : {A3E407C2-A1F4-456C-ABA1-7CF1413D1E84}

Netcard queries test . . . : Passed

Host Name. . . . . . . . . : jeffserver
IP Address . . . . . . . . : 192.168.2.250
Subnet Mask. . . . . . . . : 255.255.255.255
Default Gateway. . . . . . :
Dns Servers. . . . . . . . : 192.168.2.100


AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Skipped
[WARNING] No gateways defined for this adapter.

NetBT name test. . . . . . : Passed
No remote names have been found.

WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{EF2FCC1E-A048-4FED-A166-F62F40F41562}
NetBT_Tcpip_{0B9E90CB-BFD0-49B7-8989-FF4FAA07D221}
NetBT_Tcpip_{C12801D2-A677-4C9A-AC21-A2EF8637C5F4}
NetBT_Tcpip_{A3E407C2-A1F4-456C-ABA1-7CF1413D1E84}
4 NetBt transports currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Passed
[WARNING] Cannot find a primary authoritative DNS server for the name
'jeffserver.tegjeff.com.'. [RCODE_SERVER_FAILURE]
The name 'jeffserver.tegjeff.com.' may not be registered in DNS.
[WARNING] Cannot find a primary authoritative DNS server for the name
'jeffserver.tegjeff.com.'. [RCODE_SERVER_FAILURE]
The name 'jeffserver.tegjeff.com.' may not be registered in DNS.
[WARNING]: The DNS registration for 'jeffserver.tegjeff.com' is correct only on some DNS
servers.
Please wait 15 min for replication and run the test again.
PASS - All the DNS entries for DC are registered on DNS server '192.168.1.100'.


Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{EF2FCC1E-A048-4FED-A166-F62F40F41562}
NetBT_Tcpip_{0B9E90CB-BFD0-49B7-8989-FF4FAA07D221}
NetBT_Tcpip_{C12801D2-A677-4C9A-AC21-A2EF8637C5F4}
NetBT_Tcpip_{A3E407C2-A1F4-456C-ABA1-7CF1413D1E84}
The redir is bound to 4 NetBt transports.

List of NetBt transports currently bound to the browser
NetBT_Tcpip_{EF2FCC1E-A048-4FED-A166-F62F40F41562}
NetBT_Tcpip_{0B9E90CB-BFD0-49B7-8989-FF4FAA07D221}
NetBT_Tcpip_{A3E407C2-A1F4-456C-ABA1-7CF1413D1E84}
NetBT_Tcpip_{C12801D2-A677-4C9A-AC21-A2EF8637C5F4}
The browser is bound to 4 NetBt transports.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Failed
Entry Name: EvvRouter
Cannot get the phone book entries for EvvRouter. [26F]
Entry Name: Shv_Router
Cannot get the phone book entries for Shv_Router. [26F]


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Passed
IPSec policy service is active, but no policy is assigned.


The command completed successfully

*********************************************


Domain Controller Diagnosis

Performing initial setup:
Done gathering initial info.

Doing initial required tests

Testing server: Jeffersonville\JEFFSERVER
Starting test: Connectivity
......................... JEFFSERVER passed test Connectivity

