please help me....

[Jessica]

Recently I installed an additional domain controller
(serverB) for an existing Windows 2000 DC (serverA). Then
I changed the roll of the serverB as a GC server. AFter
working for 2 days, Active Directory replication failed
and gave error of "RPC server unavailable..." when I try
to force run replication from AD Site and Services. I
checked all the DNS configurations in the serverA as
mentioned in some microsoft knowledge base site and
worked around, but it did not work. DNS communication
seems to be fine as I can ping serverA.domain.com but it
breaks sometimes serverb.domian.com in the network.
ServerA is running ex5.5 and serverB e2k (newly installed)
in the same site and both are working fine for inboud and
outbound mails. Both servers are pointing to the DNS
server installed at serverA.

I will highly appriciate any suggestion to overcome this
problem.

..

 

[Chriss3]

Do you running Active Directory Integrated Zones on both DC´s ? How ever you
can use an external DNS to resolve names in Exchange.

--
Regards,

Christoffer Andersson
No email replies please - reply in the newsgroup
If the information was help full, you can let me know at:
http://www.itsystem.se/employers.asp?ID=1

 

[Ace Fekay [MVP]]

In

Do you running Active Directory Integrated Zones on both DC´s ? How
ever you can use an external DNS to resolve names in Exchange.

Hi Chris...also to check to make sure that Jessica is not using her ISP's
DNS addresses in her systems. I can see if that's the case, this can occur.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Jessica]

I am not using ISP's DNS name its a local dns name.
However my domain (abc.com) is the registered domain. I
am hosting the same domian in serverA and ServerB is the
only additional domain controller in network. Server A is
also installed with DNS server and serverB is pointing to
serverA DNS. I am running active directory integrated
zones on both DCs.

Thanks

 

[Chriss3]

Try configure the SMTP Connector in Exchange to use the external ISP DNS to
resolve domain internet names.

--
Regards,

Christoffer Andersson
No email replies please - reply in the newsgroup
If the information was help full, you can let me know at:
http://www.itsystem.se/employers.asp?ID=1

"Jessica" <[email protected]> skrev i meddelandet
I am not using ISP's DNS name its a local dns name.
However my domain (abc.com) is the registered domain. I
am hosting the same domian in serverA and ServerB is the
only additional domain controller in network. Server A is
also installed with DNS server and serverB is pointing to
serverA DNS. I am running active directory integrated
zones on both DCs.

Thanks

 

[Ace Fekay [MVP]]

In

Try configure the SMTP Connector in Exchange to use the external ISP
DNS to resolve domain internet names.

Hi Chris,

Normally that's not necessary, because by default the internal DNS servers
will use the Root hints to resolve the outside name if a Forwarder wasn't
configured.

I think at this time it maybe necessary to get some more info from
Jessica...

Jessica, can you post:

1. Unedited ipconfig /all from your DC's and from your Exchange server
please?
2. Can you also state the actual AD DNS domain name (as it shows up in
ADUC).
3. Can you also state the external domain name too?
4. Can you post any Event log errors that you get? We'll need to see the
Event ID # and the Source name.
5. Are the servers on different subnets? If so, is there a firewall or NAT
or VPN or a combination thereof between them? If so, what sort of connection
do you have, ADSL, T1, cable, etc? The namebrand of the router(s) and/or NAT
devices would be great (such as a Netscreen, Sonicwall, etc).

I am trying to get a complete picture of your topology and infrastructure to
better help in diagnosis. RPC errors can occur even if you ping and get a
response, but if there is a NAT translation or the MTU is chopped below
default, the can halt RPC, LDAP and Kerberos traffic, which will cause
numerous errors. So you see why I'm asking for this info...

Thanks,





--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Jessica]

I Ace I got few more information
1. my domain name is ecc.com (is also the registered
domain)and is using NAT to access outside

2. Main Domain Controller (DC) IP address: 192.168.0.10
(mapped with public IP in PIX),hostname: main and
preferred DNS: 192.168.0.10

3. Additional DC IP address: 192.168.0.11 (not mapped
with public IP in PIX),hostname: back and preferred DNS:
192.168.0.10

There is no error message in eveny viewer of back.

Event viewer in main DC
-----------------------------------------------------
The attempt to establish a replication link with
parameters

Partition: CN=Schema,CN=Configuration,DC=ecc,DC=com
Source DSA DN: CN=NTDS
Settings,CN=back,CN=Servers,CN=Default-First-Site-
Name,CN=Sites,CN=Configuration,DC=ecc,DC=com
Source DSA Address: 19acd237-e0e5-4b47-9afd-
79573023ef03._msdcs.ecc.com
Inter-site Transport (if any):

failed with the following status:

The DSA operation is unable to proceed because of a DNS
lookup failure.

The record data is the status code. This operation will
be retried.

 

[Ace Fekay [MVP]]

Your DC has two IPs? Just to let you know, it's not really recommended. Can
cause issues like this. Wouldn't really want DNS on a DC exposed to the
outside world.

Anway, since you are hosting the external name on your DNS/DC, you probably
have external IPs for your domain, mail, etc, pointing to the WAN IP of the
PIX. Seems that it's trying to connect to that IP I bet. NAT won't port
remap a request on the internal interface to the outside interface then back
in again.

Suggest to create a separate DNS server to host the external data.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Jessics]

Ace,thanks a lot for your reply.
Can i install a new DNS server in additional domain
controller and point to this for both of the DCs?
If I do this way, may be I don't have to make any chages
in the PIX.

Thanks

 

[Ace Fekay [MVP]]

In

Ace,thanks a lot for your reply.
Can i install a new DNS server in additional domain
controller and point to this for both of the DCs?
If I do this way, may be I don't have to make any chages
in the PIX.

Thanks

Yes, that would be no problem and would be easier on you.


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Jessica]

Hi Ace
I again had problem..
While running dcdiag.exe in backup domain controller I
got the message back's server GUID DNS name could not be
resolved to an IP address.
....................... failed test Connectivity

Can u suggest me further?

I really appriciate your help.

Jesica

 

[Ace Fekay [MVP]]

In

Hi Ace
I again had problem..
While running dcdiag.exe in backup domain controller I
got the message back's server GUID DNS name could not be
resolved to an IP address.
...................... failed test Connectivity

Can u suggest me further?

I really appriciate your help.

Jesica

No problem Jessica...

If this is related to the same problem you posted in the DNS group, then
take a look over there first for my response.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Jessica]

Hi Ace

Actually, my backup domain controller was the member
server registered in the same domain before I promoted.
So it must have had the primary dns suffix right?
But I did not do anything to change the primary dns
suffix.

Is theer any way to check this now?

 

[Ace Fekay [MVP]]

In

Hi Ace

Actually, my backup domain controller was the member
server registered in the same domain before I promoted.
So it must have had the primary dns suffix right?
But I did not do anything to change the primary dns
suffix.

Is theer any way to check this now?

Hi Jessica,

Let's stick to the DNS thread...I posted a suggestion for you.



--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory