It's not registering my gc._msdcs.DnsForestName

[Ian Boyd]

i'm getting errors from the SceCli and Userenv saying that it cannot talk to
the group policies located under

\\mydomain.com\sysvol\...

i finally tried browsing to \\mydomain.com itself, and i can no longer
access it.

So i'm guessing (though my limited understanding of what i was able to piece
together over the last hour) that ActiveDirectory isn't talking to DNS to
register the domain name as a record.

So, my questions are:

1. How do i check that what should be registered is actually currently
registered?
2. How do i start it registering it, if it currently isn't (or start it
trying, if it currently isn't)?
3. What keywods do i google for to figure out where to go from here?

 

[Ian Boyd]

talk

not necessarily - it could be that, but it also could be
that the machine where you try this is configured to use
the wrong DNS servers.

i'm trying it on the AD domain server itself. It's primary DNS server is
itself.

on the DCs run the support\tools utility
netdiag

depends on why it is not getting it done, if that is the case.
You can try
netdiag /fix

It's on the CD, right? Now i gotta dig that damn thing out from wherever i
buried it.

if the AD supporting zones are set to allow dynamic updates
and your machine is pointed at the correct DNS servers.
In reality, if the DCs are pointed to the correct DNS servers
and these allow dynamic DNS and you have not explicitly
tweaked the registry to disallow dynamic registrations by
Netlogon, then it should clear itself up within 15 minutes.

Ahh yes, those problems that should just go away. i wish it would

 

[Kevin D. Goodknecht Sr. [MVP]]

In

i'm getting errors from the SceCli and Userenv saying that it cannot
talk to the group policies located under

\\mydomain.com\sysvol\...

i finally tried browsing to \\mydomain.com itself, and i can no longer
access it.

So i'm guessing (though my limited understanding of what i was able
to piece together over the last hour) that ActiveDirectory isn't
talking to DNS to register the domain name as a record.

So, my questions are:

1. How do i check that what should be registered is actually currently
registered?
2. How do i start it registering it, if it currently isn't (or start
it trying, if it currently isn't)?
3. What keywods do i google for to figure out where to go from here?

These errors usually point to a binding/binding order problem and is usually
seen only on machines with multiple NICs.

DNS should only be listening on the private IP address that File sharing and
client for Microsoft Networks is bound to, and should be at the top of the
binding order, to verify:
Right click on My network places and choose properties. Then in the menu
choose Advanced, the Advanced Settings, in Connections your private
interface with the IP that DNS is listening on should be listed at the top
with File and Printer Sharing and Client for Microsoft Networks checked in
the bindings.

 

[Roger Abell]

Yes, the utility is on CD in support\tools install,
but you should get the optional download from the
service pack download page corresponding to your
current service level (sp4).

The main thing of concern heard in your reply was
that the DC was using itself "as its primary DNS server".
That does mean that all configured DNS servers "know"
about the AD supporting zones, right ?

 

[Ian Boyd]

The machine only has one NIC.

i turned on the option for device manager to show hidden (not present)
devices, and there was still only one.

And it was at the top of the binding order, before the RAS server
connections.

 

[Michael Johnston [MSFT]]

The DC needs to point to itself only for DNS. The DNS server then needs a forward lookup zone that matches the AD name exactly. This zone needs to allow
for dynamic updates. If any of these are out of place, the errors you mention can occur.


Thanks,
Mike Johnston
Microsoft Network Support
--

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated.