please help me...

[Jessica]

I installed an additional domain controller of a domain
which is also hosting the DNS and Active Directory.
After working for 2 days directory replication service
failed. When I run dcdiag, everything is successfull in
main domain controller but It gives the message "GUID
name can not be resolved" when I try from additional
domain controller.

The followings are my network details:

my domain name is ecc.com (is also the registered
domain)and is using NAT to access outside

2. Main Domain Controller (DC) IP address: 192.168.0.10
(mapped with public IP in PIX),hostname: main and
preferred DNS: 192.168.0.10

3. Additional Domain Controller (ADC) IP address:
192.168.0.11 (not mapped with public IP in PIX),hostname:
back and preferred DNS: 192.168.0.10

There is no error message in eveny viewer of additional
domain controller

Event viewer in main DC
-----------------------------------------------------
The attempt to establish a replication link with
parameters

Partition: CN=Schema,CN=Configuration,DC=ecc,DC=com
Source DSA DN: CN=NTDS
Settings,CN=back,CN=Servers,CN=Default-First-Site-
Name,CN=Sites,CN=Configuration,DC=ecc,DC=com
Source DSA Address: 19acd237-e0e5-4b47-9afd-
79573023ef03._msdcs.ecc.com
Inter-site Transport (if any):

failed with the following status:

The DSA operation is unable to proceed because of a DNS
lookup failure.

The record data is the status code. This operation will
be retried.


I will highly appriciate any suggestion to overcome this
problem.

 

[BS]

Jessica-

On the problematic domain controller, go to the Command Prompt and register
the DNS again: ipconfig /registerdns

That is where I'd start. Second, try configuring each domain controller to
point to another DNS server first, while pointing to itself second.

BS

 

[Jessica]

Thanks for your response
I installed a new dns server in additional domain
controller and made changes as recommended but same
thing happened.

Sould I have to install dns in some other machine?

Jessica

 

[Ace Fekay [MVP]]

In

Thanks for your response
I installed a new dns server in additional domain
controller and made changes as recommended but same
thing happened.

Sould I have to install dns in some other machine?

Jessica

Hi Jessica,

I see you brought this over from the AD newsgroup.

On the new DC, did you set the Primary DNS Suffix to the AD DNS domain anme
prior to promoting it? The netlogon service uses that name to register into
the zone, provided it's spelled the same. If missing, then it can cause
registration problems which then will cause DNS lookup failures attempting
any sort of communication, including replication.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Jessica]

Hi Ace

Actually, my backup domain controller was the member
server registered in the same domain before I promoted.
So it must have had the primary dns suffix right?
But I did not do anything to change the primary dns
suffix.

Is theer any way to check this now?

 

[Ace Fekay [MVP]]

In

Hi Ace

Actually, my backup domain controller was the member
server registered in the same domain before I promoted.
So it must have had the primary dns suffix right?
But I did not do anything to change the primary dns
suffix.

Is theer any way to check this now?

Provide us with an ipconfig /all of this machine please.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Kevin D. Goodknecht [MVP]]

In

I installed an additional domain controller of a domain
which is also hosting the DNS and Active Directory.
After working for 2 days directory replication service
failed. When I run dcdiag, everything is successfull in
main domain controller but It gives the message "GUID
name can not be resolved" when I try from additional
domain controller.

The followings are my network details:

my domain name is ecc.com (is also the registered
domain)and is using NAT to access outside

2. Main Domain Controller (DC) IP address: 192.168.0.10
(mapped with public IP in PIX),hostname: main and
preferred DNS: 192.168.0.10

3. Additional Domain Controller (ADC) IP address:
192.168.0.11 (not mapped with public IP in PIX),hostname:
back and preferred DNS: 192.168.0.10

There is no error message in eveny viewer of additional
domain controller

Event viewer in main DC
-----------------------------------------------------
The attempt to establish a replication link with
parameters

Partition: CN=Schema,CN=Configuration,DC=ecc,DC=com
Source DSA DN: CN=NTDS
Settings,CN=back,CN=Servers,CN=Default-First-Site-
Name,CN=Sites,CN=Configuration,DC=ecc,DC=com
Source DSA Address: 19acd237-e0e5-4b47-9afd-
79573023ef03._msdcs.ecc.com
Inter-site Transport (if any):

failed with the following status:

The DSA operation is unable to proceed because of a DNS
lookup failure.

The record data is the status code. This operation will
be retried.


I will highly appriciate any suggestion to overcome this
problem.

Try netdiag /fix

 

[Jessica]

I do not see anything in primary dns suffux. Following is
the ipconfig/all output=>

Host Name . . . . . . . . . . . . : back
Primary DNS Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Compaq NC3123 Fast
Ethernet NIC
Physical Address. . . . . . . . . : 00-02-A5-3F-82-99
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.11
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.10
192.168.0.11

 

[Kevin D. Goodknecht [MVP]]

In

I do not see anything in primary dns suffux. Following is
the ipconfig/all output=>

Host Name . . . . . . . . . . . . : back
Primary DNS Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Compaq NC3123 Fast
Ethernet NIC
Physical Address. . . . . . . . . : 00-02-A5-3F-82-99
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.11
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.10
192.168.0.11

Jessica,
If this is a DC then you have a disjointed namespace. If you will email
either Ace or me direct we can provide you with a script and instructions
for repairing this.

Our email is munged you'll have to correct the munging before you can email
us (remove the nospam. from mine)

 

[Ace Fekay [MVP]]

In

I do not see anything in primary dns suffux. Following is
the ipconfig/all output=>

Host Name . . . . . . . . . . . . : back
Primary DNS Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Compaq NC3123 Fast
Ethernet NIC
Physical Address. . . . . . . . . : 00-02-A5-3F-82-99
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.11
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.10
192.168.0.11

That's why it's not registering and resulting in a DNS lookup failure. The
netlogon service uses the Primary DNS Suffix name so it knows what zone name
to register into.

Email me. I have a script to fix this...


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Jessica]

Hi Ace
You were right...
This was causing the problem.
I added the domain name from TCP/IP registry keys before
I looked into the newsgroup. It started working
immediately.
Is this ok or I did mistake again...?

Anyway, you are the one who helped me to come to this
point.

Thanks a lot, Ace.

Jessica

 

[Ace Fekay [MVP]]

In

Hi Ace
You were right...
This was causing the problem.
I added the domain name from TCP/IP registry keys before
I looked into the newsgroup. It started working
immediately.
Is this ok or I did mistake again...?

Anyway, you are the one who helped me to come to this
point.

Thanks a lot, Ace.

Jessica

Hey, that's the way to do it! No prob for the help. At least you figured it
out ... .

Glad to be of help!

;-)

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory