Event ID 1265

D

Debra H

I did post this in the Active Directory section as well.

WAN line was down for awhile, now back up. Users are
unable to access other servers over the wan by their DNS
names. They can access them via WINS. Replication is not
happening. When trying to access another server over the
WAN, I receive the error, "\\xxxxx not accessible. Logon
Failure The target account name is incorrect."
As per Microsoft: "If this error is being reported for
Active Directory replication between two domain
controllers of different domains which have a parent/child
or tree root trust relationship, this error may be due to
an absent critical object that represents the trust
relationship between the two domains."
But I have a single Domain.

I would like to resolve this before I bring in Exchange to
extend the schema.

also:

Funny thing - the passwords or policies are not affected.
It is only when I try to access a resource locally or over
the WAN line using the server name and not the Ip. I can
for instance do this:
\\xxx.xxx.xxx.xxx and see all the folders. But if I type
the servername ie: \\servername, I receive the following
error:
"\\xxxxx not accessible. Logon
The WAN line is back but I have not been able to see
services using the \\servername for a few months.

Any ideas greatly appreciated. Thanks
(e-mail address removed)
 
K

Kevin D. Goodknecht [MVP]

In
Debra H said:
I did post this in the Active Directory section as well.

WAN line was down for awhile, now back up. Users are
unable to access other servers over the wan by their DNS
names. They can access them via WINS. Replication is not
happening. When trying to access another server over the
WAN, I receive the error, "\\xxxxx not accessible. Logon
Failure The target account name is incorrect."
As per Microsoft: "If this error is being reported for
Active Directory replication between two domain
controllers of different domains which have a parent/child
or tree root trust relationship, this error may be due to
an absent critical object that represents the trust
relationship between the two domains."
But I have a single Domain.

I would like to resolve this before I bring in Exchange to
extend the schema.

also:

Funny thing - the passwords or policies are not affected.
It is only when I try to access a resource locally or over
the WAN line using the server name and not the Ip. I can
for instance do this:
\\xxx.xxx.xxx.xxx and see all the folders. But if I type
the servername ie: \\servername, I receive the following
error:
"\\xxxxx not accessible. Logon

The WAN line is back but I have not been able to see
services using the \\servername for a few months.

Any ideas greatly appreciated. Thanks
(e-mail address removed)
Click to expand...
Have you tried pointing each DC to the other for preferred DNS, then to
themselves as alternate?
This sounds like something that could happen if the DC has not registered
its address properly in DNS.
 
D

Debra H

Yes, DNS is pointing to other servers other than itself.
If I point to itself, I get more errors. It seems that the
trust is off in Active directory as well.
 
K

Kevin D. Goodknecht [MVP]

In
Debra H said:
Yes, DNS is pointing to other servers other than itself.
If I point to itself, I get more errors. It seems that the
trust is off in Active directory as well.
Click to expand...
Can you post an ipconfig /all for both DCs?
 
D

Debra H

Originally the server was pointing to itself and another
server. But it created all sorts of errors. I had to
change it to point to 2 other DNS servers.

Here's the Ipconfig /all
Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : xxDC1
Primary DNS Suffix . . . . . . . : xxx.xxxroot.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : xxx.xxxroot.com
xxxroot.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Compaq NC3163
Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-02-B5-ED-8E-
A0
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.10.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.10.1
DNS Servers . . . . . . . . . . . : 192.168.20.15
192.168.20.14
Primary WINS Server . . . . . . . : 192.168.10.10

Thank You
 
K

Kevin D. Goodknecht [MVP]

In
Debra H said:
Originally the server was pointing to itself and another
server. But it created all sorts of errors. I had to
change it to point to 2 other DNS servers.

Here's the Ipconfig /all
Windows 2000 IP Configuration

Host Name . . . . . . . . . . . . : xxDC1
Primary DNS Suffix . . . . . . . : xxx.xxxroot.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : xxx.xxxroot.com
xxxroot.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Compaq NC3163
Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-02-B5-ED-8E-
A0
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.10.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.10.1
DNS Servers . . . . . . . . . . . : 192.168.20.15
192.168.20.14
Primary WINS Server . . . . . . . : 192.168.10.10

Thank You
Click to expand...
Thanks for the ipconfig.
I'm trying to get a picture in my mind how this is set up.
Are these two DNS servers in this config both DCs for the parent domain?
Are either of these DNS servers local for this DC or are both on the other
end of the WAN?
What where the errors when you had DNS on this machine?

I want to say, this is not the recommended setup. If you want to use your
parent DC for DNS that is fine, but you need to have a parent DC at this
location for it to be a reliable configuration.
The way you would normally set this up is to run DNS on this child DC then
set the parent DC as a forwarder or run a secondary zone on this DC for the
parent zone.
Either way, you need to delegate the child name in the parent zone and I
would run DNS on this DC. Here is the KB that describes the recommended DNS
configuration for parent-child domains. 255248 - HOW TO Create a Child
Domain in Active Directory and Delegate the DNS Namespace to the Child
Domain
http://support.microsoft.com/default.aspx?scid=kb;en-us;255248&FR=1

A big problem with this DNS configuration is the global catalog. The global
catalog record only exists in the parent zone and if the link goes down you
cannot find the global catalog record even if you have a global catalog on
your remote child DC. You really should have a global catalog on this remote
DC or a local parent DC to act as global catalog.
If it is not possible to have a local DC for the parent domain you should
run DNS on this DC, a global catalog with an AD child zone and a secondary
parent zone.

I'm sorry for the length of this post but you don't give me a clear picture
and I need to clarify your setup.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Event ID: 1265 3
Diferent domains dns problems 3
Can't access PC's by name - only IP 5
DNS Entries for 2 seperate Active Directory Domains over WAN 1
Event ID 1265 Help??? 2
WINS Push/Pull between NT4 and 2K 1
Access to Trusted Domain Resources and Scanning 5
Problem when enabling Trust Relationship between domains 1

Top