Prolems with DNS server updating

Hey there,

No, it's not normal, but it shouldn't be too hard to fix.

This should not be listed in TCP/IP configuration: 208.67.222.222

The only servers you should list there *must* be able to answer for the AD Domain, that one will not be able to. If you wish to use your ISPs servers they should be listed in the Forwarders tab in the properties for your DNS server.

The same may apply to 192.168.1.3 listed as the Gateway. Does it host a zone for your AD Domain?

>  [FATAL] Could not open file C:\WINDOWS\system32\config\netlogon.dns

Normally happens when you use the 32-bit version of NetDiag on a 64-bit system. Install the Support Tools from the Windows 2003 64-bit CD / DVD.

And finally, I advise you remove co.uk from your DNS Suffix Search List.

HTH

Chris

Thanks for that, i will install the x64 version.
the only thing left in the TCP/IP config is the server address 192.168.1.183
Forwarders are set to use external ISP and have removed the gateway.

Do i need to manually add all the additinal folders
_MSDCS
_Sites
_tcp
_udp
DomainDnsZones
ForestDnsZones

or is there something i can do to make it update itself?
Also, i have a Terminal server on the system that will be not let anybody log in saying that "the specified domain does not exist" I also have 2x Win 2000 pc's that say the exact same thing.
I assume it is all related.

What would you use for the desktop TCP/IP config, for DNS settings?

> Do i need to manually add all the additinal folders

Nope :)

If you've only just changed the DNS settings run the following from the command prompt:

ipconfig /registerdns
net stop netlogon
net start netlogon

If the folders still don't appear then we'll look deeper, but that will force it to make the attempt :)

The same settings should be used for the desktops, just the Domain Controller for DNS. They're very reliant on being able to find the domain in DNS as well.

Chris

Also, i dont know if this will make any difference to anything but the DNS component was removed and reinstalled to see if that would make any difference.

When i tracert e2007 on the e2007 server i get one hop to the correct address, when this is done on the terminal server it tries to look outside the domain, but on other servers it is ok and completes 1 hop to the correct ip.

thanks, again.
Run the commands as requested and restarted the DNS service, but still no additional folders in the DNS console.

> Also, i dont know if this will make any difference to anything but the DNS component was removed and
> reinstalled to see if that would make any difference.

Don't worry, it's harmless.

> Run the commands as requested and restarted the DNS service, but still no additional folders in the DNS console.

Can you verify that the zone exists and Dynamic Update is allowed?

To do that, open the DNS Console then expand Forward Lookup Zones. You souhld see a zone for your AD Domain there, do you?

If you do, open the Properties for that zone and check that Dynamic Updates is set to Secure Only.

Chris

when i expand the forward lookup zones, i have a folder which contains 3 files- Start of Authority, Name Servers and Host (A)

sorry, being dense- when i go to the properties of the folder Dymanic Updates are Secure Only.

Great :)

Right click on the server itself this time and select the Interfaces tab. It should hopefully say "All IP Addresses"?

Then we need to head to the Event Log. What do you have in Directory Service, Application and System? I'd be very interested in any errors generated by DnsApi.

Did you have any luck installing the 64-bit version of the Support Tools?

Chris

Under System:

At 16.42
Dynamic registration or deregistration of one or more DNS records failed with the following error:
No DNS servers configured for local system.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Under Apps:

At 17.03
An internal transport certificate expired. Thumbprint:62A0DDF248EAB7338E0153667B8C4678CAE7E863

For more information, see Help and Support Center at

Nothing for 2 hours under Directory Services and the were all info anyway.

Customer has lost the 1st DVD for WIn 2k3 x64 and seem to be unable to download the 64 bit version.

Also, you know when you said to remove teh co.uk from dns suffix, when i recreated the DNS last time i named teh zone the doamin name leaving off co.uk for example microsoft.contoso
Was that correct?

Other servers and pcs are pinging external addresses when pinging to e2007.

> No DNS servers configured for local system.

Huh... unexpected...

"ipconfig /all" again and make sure the DNS server is still listed?

> An internal transport certificate expired. Thumbprint:62A0DDF248EAB7338E0153667B8C4678CAE7E863

Exchange 2007 will be using that one, it can be replaced if necessary.

> Customer has lost the 1st DVD for WIn 2k3 x64 and seem to be unable to download the 64 bit version.

d'oh!

Give these a try? I know it's 32-bit, but it should work...

http://www.microsoft.com/downloads/details.aspx?FamilyID=96A35011-FD83-419D-939B-9A772EA2DF90&displaylang=en

> Was that correct?

It needs to match the name listed in the Primary DNS Suffix when you run "ipconfig /all", that's the zone it'll try and create the records in.

If that domain (in the Primary DNS Suffix) were just "domain" rather than "domain.something" then we would need to do a bit of work in the registry to allow the server to update.

Chris

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\administrator>ipconfig/all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : e2007
   Primary Dns Suffix  . . . . . . . : xxx.xxx.co.uk
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : xxx.xxx.co.uk
                                       xxx.co.uk
                                       co.uk

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
   Physical Address. . . . . . . . . : 00-13-72-5C-28-99
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.1.183
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.3
   DNS Servers . . . . . . . . . . . : 192.168.1.183
   NetBIOS over Tcpip. . . . . . . . : Disabled

C:\Documents and Settings\administrator>

think ive done it wrong then, should i delete it and recreate it again?

C:\Program Files (x86)\Support Tools>netdiag

..................................

    Computer Name: E2007
    DNS Host Name: e2007.xxx.xxx.co.uk
    System info : Microsoft Windows Server 2003 (Build 3790)
    Processor : EM64T Family 15 Model 4 Stepping 10, GenuineIntel
    List of installed hotfixes :
        Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : e2007
        IP Address . . . . . . . . : 192.168.1.183
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.1.3
        NetBIOS over Tcpip . . . . : Disabled
        Dns Servers. . . . . . . . : 192.168.1.183


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed


        WINS service test. . . . . : Skipped
            NetBT is disable on this interface. [Test skipped].


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Skipped
    There are no interfaces that have NetBT enabled. [Test skipped]


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Skipped
    There are no interfaces that have NetBT enabled. [Test skipped]


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
    [FATAL] Could not open file C:\WINDOWS\system32\config\netlogon.dns for read
ing.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Skipped
    There are no interfaces that have NetBT enabled. [Test skipped]


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Failed
    [FATAL] Cannot lookup package Kerberos.
    The error occurred was: (null)


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully

C:\Program Files (x86)\Support Tools>

Either that or add another new zone :)

When I was referring to the co.uk DNS suffix it's this bit:

DNS Suffix Search List. . . . . . : xxx.xxx.co.uk
                                       xxx.co.uk
                                       co.uk

If you open the Properties for Local Area Connection, the TCP/IP, then Advanced, then DNS you might see those in a list towards the bottom. The co.uk isn't all that helpful. Don't worry if you don't see them at this stage, it's moderately harmless.

Once you've created the zone, run through these again:

ipconfig /registerdns
net stop netlogon
net start netlogon

The first will (should) make the Host (A) Record appear for the server. The bottom two should make the set of folders and all records underneath them appear.

Chris

Done the remaking of the dns correctly, cant see teh dns suffix, done the commands, attached is the netdiag
C:\Program Files (x86)\Support Tools>netdiag /fix

..................................

    Computer Name: E2007
    DNS Host Name: e2007.xxx.xxx.co.uk
    System info : Microsoft Windows Server 2003 (Build 3790)
    Processor : EM64T Family 15 Model 4 Stepping 10, GenuineIntel
    List of installed hotfixes :
        Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : e2007
        IP Address . . . . . . . . : 192.168.1.183
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.1.3
        NetBIOS over Tcpip . . . . : Disabled
        Dns Servers. . . . . . . . : 192.168.1.183


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed


        WINS service test. . . . . : Skipped
            NetBT is disable on this interface. [Test skipped].


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Skipped
    There are no interfaces that have NetBT enabled. [Test skipped]


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Skipped
    There are no interfaces that have NetBT enabled. [Test skipped]


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
    [FATAL] Could not open file C:\WINDOWS\system32\config\netlogon.dns for read
ing.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Skipped
    There are no interfaces that have NetBT enabled. [Test skipped]


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Failed
    [FATAL] Cannot lookup package Kerberos.
    The error occurred was: (null)


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully

C:\Program Files (x86)\Support Tools>

Has it managed to create the _msdcs folder this time or are we still stuck?

Chris

just checked it and there are no folders

Run "ipconfig /all" again. Check that it actually lists a Primary DNS suffix. Your output above seems to show it.

That's the zone that's been created in DNS now isn't it?

Then back to the Event Log, do we still have DnsApi errors appearing?

Chris

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\administrator>ipconfig/all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : e2007
   Primary Dns Suffix  . . . . . . . : xxx.xxx.co.uk
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : xxx.xxx.co.uk
                                       xxx.co.uk
                                       co.uk

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
   Physical Address. . . . . . . . . : 00-13-72-5C-28-99
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.1.183
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.3
   DNS Servers . . . . . . . . . . . : 192.168.1.183
   NetBIOS over Tcpip. . . . . . . . : Disabled

C:\Documents and Settings\administrator>

DNS event log at 17.57 gmt:
The DNS server encountered error 32 attempting to load zone 1.168.192.in-addr.arpa from Active Directory. The DNS server will attempt to load this zone again on the next timeout cycle. This can be caused by high Active Directory load and may be a transient condition.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

no updates in DNS/Directory Service event logs

In File Replication at 20.40:
The File Replication Service has detected that the replica set "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)" is in JRNL_WRAP_ERROR.
 
 Replica set name is    : "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)"
 Replica root path is   : "c:\windows\sysvol\domain"
 Replica root volume is : "\\.\C:"
 A Replica set hits JRNL_WRAP_ERROR when the record that it is trying to read from the NTFS USN journal is not found.  This can occur because of one of the following reasons.
 
 [1] Volume "\\.\C:" has been formatted.
 [2] The NTFS USN journal on volume "\\.\C:" has been deleted.
 [3] The NTFS USN journal on volume "\\.\C:" has been truncated. Chkdsk can truncate the journal if it finds corrupt entries at the end of the journal.
 [4] File Replication Service was not running on this computer for a long time.
 [5] File Replication Service could not keep up with the rate of Disk IO activity on "\\.\C:".
 Setting the "Enable Journal Wrap Automatic Restore" registry parameter to 1 will cause the following recovery steps to be taken to automatically recover from this error state.
 [1] At the first poll, which will occur in 5 minutes, this computer will be deleted from the replica set. If you do not want to wait 5 minutes, then run "net stop ntfrs" followed by "net start ntfrs" to restart the File Replication Service.

Okay, well that's good in a way because we can fix that :)

You only have one DC at the moment don't you?

We'll be using this KB article:

http://support.microsoft.com/kb/290762

If you do only have one follow the instructions under "Authoritative FRS restore". It's not a big job, should only take a few minutes and if it works it'll work right after you've finished following the instructions.

Chris

completed and the correct event id was logged.
only have 1 dc

Well, that's a minor improvement ;)

I advise you restart the server (if you can), then lets have another attempt to register the DNS records.

Chris

ok, doing it now, be a few minutes

Many thanks again!

ok, looks as though server isn't coming backup again, so will not be able to check until 8.30am gmt tomorrow, any chance we can resume this tomorrow?
What should i check apart from ipconfig /registerdns?

Yes, by all means.

The netlogon service will restart if the system manages to find its way up. You might find it's sitting at checking Indexes, that can take a lot of time.

I'll be in my office around 9am (gmt) tomorrow so I'll catch up with you then.

Chris

cheers, if you were close i would get you to come down and show me what to do! lol.
Continue this tomorrow.

Morning, problems this morning-
Still the same in DNS mgt console.
No DNS errors
No NTFRS errors
Users can ping e2007 and can access data on other servers.
Users can acces internet and resolve dns names to ip in cmd.

Run ipconfig/registerdns and net stop/start netlogon on e2007
Still have 1x Win2k3 terminal server that says there is no such domain as xxx, but can ping it and resolve the names in cmd.

This error is in System after reboot of e2007

Dynamic registration or deregistration of one or more DNS records failed with the following error:
No DNS servers configured for local system.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Hope you can help.
Dave

Morning,

Not being very helpful is it.

I doubt this will show us much, but can you run:

DCDiag /c /v

Chris

C:\Documents and Settings\administrator>dcdiag.exe /c

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\E2007
      Starting test: Connectivity
         The host 6b4da3a2-cd4b-44f9-916e-73943a413a87._msdcs.xxx.xxx.co.u
k could not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name
         (6b4da3a2-cd4b-44f9-916e-73943a413a87._msdcs.xxx.xxx.co.uk)
         couldn't be resolved, the server name (e2007.rotamat.huber.co.uk)
         resolved to the IP address (192.168.1.183) and was pingable.  Check
         that the IP address is registered correctly with the DNS server.
         ......................... E2007 failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\E2007
      Skipping all tests, because server E2007 is
      not responding to directory service requests

DNS Tests are running and not hung. Please wait a few minutes...

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : xxx
      Starting test: CrossRefValidation
         ......................... rxxx passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... xxx passed test CheckSDRefDom

   Running enterprise tests on : xxx.xxx.co.uk
      Starting test: Intersite
         ......................... xxx.xxx.co.uk passed test Intersite
      Starting test: FsmoCheck
         ......................... xxx.xxx.co.uk passed test FsmoCheck
      Starting test: DNS
         Test results for domain controllers:

            DC: e2007.xxx.xxx.co.uk
            Domain: xxx.xxx.co.uk


               TEST: Basic (Basc)
                  Error: No LDAP connectivity
                  Warning: adapter [00000001] Intel(R) PRO/1000 MT Network Conne
ction has invalid DNS server: 192.168.1.183 (<name unavailable>)
                  Error: all DNS servers are invalid

               TEST: Forwarders/Root hints (Forw)
                  Error: Forwarders list has invalid forwarder: 212.113.192.0 (<
name unavailable>)

            TEST: Records registration (RReg)
               Error: Record registrations cannot be found for all the network a
dapters

         Summary of test results for DNS servers used by the above domain contro
llers:

            DNS server: 192.168.1.183 (<name unavailable>)
               1 test failure on this DNS server
               Name resolution is not functional. _ldap._tcp.xxx.xxx.co.uk
. failed on the DNS server 192.168.1.183

            DNS server: 212.113.192.0 (<name unavailable>)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 212.113.192.0

         Summary of DNS test results:

                                            Auth Basc Forw Del  Dyn  RReg Ext
               ________________________________________________________________
            Domain: xxx.xx.co.uk
               e2007                        PASS FAIL FAIL PASS PASS FAIL n/a

         ......................... xxx.xxx.co.uk failed test DNS

C:\Documents and Settings\administrator>

It's reading some of it, just not enough of it.

Does Active Directory Users and Computers open successfully at the moment?

Lets simplify DNS a bit.

Open the DNS Console and Delete your existing zone. Then lets do this:

1. From the DNS Console
2. Right click on Forward Lookup Zones and select New Zone
3. Set Type to Primary. Remove the tick from Store in Active Directory (this makes it Standard Primary)
4. Enter the name xxx.xxx.co.uk (matching the domain name quoted above)
5. Keep the default File Name
6. Select "Allow both nonsecure and secure dynamic updates"
7. Click Finish

Then we'll make a Reverse Lookup Zone:

1. Again from the DNS Console
2. Right click on Reverse Lookup Zones and select New Zone
3. Select Primary. Remove the tick from Store in Active Directory (Standard Primary again)
4. In Network IP enter "192.168.1". The bottom, grey box, will become 1.168.192.in-addr.arpa.
5. Keep the default File Name
6. Select "Allow both nonsecure and secure dynamic updates"
7. Click Finish

Time to run "ipconfig /registerdns" once again. Then we'll do a few quick tests of the DNS sub-system:

1. Open the Command Prompt
2. Type "nslookup" and press return

We should get something like this back:

Default Server:  E2007.xxx.xxx.co.uk
Address:  192.168.1.183

If we manage to get that far, restart the NetLogon Service again (net stop netlogon and net start netlogon). If that fails, can we take a look at the (text) file here:

%SystemRoot%\System32\Config\Netlogon.dns

Chris

Can access ADUC ok, see all users/pc's etc

Did as requested, this is outpu to th enslookup

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\administrator>nslookup
*** Can't find server name for address 192.168.1.183: Non-existent domain
Default Server:  UnKnown
Address:  192.168.1.183

> exit

C:\Documents and Settings\administrator>net stop netlogon
The Net Logon service is stopping.
The Net Logon service was stopped successfully.


C:\Documents and Settings\administrator>net start netlogon
The Net Logon service is starting.
The Net Logon service was started successfully.


C:\Documents and Settings\administrator>nslookup
*** Can't find server name for address 192.168.1.183: Non-existent domain
Default Server:  UnKnown
Address:  192.168.1.183

This is output of the file

_ldap._tcp.xxx.xxx.co.uk. 600 IN SRV 0 100 389 e2007.xxx.xxx.co.uk.
_ldap._tcp.Default-First-Site-Name._sites.xxx.xxx.co.uk. 600 IN SRV 0 100 389 e2007.xxx.xxx.co.uk.
_ldap._tcp.93326613-f438-49b7-a55e-38e811753d10.domains._msdcs.xxx,xxx.co.uk. 600 IN SRV 0 100 389 e2007.xxx.xxx.co.uk.
_kerberos._tcp.dc._msdcs.xxx.xxx.co.uk. 600 IN SRV 0 100 88 e2007.xxx.xxx.co.uk.
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.xxx.xxx.co.uk. 600 IN SRV 0 100 88 e2007.xxx.xxx.co.uk.
_ldap._tcp.dc._msdcs.xxx.xxx.co.uk. 600 IN SRV 0 100 389 e2007.xxx.xxx.co.uk.
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.x.x.co.uk. 600 IN SRV 0 100 389 e2007.x.x.co.uk.
_kerberos._tcp.x.x.co.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
_kerberos._tcp.Default-First-Site-Name._sites.x.x.co.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
_kerberos._udp.x.x.co.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
_kpasswd._tcp.x.x.co.uk. 600 IN SRV 0 100 464 e2007.x.x.co.uk.
_kpasswd._udp.x.x.co.uk. 600 IN SRV 0 100 464 e2007.x.x.co.uk.
_ldap._tcp.DomainDnsZones.x.x.co.uk. 600 IN SRV 0 100 389 e2007.x.x.co.uk.
_ldap._tcp.ForestDnsZones.x.x.co.uk. 600 IN SRV 0 100 389 e2007.x.x.co.uk.
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.x.x.co.uk. 600 IN SRV 0 100 389 e2007.x.x.co.uk.
_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.x.x.co.uk. 600 IN SRV 0 100 389 e2007.x.x.co.uk.
6b4da3a2-cd4b-44f9-916e-73943a413a87._msdcs.x.x.co.uk. 600 IN CNAME e2007.x.x.co.uk.
_ldap._tcp.gc._msdcs.x.x.co.uk. 600 IN SRV 0 100 3268 e2007.x.x.co.uk.
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcsx.xuk. 600 IN SRV 0 100 3268 e2007.x.x.co.uk.
_gc._tcp.x.x.co.uk. 600 IN SRV 0 100 3268 e2007.x.x.co.uk.
_gc._tcp.Default-First-Site-Name._sites.x.x.co.uk. 600 IN SRV 0 100 3268 e2007.x.x.co.uk.
_ldap._tcp.pdc._msdcs.x.x.co.uk. 600 IN SRV 0 100 389 e2007.x.x.co.uk.

It looks like that completely failed to create any records then. If you look at the Reverse Lookup Zone does it list any PTR records?

And I'm guessing it completely failed to create the folders in the Forward lookup zone?

If it did... Open this file in Notepad:

%SystemRoot%\System32\DNS\xxx.xxx.co.uk.dns

Then copy the contents of netlogon.dns and paste them into the bottom of that file (don't overwrite anything that exists at the moment). You will also need to increment the Serial Number. It looks something like this:

@                       IN  SOA e2007.xxx.xxx.co.uk.  hostmaster.xxx.xxx.co.uk (
                              1            ; serial number
                              900          ; refresh
                              600          ; retry
                              86400        ; expire
                              3600       ) ; default TTL

Just increase the Serial Number value by one. Save and close the file.

Head back to the DNS Console, Select xxx.xxx.co.uk, then right click on it and select Reload. You should find that all the folders appear now, it's not as it should be, but it would be nice to trace where it's failing.

Time to run DCDiag /c /v again if you could please.

Chris

If  im not wrong you have to have the primary DNS suffix in this order " xxxx.xxxx.local" instead of  "Primary Dns Suffix  . . . . . . . : xxx.xxx.co.uk"

No, you don't.

Chris

Ok i still suggest you  to give a try once.

Ash

created more than last itme:
SOA
NS
PTR for 7 pc's.

No folders in Forwarders, but lots more records:
SOA
NS
12 host A records for pc's and servers

i opened up the file at windows\system32\dns \xxx.xxx.co.uk.dns and appended the listings from windows\system32\configs\netlogon into the bottom of it and increased serial number by 1. Reloaded xx.xxx.co.uk forward zone. No folders created.
Ran dcdia, output below:

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\administrator>dcdiag.exe /c

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\E2007
      Starting test: Connectivity
         The host 6b4da3a2-cd4b-44f9-916e-73943a413a87._msdcs.x.x.co.u
k could not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name
         (6b4da3a2-cd4b-44f9-916e-73943a413a87._msdcs.x.x.co.uk)
         couldn't be resolved, the server name (e2007.x.x.co.uk)
         resolved to the IP address (192.168.1.183) and was pingable.  Check
         that the IP address is registered correctly with the DNS server.
         ......................... E2007 failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\E2007
      Skipping all tests, because server E2007 is
      not responding to directory service requests

DNS Tests are running and not hung. Please wait a few minutes...

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : xxx
      Starting test: CrossRefValidation
         ......................... rotamat passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... rotamat passed test CheckSDRefDom

   Running enterprise tests on : x.x.co.uk
      Starting test: Intersite
         ......................... x.x.co.uk passed test Intersite
      Starting test: FsmoCheck
         ......................... x.x.co.uk passed test FsmoCheck
      Starting test: DNS
         Test results for domain controllers:

            DC: e2007.x.x.co.uk
            Domain: x.x.co.uk


               TEST: Basic (Basc)
                  Error: No LDAP connectivity
                  Warning: adapter [00000001] Intel(R) PRO/1000 MT Network Conne
ction has invalid DNS server: 192.168.1.183 (<name unavailable>)
                  Error: all DNS servers are invalid

               TEST: Forwarders/Root hints (Forw)
                  Error: Forwarders list has invalid forwarder: 212.113.192.0 (<
name unavailable>)
                  Error:l.root-servers.net. IP: <Unavailabe> Status:A record not
 found

               TEST: Dynamic update (Dyn)
                  Warning: Dynamic update is enabled on the zone but not secure
x.x.co.uk.

            TEST: Records registration (RReg)
               Error: Record registrations cannot be found for all the network a
dapters

         Summary of test results for DNS servers used by the above domain contro
llers:

            DNS server: 192.168.1.183 (<name unavailable>)
               1 test failure on this DNS server
               Name resolution is not functional. _ldap._tcp.x.x.co.uk
. failed on the DNS server 192.168.1.183

            DNS server: 212.113.192.0 (<name unavailable>)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 212.113.192.0

         Summary of DNS test results:

                                            Auth Basc Forw Del  Dyn  RReg Ext
               ________________________________________________________________
            Domain: x.x.co.uk
               e2007                        PASS FAIL FAIL PASS WARN FAIL n/a

         ......................... x.x.co.uk failed test DNS

C:\Documents and Settings\administrator>

@ashexpert4u,

The Primary DNS Suffix is the AD Domain Name. Changing the Primary DNS Suffix doesn't help one bit if the AD Domain Name is something else.


Could you open the zone file again (%SystemRoot%\System32\DNS\xxx.xxx.co.uk.dns). Did it overwrite the records we just added or keep them there? There's no reason for it not to show the folders if we manually add the records that they consist of.

Can we check up on the FSMO roles? Please try running:

netdom query fsmo

It might not work, its reliant on the tool being installed, there's a longer way to find them if it doesn't. It passed the test according to DCDiag, so they should be fine, it's just nice to make sure.

In the Forward Lookup Zone, do we have a Host (A) Record for e2007 at the moment?

Can you make a PTR record in the Reverse Lookup Zone? That'll be as follows:

1. Expand Reverse Lookup Zones
2. Select "192.168.1.x Subnet"
3. Right click and select New Pointer (PTR)
4. Enter 183 in the "Host IP Number" box
5. Enter e2007.xxx.xxx.co.uk. in the Host Name box. Note the trailing period / dot on the Host Name. We do want to keep that one. Otherwise feel free to use Browse to find the record.

Chris

the file has changed as serial numbere has increased and more pcs added:

;
;  Database file x.x.co.uk.dns for x.x.co.uk zone.
;      Zone version:  37
;

@                       IN  SOA e2007.x.x.co.uk.  hostmaster.x.x.co.uk. (
                              37           ; serial number
                              900          ; refresh
                              600          ; retry
                              86400        ; expire
                              3600       ) ; default TTL

;
;  Zone NS records
;

@                       NS      e2007.x.x.co.uk.

;
;  Zone records
;

bedford                 1200      A      192.168.1.187
Dell-001                1200      A      192.168.1.64
dell-10                 1200      A      192.168.1.213
dell-11                 1200      A      192.168.1.50
dell-12                 1200      A      192.168.1.215
Dell-13                 1200      A      192.168.1.173
dell-15                 1200      A      192.168.1.232
dell-20                 1200      A      192.168.111.16
dellws01                1200      A      192.168.1.25
dellws02                1200      A      192.168.1.39
DELLWS04                1200      A      192.168.1.178
dellws06                1200      A      192.168.1.160
dellws07                1200      A      192.168.1.182
dellws08                1200      A      192.168.1.241
dellws09                1200      A      192.168.1.177
dellws10                1200      A      192.168.1.48
dellws11                1200      A      192.168.1.58
dellws12                1200      A      192.168.1.218
dellws13                1200      A      192.168.1.219
DellWS14                1200      A      192.168.1.251
dellws16                1200      A      192.168.1.245
dellws19                1200      A      192.168.1.61
dellws20                1200      A      192.168.1.46
dellws22                1200      A      192.168.1.186
dellws23                1200      A      192.168.1.135
DELLWS25                1200      A      192.168.1.60
DELLWS26                1200      A      192.168.1.54
dellws27                1200      A      192.168.1.23
e2007                   A      192.168.1.183
ford                    1200      A      192.168.1.1
npi79f788               900      A      192.168.1.16
terminal                1200      A      192.168.1.8
VOLVO                   1200      A      192.168.1.156


Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.


Netdom quer below:
C:\Documents and Settings\administrator>NETdom query fsmo
Schema owner                e2007.x.xco.uk

Domain role owner           e2007.x.x.co.uk

PDC role                    e2007.x.x.co.uk

RID pool manager            e2007.x.x.co.uk

Infrastructure owner        e2007.x.x.co.uk

The command completed successfully.


C:\Documents and Settings\administrator>

have a host a record and created a PTR in reverse.
Both the forwards and reverse zones are filling up with records but not folders.

Ah okay, it wiped out our changes.

Lets do it this way.

Stop the DNS service (Administrative Tools / Services). Then open the file again, and paste in the contents of netlogon.dns. Increment the serial again the restart the DNS service.

Chances are it just overwrote our changes with all the clients sending updates.

Chris

folders are there!
and changes made to the windows\system32\dns xxx.xxx.co.uk.dns are still there

Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\Documents and Settings\administrator>dcdiag.exe /c

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\E2007
      Starting test: Connectivity
         ......................... E2007 passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\E2007
      Starting test: Replications
         ......................... E2007 passed test Replications
      Starting test: Topology
         ......................... E2007 passed test Topology
      Starting test: CutoffServers
         ......................... E2007 passed test CutoffServers
      Starting test: NCSecDesc
         ......................... E2007 passed test NCSecDesc
      Starting test: NetLogons
         ......................... E2007 passed test NetLogons
      Starting test: Advertising
         ......................... E2007 passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... E2007 passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... E2007 passed test RidManager
      Starting test: MachineAccount
         ......................... E2007 passed test MachineAccount
      Starting test: Services
         ......................... E2007 passed test Services
      Starting test: OutboundSecureChannels
         ** Did not run Outbound Secure Channels test
         because /testdomain: was not entered
         ......................... E2007 passed test OutboundSecureChannels
      Starting test: ObjectsReplicated
         ......................... E2007 passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... E2007 passed test frssysvol
      Starting test: frsevent
         ......................... E2007 passed test frsevent
      Starting test: kccevent
         ......................... E2007 passed test kccevent
      Starting test: systemlog
         ......................... E2007 passed test systemlog
      Starting test: VerifyReplicas
         ......................... E2007 passed test VerifyReplicas
      Starting test: VerifyReferences
         ......................... E2007 passed test VerifyReferences
      Starting test: VerifyEnterpriseReferences
         ......................... E2007 passed test VerifyEnterpriseReferences
      Starting test: CheckSecurityError
         [E2007] No security related replication errors were found on this DC!
To target the connection to a specific source DC use /ReplSource:<DC>.
         ......................... E2007 passed test CheckSecurityError

DNS Tests are running and not hung. Please wait a few minutes...

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : xxx
      Starting test: CrossRefValidation
         .........................xxxotamat passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... xxx passed test CheckSDRefDom

   Running enterprise tests on : x.x.co.uk
      Starting test: Intersite
         ......................... x.x.co.uk passed test Intersite
      Starting test: FsmoCheck
         .........................x.x.co.uk passed test FsmoCheck
      Starting test: DNS
         Test results for domain controllers:

            DC: e2007.x.x.co.uk
            Domain: x.x.co.uk


               TEST: Dynamic update (Dyn)
                  Warning: Dynamic update is enabled on the zone but not secure
x.x.co.uk.

         Summary of DNS test results:

                                            Auth Basc Forw Del  Dyn  RReg Ext
               ________________________________________________________________
            Domain: x.x.co.uk
               e2007                        PASS PASS PASS PASS WARN PASS n/a

         .........................x.x.co.uk passed test DNS

C:\Documents and Settings\administrator>


Termianl server access is ok, Win2k pc taht was not access network now works as welll

Excellent. Right, something is still up with DNS and I'd like to try to fix that.

First of all, head to the zone file again (%SystemRoot%\System32\DNS\) and make a copy of it. Should we have to go back it'll save us the trouble of getting it working again.

We're going to check all of the areas in AD where DNS data is stored. For this we'll need to use ADSIEdit.

1. Click Start then Run
2. Type ADSIEdit.msc and press Return

The first location we're going to check is used when the zone is set to replicate to "All Domain Controllers in the Active Directory Domain".

3. You should see "Domain" in the list. Expand it.
4. Expand DC=xxx,DC=xxx,DC=co,DC=uk
5. Expand CN=System
6. Select CN=MicrosoftDNS

In theory it should only list "DC=RootDNSServers" within that folder. Does it? If not, what else is listed?

The next two areas take a bit more work to get to.

7. Right click on ADSI Edit (still within the ADSI Edit console)
8. Select "Connect to..."
9. In Name type "DomainDNSZones"
10. Select "Select or type a Distinguished Name or Naming Context"
11. Enter the value "DC=DomainDNSZones,DC=xxx,DC=xxx,DC=co,DC=uk"
12. Click OK
13. Attempt to expand DomainDNSZones in ADSI Edit.
14. Expand MicrosoftDNS
15. Is anything listed here?

And finally...

16. Right click on ADSI Edit (still within the ADSI Edit console)
17. Select "Connect to..."
18. In Name type "ForestDNSZones"
19. Select "Select or type a Distinguished Name or Naming Context"
20. Enter the value "DC=ForestDNSZones,DC=xxx,DC=xxx,DC=co,DC=uk"
21. Click OK
22. Attempt to expand ForestDNSZones in ADSI Edit.
23. Expand MicrosoftDNS
24. Is anything listed here?