Doing primary tests

Testing server: Jeffersonville\JEFFSERVER
Starting test: Replications
[Replications Check,JEFFSERVER] A recent replication attempt failed:
From SHREVESERVER to JEFFSERVER
Naming Context: CN=Schema,CN=Configuration,DC=TEGJEFF,DC=com
The replication generated an error (8524):
The DSA operation is unable to proceed because of a DNS lookup failure.
The failure occurred at 2004-09-14 12:55.30.
The last success occurred at 2004-04-30 06:57.57.
2190 failures have occurred since the last success.
The guid-based DNS name e90e38ad-ad3b-41ba-b713-bdb08722b399._msdcs.TEGJEFF.com
is not registered on one or more DNS servers.
[Replications Check,JEFFSERVER] A recent replication attempt failed:
From EVVSERVER to JEFFSERVER
Naming Context: CN=Schema,CN=Configuration,DC=TEGJEFF,DC=com
The replication generated an error (8524):
The DSA operation is unable to proceed because of a DNS lookup failure.
The failure occurred at 2004-09-14 13:54.23.
The last success occurred at 2003-10-16 20:58.20.
15960 failures have occurred since the last success.
The guid-based DNS name d19e0173-1d3e-4964-a003-3cbfaae9b898._msdcs.TEGJEFF.com
is not registered on one or more DNS servers.
[Replications Check,JEFFSERVER] A recent replication attempt failed:
From SHREVESERVER to JEFFSERVER
Naming Context: CN=Configuration,DC=TEGJEFF,DC=com
The replication generated an error (8524):
The DSA operation is unable to proceed because of a DNS lookup failure.
The failure occurred at 2004-09-14 12:55.06.
The last success occurred at 2004-04-30 06:57.44.
2190 failures have occurred since the last success.
The guid-based DNS name e90e38ad-ad3b-41ba-b713-bdb08722b399._msdcs.TEGJEFF.com
is not registered on one or more DNS servers.
[Replications Check,JEFFSERVER] A recent replication attempt failed:
From EVVSERVER to JEFFSERVER
Naming Context: CN=Configuration,DC=TEGJEFF,DC=com
The replication generated an error (8524):
The DSA operation is unable to proceed because of a DNS lookup failure.
The failure occurred at 2004-09-14 13:54.23.
The last success occurred at 2003-10-16 20:58.19.
15960 failures have occurred since the last success.
The guid-based DNS name d19e0173-1d3e-4964-a003-3cbfaae9b898._msdcs.TEGJEFF.com
is not registered on one or more DNS servers.
[Replications Check,JEFFSERVER] A recent replication attempt failed:
From SHREVESERVER to JEFFSERVER
Naming Context: DC=TEGSHV,DC=com
The replication generated an error (8524):
The DSA operation is unable to proceed because of a DNS lookup failure.
The failure occurred at 2004-09-14 12:56.06.
The last success occurred at 2004-04-30 06:57.57.
2190 failures have occurred since the last success.
The guid-based DNS name e90e38ad-ad3b-41ba-b713-bdb08722b399._msdcs.TEGJEFF.com
is not registered on one or more DNS servers.
......................... JEFFSERVER passed test Replications
Starting test: NCSecDesc
......................... JEFFSERVER passed test NCSecDesc
Starting test: NetLogons
......................... JEFFSERVER passed test NetLogons
Starting test: Advertising
......................... JEFFSERVER passed test Advertising
Starting test: KnowsOfRoleHolders
......................... JEFFSERVER passed test KnowsOfRoleHolders
Starting test: RidManager
......................... JEFFSERVER passed test RidManager
Starting test: MachineAccount
......................... JEFFSERVER passed test MachineAccount
Starting test: Services
......................... JEFFSERVER passed test Services
Starting test: ObjectsReplicated
......................... JEFFSERVER passed test ObjectsReplicated
Starting test: frssysvol
......................... JEFFSERVER passed test frssysvol
Starting test: kccevent
An Warning Event occured. EventID: 0x8000061E
Time Generated: 09/14/2004 14:29:17
Event String: All servers in site
An Error Event occured. EventID: 0xC000051F
Time Generated: 09/14/2004 14:29:17
Event String: The Directory Service consistency checker has
An Warning Event occured. EventID: 0x8000061E
Time Generated: 09/14/2004 14:29:17
Event String: All servers in site
An Warning Event occured. EventID: 0x8000061E
Time Generated: 09/14/2004 14:29:17
Event String: All servers in site
An Error Event occured. EventID: 0xC000051F
Time Generated: 09/14/2004 14:29:17
Event String: The Directory Service consistency checker has
......................... JEFFSERVER failed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x40011006
Time Generated: 09/14/2004 13:56:36
Event String: The connection was aborted by the remote WINS.
An Error Event occured. EventID: 0x40011006
Time Generated: 09/14/2004 13:56:36
Event String: The connection was aborted by the remote WINS.
An Error Event occured. EventID: 0x40011006
Time Generated: 09/14/2004 14:26:36
Event String: The connection was aborted by the remote WINS.
An Error Event occured. EventID: 0x40011006
Time Generated: 09/14/2004 14:26:36
Event String: The connection was aborted by the remote WINS.
......................... JEFFSERVER failed test systemlog

Running enterprise tests on : TEGJEFF.com
Starting test: Intersite
......................... TEGJEFF.com passed test Intersite
Starting test: FsmoCheck
......................... TEGJEFF.com passed test FsmoCheck
 
D

Douglas H. Quebbeman

Douglas H. Quebbeman said:
Hello all,

I've been reading through past traffic here and on other groups
and mailing lists, with a lot of heat centered around simliar problems,
but none close enough to be the fix I need.

Oh, below is the output from IPCONFIG /ALL. Please note that
"Local Area Connection 2" is a second NIC added due to some
never-solved hardware issued with the mobo's builtin NIC. I
un-bound everything from the disabled 1st NIC...


Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : jeffserver
Primary DNS Suffix . . . . . . . : tegjeff.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : tegjeff.com

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . : tegjeff.com
Description . . . . . . . . . . . : Intel(R) PRO/100+ PCI Adapter
Physical Address. . . . . . . . . : 00-A0-C9-CE-AF-0E
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.100
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.107
DNS Servers . . . . . . . . . . . : 192.168.1.100
Primary WINS Server . . . . . . . : 192.168.1.100

PPP adapter RAS Server (Dial In) Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.240
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 127.0.0.1

PPP adapter {C12801D2-A677-4C9A-AC21-A2EF8637C5F4}:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.3.250
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.3.100

PPP adapter {A3E407C2-A1F4-456C-ABA1-7CF1413D1E84}:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.2.250
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.2.100
 
D

Douglas H. Quebbeman

Douglas H. Quebbeman said:
Hello all,

I've been reading through past traffic here and on other groups
and mailing lists, with a lot of heat centered around simliar problems,
but none close enough to be the fix I need.

Let's see, what else can I add...

* we're behind a firewall, with inbound mappings for VPN
and a few well-known services

Wow, brain went dry fast that time...

-dq
 
A

Ace Fekay [MVP]

In
Douglas H. Quebbeman said:
Hello all,
<snip>

Check the windows.server.dns newsgroup for a couple replies.

Douglas, it would have been to your benefit if you cross-posted instead of
mutli-posted. All you would have to do is check one of the newsgroups for
ALL the answers from both groups.

I cross-posted this to both so you can see what I mean...

:)

Ace
 
D

Douglas H. Quebbeman

Ace Fekay said:
In
<snip>

Check the windows.server.dns newsgroup for a couple replies.

Douglas, it would have been to your benefit if you cross-posted instead of
mutli-posted. All you would have to do is check one of the newsgroups for
ALL the answers from both groups.

I cross-posted this to both so you can see what I mean...

I always get flamed for cross-posting!

Heading over to the other group...
 
A

Ace Fekay [MVP]

In
Douglas H. Quebbeman said:
I always get flamed for cross-posting!

Heading over to the other group...

Cross-posting is actually beneficial for you (within reason of course!), but
multi-posting isn't.

I was just trying to help you and us out at the same time, and pointing out
it would have been more beneficial for you to get a collaborative response!

Ace
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top