Domain and DNS issue

[Mike]

I recently took over a domain of NT 4 workstations with a
Windows 2000 Server DC. We are in the process of
migrating to 2000 on all of the workstations, so I have
been trying to build an image. The problem is that I
cannot get the 2000 workstation to join our domain.
According to my searches on the web, it is an issue with
our DNS server (possibly other issues as well). The
domain name is "jupiter". The name has been the same
since they upgraded the DC from NT 4 to 2000 Server.

I really do not have much experience with AD and DNS, so I
am hoping that somebody can tell me what the problem is
based on the information below. Hopefully, there is a way
to fix all of this without losing any of the user and
computer account information that we have already.

All commands run on the domain controller:
(edited) ipconfig /all:

Host Name . . . . . . . . . . . . : dserve
Primary DNS Suffix . . . . . . . : company.com
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : company.com
jupiter

Connection-specific DNS Suffix . : jupiter
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.17.xx.12
DNS Servers . . . . . . . . . . . : 172.17.xx.12

(edited) netdiag
DNS test . . . . . . . . . . . . . : Failed
[FATAL]: All DNS servers authoritative
for 'dserve.company.com' are currently down.
PASS - All the DNS entries for DC are registered on
DNS server '172.17.xx.12'.

Thanks,
mike

 

[Mike]

Thanks for the response. When I look at DNS on the
server, under Forward Lookup Zones, the only folder
is "jupiter". Here are the records that are beneath that:

_msdcs
_sites
_tcp
_udp
(same as parent folder) SOA [25],
dserver.company.com., admin.company.com.
(same as parent folder) NS dserve.company.com.
(same as parent folder) A 172.17.xx.12

The DNS suffix is set to "jupiter". Is that not the AD
domain name? Should our domain name now be "company.com"?

I'm sorry, I really am very new to this.

-----Original Message-----
The DNS suffix for the DC's LAN connection should match the AD domain name,
not the netbios name. Try changing that. Also, post the first group of
records in your company.com forward lookup zone (NS, SOA, etc.).

I recently took over a domain of NT 4 workstations with a
Windows 2000 Server DC. We are in the process of
migrating to 2000 on all of the workstations, so I have
been trying to build an image. The problem is that I
cannot get the 2000 workstation to join our domain.
According to my searches on the web, it is an issue with
our DNS server (possibly other issues as well). The
domain name is "jupiter". The name has been the same
since they upgraded the DC from NT 4 to 2000 Server.

I really do not have much experience with AD and DNS, so I
am hoping that somebody can tell me what the problem is
based on the information below. Hopefully, there is a way
to fix all of this without losing any of the user and
computer account information that we have already.

All commands run on the domain controller:
(edited) ipconfig /all:

Host Name . . . . . . . . . . . . : dserve
Primary DNS Suffix . . . . . . . : company.com
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : company.com
jupiter

Connection-specific DNS Suffix . : jupiter
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.17.xx.12
DNS Servers . . . . . . . . . . . : 172.17.xx.12

(edited) netdiag
DNS test . . . . . . . . . . . . . : Failed
[FATAL]: All DNS servers authoritative
for 'dserve.company.com' are currently down.
PASS - All the DNS entries for DC are registered on
DNS server '172.17.xx.12'.

Thanks,
mike

.

 

[Kevin D. Goodknecht Sr. [MVP]]

In

I recently took over a domain of NT 4 workstations with a
Windows 2000 Server DC. We are in the process of
migrating to 2000 on all of the workstations, so I have
been trying to build an image. The problem is that I
cannot get the 2000 workstation to join our domain.
According to my searches on the web, it is an issue with
our DNS server (possibly other issues as well). The
domain name is "jupiter". The name has been the same
since they upgraded the DC from NT 4 to 2000 Server.

I really do not have much experience with AD and DNS, so I
am hoping that somebody can tell me what the problem is
based on the information below. Hopefully, there is a way
to fix all of this without losing any of the user and
computer account information that we have already.

All commands run on the domain controller:
(edited) ipconfig /all:

Host Name . . . . . . . . . . . . : dserve
Primary DNS Suffix . . . . . . . : company.com
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : company.com
jupiter

Connection-specific DNS Suffix . : jupiter
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.17.xx.12
DNS Servers . . . . . . . . . . . : 172.17.xx.12

(edited) netdiag
DNS test . . . . . . . . . . . . . : Failed
[FATAL]: All DNS servers authoritative
for 'dserve.company.com' are currently down.
PASS - All the DNS entries for DC are registered on
DNS server '172.17.xx.12'.

Thanks,
mike

This has the appearance of a disjointed name space I really need to see an
unedited ipconfig /all and verify the actual domain name in ADUC.

See this, it is looking for the authoritative DNS servers for
dserve.company.com your primary DNS suffix is company.com

[FATAL]: All DNS servers authoritative
for 'dserve.company.com' are currently down.

plus jupiter is not a valid DNS name

It may be possible to get this up by correcting the Primary DNS suffix

 

[Keith W. McCammon]

It should be the DNS domain name. I know how to correct the issue if the DC
has a different suffix than the AD domain name, but I don't know how to
correct this. Maybe change the DNS suffix on the system and run netdiag
/fix, but I don't know if that will work.

