DNS problems

[mike]

hello,well i screwed up DNS cause my netdiag was failing
and gpo werent applying right,so i uninstalled it and
reinstalled it,but everything was still there how do i
start fresh in DNS ,and can i do this if its the only DNS
server in my domain,will my domain still work after i
reinstall,also if im using static ip's on all my cleints
and servers do i need dhcp?please help me here,im having a
big headache for couple days now!!!

thanks

 

[mike]

here is more info,me and my buddy have been working on
it,he is out of town now so here it is.
here is the netdiag....

DNS test . . . . . . . . . . . . . : Failed
[WARNING] Cannot find a primary authoritative
DNS server for the name
'kid1.portrocker.'. [RCODE_SERVER_FAILURE]
The name 'kid1.portrocker.' may not be
registered in DNS.
[WARNING] Cannot find a primary authoritative
DNS server for the name
'kid1.portrocker.com.'. [RCODE_SERVER_FAILURE]
The name 'kid1.portrocker.com.' may not be
registered in DNS.
[WARNING] The DNS entries for this DC are not
registered correctly on DNS se
rver '192.168.0.2'. Please wait for 30 minutes for DNS
server replication.
[FATAL] No DNS servers have the DNS records for this
DC registered.

 

[Bram]

Hi,

I'm trying to build a little NT network myself here, at home, and I have
exactly the same problem, so I followed your solution. My Primary DNS
server is set to 127.0.0.1, but when I restart the Net Logon service, the
records aren't replicated. Instead, I get these three Warnings in the
System Event Log...

Numbers 2 and 3 are the same as 1, only with a different description.


--- NUMBER ONE ---
Event Type: Warning
Event Source: NETLOGON
Event Category: None
Event ID: 5781
Date: 14/07/2003
Time: 11:01:36
User: N/A
Computer: VOYAGER
Description:
Dynamic registration or deletion of one or more DNS records associated
with DNS domain 'home.' failed. These records are used by other
computers to locate this server as a domain controller (if the specified
domain is an Active Directory domain) or as an LDAP server (if the
specified domain is an application partition).

Possible causes of failure include:
- TCP/IP properties of the network connections of this computer contain
wrong IP address(es) of the preferred and alternate DNS servers
- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone
authoritative for the DNS records that failed registration

USER ACTION
Fix possible misconfiguration(s) specified above and initiate
registration or deletion of the DNS records by running 'nltest.exe
/dsregdns' from the command prompt or by restarting Net Logon service.
Nltest.exe is available in the Microsoft Windows Server Resource Kit CD.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2a 23 00 00 *#..


--- NUMBER TWO ---
Description:
Dynamic registration or deletion of one or more DNS records associated
with DNS domain 'DomainDnsZones.home.' failed. These records are used by
other computers to locate this server as a domain controller (if the
specified domain is an Active Directory domain) or as an LDAP server (if
the specified domain is an application partition).


--- NUMBER THREE ---
Description:
Dynamic registration or deletion of one or more DNS records associated
with DNS domain 'ForestDnsZones.home.' failed. These records are used by
other computers to locate this server as a domain controller (if the
specified domain is an Active Directory domain) or as an LDAP server (if
the specified domain is an application partition).


What am I missing here?

And a little extra question: that would be the reason why no client is
able to locate my domain? ("Domain unavailable")


Thank you!
Bram

 

[Bram]

In addition, I've found these errors in my DNS Event Log...


--- NUMBER ONE ---
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 4015
Date: 13/07/2003
Time: 22:44:20
User: N/A
Computer: VOYAGER
Description:
The DNS server has encountered a critical error from the Active
Directory. Check that the Active Directory is functioning properly. The
extended error debug information (which may be empty) is "". The event
data contains the error.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 51 00 00 00 Q...


--- NUMBER TWO ---
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 4004
Date: 13/07/2003
Time: 22:44:20
User: N/A
Computer: VOYAGER
Description:
The DNS server was unable to complete directory service enumeration of
zone 0.0.10.in-addr.arpa. This DNS server is configured to use
information obtained from Active Directory for this zone and is unable to
load the zone without it. Check that the Active Directory is functioning
properly and repeat enumeration of the zone. The extended error debug
information (which may be empty) is "". The event data contains the
error.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2a 23 00 00 *#..


--- NUMBER THREE ---
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 4004
Date: 13/07/2003
Time: 22:44:20
User: N/A
Computer: VOYAGER
Description:
The DNS server was unable to complete directory service enumeration of
zone home. This DNS server is configured to use information obtained
from Active Directory for this zone and is unable to load the zone
without it. Check that the Active Directory is functioning properly and
repeat enumeration of the zone. The extended error debug information
(which may be empty) is "". The event data contains the error.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2a 23 00 00 *#..

 

[RSt]

Solution?!

I had simular problems and came to the following solution :

EVENTVIEWER

In DNS:

You might see: Event ID 4007

The DNS server was unable to open zone DOMAINNAME in the Active Directory from the application directory partition DomainDnsZones.DOMAINNAME. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.

1 Go to the properties of your forward looup zone under the DNS manager: Make de forward lookup zone 'not active directory intergrated' and apply, then make it 'active directory intergrated' and apply!

2 Then restart DNS service en reload de zone in DNS manager, no error should occur!

In system:

You might see: Event ID 5781

Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.DOMAINNAME.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).

Restart netlogon service

In application : MSDTC Errors
You might see the following MSDTC errors:

Event with source MSDTC, ID 53258: MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC will continue to function and will use the existing security settings. Error Specifics: %1

Event with source MSDTC, ID 4439: Failed to verify MS DTC service account information. Internal Information : msdtc_trace : File: d:\srvrtm\com\complus\dtc\dtc\adme\uiname.cpp, Line: 9390, VerifyAccountInfo: CService::Create failed, hr=0x80070005

To get rid of the first event, do the following:

From Administrative Tools, start Component Services.

In the MMC snap-in, go to Component Services, Computers, My Computer.

Open the properties of My Computer and click the MSDTC tab.

Click the button Security Configuration.

Do not change anything, just click OK (silly, I know).
(This thanks to an other IT nerd

)
Click OK again and then close the MMC

Stop and start MSDTC. (net stop/net start in dos) The event with ID 53258 should not appear anymore.

To get rid of the 4439 event, do the same as for the Windows Time Service. In the Sytem Services section of the server’s policy in AD, give the account SERVICE read/start/stop rights. Refresh group policy with gpupdate /force and then restart MSTDC. The error should disappear.

Hope this helps…