I'm very interested in any errors you have returned for either of the last two. Especially if it gives you something like "A referral was returned from the server".

Chris

Fantastic help, thankyou very much. Do you have any idea what caused it and waht i can do in teh future to prevent a similar problem?

Probably cross posted, but I'd like to test my suspicion above if possible :)

Chris

"In theory it should only list "DC=RootDNSServers" within that folder. Does it? If not, what else is listed?
"- nothing else listed in there

"In Name type "DomainDNSZones"- nothing listed inside teh Microsoft folder

"In Name type "ForestDNSZones"- cant see the microsoft folder, have Lost and Found and NTFS Quotas

That's a shame, I was hoping for rather more than that.

Shall we try moving the zone into Active Directory? It's why we have the backup of the zone saved.

1. Open the DNS Console
2. Expand Forward Lookup Zones
3. Select xxx.xxx.co.uk
4. Right click and open the zone Properties
5. Select "Change" next to the Type setting
6. Tick "Store the zone in Active Directory"
7. Accept the confirmation
8. Click OK

That should set the replication value to the default of "All DNS servers in the Active Directory domain". And if you still have ADSIEdit open you should find that it appears under DomainDNSZones.

See if everything carries on working with that then we can do a few more tests to see if it's going to behave itself :)

Chris

Done as asked by as of yet there is nothing in teh DomainDNSZones except teh folder for Microsoft.

Did it set the Replication value (in the Properties for the zone in the DNS Console) as above or has it set it to something different?

Chris

its defaulted to all domain controllers, should i change it to all DNS in Active Directory?

Yes please :) At the moment you should see it under Domain \ System \ MicrosoftDNS.

Chris

now i see a folder in the MicrosoftDNSZones folder and there is only 1 thing in there.
DC=x.x.co.uk | DNSZone then distinguished name
nothing in ForestDNSZone as above.

Cool. Does it still have all the records we expect to see?

If so, lets see how well it's going to cope.

Back into the DNS Console, expand Forward Lookup Zones then select xxx.xxx.co.uk again. Hopefully you see an "_sites" folder? Delete it, then we'll see if it recreates itself by restarting the NetLogon service yet again.

Chris

hasn't recreated the sites folder after a netlogon stop/start

this error was logged at 12.04 after the zonemove, have 3x

The DNS server encountered error 32 attempting to load zone rotamat.huber.co.uk from Active Directory. The DNS server will attempt to load this zone again on the next timeout cycle. This can be caused by high Active Directory load and may be a transient condition.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Just quickly check that Dynamic Updates is still enabled on that zone, then lets see if NetLogon will tell us what's going on.

This article tells us how to enable debug logging for netlogon:

http://support.microsoft.com/kb/109626

The short version is run this from the command prompt:

nltest /dbflag:0x2080ffff

Then restart the NetLogon Service again.

The log file is in %SystemRoot%\Debug\NetLogon.log, I'd be really interested in anything it has to say about DNS.

Chris

Hmm lets see, lets move the zone back to "All Domain Controllers in the AD Domain". Do we still get the error when using that? And if you restart NetLogon (I'm sure you're sick of doing that by now), does it repopulate the _sites folder?

If it does, we'll get rid of the DNS partitions and recreate them then try again. It would be nice to have this in a state where it's not going to bite in the future.

Chris

dynamic update for secure/non secure updates.

log from after stop/start netlogon

01/30 12:21:38 [MISC] DbFlag is set to 2080ffff
01/30 12:21:40 [LOGON] x: SamLogon: Network logon of e2007\jc from DELLWS08 Entered
01/30 12:21:40 [LOGON] x: NlPickDomainWithAccount: e2007\jc: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:21:40 [LOGON] x: SamLogon: Network logon of e2007\jc from DELLWS08 Returns 0x0
01/30 12:21:40 [LOGON] x: SamLogon: Network logon of e2007\jc from DELLWS08 Entered
01/30 12:21:40 [LOGON] x: NlPickDomainWithAccount: e2007\jc: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:21:40 [LOGON] x SamLogon: Network logon of e2007\jc from DELLWS08 Returns 0x0
01/30 12:21:50 [MAILSLOT] Received ping from DELLWS20 x.x.co.uk. (null) on UDP LDAP
01/30 12:21:50 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS20 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:05 [LOGON] x: SamLogon: Network logon of E2007\graham from DELL-001 Entered
01/30 12:22:05 [LOGON] x: NlPickDomainWithAccount: E2007\graham: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:22:05 [LOGON] x: SamLogon: Network logon of E2007\graham from DELL-001 Returns 0x0
01/30 12:22:06 [LOGON] x: SamLogon: Network logon of E2007\graham from DELL-001 Entered
01/30 12:22:06 [LOGON] x: NlPickDomainWithAccount: E2007\graham: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:22:06 [LOGON] x: SamLogon: Network logon of E2007\graham from DELL-001 Returns 0x0
01/30 12:22:09 [MAILSLOT] Received ping from DELLWS12 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:09 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS12 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:12 [MAILSLOT] Received ping from DELLWS25 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:12 [MAILSLOT]x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS25 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:15 [MAILSLOT] Received ping from DELLWS08 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:15 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS08 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:23 [MAILSLOT] Received ping from DELLWS23 x.xco.uk. (null) on UDP LDAP
01/30 12:22:23 [MAILSLOT]x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS23 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:28 [MAILSLOT] Received ping from DELLWS19 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:28 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS19 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:35 [LOGON] x: SamLogon: Network logon of E2007\rjw from DELLWS19 Entered
01/30 12:22:35 [LOGON] x: NlPickDomainWithAccount: E2007\rjw: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:22:36 [LOGON] x: SamLogon: Network logon of E2007\rjw from DELLWS19 Returns 0x0
01/30 12:22:37 [LOGON] x SamLogon: Network logon of E2007\rjw from DELLWS19 Entered
01/30 12:22:37 [LOGON] x: NlPickDomainWithAccount: E2007\rjw: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:22:37 [LOGON] x: SamLogon: Network logon of E2007\rjw from DELLWS19 Returns 0x0
01/30 12:22:46 [MAILSLOT] Received ping from DELLWS18 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:46 [MAILSLOT]x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS18 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:49 [MAILSLOT] Received ping from DELLWS11 x,x.co.uk. (null) on UDP LDAP
01/30 12:22:49 [MAILSLOT] ROTAMAT: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS11 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:53 [MAILSLOT] Received ping from DELLWS14 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:53 [MAILSLOT] x.x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS14 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:54 [MAILSLOT] Received ping from DELLWS14 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:54 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS14 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:54 [CRITICAL] AcceptSecurityContext: fefefefe.0: Can't NlFindNamedServerSession for DELLWS14
01/30 12:22:54 [MAILSLOT] Received ping from DELLWS14 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:54 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS14 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:54 [SESSION] x NetrServerAuthenticate entered: DELLWS14 on account DELLWS14$ (Negot: 600fffff)
01/30 12:22:54 [SESSION] x: NetrServerAuthenticate returns Success: DELLWS14 on account DELLWS14$ (Negot: 600fffff)
01/30 12:22:54 [SESSION] x: NetrLogonGetDomainInfo: DELLWS14 1 Entered
01/30 12:22:54 [SESSION] x: NetrLogonGetDomainInfo: DELLWS14 is running NT 5.1 build 2600 (1)
01/30 12:22:54 [MISC] x: NetrLogonGetDomainInfo: DnsHostName of DELLWS14 is DellWS14.rotamat.huber.co.uk
01/30 12:22:54 [SESSION] x: NetrLogonGetDomainInfo: DELLWS14 1 Returns 0x0
01/30 12:23:02 [MISC] x: DsGetDcName function called: Dom:x.xco.uk Acct:(null) Flags: DS BACKGROUND RET_DNS
01/30 12:23:02 [MAILSLOT] Received ping from E2007 x.xco.uk (null) on <Local>
01/30 12:23:02 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\E2007 Site: Default-First-Site-Name on <Local>
01/30 12:23:02 [MISC] xT: DsGetDcName function returns 0: Dom:x.x.co.uk Acct:(null) Flags: DS BACKGROUND RET_DNS
01/30 12:23:02 [SITE] DsrGetSiteName: Returning site name 'Default-First-Site-Name' from local cache.
01/30 12:23:02 [MISC] x: DsGetDcName function called: Dom:x.x.co.uk Acct:(null) Flags: LDAPONLY DNS RET_DNS
01/30 12:23:02 [MAILSLOT] Received ping from E2007 x.xco.uk (null) on <Local>
01/30 12:23:02 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\E2007 Site: Default-First-Site-Name on <Local>
01/30 12:23:02 [MISC] x: DsGetDcName function returns 0: Dom:x.x.co.uk Acct:(null) Flags: LDAPONLY DNS RET_DNS
01/30 12:23:02 [MISC] x: DsGetDcName function called: Dom:x.xco.uk Acct:(null) Flags: LDAPONLY DNS RET_DNS
01/30 12:23:02 [MAILSLOT] Received ping from E2007 x.x.co.uk (null) on <Local>
01/30 12:23:02 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\E2007 Site: Default-First-Site-Name on <Local>
01/30 12:23:02 [MISC] x: DsGetDcName function returns 0: Dom:x.x.co.uk Acct:(null) Flags: LDAPONLY DNS RET_DNS
01/30 12:23:02 [LOGON] x: SamLogon: Generic logon of x.x.CO.UK\(null) from (null) Package:Kerberos Entered
01/30 12:23:02 [LOGON] x: SamLogon: Generic logon of x.x.CO.UK\(null) from (null) Package:Kerberos Returns 0x0
01/30 12:23:12 [MAILSLOT] Received ping from DELLWS04 x.x.co.uk. (null) on UDP LDAP
01/30 12:23:12 [MAILSLOT] x Ping response 'Sam Logon Response Ex' (null) to \\DELLWS04 Site: Default-First-Site-Name on UDP LDAP
01/30 12:23:20 [LOGON] x SamLogon: Generic logon of x.x.CO.UK\(null) from (null) Package:Kerberos Entered
01/30 12:23:20 [LOGON] x: SamLogon: Generic logon of x.x.CO.UK\(null) from (null) Package:Kerberos Returns 0x0
01/30 12:23:27 [MAILSLOT] Received ping from DELLWS16 x.x.CO.UK (null) on UDP LDAP
01/30 12:23:27 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS16 Site: Default-First-Site-Name on UDP LDAP
01/30 12:23:29 [MAILSLOT] Received ping from DELLWS22 x.x.co.uk. (null) on UDP LDAP
01/30 12:23:29 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS22 Site: Default-First-Site-Name on UDP LDAP
01/30 12:23:31 [LOGON] x: SamLogon: Generic logon of x.xCO.UK\(null) from (null) Package:Kerberos Entered
01/30 12:23:31 [LOGON] x SamLogon: Generic logon of x.x.CO.UK\(null) from (null) Package:Kerberos Returns 0x0
01/30 12:23:35 [LOGON] xT: SamLogon: Network logon of E2007\reception from DELLWS22 Entered
01/30 12:23:35 [LOGON] x: NlPickDomainWithAccount: E2007\reception: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:23:36 [LOGON] x SamLogon: Network logon of E2007\reception from DELLWS22 Returns 0x0
01/30 12:23:37 [LOGON] x SamLogon: Network logon of E2007\reception from DELLWS22 Entered
01/30 12:23:37 [LOGON] x NlPickDomainWithAccount: E2007\reception: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:23:37 [LOGON] x: SamLogon: Network logon of E2007\reception from DELLWS22 Returns 0x0
01/30 12:23:47 [MAILSLOT] Received ping from DELLWS26 x.xco.uk. (null) on UDP LDAP
01/30 12:23:47 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS26 Site: Default-First-Site-Name on UDP LDAP
01/30 12:24:05 [MAILSLOT] Received ping from DELLWS13 rotamat.huber.co.uk. (null) on UDP LDAP
01/30 12:24:05 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS13 Site: Default-First-Site-Name on UDP LDAP
01/30 12:24:20 [MISC] In control handler (Opcode: 1)
01/30 12:24:20 [MISC] NlExit: Netlogon exiting 0 0x0
01/30 12:24:20 [DOMAIN] x: NlDeleteDomain called
01/30 12:24:20 [DOMAIN] x: Domain RefCount is zero. Domain being rundown.
01/30 12:24:20 [SESSION] x NlFreeServerSession: DELL-12: Freed server session
01/30 12:24:20 [SESSION] x: NlFreeServerSession: DELLWS13: Freed server session
01/30 12:24:20 [SESSION] x NlFreeServerSession: DELL-001: Freed server session
01/30 12:24:20 [SESSION] x: NlFreeServerSession: DELLWS08: Freed server session
01/30 12:24:20 [SESSION] xT: NlFreeServerSession: DELLWS14: Freed server session
01/30 12:24:20 [DOMAIN] DomainDnsZones.x.x.co.uk: NlDeleteDomain called
01/30 12:24:20 [DOMAIN] DomainDnsZones.x.xco.uk: Domain RefCount is zero. Domain being rundown.
01/30 12:24:20 [DOMAIN] NlDeleteDomain called
01/30 12:24:20 [DOMAIN] Domain RefCount is zero. Domain being rundown.
01/30 12:24:20 [SITE] Setting site name to '(null)'
01/30 12:24:25 [INIT] Group Policy is not defined for Netlogon
01/30 12:24:25 [INIT] Following are the effective values after parsing
01/30 12:24:25 [INIT]    Sysvol = C:\WINDOWS\SYSVOL\sysvol
01/30 12:24:25 [INIT]    Scripts = (null)
01/30 12:24:25 [INIT]    RpcDacl = (null)
01/30 12:24:25 [INIT]    SiteName (0) = Default-First-Site-Name
01/30 12:24:25 [INIT]    Pulse = 300 (0x12c)
01/30 12:24:25 [INIT]    Randomize = 1 (0x1)
01/30 12:24:25 [INIT]    PulseMaximum = 7200 (0x1c20)
01/30 12:24:25 [INIT]    PulseConcurrency = 10 (0xa)
01/30 12:24:25 [INIT]    PulseTimeout1 = 10 (0xa)
01/30 12:24:25 [INIT]    PulseTimeout2 = 300 (0x12c)
01/30 12:24:25 [INIT]    MaximumMailslotMessages = 500 (0x1f4)
01/30 12:24:25 [INIT]    MailslotMessageTimeout = 10 (0xa)
01/30 12:24:25 [INIT]    MailslotDuplicateTimeout = 2 (0x2)
01/30 12:24:25 [INIT]    ExpectedDialupDelay = 0 (0x0)
01/30 12:24:25 [INIT]    ScavengeInterval = 900 (0x384)
01/30 12:24:25 [INIT]    MaximumPasswordAge = 30 (0x1e)
01/30 12:24:25 [INIT]    LdapSrvPriority = 0 (0x0)
01/30 12:24:25 [INIT]    LdapSrvWeight = 100 (0x64)
01/30 12:24:25 [INIT]    LdapSrvPort = 389 (0x185)
01/30 12:24:25 [INIT]    LdapGcSrvPort = 3268 (0xcc4)
01/30 12:24:25 [INIT]    KdcSrvPort = 88 (0x58)
01/30 12:24:25 [INIT]    KerbIsDoneWithJoinDomainEntry = 0 (0x0)
01/30 12:24:25 [INIT]    DnsTtl = 600 (0x258)
01/30 12:24:25 [INIT]    DnsRefreshInterval = 86400 (0x15180)
01/30 12:24:25 [INIT]    CloseSiteTimeout = 900 (0x384)
01/30 12:24:25 [INIT]    SiteNameTimeout = 300 (0x12c)
01/30 12:24:25 [INIT]    DuplicateEventlogTimeout = 14400 (0x3840)
01/30 12:24:25 [INIT]    MaxConcurrentApi = 0 (0x0)
01/30 12:24:25 [INIT]    NegativeCachePeriod = 45 (0x2d)
01/30 12:24:25 [INIT]    BackgroundRetryInitialPeriod = 600 (0x258)
01/30 12:24:25 [INIT]    BackgroundRetryMaximumPeriod = 3600 (0xe10)
01/30 12:24:25 [INIT]    BackgroundRetryQuitTime = 0 (0x0)
01/30 12:24:25 [INIT]    BackgroundSuccessfulRefreshPeriod = 4294967295 (0xffffffff)
01/30 12:24:25 [INIT]    NonBackgroundSuccessfulRefreshPeriod = 1800 (0x708)
01/30 12:24:25 [INIT]    DnsFailedDeregisterTimeout = 172800 (0x2a300)
01/30 12:24:25 [INIT]    MaxLdapServersPinged = 55 (0x37)
01/30 12:24:25 [INIT]    SiteCoverageRefreshInterval = 3600 (0xe10)
01/30 12:24:25 [INIT]    FtInfoUpdateInterval = 86400 (0x15180)
01/30 12:24:25 [INIT]    DBFlag = 545325055 (0x2080ffff)
01/30 12:24:25 [INIT]    MaximumLogFileSize = 20000000 (0x1312d00)
01/30 12:24:25 [INIT]    RefusePasswordChange = FALSE
01/30 12:24:25 [INIT]    AllowReplInNonMixed = FALSE
01/30 12:24:25 [INIT]    AvoidSamRepl = TRUE
01/30 12:24:25 [INIT]    AvoidLsaRepl = TRUE
01/30 12:24:25 [INIT]    SignSecureChannel = TRUE
01/30 12:24:25 [INIT]    SealSecureChannel = TRUE
01/30 12:24:25 [INIT]    RequireSignOrSeal = TRUE
01/30 12:24:25 [INIT]    RequireStrongKey = FALSE
01/30 12:24:25 [INIT]    SysVolReady = TRUE
01/30 12:24:25 [INIT]    UseDynamicDns = TRUE
01/30 12:24:25 [INIT]    RegisterDnsARecords = TRUE
01/30 12:24:25 [INIT]    AvoidPdcOnWan = FALSE
01/30 12:24:25 [INIT]    AutoSiteCoverage = TRUE
01/30 12:24:25 [INIT]    AvoidDnsDeregOnShutdown = TRUE
01/30 12:24:25 [INIT]    DnsUpdateOnAllAdapters = FALSE
01/30 12:24:25 [INIT]    Nt4Emulator = FALSE
01/30 12:24:25 [INIT]    DisablePasswordChange = FALSE
01/30 12:24:25 [INIT]    NeutralizeNt4Emulator = TRUE
01/30 12:24:25 [INIT]    AllowSingleLabelDnsDomain = FALSE
01/30 12:24:25 [INIT]    AllowExclusiveSysvolShareAccess = FALSE
01/30 12:24:25 [INIT]    AllowExclusiveScriptsShareAccess = FALSE
01/30 12:24:25 [INIT]    AvoidLocatorAccountLookup = FALSE
01/30 12:24:25 [INIT]    NeverPing = FALSE
01/30 12:24:25 [INIT] Command line parsed successfully ...
01/30 12:24:25 [SITE] Setting site name to 'Default-First-Site-Name'
01/30 12:24:25 [SITE] Adding subnet to site mappings from the DS
01/30 12:24:25 [SITE] There is only one site.  All clients belong to it.
01/30 12:24:25 [SESSION] Winsock Addrs: 192.168.1.183 (1)
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsLdap: _ldap._tcp.x.xco.uk. 600 IN SRV 0 100 389 e2007.rx.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsLdapAtSite: _ldap._tcp.Default-First-Site-Name._sites.x.x.co.uk. 600 IN SRV 0 100 389 e2007.x.xco.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsDcByGuid: _ldap._tcp.93326613-f438-49b7-a55e-38e811753d10.domains._msdcs.x.x.co.uk. 600 IN SRV 0 100 389 e2007.x.xco.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsKdc: _kerberos._tcp.dc._msdcs.x.x.co.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsKdcAtSite: _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.x.x.co.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsDc: _ldap._tcp.dc._msdcs.x.x.co.uk. 600 IN SRV 0 100 389 e2007.x.xco.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsDcAtSite: _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.x.x.co.uk. 600 IN SRV 0 100 389 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsRfc1510Kdc: _kerberos._tcp.x.xco.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsRfc1510KdcAtSite: _kerberos._tcp.Default-First-Site-Name._sites.x.x.co.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsRfc1510UdpKdc: _kerberos._udp.x.xco.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsRfc1510Kpwd: _kpasswd._tcp.x.x.co.uk. 600 IN SRV 0 100 464 e2007.x.xco.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsRfc1510UdpKpwd: _kpasswd._udp.x.xco.uk. 600 IN SRV 0 100 464 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsLdap: _ldap._tcp.DomainDnsZones.x.x.co.uk. 600 IN SRV 0 100 389 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsLdap: _ldap._tcp.ForestDnsZones.x.x.co.uk. 600 IN SRV 0 100 389 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsLdapAtSite: _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.x.x.co.uk. 600 IN SRV 0 100 389 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsLdapAtSite: _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.x.x.co.uk. 600 IN SRV 0 100 389 e2007.x.xco.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsDsaCname: 6b4da3a2-cd4b-44f9-916e-73943a413a87._msdcs.x.x.co.uk. 600 IN CNAME e2007.x.xco.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsGc: _ldap._tcp.gc._msdcs.x.xco.uk. 600 IN SRV 0 100 3268 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsGcAtSite: _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.x.x.co.uk. 600 IN SRV 0 100 3268 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsGenericGc: _gc._tcp.x.xco.uk. 600 IN SRV 0 100 3268 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsGenericGcAtSite: _gc._tcp.Default-First-Site-Name._sites.x.x.co.uk. 600 IN SRV 0 100 3268 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsPdc: _ldap._tcp.pdc._msdcs.x.xco.uk. 600 IN SRV 0 100 389 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] Set DnsForestName to: x.x.co.uk
01/30 12:24:25 [DOMAIN] x: Adding new domain
01/30 12:24:25 [DOMAIN] Setting our computer name to E2007 e2007.x.x.co.uk
01/30 12:24:25 [DOMAIN] Setting Netbios domain name to x
01/30 12:24:25 [DOMAIN] Setting DNS domain name to x.x.co.uk.
01/30 12:24:25 [DOMAIN] Setting Domain GUID to 93326613-f438-49b7-a55e-38e811753d10
01/30 12:24:25 [DOMAIN] Create domain phase 2
01/30 12:24:25 [DOMAIN] Changing role from NONE to PDC.
01/30 12:24:25 [SESSION] NlCheckServerSession: E2007: Skipping add of ourself
01/30 12:24:25 [CRITICAL] Can't add the 0x1B name because all transports are disabled
01/30 12:24:25 [MAILSLOT] NetpDcPingListIp: x.x.co.uk.: Sent UDP ping to 192.168.1.183
01/30 12:24:25 [CRITICAL] NetpDcGetNameIp: x.x.co.uk.: Couldn't ping any DCs.
01/30 12:24:25 [MAILSLOT] Sent 'Primary Query' message to ROTAMAT[1B] on all transports.
01/30 12:24:25 [CRITICAL] NlBrowserSendDatagram: No transports available
01/30 12:24:25 [CRITICAL] NetpDcGetNameNetbios: rotamat.huber.co.uk.: Cannot NlBrowserSendDatagram. (1B) 53
01/30 12:24:25 [CRITICAL] NetpDcGetName: rotamat.huber.co.uk.: IP and Netbios are both done.
01/30 12:24:26 [SESSION] NlInitTrustList: This domain has no parent in forest.
01/30 12:24:26 [SESSION] NlAddDomainTreeToTrustList: rotamat.huber.co.uk ignoring enterprise tree entry for ourself
01/30 12:24:26 [DOMAIN] DomainDnsZones.rotamat.huber.co.uk: Adding new domain
01/30 12:24:26 [DOMAIN] (null): Setting our computer name to E2007 e2007.x.xco.uk
01/30 12:24:26 [DOMAIN] (null): Setting DNS domain name to DomainDnsZones.x.xco.uk
01/30 12:24:26 [DOMAIN] DomainDnsZones.x.x.co.uk: Setting Domain GUID to a797fb17-b797-4be5-9c81-6f9d4ceee02f
01/30 12:24:26 [DOMAIN] ForestDnsZones.x.xco.uk: Adding new domain
01/30 12:24:26 [DOMAIN] (null): Setting our computer name to E2007 e2007.x.x.co.uk
01/30 12:24:26 [DOMAIN] (null): Setting DNS domain name to ForestDnsZones.x.x.co.uk
01/30 12:24:26 [DOMAIN] ForestDnsZones.x.xco.uk: Setting Domain GUID to 52f33a64-04d8-40ba-ad63-4f21e8852ce3
01/30 12:24:26 [CRITICAL] NlUpdateDnsRootAlias: Ignoring DnsDomainNameAlias update for same alias name: (null) (null)
01/30 12:24:26 [CRITICAL] NlUpdateDnsRootAlias: Ignoring DnsForestNameAlias update for same alias name: (null) (null)
01/30 12:24:26 [MISC] NlpInitializeTrace succeeded 0
01/30 12:24:26 [INIT] 'SYSVOL' share is to 'C:\WINDOWS\SYSVOL\sysvol'
01/30 12:24:26 [INIT] 'SYSVOL' share already exists.
01/30 12:24:26 [INIT] 'SYSVOL' share current path is C:\WINDOWS\SYSVOL\sysvol
01/30 12:24:26 [INIT] 'NETLOGON' share is to 'C:\WINDOWS\SYSVOL\sysvol\rotamat.huber.co.uk\SCRIPTS'
01/30 12:24:26 [INIT] 'NETLOGON' share already exists.
01/30 12:24:26 [INIT] 'NETLOGON' share current path is C:\WINDOWS\SYSVOL\sysvol\rotamat.huber.co.uk\SCRIPTS
01/30 12:24:26 [INIT] Starting RPC server.
01/30 12:24:26 [INIT] Started successfully
01/30 12:24:26 [INIT] NlInitTcpRpc thread finished.
01/30 12:24:26 [INIT] Group Policy is not defined for Netlogon
01/30 12:24:26 [INIT] Following are the effective values after parsing
01/30 12:24:26 [DNS] NlDnsScavenge: Starting DNS scavenge with: Normal RefreshDomainRecords 0 0
01/30 12:24:26 [CRITICAL] ROTAMAT: Can't add the 0x1B name because all transports are disabled
01/30 12:24:26 [SITE] GC list: Default-First-Site-Name e2007.x.x.co.uk
01/30 12:24:26 [SITE] DC list: Default-First-Site-Name e2007.x.x.co.uk
01/30 12:24:26 [MISC] NlSitesGetCloseSites returns successfully
01/30 12:24:26 [MISC] NlSitesGetCloseSites returns successfully
01/30 12:24:26 [SITE] NDNC list: Default-First-Site-Name e2007.x.x.co.uk
01/30 12:24:26 [MISC] NlSitesGetCloseSites returns successfully
01/30 12:24:26 [MISC] NlSitesGetCloseSites returns successfully
01/30 12:24:26 [SITE] NDNC list: Default-First-Site-Name e2007.x.xco.uk
01/30 12:24:26 [MISC] NlSitesGetCloseSites returns successfully
01/30 12:24:26 [MISC] NlSitesGetCloseSites returns successfully
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c   |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [DNS] NlDnsScavengeWorker: Set DNS scavenger to run in 6 minutes (301984).
01/30 12:24:27 [MISC] In control handler (Opcode: 4)
01/30 12:24:31 [MAILSLOT] Received ping from DELL-002 x.x.co.uk. (null) on UDP LDAP
01/30 12:24:31 [MAILSLOT] ROTAMAT: Ping response 'Sam Logon Response Ex' (null) to \\DELL-002 Site: Default-First-Site-Name on UDP LDAP

i moved the zone to all dc in domain, stop/strat netlogon, refresh dns server console, but do not see sites folder.

Okay, some of those are NetBIOS related and we don't care about them. Others are DNS related, but the majority are because the _sites folder isn't listed.

Lets shift back to "All Domain Controllers in the AD Domain" for DNS replication. I'd like to delete and recreate the DomainDNSZones and ForestDNSZones partitions. As this is a destructive operation it would be great to get a System State backup of the DC before we do it.

Let me know when you're ready.

Chris

in that case i will have to do a full backup tonight, as the tape loader is in use at the moment. Can we continue Monday?

Sure, although a backup of it using NTBackup to the disk would be perfectly acceptable for this if you wish to continue?

Chris

oh ok. bear with me

i have created a system state backup of the e2007

Okay, cool.

The next set of tasks involve deleting and recreating DomainDNSZones and ForestDNSZones. From the Command prompt run:

ntdsutil
Domain Management
Connections
Connect to Server e2007
Quit
Select Operation Target
List Naming Contexts

Note the names of DC=DomainDnsZones and DC=ForestDnsZones at this point. We don't want to delete anything else, that would make a mess.

Quit
Delete NC DC=DomainDnsZones,DC=rotamat,DC=huber,DC=co,DC=uk
Delete NC DC=ForestDnsZones,DC=rotamat,DC=huber,DC=co,DC=uk
Quit
Quit

Once this is done give it half an hour to think about it. Then:

1. Open the DNS Console
2. Right click on the DNS Server
3. Select "Create Default Application Directory Partitions"

That creates a new version of the partitions we've just deleted.

Chris

done, fingers crossed.

Done, and the deleted paartitions, (numbers 3+4) are back in the "naming contexts"

Okay. I bet it still refuses to add records when restarting NetLogon?

Chris

the sites folder still has not been remade

Okay. Well that's about everything we can do with the DNS portion of Active Directory. I'm pretty confident that our problem doesn't actually sit there. It is, after all, happily accepting updates from clients on your network.

If you'd like to, change the zone back to Standard Primary (Change, next to Type and untick the box). Then we can add back in the _sites folder to cheer that up. You should find it's only missing these three:

_ldap._tcp.Default-First-Site-Name._sites.xxx.xxx.co.uk. 600 IN SRV 0 100 389 e2007.xxx.xxx.co.uk.
_kerberos._tcp.Default-First-Site-Name._sites.x.x.co.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
_gc._tcp.Default-First-Site-Name._sites.x.x.co.uk. 600 IN SRV 0 100 3268 e2007.x.x.co.uk.

And lets reduce logging on NetLogon again:

nltest /dbflag:0x0

Restarting NetLogon once more afterwards so the change takes effect.

Lets move back to the server level (rather than up with AD). When running "ipconfig /registerdns" do we still get errors that no DNS servers are configured? If we do, I'd like to look at the possibility of upgrading Network Card Drivers and potentially reinstalling the latest Windows Service Pack.

Chris

No errors in DNS at all after doing ipconfig /registerdns

Changed the Type back to Primary without AD integeration.

How do i get the sites folder back?

Stop the DNS service, head to the zone file again, paste the extra lines in. Anywhere you like, just don't overwrite things that are there :)

Remember to increment the Serial Number, then start the DNS service up again.

Chris

sites are back

Good, at least there's that.

What do you think about updating the drivers and re-running SP2?

Chris

can do over teh weekend.
One weird thing i get is that sforest/donain dns zones earlier i ahve been unable to access a snap server on teh network via teh name, eg: \\snap2, but works by \\192.168.1.7
Any ideas or is it time related?

sorry let me re-type that.
Since the removal of the forest/domain dnszones, i have been unable to access the snap server via name, but ok to access it using ip address.

"No network provider accepted the given network path" is the error message.

have updated teh nic drivers, downloading sp2 now.

Can you resolve Snap2 to an IP Address when you Ping it?

And we might consider adding a WINS server here, it tends to be for the best unless you completely disable NetBIOS over TCP/IP.

The weekend is fine I'll be out for some of it, but will respond as and when I'm around :)

Chris

"ping request could not find host snap2. Please check teh name and try again" when ping snap2.

Just install Wins server as default config, or anything i need to change?

For that one you can just create Snap2 as a Host (A) Record in your Forward Lookup Zone. Then it will work.

Default configuration for WINS, but you will have to tell all the clients and servers to use it (TCP/IP configuration) :)

Chris

Will do. Thanks.