Thanks for the response. When I look at DNS on the
server, under Forward Lookup Zones, the only folder
is "jupiter". Here are the records that are beneath that:

_msdcs
_sites
_tcp
_udp
(same as parent folder) SOA [25],
dserver.company.com., admin.company.com.
(same as parent folder) NS dserve.company.com.
(same as parent folder) A 172.17.xx.12

The DNS suffix is set to "jupiter". Is that not the AD
domain name? Should our domain name now be "company.com"?

I'm sorry, I really am very new to this.

-----Original Message-----
The DNS suffix for the DC's LAN connection should match the AD domain name,
not the netbios name. Try changing that. Also, post the first group of
records in your company.com forward lookup zone (NS, SOA, etc.).

I recently took over a domain of NT 4 workstations with a
Windows 2000 Server DC. We are in the process of
migrating to 2000 on all of the workstations, so I have
been trying to build an image. The problem is that I
cannot get the 2000 workstation to join our domain.
According to my searches on the web, it is an issue with
our DNS server (possibly other issues as well). The
domain name is "jupiter". The name has been the same
since they upgraded the DC from NT 4 to 2000 Server.

I really do not have much experience with AD and DNS, so I
am hoping that somebody can tell me what the problem is
based on the information below. Hopefully, there is a way
to fix all of this without losing any of the user and
computer account information that we have already.

All commands run on the domain controller:
(edited) ipconfig /all:

Host Name . . . . . . . . . . . . : dserve
Primary DNS Suffix . . . . . . . : company.com
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : company.com
jupiter

Connection-specific DNS Suffix . : jupiter
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.17.xx.12
DNS Servers . . . . . . . . . . . : 172.17.xx.12

(edited) netdiag
DNS test . . . . . . . . . . . . . : Failed
[FATAL]: All DNS servers authoritative
for 'dserve.company.com' are currently down.
PASS - All the DNS entries for DC are registered on
DNS server '172.17.xx.12'.

Thanks,
mike

.

 

[Mike]

The problem is that company.com is the main domain of the
company, but that network has no knowledge of our
network. They aren't even connected. I don't know why it
was put in there during the upgrade. None of our machines
on this network are accessable from the Internet. Is
there any way that I can change or remove the reference?

-----Original Message-----
In

I recently took over a domain of NT 4 workstations with a
Windows 2000 Server DC. We are in the process of
migrating to 2000 on all of the workstations, so I have
been trying to build an image. The problem is that I
cannot get the 2000 workstation to join our domain.
According to my searches on the web, it is an issue with
our DNS server (possibly other issues as well). The
domain name is "jupiter". The name has been the same
since they upgraded the DC from NT 4 to 2000 Server.

I really do not have much experience with AD and DNS, so I
am hoping that somebody can tell me what the problem is
based on the information below. Hopefully, there is a way
to fix all of this without losing any of the user and
computer account information that we have already.

All commands run on the domain controller:
(edited) ipconfig /all:

Host Name . . . . . . . . . . . . : dserve
Primary DNS Suffix . . . . . . . : company.com
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : company.com
jupiter

Connection-specific DNS Suffix . : jupiter
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.17.xx.12
DNS Servers . . . . . . . . . . . : 172.17.xx.12

(edited) netdiag
DNS test . . . . . . . . . . . . . : Failed
[FATAL]: All DNS servers authoritative
for 'dserve.company.com' are currently down.
PASS - All the DNS entries for DC are registered on
DNS server '172.17.xx.12'.

Thanks,
mike

This has the appearance of a disjointed name space I really need to see an
unedited ipconfig /all and verify the actual domain name in ADUC.

See this, it is looking for the authoritative DNS servers for
dserve.company.com your primary DNS suffix is company.com

[FATAL]: All DNS servers authoritative
for 'dserve.company.com' are currently down.

plus jupiter is not a valid DNS name

It may be possible to get this up by correcting the Primary DNS suffix




.

 

[Kevin D. Goodknecht Sr. [MVP]]

In

The problem is that company.com is the main domain of the
company, but that network has no knowledge of our
network. They aren't even connected. I don't know why it
was put in there during the upgrade. None of our machines
on this network are accessable from the Internet. Is
there any way that I can change or remove the reference?

-----Original Message-----
In

I recently took over a domain of NT 4 workstations with a
Windows 2000 Server DC. We are in the process of
migrating to 2000 on all of the workstations, so I have
been trying to build an image. The problem is that I
cannot get the 2000 workstation to join our domain.
According to my searches on the web, it is an issue with
our DNS server (possibly other issues as well). The
domain name is "jupiter". The name has been the same
since they upgraded the DC from NT 4 to 2000 Server.

I really do not have much experience with AD and DNS, so I
am hoping that somebody can tell me what the problem is
based on the information below. Hopefully, there is a way
to fix all of this without losing any of the user and
computer account information that we have already.

All commands run on the domain controller:
(edited) ipconfig /all:

Host Name . . . . . . . . . . . . : dserve
Primary DNS Suffix . . . . . . . : company.com
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : company.com
jupiter

Connection-specific DNS Suffix . : jupiter
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.17.xx.12
DNS Servers . . . . . . . . . . . : 172.17.xx.12

(edited) netdiag
DNS test . . . . . . . . . . . . . : Failed
[FATAL]: All DNS servers authoritative
for 'dserve.company.com' are currently down.
PASS - All the DNS entries for DC are registered on
DNS server '172.17.xx.12'.

Thanks,
mike

This has the appearance of a disjointed name space I really need to
see an unedited ipconfig /all and verify the actual domain name in
ADUC.

See this, it is looking for the authoritative DNS servers for
dserve.company.com your primary DNS suffix is company.com

[FATAL]: All DNS servers authoritative
for 'dserve.company.com' are currently down.

plus jupiter is not a valid DNS name

It may be possible to get this up by correcting the Primary DNS
suffix

There is a fix if this is in fact a disjointed name space. Is the actual
domain name dserve.company.com?
I'm sure we can fix this but I need to know what it is that needs to be
done.

So what is the actual domain name in ADUC?

 

[Ace Fekay [MVP]]

In

In

The problem is that company.com is the main domain of the
company, but that network has no knowledge of our
network. They aren't even connected. I don't know why it
was put in there during the upgrade. None of our machines
on this network are accessable from the Internet. Is
there any way that I can change or remove the reference?

-----Original Message-----
In Mike <[email protected]> posted their concerns
Then Kevin made his reply below:
I recently took over a domain of NT 4 workstations with a
Windows 2000 Server DC. We are in the process of
migrating to 2000 on all of the workstations, so I have
been trying to build an image. The problem is that I
cannot get the 2000 workstation to join our domain.
According to my searches on the web, it is an issue with
our DNS server (possibly other issues as well). The
domain name is "jupiter". The name has been the same
since they upgraded the DC from NT 4 to 2000 Server.

I really do not have much experience with AD and DNS, so I
am hoping that somebody can tell me what the problem is
based on the information below. Hopefully, there is a way
to fix all of this without losing any of the user and
computer account information that we have already.

All commands run on the domain controller:
(edited) ipconfig /all:

Host Name . . . . . . . . . . . . : dserve
Primary DNS Suffix . . . . . . . : company.com
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : company.com
jupiter

Connection-specific DNS Suffix . : jupiter
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 172.17.xx.12
DNS Servers . . . . . . . . . . . : 172.17.xx.12

(edited) netdiag
DNS test . . . . . . . . . . . . . : Failed
[FATAL]: All DNS servers authoritative
for 'dserve.company.com' are currently down.
PASS - All the DNS entries for DC are registered on
DNS server '172.17.xx.12'.

Thanks,
mike

This has the appearance of a disjointed name space I really need to
see an unedited ipconfig /all and verify the actual domain name in
ADUC.

See this, it is looking for the authoritative DNS servers for
dserve.company.com your primary DNS suffix is company.com

[FATAL]: All DNS servers authoritative
for 'dserve.company.com' are currently down.

plus jupiter is not a valid DNS name

It may be possible to get this up by correcting the Primary DNS
suffix

There is a fix if this is in fact a disjointed name space. Is the
actual domain name dserve.company.com?
I'm sure we can fix this but I need to know what it is that needs to
be done.

So what is the actual domain name in ADUC?

If the Primary DNS Suffix is clean, I would maybe check the IP properties,
advanced settings, DNS tab, to make sure Jupiter's not in there.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Keith W. McCammon]

The problem is that company.com is the main domain of the
company, but that network has no knowledge of our
network. They aren't even connected. I don't know why it
was put in there during the upgrade. None of our machines
on this network are accessible from the Internet. Is
there any way that I can change or remove the reference?

Using AD, a domain name using a TLD is recommended, that's why company.com
was used. Even though it seems odd to name the internal and external domain
the same, it is common and doesn't cause problems. You cannot remove the
reference.

What's the bottom line here? What should the AD domain name be? And what
is reflected in the AD sites and services snap-in? You haven't been all
that clear on this.

 

[Ace Fekay [MVP]]

In

The domain name listed in ADUC is jupiter. It has been a
single word since we used an NT4 DC (before our upgrade to
2000). I guess I am not exactly sure what needs to be
done. We are trying to replace all of our NT 4
workstations with 2000. I need to make sure that the 2000
machines can join our domain without losing all of our
user accounts. I am willing to make any change necessary
to accomplish that.

I am sorry if I am not providing enough detail. I have
never had to configure AD or DNS before, so this is all
very new to me. Thanks for your help.

If the domain name in ADUC is just "Jupiter", then a reinstall is
recommended, unless you follow that article that Kevin supplied to force the
machine to use a single label domain name in DNS, where as you would have to
change the Primary DNS Suffix to match the AD domain name. But reg changes
are not recommended to force such undesirable configs, the problem will
balloon when you grow.

If you ask me, it's a mess, but I think you already know that. A reinstall
is recommended, and since you still have an NT4 BDC on the network, I would
definitely do this, and you will not lose your accounts in the process.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory