total123
asked on
Prolems with DNS server updating
We have a win 2003 server with Exchange 2007.
We are/were having issues with the dns so it was though best to remove it and a new zone created with the same name.
All went through ok but when I run Netdiag i get the following errors:
C:\>netdiag /fix
.......................... ........
Computer Name: E2007
DNS Host Name: e2007.xxxx.co.uk
System info : Microsoft Windows Server 2003 (Build 3790)
Processor : EM64T Family 15 Model 4 Stepping 10, GenuineIntel
List of installed hotfixes :
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : e2007
IP Address . . . . . . . . : 192.168.1.183
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.3
NetBIOS over Tcpip . . . . : Disabled
Dns Servers. . . . . . . . : 192.168.1.3
208.67.222.222
192.168.1.183
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
WINS service test. . . . . : Skipped
NetBT is disable on this interface. [Test skipped].
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Skipped
There are no interfaces that have NetBT enabled. [Test skipped]
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Skipped
There are no interfaces that have NetBT enabled. [Test skipped]
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Failed
[FATAL] Could not open file C:\WINDOWS\system32\config \netlogon. dns for read
ing.
[FATAL] No DNS servers have the DNS records for this DC registered.
Redir and Browser test . . . . . . : Skipped
There are no interfaces that have NetBT enabled. [Test skipped]
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Failed
[FATAL] Cannot lookup package Kerberos.
The error occurred was: (null)
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
Our E2007 server is on 192.168.1.183
Router is 192.168.1.3
External DNS from ISP is 212.113.193.27
Below is from Ipconfig/all on e2007
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\administrator>ipc onfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : e2007
Primary Dns Suffix . . . . . . . : xxx.xxx.co.uk
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : xxx.xxx.co.uk
xxx.co.uk
co.uk
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-13-72-5C-28-99
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.183
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.3
DNS Servers . . . . . . . . . . . : 192.168.1.3
192.168.1.183
NetBIOS over Tcpip. . . . . . . . : Disabled
At this point i could really do with somebody to tell me what i need to change to get this working, as i have none of the following listed in the Forwarders of the DNS console:
_MSDCS
_Sites
_tcp
_udp
DomainDnsZones
ForestDnsZones
is this normal?
We are/were having issues with the dns so it was though best to remove it and a new zone created with the same name.
All went through ok but when I run Netdiag i get the following errors:
C:\>netdiag /fix
..........................
Computer Name: E2007
DNS Host Name: e2007.xxxx.co.uk
System info : Microsoft Windows Server 2003 (Build 3790)
Processor : EM64T Family 15 Model 4 Stepping 10, GenuineIntel
List of installed hotfixes :
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : e2007
IP Address . . . . . . . . : 192.168.1.183
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.3
NetBIOS over Tcpip . . . . : Disabled
Dns Servers. . . . . . . . : 192.168.1.3
208.67.222.222
192.168.1.183
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
WINS service test. . . . . : Skipped
NetBT is disable on this interface. [Test skipped].
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Skipped
There are no interfaces that have NetBT enabled. [Test skipped]
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Skipped
There are no interfaces that have NetBT enabled. [Test skipped]
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Failed
[FATAL] Could not open file C:\WINDOWS\system32\config
ing.
[FATAL] No DNS servers have the DNS records for this DC registered.
Redir and Browser test . . . . . . : Skipped
There are no interfaces that have NetBT enabled. [Test skipped]
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Failed
[FATAL] Cannot lookup package Kerberos.
The error occurred was: (null)
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
Our E2007 server is on 192.168.1.183
Router is 192.168.1.3
External DNS from ISP is 212.113.193.27
Below is from Ipconfig/all on e2007
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\administrator>ipc
Windows IP Configuration
Host Name . . . . . . . . . . . . : e2007
Primary Dns Suffix . . . . . . . : xxx.xxx.co.uk
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : xxx.xxx.co.uk
xxx.co.uk
co.uk
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-13-72-5C-28-99
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.183
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.3
DNS Servers . . . . . . . . . . . : 192.168.1.3
192.168.1.183
NetBIOS over Tcpip. . . . . . . . : Disabled
At this point i could really do with somebody to tell me what i need to change to get this working, as i have none of the following listed in the Forwarders of the DNS console:
_MSDCS
_Sites
_tcp
_udp
DomainDnsZones
ForestDnsZones
is this normal?
ASKER
Thanks for that, i will install the x64 version.
the only thing left in the TCP/IP config is the server address 192.168.1.183
Forwarders are set to use external ISP and have removed the gateway.
Do i need to manually add all the additinal folders
_MSDCS
_Sites
_tcp
_udp
DomainDnsZones
ForestDnsZones
or is there something i can do to make it update itself?
Also, i have a Terminal server on the system that will be not let anybody log in saying that "the specified domain does not exist" I also have 2x Win 2000 pc's that say the exact same thing.
I assume it is all related.
What would you use for the desktop TCP/IP config, for DNS settings?
the only thing left in the TCP/IP config is the server address 192.168.1.183
Forwarders are set to use external ISP and have removed the gateway.
Do i need to manually add all the additinal folders
_MSDCS
_Sites
_tcp
_udp
DomainDnsZones
ForestDnsZones
or is there something i can do to make it update itself?
Also, i have a Terminal server on the system that will be not let anybody log in saying that "the specified domain does not exist" I also have 2x Win 2000 pc's that say the exact same thing.
I assume it is all related.
What would you use for the desktop TCP/IP config, for DNS settings?
> Do i need to manually add all the additinal folders
Nope :)
If you've only just changed the DNS settings run the following from the command prompt:
ipconfig /registerdns
net stop netlogon
net start netlogon
If the folders still don't appear then we'll look deeper, but that will force it to make the attempt :)
The same settings should be used for the desktops, just the Domain Controller for DNS. They're very reliant on being able to find the domain in DNS as well.
Chris
ASKER
Also, i dont know if this will make any difference to anything but the DNS component was removed and reinstalled to see if that would make any difference.
When i tracert e2007 on the e2007 server i get one hop to the correct address, when this is done on the terminal server it tries to look outside the domain, but on other servers it is ok and completes 1 hop to the correct ip.
When i tracert e2007 on the e2007 server i get one hop to the correct address, when this is done on the terminal server it tries to look outside the domain, but on other servers it is ok and completes 1 hop to the correct ip.
ASKER
thanks, again.
Run the commands as requested and restarted the DNS service, but still no additional folders in the DNS console.
Run the commands as requested and restarted the DNS service, but still no additional folders in the DNS console.
> Also, i dont know if this will make any difference to anything but the DNS component was removed and
> reinstalled to see if that would make any difference.
Don't worry, it's harmless.
> Run the commands as requested and restarted the DNS service, but still no additional folders in the DNS console.
Can you verify that the zone exists and Dynamic Update is allowed?
To do that, open the DNS Console then expand Forward Lookup Zones. You souhld see a zone for your AD Domain there, do you?
If you do, open the Properties for that zone and check that Dynamic Updates is set to Secure Only.
Chris
ASKER
when i expand the forward lookup zones, i have a folder which contains 3 files- Start of Authority, Name Servers and Host (A)
ASKER
sorry, being dense- when i go to the properties of the folder Dymanic Updates are Secure Only.
Great :)
Right click on the server itself this time and select the Interfaces tab. It should hopefully say "All IP Addresses"?
Then we need to head to the Event Log. What do you have in Directory Service, Application and System? I'd be very interested in any errors generated by DnsApi.
Did you have any luck installing the 64-bit version of the Support Tools?
Chris
ASKER
Under System:
At 16.42
Dynamic registration or deregistration of one or more DNS records failed with the following error:
No DNS servers configured for local system.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Under Apps:
At 17.03
An internal transport certificate expired. Thumbprint:62A0DDF248EAB73 38E0153667 B8C4678CAE 7E863
For more information, see Help and Support Center at
Nothing for 2 hours under Directory Services and the were all info anyway.
Customer has lost the 1st DVD for WIn 2k3 x64 and seem to be unable to download the 64 bit version.
Also, you know when you said to remove teh co.uk from dns suffix, when i recreated the DNS last time i named teh zone the doamin name leaving off co.uk for example microsoft.contoso
Was that correct?
Other servers and pcs are pinging external addresses when pinging to e2007.
At 16.42
Dynamic registration or deregistration of one or more DNS records failed with the following error:
No DNS servers configured for local system.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Under Apps:
At 17.03
An internal transport certificate expired. Thumbprint:62A0DDF248EAB73
For more information, see Help and Support Center at
Nothing for 2 hours under Directory Services and the were all info anyway.
Customer has lost the 1st DVD for WIn 2k3 x64 and seem to be unable to download the 64 bit version.
Also, you know when you said to remove teh co.uk from dns suffix, when i recreated the DNS last time i named teh zone the doamin name leaving off co.uk for example microsoft.contoso
Was that correct?
Other servers and pcs are pinging external addresses when pinging to e2007.
> No DNS servers configured for local system.
Huh... unexpected...
"ipconfig /all" again and make sure the DNS server is still listed?
> An internal transport certificate expired. Thumbprint:62A0DDF248EAB73
Exchange 2007 will be using that one, it can be replaced if necessary.
> Customer has lost the 1st DVD for WIn 2k3 x64 and seem to be unable to download the 64 bit version.
d'oh!
Give these a try? I know it's 32-bit, but it should work...
http://www.microsoft.com/downloads/details.aspx?FamilyID=96A35011-FD83-419D-939B-9A772EA2DF90&displaylang=en
> Was that correct?
It needs to match the name listed in the Primary DNS Suffix when you run "ipconfig /all", that's the zone it'll try and create the records in.
If that domain (in the Primary DNS Suffix) were just "domain" rather than "domain.something" then we would need to do a bit of work in the registry to allow the server to update.
Chris
ASKER
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\administrator>ipc onfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : e2007
Primary Dns Suffix . . . . . . . : xxx.xxx.co.uk
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : xxx.xxx.co.uk
xxx.co.uk
co.uk
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-13-72-5C-28-99
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.183
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.3
DNS Servers . . . . . . . . . . . : 192.168.1.183
NetBIOS over Tcpip. . . . . . . . : Disabled
C:\Documents and Settings\administrator>
think ive done it wrong then, should i delete it and recreate it again?
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\administrator>ipc
Windows IP Configuration
Host Name . . . . . . . . . . . . : e2007
Primary Dns Suffix . . . . . . . : xxx.xxx.co.uk
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : xxx.xxx.co.uk
xxx.co.uk
co.uk
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-13-72-5C-28-99
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.183
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.3
DNS Servers . . . . . . . . . . . : 192.168.1.183
NetBIOS over Tcpip. . . . . . . . : Disabled
C:\Documents and Settings\administrator>
think ive done it wrong then, should i delete it and recreate it again?
ASKER
C:\Program Files (x86)\Support Tools>netdiag
.......................... ........
Computer Name: E2007
DNS Host Name: e2007.xxx.xxx.co.uk
System info : Microsoft Windows Server 2003 (Build 3790)
Processor : EM64T Family 15 Model 4 Stepping 10, GenuineIntel
List of installed hotfixes :
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : e2007
IP Address . . . . . . . . : 192.168.1.183
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.3
NetBIOS over Tcpip . . . . : Disabled
Dns Servers. . . . . . . . : 192.168.1.183
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
WINS service test. . . . . : Skipped
NetBT is disable on this interface. [Test skipped].
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Skipped
There are no interfaces that have NetBT enabled. [Test skipped]
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Skipped
There are no interfaces that have NetBT enabled. [Test skipped]
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Failed
[FATAL] Could not open file C:\WINDOWS\system32\config \netlogon. dns for read
ing.
[FATAL] No DNS servers have the DNS records for this DC registered.
Redir and Browser test . . . . . . : Skipped
There are no interfaces that have NetBT enabled. [Test skipped]
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Failed
[FATAL] Cannot lookup package Kerberos.
The error occurred was: (null)
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
C:\Program Files (x86)\Support Tools>
..........................
Computer Name: E2007
DNS Host Name: e2007.xxx.xxx.co.uk
System info : Microsoft Windows Server 2003 (Build 3790)
Processor : EM64T Family 15 Model 4 Stepping 10, GenuineIntel
List of installed hotfixes :
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : e2007
IP Address . . . . . . . . : 192.168.1.183
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.3
NetBIOS over Tcpip . . . . : Disabled
Dns Servers. . . . . . . . : 192.168.1.183
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
WINS service test. . . . . : Skipped
NetBT is disable on this interface. [Test skipped].
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Skipped
There are no interfaces that have NetBT enabled. [Test skipped]
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Skipped
There are no interfaces that have NetBT enabled. [Test skipped]
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Failed
[FATAL] Could not open file C:\WINDOWS\system32\config
ing.
[FATAL] No DNS servers have the DNS records for this DC registered.
Redir and Browser test . . . . . . : Skipped
There are no interfaces that have NetBT enabled. [Test skipped]
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Failed
[FATAL] Cannot lookup package Kerberos.
The error occurred was: (null)
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
C:\Program Files (x86)\Support Tools>
Either that or add another new zone :)
When I was referring to the co.uk DNS suffix it's this bit:
DNS Suffix Search List. . . . . . : xxx.xxx.co.uk
xxx.co.uk
co.uk
If you open the Properties for Local Area Connection, the TCP/IP, then Advanced, then DNS you might see those in a list towards the bottom. The co.uk isn't all that helpful. Don't worry if you don't see them at this stage, it's moderately harmless.
Once you've created the zone, run through these again:
ipconfig /registerdns
net stop netlogon
net start netlogon
The first will (should) make the Host (A) Record appear for the server. The bottom two should make the set of folders and all records underneath them appear.
Chris
ASKER
Done the remaking of the dns correctly, cant see teh dns suffix, done the commands, attached is the netdiag
C:\Program Files (x86)\Support Tools>netdiag /fix
.......................... ........
Computer Name: E2007
DNS Host Name: e2007.xxx.xxx.co.uk
System info : Microsoft Windows Server 2003 (Build 3790)
Processor : EM64T Family 15 Model 4 Stepping 10, GenuineIntel
List of installed hotfixes :
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : e2007
IP Address . . . . . . . . : 192.168.1.183
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.3
NetBIOS over Tcpip . . . . : Disabled
Dns Servers. . . . . . . . : 192.168.1.183
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
WINS service test. . . . . : Skipped
NetBT is disable on this interface. [Test skipped].
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Skipped
There are no interfaces that have NetBT enabled. [Test skipped]
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Skipped
There are no interfaces that have NetBT enabled. [Test skipped]
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Failed
[FATAL] Could not open file C:\WINDOWS\system32\config \netlogon. dns for read
ing.
[FATAL] No DNS servers have the DNS records for this DC registered.
Redir and Browser test . . . . . . : Skipped
There are no interfaces that have NetBT enabled. [Test skipped]
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Failed
[FATAL] Cannot lookup package Kerberos.
The error occurred was: (null)
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
C:\Program Files (x86)\Support Tools>
C:\Program Files (x86)\Support Tools>netdiag /fix
..........................
Computer Name: E2007
DNS Host Name: e2007.xxx.xxx.co.uk
System info : Microsoft Windows Server 2003 (Build 3790)
Processor : EM64T Family 15 Model 4 Stepping 10, GenuineIntel
List of installed hotfixes :
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : e2007
IP Address . . . . . . . . : 192.168.1.183
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.3
NetBIOS over Tcpip . . . . : Disabled
Dns Servers. . . . . . . . : 192.168.1.183
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
WINS service test. . . . . : Skipped
NetBT is disable on this interface. [Test skipped].
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Skipped
There are no interfaces that have NetBT enabled. [Test skipped]
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Skipped
There are no interfaces that have NetBT enabled. [Test skipped]
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Failed
[FATAL] Could not open file C:\WINDOWS\system32\config
ing.
[FATAL] No DNS servers have the DNS records for this DC registered.
Redir and Browser test . . . . . . : Skipped
There are no interfaces that have NetBT enabled. [Test skipped]
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Failed
[FATAL] Cannot lookup package Kerberos.
The error occurred was: (null)
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
C:\Program Files (x86)\Support Tools>
Has it managed to create the _msdcs folder this time or are we still stuck?
Chris
ASKER
just checked it and there are no folders
Run "ipconfig /all" again. Check that it actually lists a Primary DNS suffix. Your output above seems to show it.
That's the zone that's been created in DNS now isn't it?
Then back to the Event Log, do we still have DnsApi errors appearing?
Chris
ASKER
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\administrator>ipc onfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : e2007
Primary Dns Suffix . . . . . . . : xxx.xxx.co.uk
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : xxx.xxx.co.uk
xxx.co.uk
co.uk
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-13-72-5C-28-99
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.183
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.3
DNS Servers . . . . . . . . . . . : 192.168.1.183
NetBIOS over Tcpip. . . . . . . . : Disabled
C:\Documents and Settings\administrator>
DNS event log at 17.57 gmt:
The DNS server encountered error 32 attempting to load zone 1.168.192.in-addr.arpa from Active Directory. The DNS server will attempt to load this zone again on the next timeout cycle. This can be caused by high Active Directory load and may be a transient condition.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
no updates in DNS/Directory Service event logs
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\administrator>ipc
Windows IP Configuration
Host Name . . . . . . . . . . . . : e2007
Primary Dns Suffix . . . . . . . : xxx.xxx.co.uk
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : xxx.xxx.co.uk
xxx.co.uk
co.uk
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-13-72-5C-28-99
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.183
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.3
DNS Servers . . . . . . . . . . . : 192.168.1.183
NetBIOS over Tcpip. . . . . . . . : Disabled
C:\Documents and Settings\administrator>
DNS event log at 17.57 gmt:
The DNS server encountered error 32 attempting to load zone 1.168.192.in-addr.arpa from Active Directory. The DNS server will attempt to load this zone again on the next timeout cycle. This can be caused by high Active Directory load and may be a transient condition.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
no updates in DNS/Directory Service event logs
ASKER
In File Replication at 20.40:
The File Replication Service has detected that the replica set "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)" is in JRNL_WRAP_ERROR.
Replica set name is : "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)"
Replica root path is : "c:\windows\sysvol\domain"
Replica root volume is : "\\.\C:"
A Replica set hits JRNL_WRAP_ERROR when the record that it is trying to read from the NTFS USN journal is not found. This can occur because of one of the following reasons.
[1] Volume "\\.\C:" has been formatted.
[2] The NTFS USN journal on volume "\\.\C:" has been deleted.
[3] The NTFS USN journal on volume "\\.\C:" has been truncated. Chkdsk can truncate the journal if it finds corrupt entries at the end of the journal.
[4] File Replication Service was not running on this computer for a long time.
[5] File Replication Service could not keep up with the rate of Disk IO activity on "\\.\C:".
Setting the "Enable Journal Wrap Automatic Restore" registry parameter to 1 will cause the following recovery steps to be taken to automatically recover from this error state.
[1] At the first poll, which will occur in 5 minutes, this computer will be deleted from the replica set. If you do not want to wait 5 minutes, then run "net stop ntfrs" followed by "net start ntfrs" to restart the File Replication Service.
The File Replication Service has detected that the replica set "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)" is in JRNL_WRAP_ERROR.
Replica set name is : "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)"
Replica root path is : "c:\windows\sysvol\domain"
Replica root volume is : "\\.\C:"
A Replica set hits JRNL_WRAP_ERROR when the record that it is trying to read from the NTFS USN journal is not found. This can occur because of one of the following reasons.
[1] Volume "\\.\C:" has been formatted.
[2] The NTFS USN journal on volume "\\.\C:" has been deleted.
[3] The NTFS USN journal on volume "\\.\C:" has been truncated. Chkdsk can truncate the journal if it finds corrupt entries at the end of the journal.
[4] File Replication Service was not running on this computer for a long time.
[5] File Replication Service could not keep up with the rate of Disk IO activity on "\\.\C:".
Setting the "Enable Journal Wrap Automatic Restore" registry parameter to 1 will cause the following recovery steps to be taken to automatically recover from this error state.
[1] At the first poll, which will occur in 5 minutes, this computer will be deleted from the replica set. If you do not want to wait 5 minutes, then run "net stop ntfrs" followed by "net start ntfrs" to restart the File Replication Service.
Okay, well that's good in a way because we can fix that :)
You only have one DC at the moment don't you?
We'll be using this KB article:
http://support.microsoft.com/kb/290762
If you do only have one follow the instructions under "Authoritative FRS restore". It's not a big job, should only take a few minutes and if it works it'll work right after you've finished following the instructions.
Chris
ASKER
completed and the correct event id was logged.
only have 1 dc
only have 1 dc
Well, that's a minor improvement ;)
I advise you restart the server (if you can), then lets have another attempt to register the DNS records.
Chris
ASKER
ok, doing it now, be a few minutes
Many thanks again!
Many thanks again!
ASKER
ok, looks as though server isn't coming backup again, so will not be able to check until 8.30am gmt tomorrow, any chance we can resume this tomorrow?
What should i check apart from ipconfig /registerdns?
What should i check apart from ipconfig /registerdns?
Yes, by all means.
The netlogon service will restart if the system manages to find its way up. You might find it's sitting at checking Indexes, that can take a lot of time.
I'll be in my office around 9am (gmt) tomorrow so I'll catch up with you then.
Chris
ASKER
cheers, if you were close i would get you to come down and show me what to do! lol.
Continue this tomorrow.
Continue this tomorrow.
ASKER
Morning, problems this morning-
Still the same in DNS mgt console.
No DNS errors
No NTFRS errors
Users can ping e2007 and can access data on other servers.
Users can acces internet and resolve dns names to ip in cmd.
Run ipconfig/registerdns and net stop/start netlogon on e2007
Still have 1x Win2k3 terminal server that says there is no such domain as xxx, but can ping it and resolve the names in cmd.
This error is in System after reboot of e2007
Dynamic registration or deregistration of one or more DNS records failed with the following error:
No DNS servers configured for local system.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Hope you can help.
Dave
Still the same in DNS mgt console.
No DNS errors
No NTFRS errors
Users can ping e2007 and can access data on other servers.
Users can acces internet and resolve dns names to ip in cmd.
Run ipconfig/registerdns and net stop/start netlogon on e2007
Still have 1x Win2k3 terminal server that says there is no such domain as xxx, but can ping it and resolve the names in cmd.
This error is in System after reboot of e2007
Dynamic registration or deregistration of one or more DNS records failed with the following error:
No DNS servers configured for local system.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Hope you can help.
Dave
Morning,
Not being very helpful is it.
I doubt this will show us much, but can you run:
DCDiag /c /v
Chris
ASKER
C:\Documents and Settings\administrator>dcd
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\E2
Starting test: Connectivity
The host 6b4da3a2-cd4b-44f9-916e-73
k could not be resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(6b4da3a2-cd4b-44f9-916e-7
couldn't be resolved, the server name (e2007.rotamat.huber.co.uk
resolved to the IP address (192.168.1.183) and was pingable. Check
that the IP address is registered correctly with the DNS server.
......................... E2007 failed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\E2
Skipping all tests, because server E2007 is
not responding to directory service requests
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : xxx
Starting test: CrossRefValidation
......................... rxxx passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... xxx passed test CheckSDRefDom
Running enterprise tests on : xxx.xxx.co.uk
Starting test: Intersite
......................... xxx.xxx.co.uk passed test Intersite
Starting test: FsmoCheck
......................... xxx.xxx.co.uk passed test FsmoCheck
Starting test: DNS
Test results for domain controllers:
DC: e2007.xxx.xxx.co.uk
Domain: xxx.xxx.co.uk
TEST: Basic (Basc)
Error: No LDAP connectivity
Warning: adapter [00000001] Intel(R) PRO/1000 MT Network Conne
ction has invalid DNS server: 192.168.1.183 (<name unavailable>)
Error: all DNS servers are invalid
TEST: Forwarders/Root hints (Forw)
Error: Forwarders list has invalid forwarder: 212.113.192.0 (<
name unavailable>)
TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the network a
dapters
Summary of test results for DNS servers used by the above domain contro
llers:
DNS server: 192.168.1.183 (<name unavailable>)
1 test failure on this DNS server
Name resolution is not functional. _ldap._tcp.xxx.xxx.co.uk
. failed on the DNS server 192.168.1.183
DNS server: 212.113.192.0 (<name unavailable>)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 212.113.192.0
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
__________________________
Domain: xxx.xx.co.uk
e2007 PASS FAIL FAIL PASS PASS FAIL n/a
......................... xxx.xxx.co.uk failed test DNS
C:\Documents and Settings\administrator>
It's reading some of it, just not enough of it.
Does Active Directory Users and Computers open successfully at the moment?
Lets simplify DNS a bit.
Open the DNS Console and Delete your existing zone. Then lets do this:
1. From the DNS Console
2. Right click on Forward Lookup Zones and select New Zone
3. Set Type to Primary. Remove the tick from Store in Active Directory (this makes it Standard Primary)
4. Enter the name xxx.xxx.co.uk (matching the domain name quoted above)
5. Keep the default File Name
6. Select "Allow both nonsecure and secure dynamic updates"
7. Click Finish
Then we'll make a Reverse Lookup Zone:
1. Again from the DNS Console
2. Right click on Reverse Lookup Zones and select New Zone
3. Select Primary. Remove the tick from Store in Active Directory (Standard Primary again)
4. In Network IP enter "192.168.1". The bottom, grey box, will become 1.168.192.in-addr.arpa.
5. Keep the default File Name
6. Select "Allow both nonsecure and secure dynamic updates"
7. Click Finish
Time to run "ipconfig /registerdns" once again. Then we'll do a few quick tests of the DNS sub-system:
1. Open the Command Prompt
2. Type "nslookup" and press return
We should get something like this back:
Default Server: E2007.xxx.xxx.co.uk
Address: 192.168.1.183
If we manage to get that far, restart the NetLogon Service again (net stop netlogon and net start netlogon). If that fails, can we take a look at the (text) file here:
%SystemRoot%\System32\Conf
Chris
ASKER
Can access ADUC ok, see all users/pc's etc
Did as requested, this is outpu to th enslookup
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\administrator>nsl ookup
*** Can't find server name for address 192.168.1.183: Non-existent domain
Default Server: UnKnown
Address: 192.168.1.183
> exit
C:\Documents and Settings\administrator>net stop netlogon
The Net Logon service is stopping.
The Net Logon service was stopped successfully.
C:\Documents and Settings\administrator>net start netlogon
The Net Logon service is starting.
The Net Logon service was started successfully.
C:\Documents and Settings\administrator>nsl ookup
*** Can't find server name for address 192.168.1.183: Non-existent domain
Default Server: UnKnown
Address: 192.168.1.183
This is output of the file
_ldap._tcp.xxx.xxx.co.uk. 600 IN SRV 0 100 389 e2007.xxx.xxx.co.uk.
_ldap._tcp.Default-First-S ite-Name._ sites.xxx. xxx.co.uk. 600 IN SRV 0 100 389 e2007.xxx.xxx.co.uk.
_ldap._tcp.93326613-f438-4 9b7-a55e-3 8e811753d1 0.domains. _msdcs.xxx ,xxx.co.uk . 600 IN SRV 0 100 389 e2007.xxx.xxx.co.uk.
_kerberos._tcp.dc._msdcs.x xx.xxx.co. uk. 600 IN SRV 0 100 88 e2007.xxx.xxx.co.uk.
_kerberos._tcp.Default-Fir st-Site-Na me._sites. dc._msdcs. xxx.xxx.co .uk. 600 IN SRV 0 100 88 e2007.xxx.xxx.co.uk.
_ldap._tcp.dc._msdcs.xxx.x xx.co.uk. 600 IN SRV 0 100 389 e2007.xxx.xxx.co.uk.
_ldap._tcp.Default-First-S ite-Name._ sites.dc._ msdcs.x.x. co.uk. 600 IN SRV 0 100 389 e2007.x.x.co.uk.
_kerberos._tcp.x.x.co.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
_kerberos._tcp.Default-Fir st-Site-Na me._sites. x.x.co.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
_kerberos._udp.x.x.co.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
_kpasswd._tcp.x.x.co.uk. 600 IN SRV 0 100 464 e2007.x.x.co.uk.
_kpasswd._udp.x.x.co.uk. 600 IN SRV 0 100 464 e2007.x.x.co.uk.
_ldap._tcp.DomainDnsZones. x.x.co.uk. 600 IN SRV 0 100 389 e2007.x.x.co.uk.
_ldap._tcp.ForestDnsZones. x.x.co.uk. 600 IN SRV 0 100 389 e2007.x.x.co.uk.
_ldap._tcp.Default-First-S ite-Name._ sites.Fore stDnsZones .x.x.co.uk . 600 IN SRV 0 100 389 e2007.x.x.co.uk.
_ldap._tcp.Default-First-S ite-Name._ sites.Doma inDnsZones .x.x.co.uk . 600 IN SRV 0 100 389 e2007.x.x.co.uk.
6b4da3a2-cd4b-44f9-916e-73 943a413a87 ._msdcs.x. x.co.uk. 600 IN CNAME e2007.x.x.co.uk.
_ldap._tcp.gc._msdcs.x.x.c o.uk. 600 IN SRV 0 100 3268 e2007.x.x.co.uk.
_ldap._tcp.Default-First-S ite-Name._ sites.gc._ msdcsx.xuk . 600 IN SRV 0 100 3268 e2007.x.x.co.uk.
_gc._tcp.x.x.co.uk. 600 IN SRV 0 100 3268 e2007.x.x.co.uk.
_gc._tcp.Default-First-Sit e-Name._si tes.x.x.co .uk. 600 IN SRV 0 100 3268 e2007.x.x.co.uk.
_ldap._tcp.pdc._msdcs.x.x. co.uk. 600 IN SRV 0 100 389 e2007.x.x.co.uk.
Did as requested, this is outpu to th enslookup
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\administrator>nsl
*** Can't find server name for address 192.168.1.183: Non-existent domain
Default Server: UnKnown
Address: 192.168.1.183
> exit
C:\Documents and Settings\administrator>net
The Net Logon service is stopping.
The Net Logon service was stopped successfully.
C:\Documents and Settings\administrator>net
The Net Logon service is starting.
The Net Logon service was started successfully.
C:\Documents and Settings\administrator>nsl
*** Can't find server name for address 192.168.1.183: Non-existent domain
Default Server: UnKnown
Address: 192.168.1.183
This is output of the file
_ldap._tcp.xxx.xxx.co.uk. 600 IN SRV 0 100 389 e2007.xxx.xxx.co.uk.
_ldap._tcp.Default-First-S
_ldap._tcp.93326613-f438-4
_kerberos._tcp.dc._msdcs.x
_kerberos._tcp.Default-Fir
_ldap._tcp.dc._msdcs.xxx.x
_ldap._tcp.Default-First-S
_kerberos._tcp.x.x.co.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
_kerberos._tcp.Default-Fir
_kerberos._udp.x.x.co.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
_kpasswd._tcp.x.x.co.uk. 600 IN SRV 0 100 464 e2007.x.x.co.uk.
_kpasswd._udp.x.x.co.uk. 600 IN SRV 0 100 464 e2007.x.x.co.uk.
_ldap._tcp.DomainDnsZones.
_ldap._tcp.ForestDnsZones.
_ldap._tcp.Default-First-S
_ldap._tcp.Default-First-S
6b4da3a2-cd4b-44f9-916e-73
_ldap._tcp.gc._msdcs.x.x.c
_ldap._tcp.Default-First-S
_gc._tcp.x.x.co.uk. 600 IN SRV 0 100 3268 e2007.x.x.co.uk.
_gc._tcp.Default-First-Sit
_ldap._tcp.pdc._msdcs.x.x.
It looks like that completely failed to create any records then. If you look at the Reverse Lookup Zone does it list any PTR records?
And I'm guessing it completely failed to create the folders in the Forward lookup zone?
If it did... Open this file in Notepad:
%SystemRoot%\System32\DNS\
Then copy the contents of netlogon.dns and paste them into the bottom of that file (don't overwrite anything that exists at the moment). You will also need to increment the Serial Number. It looks something like this:
@ IN SOA e2007.xxx.xxx.co.uk. hostmaster.xxx.xxx.co.uk (
1 ; serial number
900 ; refresh
600 ; retry
86400 ; expire
3600 ) ; default TTL
Just increase the Serial Number value by one. Save and close the file.
Head back to the DNS Console, Select xxx.xxx.co.uk, then right click on it and select Reload. You should find that all the folders appear now, it's not as it should be, but it would be nice to trace where it's failing.
Time to run DCDiag /c /v again if you could please.
Chris
If im not wrong you have to have the primary DNS suffix in this order " xxxx.xxxx.local" instead of "Primary Dns Suffix . . . . . . . : xxx.xxx.co.uk"
No, you don't.
Chris
Ok i still suggest you to give a try once.
Ash
Ash
ASKER
created more than last itme:
SOA
NS
PTR for 7 pc's.
No folders in Forwarders, but lots more records:
SOA
NS
12 host A records for pc's and servers
i opened up the file at windows\system32\dns \xxx.xxx.co.uk.dns and appended the listings from windows\system32\configs\n etlogon into the bottom of it and increased serial number by 1. Reloaded xx.xxx.co.uk forward zone. No folders created.
Ran dcdia, output below:
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\administrator>dcd iag.exe /c
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\E2 007
Starting test: Connectivity
The host 6b4da3a2-cd4b-44f9-916e-73 943a413a87 ._msdcs.x. x.co.u
k could not be resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(6b4da3a2-cd4b-44f9-916e-7 3943a413a8 7._msdcs.x .x.co.uk)
couldn't be resolved, the server name (e2007.x.x.co.uk)
resolved to the IP address (192.168.1.183) and was pingable. Check
that the IP address is registered correctly with the DNS server.
......................... E2007 failed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\E2 007
Skipping all tests, because server E2007 is
not responding to directory service requests
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : xxx
Starting test: CrossRefValidation
......................... rotamat passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... rotamat passed test CheckSDRefDom
Running enterprise tests on : x.x.co.uk
Starting test: Intersite
......................... x.x.co.uk passed test Intersite
Starting test: FsmoCheck
......................... x.x.co.uk passed test FsmoCheck
Starting test: DNS
Test results for domain controllers:
DC: e2007.x.x.co.uk
Domain: x.x.co.uk
TEST: Basic (Basc)
Error: No LDAP connectivity
Warning: adapter [00000001] Intel(R) PRO/1000 MT Network Conne
ction has invalid DNS server: 192.168.1.183 (<name unavailable>)
Error: all DNS servers are invalid
TEST: Forwarders/Root hints (Forw)
Error: Forwarders list has invalid forwarder: 212.113.192.0 (<
name unavailable>)
Error:l.root-servers.net. IP: <Unavailabe> Status:A record not
found
TEST: Dynamic update (Dyn)
Warning: Dynamic update is enabled on the zone but not secure
x.x.co.uk.
TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the network a
dapters
Summary of test results for DNS servers used by the above domain contro
llers:
DNS server: 192.168.1.183 (<name unavailable>)
1 test failure on this DNS server
Name resolution is not functional. _ldap._tcp.x.x.co.uk
. failed on the DNS server 192.168.1.183
DNS server: 212.113.192.0 (<name unavailable>)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 212.113.192.0
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
__________________________ __________ __________ __________ ________
Domain: x.x.co.uk
e2007 PASS FAIL FAIL PASS WARN FAIL n/a
......................... x.x.co.uk failed test DNS
C:\Documents and Settings\administrator>
SOA
NS
PTR for 7 pc's.
No folders in Forwarders, but lots more records:
SOA
NS
12 host A records for pc's and servers
i opened up the file at windows\system32\dns \xxx.xxx.co.uk.dns and appended the listings from windows\system32\configs\n
Ran dcdia, output below:
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\administrator>dcd
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\E2
Starting test: Connectivity
The host 6b4da3a2-cd4b-44f9-916e-73
k could not be resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(6b4da3a2-cd4b-44f9-916e-7
couldn't be resolved, the server name (e2007.x.x.co.uk)
resolved to the IP address (192.168.1.183) and was pingable. Check
that the IP address is registered correctly with the DNS server.
......................... E2007 failed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\E2
Skipping all tests, because server E2007 is
not responding to directory service requests
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : xxx
Starting test: CrossRefValidation
......................... rotamat passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... rotamat passed test CheckSDRefDom
Running enterprise tests on : x.x.co.uk
Starting test: Intersite
......................... x.x.co.uk passed test Intersite
Starting test: FsmoCheck
......................... x.x.co.uk passed test FsmoCheck
Starting test: DNS
Test results for domain controllers:
DC: e2007.x.x.co.uk
Domain: x.x.co.uk
TEST: Basic (Basc)
Error: No LDAP connectivity
Warning: adapter [00000001] Intel(R) PRO/1000 MT Network Conne
ction has invalid DNS server: 192.168.1.183 (<name unavailable>)
Error: all DNS servers are invalid
TEST: Forwarders/Root hints (Forw)
Error: Forwarders list has invalid forwarder: 212.113.192.0 (<
name unavailable>)
Error:l.root-servers.net. IP: <Unavailabe> Status:A record not
found
TEST: Dynamic update (Dyn)
Warning: Dynamic update is enabled on the zone but not secure
x.x.co.uk.
TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the network a
dapters
Summary of test results for DNS servers used by the above domain contro
llers:
DNS server: 192.168.1.183 (<name unavailable>)
1 test failure on this DNS server
Name resolution is not functional. _ldap._tcp.x.x.co.uk
. failed on the DNS server 192.168.1.183
DNS server: 212.113.192.0 (<name unavailable>)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 212.113.192.0
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
__________________________
Domain: x.x.co.uk
e2007 PASS FAIL FAIL PASS WARN FAIL n/a
......................... x.x.co.uk failed test DNS
C:\Documents and Settings\administrator>
@ashexpert4u,
The Primary DNS Suffix is the AD Domain Name. Changing the Primary DNS Suffix doesn't help one bit if the AD Domain Name is something else.
Could you open the zone file again (%SystemRoot%\System32\DNS
Can we check up on the FSMO roles? Please try running:
netdom query fsmo
It might not work, its reliant on the tool being installed, there's a longer way to find them if it doesn't. It passed the test according to DCDiag, so they should be fine, it's just nice to make sure.
In the Forward Lookup Zone, do we have a Host (A) Record for e2007 at the moment?
Can you make a PTR record in the Reverse Lookup Zone? That'll be as follows:
1. Expand Reverse Lookup Zones
2. Select "192.168.1.x Subnet"
3. Right click and select New Pointer (PTR)
4. Enter 183 in the "Host IP Number" box
5. Enter e2007.xxx.xxx.co.uk. in the Host Name box. Note the trailing period / dot on the Host Name. We do want to keep that one. Otherwise feel free to use Browse to find the record.
Chris
ASKER
the file has changed as serial numbere has increased and more pcs added:
;
; Database file x.x.co.uk.dns for x.x.co.uk zone.
; Zone version: 37
;
@ IN SOA e2007.x.x.co.uk. hostmaster.x.x.co.uk. (
37 ; serial number
900 ; refresh
600 ; retry
86400 ; expire
3600 ) ; default TTL
;
; Zone NS records
;
@ NS e2007.x.x.co.uk.
;
; Zone records
;
bedford 1200 A 192.168.1.187
Dell-001 1200 A 192.168.1.64
dell-10 1200 A 192.168.1.213
dell-11 1200 A 192.168.1.50
dell-12 1200 A 192.168.1.215
Dell-13 1200 A 192.168.1.173
dell-15 1200 A 192.168.1.232
dell-20 1200 A 192.168.111.16
dellws01 1200 A 192.168.1.25
dellws02 1200 A 192.168.1.39
DELLWS04 1200 A 192.168.1.178
dellws06 1200 A 192.168.1.160
dellws07 1200 A 192.168.1.182
dellws08 1200 A 192.168.1.241
dellws09 1200 A 192.168.1.177
dellws10 1200 A 192.168.1.48
dellws11 1200 A 192.168.1.58
dellws12 1200 A 192.168.1.218
dellws13 1200 A 192.168.1.219
DellWS14 1200 A 192.168.1.251
dellws16 1200 A 192.168.1.245
dellws19 1200 A 192.168.1.61
dellws20 1200 A 192.168.1.46
dellws22 1200 A 192.168.1.186
dellws23 1200 A 192.168.1.135
DELLWS25 1200 A 192.168.1.60
DELLWS26 1200 A 192.168.1.54
dellws27 1200 A 192.168.1.23
e2007 A 192.168.1.183
ford 1200 A 192.168.1.1
npi79f788 900 A 192.168.1.16
terminal 1200 A 192.168.1.8
VOLVO 1200 A 192.168.1.156
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
Netdom quer below:
C:\Documents and Settings\administrator>NET dom query fsmo
Schema owner e2007.x.xco.uk
Domain role owner e2007.x.x.co.uk
PDC role e2007.x.x.co.uk
RID pool manager e2007.x.x.co.uk
Infrastructure owner e2007.x.x.co.uk
The command completed successfully.
C:\Documents and Settings\administrator>
have a host a record and created a PTR in reverse.
Both the forwards and reverse zones are filling up with records but not folders.
;
; Database file x.x.co.uk.dns for x.x.co.uk zone.
; Zone version: 37
;
@ IN SOA e2007.x.x.co.uk. hostmaster.x.x.co.uk. (
37 ; serial number
900 ; refresh
600 ; retry
86400 ; expire
3600 ) ; default TTL
;
; Zone NS records
;
@ NS e2007.x.x.co.uk.
;
; Zone records
;
bedford 1200 A 192.168.1.187
Dell-001 1200 A 192.168.1.64
dell-10 1200 A 192.168.1.213
dell-11 1200 A 192.168.1.50
dell-12 1200 A 192.168.1.215
Dell-13 1200 A 192.168.1.173
dell-15 1200 A 192.168.1.232
dell-20 1200 A 192.168.111.16
dellws01 1200 A 192.168.1.25
dellws02 1200 A 192.168.1.39
DELLWS04 1200 A 192.168.1.178
dellws06 1200 A 192.168.1.160
dellws07 1200 A 192.168.1.182
dellws08 1200 A 192.168.1.241
dellws09 1200 A 192.168.1.177
dellws10 1200 A 192.168.1.48
dellws11 1200 A 192.168.1.58
dellws12 1200 A 192.168.1.218
dellws13 1200 A 192.168.1.219
DellWS14 1200 A 192.168.1.251
dellws16 1200 A 192.168.1.245
dellws19 1200 A 192.168.1.61
dellws20 1200 A 192.168.1.46
dellws22 1200 A 192.168.1.186
dellws23 1200 A 192.168.1.135
DELLWS25 1200 A 192.168.1.60
DELLWS26 1200 A 192.168.1.54
dellws27 1200 A 192.168.1.23
e2007 A 192.168.1.183
ford 1200 A 192.168.1.1
npi79f788 900 A 192.168.1.16
terminal 1200 A 192.168.1.8
VOLVO 1200 A 192.168.1.156
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
Netdom quer below:
C:\Documents and Settings\administrator>NET
Schema owner e2007.x.xco.uk
Domain role owner e2007.x.x.co.uk
PDC role e2007.x.x.co.uk
RID pool manager e2007.x.x.co.uk
Infrastructure owner e2007.x.x.co.uk
The command completed successfully.
C:\Documents and Settings\administrator>
have a host a record and created a PTR in reverse.
Both the forwards and reverse zones are filling up with records but not folders.
Ah okay, it wiped out our changes.
Lets do it this way.
Stop the DNS service (Administrative Tools / Services). Then open the file again, and paste in the contents of netlogon.dns. Increment the serial again the restart the DNS service.
Chances are it just overwrote our changes with all the clients sending updates.
Chris
ASKER
folders are there!
and changes made to the windows\system32\dns xxx.xxx.co.uk.dns are still there
and changes made to the windows\system32\dns xxx.xxx.co.uk.dns are still there
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\administrator>dcd iag.exe /c
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\E2 007
Starting test: Connectivity
......................... E2007 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\E2 007
Starting test: Replications
......................... E2007 passed test Replications
Starting test: Topology
......................... E2007 passed test Topology
Starting test: CutoffServers
......................... E2007 passed test CutoffServers
Starting test: NCSecDesc
......................... E2007 passed test NCSecDesc
Starting test: NetLogons
......................... E2007 passed test NetLogons
Starting test: Advertising
......................... E2007 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... E2007 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... E2007 passed test RidManager
Starting test: MachineAccount
......................... E2007 passed test MachineAccount
Starting test: Services
......................... E2007 passed test Services
Starting test: OutboundSecureChannels
** Did not run Outbound Secure Channels test
because /testdomain: was not entered
......................... E2007 passed test OutboundSecureChannels
Starting test: ObjectsReplicated
......................... E2007 passed test ObjectsReplicated
Starting test: frssysvol
......................... E2007 passed test frssysvol
Starting test: frsevent
......................... E2007 passed test frsevent
Starting test: kccevent
......................... E2007 passed test kccevent
Starting test: systemlog
......................... E2007 passed test systemlog
Starting test: VerifyReplicas
......................... E2007 passed test VerifyReplicas
Starting test: VerifyReferences
......................... E2007 passed test VerifyReferences
Starting test: VerifyEnterpriseReferences
......................... E2007 passed test VerifyEnterpriseReferences
Starting test: CheckSecurityError
[E2007] No security related replication errors were found on this DC!
To target the connection to a specific source DC use /ReplSource:<DC>.
......................... E2007 passed test CheckSecurityError
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : xxx
Starting test: CrossRefValidation
.........................x xxotamat passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... xxx passed test CheckSDRefDom
Running enterprise tests on : x.x.co.uk
Starting test: Intersite
......................... x.x.co.uk passed test Intersite
Starting test: FsmoCheck
.........................x .x.co.uk passed test FsmoCheck
Starting test: DNS
Test results for domain controllers:
DC: e2007.x.x.co.uk
Domain: x.x.co.uk
TEST: Dynamic update (Dyn)
Warning: Dynamic update is enabled on the zone but not secure
x.x.co.uk.
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
__________________________ __________ __________ __________ ________
Domain: x.x.co.uk
e2007 PASS PASS PASS PASS WARN PASS n/a
.........................x .x.co.uk passed test DNS
C:\Documents and Settings\administrator>
Termianl server access is ok, Win2k pc taht was not access network now works as welll
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\administrator>dcd
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\E2
Starting test: Connectivity
......................... E2007 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\E2
Starting test: Replications
......................... E2007 passed test Replications
Starting test: Topology
......................... E2007 passed test Topology
Starting test: CutoffServers
......................... E2007 passed test CutoffServers
Starting test: NCSecDesc
......................... E2007 passed test NCSecDesc
Starting test: NetLogons
......................... E2007 passed test NetLogons
Starting test: Advertising
......................... E2007 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... E2007 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... E2007 passed test RidManager
Starting test: MachineAccount
......................... E2007 passed test MachineAccount
Starting test: Services
......................... E2007 passed test Services
Starting test: OutboundSecureChannels
** Did not run Outbound Secure Channels test
because /testdomain: was not entered
......................... E2007 passed test OutboundSecureChannels
Starting test: ObjectsReplicated
......................... E2007 passed test ObjectsReplicated
Starting test: frssysvol
......................... E2007 passed test frssysvol
Starting test: frsevent
......................... E2007 passed test frsevent
Starting test: kccevent
......................... E2007 passed test kccevent
Starting test: systemlog
......................... E2007 passed test systemlog
Starting test: VerifyReplicas
......................... E2007 passed test VerifyReplicas
Starting test: VerifyReferences
......................... E2007 passed test VerifyReferences
Starting test: VerifyEnterpriseReferences
......................... E2007 passed test VerifyEnterpriseReferences
Starting test: CheckSecurityError
[E2007] No security related replication errors were found on this DC!
To target the connection to a specific source DC use /ReplSource:<DC>.
......................... E2007 passed test CheckSecurityError
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : xxx
Starting test: CrossRefValidation
.........................x
Starting test: CheckSDRefDom
......................... xxx passed test CheckSDRefDom
Running enterprise tests on : x.x.co.uk
Starting test: Intersite
......................... x.x.co.uk passed test Intersite
Starting test: FsmoCheck
.........................x
Starting test: DNS
Test results for domain controllers:
DC: e2007.x.x.co.uk
Domain: x.x.co.uk
TEST: Dynamic update (Dyn)
Warning: Dynamic update is enabled on the zone but not secure
x.x.co.uk.
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
__________________________
Domain: x.x.co.uk
e2007 PASS PASS PASS PASS WARN PASS n/a
.........................x
C:\Documents and Settings\administrator>
Termianl server access is ok, Win2k pc taht was not access network now works as welll
Excellent. Right, something is still up with DNS and I'd like to try to fix that.
First of all, head to the zone file again (%SystemRoot%\System32\DNS
We're going to check all of the areas in AD where DNS data is stored. For this we'll need to use ADSIEdit.
1. Click Start then Run
2. Type ADSIEdit.msc and press Return
The first location we're going to check is used when the zone is set to replicate to "All Domain Controllers in the Active Directory Domain".
3. You should see "Domain" in the list. Expand it.
4. Expand DC=xxx,DC=xxx,DC=co,DC=uk
5. Expand CN=System
6. Select CN=MicrosoftDNS
In theory it should only list "DC=RootDNSServers" within that folder. Does it? If not, what else is listed?
The next two areas take a bit more work to get to.
7. Right click on ADSI Edit (still within the ADSI Edit console)
8. Select "Connect to..."
9. In Name type "DomainDNSZones"
10. Select "Select or type a Distinguished Name or Naming Context"
11. Enter the value "DC=DomainDNSZones,DC=xxx,
12. Click OK
13. Attempt to expand DomainDNSZones in ADSI Edit.
14. Expand MicrosoftDNS
15. Is anything listed here?
And finally...
16. Right click on ADSI Edit (still within the ADSI Edit console)
17. Select "Connect to..."
18. In Name type "ForestDNSZones"
19. Select "Select or type a Distinguished Name or Naming Context"
20. Enter the value "DC=ForestDNSZones,DC=xxx,
21. Click OK
22. Attempt to expand ForestDNSZones in ADSI Edit.
23. Expand MicrosoftDNS
24. Is anything listed here?
I'm very interested in any errors you have returned for either of the last two. Especially if it gives you something like "A referral was returned from the server".
Chris
ASKER
Fantastic help, thankyou very much. Do you have any idea what caused it and waht i can do in teh future to prevent a similar problem?
Probably cross posted, but I'd like to test my suspicion above if possible :)
Chris
ASKER
"In theory it should only list "DC=RootDNSServers" within that folder. Does it? If not, what else is listed?
"- nothing else listed in there
"In Name type "DomainDNSZones"- nothing listed inside teh Microsoft folder
"In Name type "ForestDNSZones"- cant see the microsoft folder, have Lost and Found and NTFS Quotas
"- nothing else listed in there
"In Name type "DomainDNSZones"- nothing listed inside teh Microsoft folder
"In Name type "ForestDNSZones"- cant see the microsoft folder, have Lost and Found and NTFS Quotas
That's a shame, I was hoping for rather more than that.
Shall we try moving the zone into Active Directory? It's why we have the backup of the zone saved.
1. Open the DNS Console
2. Expand Forward Lookup Zones
3. Select xxx.xxx.co.uk
4. Right click and open the zone Properties
5. Select "Change" next to the Type setting
6. Tick "Store the zone in Active Directory"
7. Accept the confirmation
8. Click OK
That should set the replication value to the default of "All DNS servers in the Active Directory domain". And if you still have ADSIEdit open you should find that it appears under DomainDNSZones.
See if everything carries on working with that then we can do a few more tests to see if it's going to behave itself :)
Chris
ASKER
Done as asked by as of yet there is nothing in teh DomainDNSZones except teh folder for Microsoft.
Did it set the Replication value (in the Properties for the zone in the DNS Console) as above or has it set it to something different?
Chris
ASKER
its defaulted to all domain controllers, should i change it to all DNS in Active Directory?
Yes please :) At the moment you should see it under Domain \ System \ MicrosoftDNS.
Chris
ASKER
now i see a folder in the MicrosoftDNSZones folder and there is only 1 thing in there.
DC=x.x.co.uk | DNSZone then distinguished name
nothing in ForestDNSZone as above.
DC=x.x.co.uk | DNSZone then distinguished name
nothing in ForestDNSZone as above.
Cool. Does it still have all the records we expect to see?
If so, lets see how well it's going to cope.
Back into the DNS Console, expand Forward Lookup Zones then select xxx.xxx.co.uk again. Hopefully you see an "_sites" folder? Delete it, then we'll see if it recreates itself by restarting the NetLogon service yet again.
Chris
ASKER
hasn't recreated the sites folder after a netlogon stop/start
ASKER
this error was logged at 12.04 after the zonemove, have 3x
The DNS server encountered error 32 attempting to load zone rotamat.huber.co.uk from Active Directory. The DNS server will attempt to load this zone again on the next timeout cycle. This can be caused by high Active Directory load and may be a transient condition.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
The DNS server encountered error 32 attempting to load zone rotamat.huber.co.uk from Active Directory. The DNS server will attempt to load this zone again on the next timeout cycle. This can be caused by high Active Directory load and may be a transient condition.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Just quickly check that Dynamic Updates is still enabled on that zone, then lets see if NetLogon will tell us what's going on.
This article tells us how to enable debug logging for netlogon:
http://support.microsoft.com/kb/109626
The short version is run this from the command prompt:
nltest /dbflag:0x2080ffff
Then restart the NetLogon Service again.
The log file is in %SystemRoot%\Debug\NetLogo
Chris
Hmm lets see, lets move the zone back to "All Domain Controllers in the AD Domain". Do we still get the error when using that? And if you restart NetLogon (I'm sure you're sick of doing that by now), does it repopulate the _sites folder?
If it does, we'll get rid of the DNS partitions and recreate them then try again. It would be nice to have this in a state where it's not going to bite in the future.
Chris
ASKER
dynamic update for secure/non secure updates.
log from after stop/start netlogon
01/30 12:21:38 [MISC] DbFlag is set to 2080ffff
01/30 12:21:40 [LOGON] x: SamLogon: Network logon of e2007\jc from DELLWS08 Entered
01/30 12:21:40 [LOGON] x: NlPickDomainWithAccount: e2007\jc: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:21:40 [LOGON] x: SamLogon: Network logon of e2007\jc from DELLWS08 Returns 0x0
01/30 12:21:40 [LOGON] x: SamLogon: Network logon of e2007\jc from DELLWS08 Entered
01/30 12:21:40 [LOGON] x: NlPickDomainWithAccount: e2007\jc: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:21:40 [LOGON] x SamLogon: Network logon of e2007\jc from DELLWS08 Returns 0x0
01/30 12:21:50 [MAILSLOT] Received ping from DELLWS20 x.x.co.uk. (null) on UDP LDAP
01/30 12:21:50 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS20 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:05 [LOGON] x: SamLogon: Network logon of E2007\graham from DELL-001 Entered
01/30 12:22:05 [LOGON] x: NlPickDomainWithAccount: E2007\graham: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:22:05 [LOGON] x: SamLogon: Network logon of E2007\graham from DELL-001 Returns 0x0
01/30 12:22:06 [LOGON] x: SamLogon: Network logon of E2007\graham from DELL-001 Entered
01/30 12:22:06 [LOGON] x: NlPickDomainWithAccount: E2007\graham: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:22:06 [LOGON] x: SamLogon: Network logon of E2007\graham from DELL-001 Returns 0x0
01/30 12:22:09 [MAILSLOT] Received ping from DELLWS12 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:09 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS12 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:12 [MAILSLOT] Received ping from DELLWS25 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:12 [MAILSLOT]x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS25 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:15 [MAILSLOT] Received ping from DELLWS08 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:15 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS08 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:23 [MAILSLOT] Received ping from DELLWS23 x.xco.uk. (null) on UDP LDAP
01/30 12:22:23 [MAILSLOT]x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS23 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:28 [MAILSLOT] Received ping from DELLWS19 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:28 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS19 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:35 [LOGON] x: SamLogon: Network logon of E2007\rjw from DELLWS19 Entered
01/30 12:22:35 [LOGON] x: NlPickDomainWithAccount: E2007\rjw: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:22:36 [LOGON] x: SamLogon: Network logon of E2007\rjw from DELLWS19 Returns 0x0
01/30 12:22:37 [LOGON] x SamLogon: Network logon of E2007\rjw from DELLWS19 Entered
01/30 12:22:37 [LOGON] x: NlPickDomainWithAccount: E2007\rjw: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:22:37 [LOGON] x: SamLogon: Network logon of E2007\rjw from DELLWS19 Returns 0x0
01/30 12:22:46 [MAILSLOT] Received ping from DELLWS18 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:46 [MAILSLOT]x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS18 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:49 [MAILSLOT] Received ping from DELLWS11 x,x.co.uk. (null) on UDP LDAP
01/30 12:22:49 [MAILSLOT] ROTAMAT: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS11 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:53 [MAILSLOT] Received ping from DELLWS14 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:53 [MAILSLOT] x.x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS14 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:54 [MAILSLOT] Received ping from DELLWS14 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:54 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS14 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:54 [CRITICAL] AcceptSecurityContext: fefefefe.0: Can't NlFindNamedServerSession for DELLWS14
01/30 12:22:54 [MAILSLOT] Received ping from DELLWS14 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:54 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS14 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:54 [SESSION] x NetrServerAuthenticate entered: DELLWS14 on account DELLWS14$ (Negot: 600fffff)
01/30 12:22:54 [SESSION] x: NetrServerAuthenticate returns Success: DELLWS14 on account DELLWS14$ (Negot: 600fffff)
01/30 12:22:54 [SESSION] x: NetrLogonGetDomainInfo: DELLWS14 1 Entered
01/30 12:22:54 [SESSION] x: NetrLogonGetDomainInfo: DELLWS14 is running NT 5.1 build 2600 (1)
01/30 12:22:54 [MISC] x: NetrLogonGetDomainInfo: DnsHostName of DELLWS14 is DellWS14.rotamat.huber.co. uk
01/30 12:22:54 [SESSION] x: NetrLogonGetDomainInfo: DELLWS14 1 Returns 0x0
01/30 12:23:02 [MISC] x: DsGetDcName function called: Dom:x.xco.uk Acct:(null) Flags: DS BACKGROUND RET_DNS
01/30 12:23:02 [MAILSLOT] Received ping from E2007 x.xco.uk (null) on <Local>
01/30 12:23:02 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\E2007 Site: Default-First-Site-Name on <Local>
01/30 12:23:02 [MISC] xT: DsGetDcName function returns 0: Dom:x.x.co.uk Acct:(null) Flags: DS BACKGROUND RET_DNS
01/30 12:23:02 [SITE] DsrGetSiteName: Returning site name 'Default-First-Site-Name' from local cache.
01/30 12:23:02 [MISC] x: DsGetDcName function called: Dom:x.x.co.uk Acct:(null) Flags: LDAPONLY DNS RET_DNS
01/30 12:23:02 [MAILSLOT] Received ping from E2007 x.xco.uk (null) on <Local>
01/30 12:23:02 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\E2007 Site: Default-First-Site-Name on <Local>
01/30 12:23:02 [MISC] x: DsGetDcName function returns 0: Dom:x.x.co.uk Acct:(null) Flags: LDAPONLY DNS RET_DNS
01/30 12:23:02 [MISC] x: DsGetDcName function called: Dom:x.xco.uk Acct:(null) Flags: LDAPONLY DNS RET_DNS
01/30 12:23:02 [MAILSLOT] Received ping from E2007 x.x.co.uk (null) on <Local>
01/30 12:23:02 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\E2007 Site: Default-First-Site-Name on <Local>
01/30 12:23:02 [MISC] x: DsGetDcName function returns 0: Dom:x.x.co.uk Acct:(null) Flags: LDAPONLY DNS RET_DNS
01/30 12:23:02 [LOGON] x: SamLogon: Generic logon of x.x.CO.UK\(null) from (null) Package:Kerberos Entered
01/30 12:23:02 [LOGON] x: SamLogon: Generic logon of x.x.CO.UK\(null) from (null) Package:Kerberos Returns 0x0
01/30 12:23:12 [MAILSLOT] Received ping from DELLWS04 x.x.co.uk. (null) on UDP LDAP
01/30 12:23:12 [MAILSLOT] x Ping response 'Sam Logon Response Ex' (null) to \\DELLWS04 Site: Default-First-Site-Name on UDP LDAP
01/30 12:23:20 [LOGON] x SamLogon: Generic logon of x.x.CO.UK\(null) from (null) Package:Kerberos Entered
01/30 12:23:20 [LOGON] x: SamLogon: Generic logon of x.x.CO.UK\(null) from (null) Package:Kerberos Returns 0x0
01/30 12:23:27 [MAILSLOT] Received ping from DELLWS16 x.x.CO.UK (null) on UDP LDAP
01/30 12:23:27 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS16 Site: Default-First-Site-Name on UDP LDAP
01/30 12:23:29 [MAILSLOT] Received ping from DELLWS22 x.x.co.uk. (null) on UDP LDAP
01/30 12:23:29 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS22 Site: Default-First-Site-Name on UDP LDAP
01/30 12:23:31 [LOGON] x: SamLogon: Generic logon of x.xCO.UK\(null) from (null) Package:Kerberos Entered
01/30 12:23:31 [LOGON] x SamLogon: Generic logon of x.x.CO.UK\(null) from (null) Package:Kerberos Returns 0x0
01/30 12:23:35 [LOGON] xT: SamLogon: Network logon of E2007\reception from DELLWS22 Entered
01/30 12:23:35 [LOGON] x: NlPickDomainWithAccount: E2007\reception: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:23:36 [LOGON] x SamLogon: Network logon of E2007\reception from DELLWS22 Returns 0x0
01/30 12:23:37 [LOGON] x SamLogon: Network logon of E2007\reception from DELLWS22 Entered
01/30 12:23:37 [LOGON] x NlPickDomainWithAccount: E2007\reception: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:23:37 [LOGON] x: SamLogon: Network logon of E2007\reception from DELLWS22 Returns 0x0
01/30 12:23:47 [MAILSLOT] Received ping from DELLWS26 x.xco.uk. (null) on UDP LDAP
01/30 12:23:47 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS26 Site: Default-First-Site-Name on UDP LDAP
01/30 12:24:05 [MAILSLOT] Received ping from DELLWS13 rotamat.huber.co.uk. (null) on UDP LDAP
01/30 12:24:05 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS13 Site: Default-First-Site-Name on UDP LDAP
01/30 12:24:20 [MISC] In control handler (Opcode: 1)
01/30 12:24:20 [MISC] NlExit: Netlogon exiting 0 0x0
01/30 12:24:20 [DOMAIN] x: NlDeleteDomain called
01/30 12:24:20 [DOMAIN] x: Domain RefCount is zero. Domain being rundown.
01/30 12:24:20 [SESSION] x NlFreeServerSession: DELL-12: Freed server session
01/30 12:24:20 [SESSION] x: NlFreeServerSession: DELLWS13: Freed server session
01/30 12:24:20 [SESSION] x NlFreeServerSession: DELL-001: Freed server session
01/30 12:24:20 [SESSION] x: NlFreeServerSession: DELLWS08: Freed server session
01/30 12:24:20 [SESSION] xT: NlFreeServerSession: DELLWS14: Freed server session
01/30 12:24:20 [DOMAIN] DomainDnsZones.x.x.co.uk: NlDeleteDomain called
01/30 12:24:20 [DOMAIN] DomainDnsZones.x.xco.uk: Domain RefCount is zero. Domain being rundown.
01/30 12:24:20 [DOMAIN] NlDeleteDomain called
01/30 12:24:20 [DOMAIN] Domain RefCount is zero. Domain being rundown.
01/30 12:24:20 [SITE] Setting site name to '(null)'
01/30 12:24:25 [INIT] Group Policy is not defined for Netlogon
01/30 12:24:25 [INIT] Following are the effective values after parsing
01/30 12:24:25 [INIT] Sysvol = C:\WINDOWS\SYSVOL\sysvol
01/30 12:24:25 [INIT] Scripts = (null)
01/30 12:24:25 [INIT] RpcDacl = (null)
01/30 12:24:25 [INIT] SiteName (0) = Default-First-Site-Name
01/30 12:24:25 [INIT] Pulse = 300 (0x12c)
01/30 12:24:25 [INIT] Randomize = 1 (0x1)
01/30 12:24:25 [INIT] PulseMaximum = 7200 (0x1c20)
01/30 12:24:25 [INIT] PulseConcurrency = 10 (0xa)
01/30 12:24:25 [INIT] PulseTimeout1 = 10 (0xa)
01/30 12:24:25 [INIT] PulseTimeout2 = 300 (0x12c)
01/30 12:24:25 [INIT] MaximumMailslotMessages = 500 (0x1f4)
01/30 12:24:25 [INIT] MailslotMessageTimeout = 10 (0xa)
01/30 12:24:25 [INIT] MailslotDuplicateTimeout = 2 (0x2)
01/30 12:24:25 [INIT] ExpectedDialupDelay = 0 (0x0)
01/30 12:24:25 [INIT] ScavengeInterval = 900 (0x384)
01/30 12:24:25 [INIT] MaximumPasswordAge = 30 (0x1e)
01/30 12:24:25 [INIT] LdapSrvPriority = 0 (0x0)
01/30 12:24:25 [INIT] LdapSrvWeight = 100 (0x64)
01/30 12:24:25 [INIT] LdapSrvPort = 389 (0x185)
01/30 12:24:25 [INIT] LdapGcSrvPort = 3268 (0xcc4)
01/30 12:24:25 [INIT] KdcSrvPort = 88 (0x58)
01/30 12:24:25 [INIT] KerbIsDoneWithJoinDomainEn try = 0 (0x0)
01/30 12:24:25 [INIT] DnsTtl = 600 (0x258)
01/30 12:24:25 [INIT] DnsRefreshInterval = 86400 (0x15180)
01/30 12:24:25 [INIT] CloseSiteTimeout = 900 (0x384)
01/30 12:24:25 [INIT] SiteNameTimeout = 300 (0x12c)
01/30 12:24:25 [INIT] DuplicateEventlogTimeout = 14400 (0x3840)
01/30 12:24:25 [INIT] MaxConcurrentApi = 0 (0x0)
01/30 12:24:25 [INIT] NegativeCachePeriod = 45 (0x2d)
01/30 12:24:25 [INIT] BackgroundRetryInitialPeri od = 600 (0x258)
01/30 12:24:25 [INIT] BackgroundRetryMaximumPeri od = 3600 (0xe10)
01/30 12:24:25 [INIT] BackgroundRetryQuitTime = 0 (0x0)
01/30 12:24:25 [INIT] BackgroundSuccessfulRefres hPeriod = 4294967295 (0xffffffff)
01/30 12:24:25 [INIT] NonBackgroundSuccessfulRef reshPeriod = 1800 (0x708)
01/30 12:24:25 [INIT] DnsFailedDeregisterTimeout = 172800 (0x2a300)
01/30 12:24:25 [INIT] MaxLdapServersPinged = 55 (0x37)
01/30 12:24:25 [INIT] SiteCoverageRefreshInterva l = 3600 (0xe10)
01/30 12:24:25 [INIT] FtInfoUpdateInterval = 86400 (0x15180)
01/30 12:24:25 [INIT] DBFlag = 545325055 (0x2080ffff)
01/30 12:24:25 [INIT] MaximumLogFileSize = 20000000 (0x1312d00)
01/30 12:24:25 [INIT] RefusePasswordChange = FALSE
01/30 12:24:25 [INIT] AllowReplInNonMixed = FALSE
01/30 12:24:25 [INIT] AvoidSamRepl = TRUE
01/30 12:24:25 [INIT] AvoidLsaRepl = TRUE
01/30 12:24:25 [INIT] SignSecureChannel = TRUE
01/30 12:24:25 [INIT] SealSecureChannel = TRUE
01/30 12:24:25 [INIT] RequireSignOrSeal = TRUE
01/30 12:24:25 [INIT] RequireStrongKey = FALSE
01/30 12:24:25 [INIT] SysVolReady = TRUE
01/30 12:24:25 [INIT] UseDynamicDns = TRUE
01/30 12:24:25 [INIT] RegisterDnsARecords = TRUE
01/30 12:24:25 [INIT] AvoidPdcOnWan = FALSE
01/30 12:24:25 [INIT] AutoSiteCoverage = TRUE
01/30 12:24:25 [INIT] AvoidDnsDeregOnShutdown = TRUE
01/30 12:24:25 [INIT] DnsUpdateOnAllAdapters = FALSE
01/30 12:24:25 [INIT] Nt4Emulator = FALSE
01/30 12:24:25 [INIT] DisablePasswordChange = FALSE
01/30 12:24:25 [INIT] NeutralizeNt4Emulator = TRUE
01/30 12:24:25 [INIT] AllowSingleLabelDnsDomain = FALSE
01/30 12:24:25 [INIT] AllowExclusiveSysvolShareA ccess = FALSE
01/30 12:24:25 [INIT] AllowExclusiveScriptsShare Access = FALSE
01/30 12:24:25 [INIT] AvoidLocatorAccountLookup = FALSE
01/30 12:24:25 [INIT] NeverPing = FALSE
01/30 12:24:25 [INIT] Command line parsed successfully ...
01/30 12:24:25 [SITE] Setting site name to 'Default-First-Site-Name'
01/30 12:24:25 [SITE] Adding subnet to site mappings from the DS
01/30 12:24:25 [SITE] There is only one site. All clients belong to it.
01/30 12:24:25 [SESSION] Winsock Addrs: 192.168.1.183 (1)
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsLdap: _ldap._tcp.x.xco.uk. 600 IN SRV 0 100 389 e2007.rx.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsLdapAtSite: _ldap._tcp.Default-First-S ite-Name._ sites.x.x. co.uk. 600 IN SRV 0 100 389 e2007.x.xco.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsDcByGuid: _ldap._tcp.93326613-f438-4 9b7-a55e-3 8e811753d1 0.domains. _msdcs.x.x .co.uk. 600 IN SRV 0 100 389 e2007.x.xco.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsKdc: _kerberos._tcp.dc._msdcs.x .x.co.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsKdcAtSite: _kerberos._tcp.Default-Fir st-Site-Na me._sites. dc._msdcs. x.x.co.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsDc: _ldap._tcp.dc._msdcs.x.x.c o.uk. 600 IN SRV 0 100 389 e2007.x.xco.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsDcAtSite: _ldap._tcp.Default-First-S ite-Name._ sites.dc._ msdcs.x.x. co.uk. 600 IN SRV 0 100 389 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsRfc1510Kdc: _kerberos._tcp.x.xco.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsRfc1510KdcAtSite: _kerberos._tcp.Default-Fir st-Site-Na me._sites. x.x.co.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsRfc1510UdpKdc: _kerberos._udp.x.xco.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsRfc1510Kpwd: _kpasswd._tcp.x.x.co.uk. 600 IN SRV 0 100 464 e2007.x.xco.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsRfc1510UdpKpwd: _kpasswd._udp.x.xco.uk. 600 IN SRV 0 100 464 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsLdap: _ldap._tcp.DomainDnsZones. x.x.co.uk. 600 IN SRV 0 100 389 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsLdap: _ldap._tcp.ForestDnsZones. x.x.co.uk. 600 IN SRV 0 100 389 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsLdapAtSite: _ldap._tcp.Default-First-S ite-Name._ sites.Fore stDnsZones .x.x.co.uk . 600 IN SRV 0 100 389 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsLdapAtSite: _ldap._tcp.Default-First-S ite-Name._ sites.Doma inDnsZones .x.x.co.uk . 600 IN SRV 0 100 389 e2007.x.xco.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsDsaCname: 6b4da3a2-cd4b-44f9-916e-73 943a413a87 ._msdcs.x. x.co.uk. 600 IN CNAME e2007.x.xco.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsGc: _ldap._tcp.gc._msdcs.x.xco .uk. 600 IN SRV 0 100 3268 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsGcAtSite: _ldap._tcp.Default-First-S ite-Name._ sites.gc._ msdcs.x.x. co.uk. 600 IN SRV 0 100 3268 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsGenericGc: _gc._tcp.x.xco.uk. 600 IN SRV 0 100 3268 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsGenericGcAtSite: _gc._tcp.Default-First-Sit e-Name._si tes.x.x.co .uk. 600 IN SRV 0 100 3268 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsPdc: _ldap._tcp.pdc._msdcs.x.xc o.uk. 600 IN SRV 0 100 389 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] Set DnsForestName to: x.x.co.uk
01/30 12:24:25 [DOMAIN] x: Adding new domain
01/30 12:24:25 [DOMAIN] Setting our computer name to E2007 e2007.x.x.co.uk
01/30 12:24:25 [DOMAIN] Setting Netbios domain name to x
01/30 12:24:25 [DOMAIN] Setting DNS domain name to x.x.co.uk.
01/30 12:24:25 [DOMAIN] Setting Domain GUID to 93326613-f438-49b7-a55e-38 e811753d10
01/30 12:24:25 [DOMAIN] Create domain phase 2
01/30 12:24:25 [DOMAIN] Changing role from NONE to PDC.
01/30 12:24:25 [SESSION] NlCheckServerSession: E2007: Skipping add of ourself
01/30 12:24:25 [CRITICAL] Can't add the 0x1B name because all transports are disabled
01/30 12:24:25 [MAILSLOT] NetpDcPingListIp: x.x.co.uk.: Sent UDP ping to 192.168.1.183
01/30 12:24:25 [CRITICAL] NetpDcGetNameIp: x.x.co.uk.: Couldn't ping any DCs.
01/30 12:24:25 [MAILSLOT] Sent 'Primary Query' message to ROTAMAT[1B] on all transports.
01/30 12:24:25 [CRITICAL] NlBrowserSendDatagram: No transports available
01/30 12:24:25 [CRITICAL] NetpDcGetNameNetbios: rotamat.huber.co.uk.: Cannot NlBrowserSendDatagram. (1B) 53
01/30 12:24:25 [CRITICAL] NetpDcGetName: rotamat.huber.co.uk.: IP and Netbios are both done.
01/30 12:24:26 [SESSION] NlInitTrustList: This domain has no parent in forest.
01/30 12:24:26 [SESSION] NlAddDomainTreeToTrustList : rotamat.huber.co.uk ignoring enterprise tree entry for ourself
01/30 12:24:26 [DOMAIN] DomainDnsZones.rotamat.hub er.co.uk: Adding new domain
01/30 12:24:26 [DOMAIN] (null): Setting our computer name to E2007 e2007.x.xco.uk
01/30 12:24:26 [DOMAIN] (null): Setting DNS domain name to DomainDnsZones.x.xco.uk
01/30 12:24:26 [DOMAIN] DomainDnsZones.x.x.co.uk: Setting Domain GUID to a797fb17-b797-4be5-9c81-6f 9d4ceee02f
01/30 12:24:26 [DOMAIN] ForestDnsZones.x.xco.uk: Adding new domain
01/30 12:24:26 [DOMAIN] (null): Setting our computer name to E2007 e2007.x.x.co.uk
01/30 12:24:26 [DOMAIN] (null): Setting DNS domain name to ForestDnsZones.x.x.co.uk
01/30 12:24:26 [DOMAIN] ForestDnsZones.x.xco.uk: Setting Domain GUID to 52f33a64-04d8-40ba-ad63-4f 21e8852ce3
01/30 12:24:26 [CRITICAL] NlUpdateDnsRootAlias: Ignoring DnsDomainNameAlias update for same alias name: (null) (null)
01/30 12:24:26 [CRITICAL] NlUpdateDnsRootAlias: Ignoring DnsForestNameAlias update for same alias name: (null) (null)
01/30 12:24:26 [MISC] NlpInitializeTrace succeeded 0
01/30 12:24:26 [INIT] 'SYSVOL' share is to 'C:\WINDOWS\SYSVOL\sysvol'
01/30 12:24:26 [INIT] 'SYSVOL' share already exists.
01/30 12:24:26 [INIT] 'SYSVOL' share current path is C:\WINDOWS\SYSVOL\sysvol
01/30 12:24:26 [INIT] 'NETLOGON' share is to 'C:\WINDOWS\SYSVOL\sysvol\ rotamat.hu ber.co.uk\ SCRIPTS'
01/30 12:24:26 [INIT] 'NETLOGON' share already exists.
01/30 12:24:26 [INIT] 'NETLOGON' share current path is C:\WINDOWS\SYSVOL\sysvol\r otamat.hub er.co.uk\S CRIPTS
01/30 12:24:26 [INIT] Starting RPC server.
01/30 12:24:26 [INIT] Started successfully
01/30 12:24:26 [INIT] NlInitTcpRpc thread finished.
01/30 12:24:26 [INIT] Group Policy is not defined for Netlogon
01/30 12:24:26 [INIT] Following are the effective values after parsing
01/30 12:24:26 [DNS] NlDnsScavenge: Starting DNS scavenge with: Normal RefreshDomainRecords 0 0
01/30 12:24:26 [CRITICAL] ROTAMAT: Can't add the 0x1B name because all transports are disabled
01/30 12:24:26 [SITE] GC list: Default-First-Site-Name e2007.x.x.co.uk
01/30 12:24:26 [SITE] DC list: Default-First-Site-Name e2007.x.x.co.uk
01/30 12:24:26 [MISC] NlSitesGetCloseSites returns successfully
01/30 12:24:26 [MISC] NlSitesGetCloseSites returns successfully
01/30 12:24:26 [SITE] NDNC list: Default-First-Site-Name e2007.x.x.co.uk
01/30 12:24:26 [MISC] NlSitesGetCloseSites returns successfully
01/30 12:24:26 [MISC] NlSitesGetCloseSites returns successfully
01/30 12:24:26 [SITE] NDNC list: Default-First-Site-Name e2007.x.xco.uk
01/30 12:24:26 [MISC] NlSitesGetCloseSites returns successfully
01/30 12:24:26 [MISC] NlSitesGetCloseSites returns successfully
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [DNS] NlDnsScavengeWorker: Set DNS scavenger to run in 6 minutes (301984).
01/30 12:24:27 [MISC] In control handler (Opcode: 4)
01/30 12:24:31 [MAILSLOT] Received ping from DELL-002 x.x.co.uk. (null) on UDP LDAP
01/30 12:24:31 [MAILSLOT] ROTAMAT: Ping response 'Sam Logon Response Ex' (null) to \\DELL-002 Site: Default-First-Site-Name on UDP LDAP
log from after stop/start netlogon
01/30 12:21:38 [MISC] DbFlag is set to 2080ffff
01/30 12:21:40 [LOGON] x: SamLogon: Network logon of e2007\jc from DELLWS08 Entered
01/30 12:21:40 [LOGON] x: NlPickDomainWithAccount: e2007\jc: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:21:40 [LOGON] x: SamLogon: Network logon of e2007\jc from DELLWS08 Returns 0x0
01/30 12:21:40 [LOGON] x: SamLogon: Network logon of e2007\jc from DELLWS08 Entered
01/30 12:21:40 [LOGON] x: NlPickDomainWithAccount: e2007\jc: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:21:40 [LOGON] x SamLogon: Network logon of e2007\jc from DELLWS08 Returns 0x0
01/30 12:21:50 [MAILSLOT] Received ping from DELLWS20 x.x.co.uk. (null) on UDP LDAP
01/30 12:21:50 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS20 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:05 [LOGON] x: SamLogon: Network logon of E2007\graham from DELL-001 Entered
01/30 12:22:05 [LOGON] x: NlPickDomainWithAccount: E2007\graham: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:22:05 [LOGON] x: SamLogon: Network logon of E2007\graham from DELL-001 Returns 0x0
01/30 12:22:06 [LOGON] x: SamLogon: Network logon of E2007\graham from DELL-001 Entered
01/30 12:22:06 [LOGON] x: NlPickDomainWithAccount: E2007\graham: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:22:06 [LOGON] x: SamLogon: Network logon of E2007\graham from DELL-001 Returns 0x0
01/30 12:22:09 [MAILSLOT] Received ping from DELLWS12 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:09 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS12 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:12 [MAILSLOT] Received ping from DELLWS25 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:12 [MAILSLOT]x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS25 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:15 [MAILSLOT] Received ping from DELLWS08 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:15 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS08 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:23 [MAILSLOT] Received ping from DELLWS23 x.xco.uk. (null) on UDP LDAP
01/30 12:22:23 [MAILSLOT]x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS23 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:28 [MAILSLOT] Received ping from DELLWS19 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:28 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS19 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:35 [LOGON] x: SamLogon: Network logon of E2007\rjw from DELLWS19 Entered
01/30 12:22:35 [LOGON] x: NlPickDomainWithAccount: E2007\rjw: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:22:36 [LOGON] x: SamLogon: Network logon of E2007\rjw from DELLWS19 Returns 0x0
01/30 12:22:37 [LOGON] x SamLogon: Network logon of E2007\rjw from DELLWS19 Entered
01/30 12:22:37 [LOGON] x: NlPickDomainWithAccount: E2007\rjw: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:22:37 [LOGON] x: SamLogon: Network logon of E2007\rjw from DELLWS19 Returns 0x0
01/30 12:22:46 [MAILSLOT] Received ping from DELLWS18 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:46 [MAILSLOT]x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS18 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:49 [MAILSLOT] Received ping from DELLWS11 x,x.co.uk. (null) on UDP LDAP
01/30 12:22:49 [MAILSLOT] ROTAMAT: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS11 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:53 [MAILSLOT] Received ping from DELLWS14 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:53 [MAILSLOT] x.x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS14 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:54 [MAILSLOT] Received ping from DELLWS14 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:54 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS14 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:54 [CRITICAL] AcceptSecurityContext: fefefefe.0: Can't NlFindNamedServerSession for DELLWS14
01/30 12:22:54 [MAILSLOT] Received ping from DELLWS14 x.x.co.uk. (null) on UDP LDAP
01/30 12:22:54 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS14 Site: Default-First-Site-Name on UDP LDAP
01/30 12:22:54 [SESSION] x NetrServerAuthenticate entered: DELLWS14 on account DELLWS14$ (Negot: 600fffff)
01/30 12:22:54 [SESSION] x: NetrServerAuthenticate returns Success: DELLWS14 on account DELLWS14$ (Negot: 600fffff)
01/30 12:22:54 [SESSION] x: NetrLogonGetDomainInfo: DELLWS14 1 Entered
01/30 12:22:54 [SESSION] x: NetrLogonGetDomainInfo: DELLWS14 is running NT 5.1 build 2600 (1)
01/30 12:22:54 [MISC] x: NetrLogonGetDomainInfo: DnsHostName of DELLWS14 is DellWS14.rotamat.huber.co.
01/30 12:22:54 [SESSION] x: NetrLogonGetDomainInfo: DELLWS14 1 Returns 0x0
01/30 12:23:02 [MISC] x: DsGetDcName function called: Dom:x.xco.uk Acct:(null) Flags: DS BACKGROUND RET_DNS
01/30 12:23:02 [MAILSLOT] Received ping from E2007 x.xco.uk (null) on <Local>
01/30 12:23:02 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\E2007 Site: Default-First-Site-Name on <Local>
01/30 12:23:02 [MISC] xT: DsGetDcName function returns 0: Dom:x.x.co.uk Acct:(null) Flags: DS BACKGROUND RET_DNS
01/30 12:23:02 [SITE] DsrGetSiteName: Returning site name 'Default-First-Site-Name' from local cache.
01/30 12:23:02 [MISC] x: DsGetDcName function called: Dom:x.x.co.uk Acct:(null) Flags: LDAPONLY DNS RET_DNS
01/30 12:23:02 [MAILSLOT] Received ping from E2007 x.xco.uk (null) on <Local>
01/30 12:23:02 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\E2007 Site: Default-First-Site-Name on <Local>
01/30 12:23:02 [MISC] x: DsGetDcName function returns 0: Dom:x.x.co.uk Acct:(null) Flags: LDAPONLY DNS RET_DNS
01/30 12:23:02 [MISC] x: DsGetDcName function called: Dom:x.xco.uk Acct:(null) Flags: LDAPONLY DNS RET_DNS
01/30 12:23:02 [MAILSLOT] Received ping from E2007 x.x.co.uk (null) on <Local>
01/30 12:23:02 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\E2007 Site: Default-First-Site-Name on <Local>
01/30 12:23:02 [MISC] x: DsGetDcName function returns 0: Dom:x.x.co.uk Acct:(null) Flags: LDAPONLY DNS RET_DNS
01/30 12:23:02 [LOGON] x: SamLogon: Generic logon of x.x.CO.UK\(null) from (null) Package:Kerberos Entered
01/30 12:23:02 [LOGON] x: SamLogon: Generic logon of x.x.CO.UK\(null) from (null) Package:Kerberos Returns 0x0
01/30 12:23:12 [MAILSLOT] Received ping from DELLWS04 x.x.co.uk. (null) on UDP LDAP
01/30 12:23:12 [MAILSLOT] x Ping response 'Sam Logon Response Ex' (null) to \\DELLWS04 Site: Default-First-Site-Name on UDP LDAP
01/30 12:23:20 [LOGON] x SamLogon: Generic logon of x.x.CO.UK\(null) from (null) Package:Kerberos Entered
01/30 12:23:20 [LOGON] x: SamLogon: Generic logon of x.x.CO.UK\(null) from (null) Package:Kerberos Returns 0x0
01/30 12:23:27 [MAILSLOT] Received ping from DELLWS16 x.x.CO.UK (null) on UDP LDAP
01/30 12:23:27 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS16 Site: Default-First-Site-Name on UDP LDAP
01/30 12:23:29 [MAILSLOT] Received ping from DELLWS22 x.x.co.uk. (null) on UDP LDAP
01/30 12:23:29 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS22 Site: Default-First-Site-Name on UDP LDAP
01/30 12:23:31 [LOGON] x: SamLogon: Generic logon of x.xCO.UK\(null) from (null) Package:Kerberos Entered
01/30 12:23:31 [LOGON] x SamLogon: Generic logon of x.x.CO.UK\(null) from (null) Package:Kerberos Returns 0x0
01/30 12:23:35 [LOGON] xT: SamLogon: Network logon of E2007\reception from DELLWS22 Entered
01/30 12:23:35 [LOGON] x: NlPickDomainWithAccount: E2007\reception: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:23:36 [LOGON] x SamLogon: Network logon of E2007\reception from DELLWS22 Returns 0x0
01/30 12:23:37 [LOGON] x SamLogon: Network logon of E2007\reception from DELLWS22 Entered
01/30 12:23:37 [LOGON] x NlPickDomainWithAccount: E2007\reception: Algorithm entered. UPN:0 Sam:1 Exp:0 Cross: 0 Root:1 DC:0
01/30 12:23:37 [LOGON] x: SamLogon: Network logon of E2007\reception from DELLWS22 Returns 0x0
01/30 12:23:47 [MAILSLOT] Received ping from DELLWS26 x.xco.uk. (null) on UDP LDAP
01/30 12:23:47 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS26 Site: Default-First-Site-Name on UDP LDAP
01/30 12:24:05 [MAILSLOT] Received ping from DELLWS13 rotamat.huber.co.uk. (null) on UDP LDAP
01/30 12:24:05 [MAILSLOT] x: Ping response 'Sam Logon Response Ex' (null) to \\DELLWS13 Site: Default-First-Site-Name on UDP LDAP
01/30 12:24:20 [MISC] In control handler (Opcode: 1)
01/30 12:24:20 [MISC] NlExit: Netlogon exiting 0 0x0
01/30 12:24:20 [DOMAIN] x: NlDeleteDomain called
01/30 12:24:20 [DOMAIN] x: Domain RefCount is zero. Domain being rundown.
01/30 12:24:20 [SESSION] x NlFreeServerSession: DELL-12: Freed server session
01/30 12:24:20 [SESSION] x: NlFreeServerSession: DELLWS13: Freed server session
01/30 12:24:20 [SESSION] x NlFreeServerSession: DELL-001: Freed server session
01/30 12:24:20 [SESSION] x: NlFreeServerSession: DELLWS08: Freed server session
01/30 12:24:20 [SESSION] xT: NlFreeServerSession: DELLWS14: Freed server session
01/30 12:24:20 [DOMAIN] DomainDnsZones.x.x.co.uk: NlDeleteDomain called
01/30 12:24:20 [DOMAIN] DomainDnsZones.x.xco.uk: Domain RefCount is zero. Domain being rundown.
01/30 12:24:20 [DOMAIN] NlDeleteDomain called
01/30 12:24:20 [DOMAIN] Domain RefCount is zero. Domain being rundown.
01/30 12:24:20 [SITE] Setting site name to '(null)'
01/30 12:24:25 [INIT] Group Policy is not defined for Netlogon
01/30 12:24:25 [INIT] Following are the effective values after parsing
01/30 12:24:25 [INIT] Sysvol = C:\WINDOWS\SYSVOL\sysvol
01/30 12:24:25 [INIT] Scripts = (null)
01/30 12:24:25 [INIT] RpcDacl = (null)
01/30 12:24:25 [INIT] SiteName (0) = Default-First-Site-Name
01/30 12:24:25 [INIT] Pulse = 300 (0x12c)
01/30 12:24:25 [INIT] Randomize = 1 (0x1)
01/30 12:24:25 [INIT] PulseMaximum = 7200 (0x1c20)
01/30 12:24:25 [INIT] PulseConcurrency = 10 (0xa)
01/30 12:24:25 [INIT] PulseTimeout1 = 10 (0xa)
01/30 12:24:25 [INIT] PulseTimeout2 = 300 (0x12c)
01/30 12:24:25 [INIT] MaximumMailslotMessages = 500 (0x1f4)
01/30 12:24:25 [INIT] MailslotMessageTimeout = 10 (0xa)
01/30 12:24:25 [INIT] MailslotDuplicateTimeout = 2 (0x2)
01/30 12:24:25 [INIT] ExpectedDialupDelay = 0 (0x0)
01/30 12:24:25 [INIT] ScavengeInterval = 900 (0x384)
01/30 12:24:25 [INIT] MaximumPasswordAge = 30 (0x1e)
01/30 12:24:25 [INIT] LdapSrvPriority = 0 (0x0)
01/30 12:24:25 [INIT] LdapSrvWeight = 100 (0x64)
01/30 12:24:25 [INIT] LdapSrvPort = 389 (0x185)
01/30 12:24:25 [INIT] LdapGcSrvPort = 3268 (0xcc4)
01/30 12:24:25 [INIT] KdcSrvPort = 88 (0x58)
01/30 12:24:25 [INIT] KerbIsDoneWithJoinDomainEn
01/30 12:24:25 [INIT] DnsTtl = 600 (0x258)
01/30 12:24:25 [INIT] DnsRefreshInterval = 86400 (0x15180)
01/30 12:24:25 [INIT] CloseSiteTimeout = 900 (0x384)
01/30 12:24:25 [INIT] SiteNameTimeout = 300 (0x12c)
01/30 12:24:25 [INIT] DuplicateEventlogTimeout = 14400 (0x3840)
01/30 12:24:25 [INIT] MaxConcurrentApi = 0 (0x0)
01/30 12:24:25 [INIT] NegativeCachePeriod = 45 (0x2d)
01/30 12:24:25 [INIT] BackgroundRetryInitialPeri
01/30 12:24:25 [INIT] BackgroundRetryMaximumPeri
01/30 12:24:25 [INIT] BackgroundRetryQuitTime = 0 (0x0)
01/30 12:24:25 [INIT] BackgroundSuccessfulRefres
01/30 12:24:25 [INIT] NonBackgroundSuccessfulRef
01/30 12:24:25 [INIT] DnsFailedDeregisterTimeout
01/30 12:24:25 [INIT] MaxLdapServersPinged = 55 (0x37)
01/30 12:24:25 [INIT] SiteCoverageRefreshInterva
01/30 12:24:25 [INIT] FtInfoUpdateInterval = 86400 (0x15180)
01/30 12:24:25 [INIT] DBFlag = 545325055 (0x2080ffff)
01/30 12:24:25 [INIT] MaximumLogFileSize = 20000000 (0x1312d00)
01/30 12:24:25 [INIT] RefusePasswordChange = FALSE
01/30 12:24:25 [INIT] AllowReplInNonMixed = FALSE
01/30 12:24:25 [INIT] AvoidSamRepl = TRUE
01/30 12:24:25 [INIT] AvoidLsaRepl = TRUE
01/30 12:24:25 [INIT] SignSecureChannel = TRUE
01/30 12:24:25 [INIT] SealSecureChannel = TRUE
01/30 12:24:25 [INIT] RequireSignOrSeal = TRUE
01/30 12:24:25 [INIT] RequireStrongKey = FALSE
01/30 12:24:25 [INIT] SysVolReady = TRUE
01/30 12:24:25 [INIT] UseDynamicDns = TRUE
01/30 12:24:25 [INIT] RegisterDnsARecords = TRUE
01/30 12:24:25 [INIT] AvoidPdcOnWan = FALSE
01/30 12:24:25 [INIT] AutoSiteCoverage = TRUE
01/30 12:24:25 [INIT] AvoidDnsDeregOnShutdown = TRUE
01/30 12:24:25 [INIT] DnsUpdateOnAllAdapters = FALSE
01/30 12:24:25 [INIT] Nt4Emulator = FALSE
01/30 12:24:25 [INIT] DisablePasswordChange = FALSE
01/30 12:24:25 [INIT] NeutralizeNt4Emulator = TRUE
01/30 12:24:25 [INIT] AllowSingleLabelDnsDomain = FALSE
01/30 12:24:25 [INIT] AllowExclusiveSysvolShareA
01/30 12:24:25 [INIT] AllowExclusiveScriptsShare
01/30 12:24:25 [INIT] AvoidLocatorAccountLookup = FALSE
01/30 12:24:25 [INIT] NeverPing = FALSE
01/30 12:24:25 [INIT] Command line parsed successfully ...
01/30 12:24:25 [SITE] Setting site name to 'Default-First-Site-Name'
01/30 12:24:25 [SITE] Adding subnet to site mappings from the DS
01/30 12:24:25 [SITE] There is only one site. All clients belong to it.
01/30 12:24:25 [SESSION] Winsock Addrs: 192.168.1.183 (1)
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsLdap: _ldap._tcp.x.xco.uk. 600 IN SRV 0 100 389 e2007.rx.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsLdapAtSite: _ldap._tcp.Default-First-S
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsDcByGuid: _ldap._tcp.93326613-f438-4
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsKdc: _kerberos._tcp.dc._msdcs.x
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsKdcAtSite: _kerberos._tcp.Default-Fir
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsDc: _ldap._tcp.dc._msdcs.x.x.c
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsDcAtSite: _ldap._tcp.Default-First-S
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsRfc1510Kdc: _kerberos._tcp.x.xco.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsRfc1510KdcAtSite: _kerberos._tcp.Default-Fir
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsRfc1510UdpKdc: _kerberos._udp.x.xco.uk. 600 IN SRV 0 100 88 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsRfc1510Kpwd: _kpasswd._tcp.x.x.co.uk. 600 IN SRV 0 100 464 e2007.x.xco.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsRfc1510UdpKpwd: _kpasswd._udp.x.xco.uk. 600 IN SRV 0 100 464 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsLdap: _ldap._tcp.DomainDnsZones.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsLdap: _ldap._tcp.ForestDnsZones.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsLdapAtSite: _ldap._tcp.Default-First-S
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsLdapAtSite: _ldap._tcp.Default-First-S
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsDsaCname: 6b4da3a2-cd4b-44f9-916e-73
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsGc: _ldap._tcp.gc._msdcs.x.xco
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsGcAtSite: _ldap._tcp.Default-First-S
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsGenericGc: _gc._tcp.x.xco.uk. 600 IN SRV 0 100 3268 e2007.x.x.co.uk.
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsGenericGcAtSite: _gc._tcp.Default-First-Sit
01/30 12:24:25 [DNS] NlDnsInitialize: Previously registered name noticed: NlDnsPdc: _ldap._tcp.pdc._msdcs.x.xc
01/30 12:24:25 [DNS] Set DnsForestName to: x.x.co.uk
01/30 12:24:25 [DOMAIN] x: Adding new domain
01/30 12:24:25 [DOMAIN] Setting our computer name to E2007 e2007.x.x.co.uk
01/30 12:24:25 [DOMAIN] Setting Netbios domain name to x
01/30 12:24:25 [DOMAIN] Setting DNS domain name to x.x.co.uk.
01/30 12:24:25 [DOMAIN] Setting Domain GUID to 93326613-f438-49b7-a55e-38
01/30 12:24:25 [DOMAIN] Create domain phase 2
01/30 12:24:25 [DOMAIN] Changing role from NONE to PDC.
01/30 12:24:25 [SESSION] NlCheckServerSession: E2007: Skipping add of ourself
01/30 12:24:25 [CRITICAL] Can't add the 0x1B name because all transports are disabled
01/30 12:24:25 [MAILSLOT] NetpDcPingListIp: x.x.co.uk.: Sent UDP ping to 192.168.1.183
01/30 12:24:25 [CRITICAL] NetpDcGetNameIp: x.x.co.uk.: Couldn't ping any DCs.
01/30 12:24:25 [MAILSLOT] Sent 'Primary Query' message to ROTAMAT[1B] on all transports.
01/30 12:24:25 [CRITICAL] NlBrowserSendDatagram: No transports available
01/30 12:24:25 [CRITICAL] NetpDcGetNameNetbios: rotamat.huber.co.uk.: Cannot NlBrowserSendDatagram. (1B) 53
01/30 12:24:25 [CRITICAL] NetpDcGetName: rotamat.huber.co.uk.: IP and Netbios are both done.
01/30 12:24:26 [SESSION] NlInitTrustList: This domain has no parent in forest.
01/30 12:24:26 [SESSION] NlAddDomainTreeToTrustList
01/30 12:24:26 [DOMAIN] DomainDnsZones.rotamat.hub
01/30 12:24:26 [DOMAIN] (null): Setting our computer name to E2007 e2007.x.xco.uk
01/30 12:24:26 [DOMAIN] (null): Setting DNS domain name to DomainDnsZones.x.xco.uk
01/30 12:24:26 [DOMAIN] DomainDnsZones.x.x.co.uk: Setting Domain GUID to a797fb17-b797-4be5-9c81-6f
01/30 12:24:26 [DOMAIN] ForestDnsZones.x.xco.uk: Adding new domain
01/30 12:24:26 [DOMAIN] (null): Setting our computer name to E2007 e2007.x.x.co.uk
01/30 12:24:26 [DOMAIN] (null): Setting DNS domain name to ForestDnsZones.x.x.co.uk
01/30 12:24:26 [DOMAIN] ForestDnsZones.x.xco.uk: Setting Domain GUID to 52f33a64-04d8-40ba-ad63-4f
01/30 12:24:26 [CRITICAL] NlUpdateDnsRootAlias: Ignoring DnsDomainNameAlias update for same alias name: (null) (null)
01/30 12:24:26 [CRITICAL] NlUpdateDnsRootAlias: Ignoring DnsForestNameAlias update for same alias name: (null) (null)
01/30 12:24:26 [MISC] NlpInitializeTrace succeeded 0
01/30 12:24:26 [INIT] 'SYSVOL' share is to 'C:\WINDOWS\SYSVOL\sysvol'
01/30 12:24:26 [INIT] 'SYSVOL' share already exists.
01/30 12:24:26 [INIT] 'SYSVOL' share current path is C:\WINDOWS\SYSVOL\sysvol
01/30 12:24:26 [INIT] 'NETLOGON' share is to 'C:\WINDOWS\SYSVOL\sysvol\
01/30 12:24:26 [INIT] 'NETLOGON' share already exists.
01/30 12:24:26 [INIT] 'NETLOGON' share current path is C:\WINDOWS\SYSVOL\sysvol\r
01/30 12:24:26 [INIT] Starting RPC server.
01/30 12:24:26 [INIT] Started successfully
01/30 12:24:26 [INIT] NlInitTcpRpc thread finished.
01/30 12:24:26 [INIT] Group Policy is not defined for Netlogon
01/30 12:24:26 [INIT] Following are the effective values after parsing
01/30 12:24:26 [DNS] NlDnsScavenge: Starting DNS scavenge with: Normal RefreshDomainRecords 0 0
01/30 12:24:26 [CRITICAL] ROTAMAT: Can't add the 0x1B name because all transports are disabled
01/30 12:24:26 [SITE] GC list: Default-First-Site-Name e2007.x.x.co.uk
01/30 12:24:26 [SITE] DC list: Default-First-Site-Name e2007.x.x.co.uk
01/30 12:24:26 [MISC] NlSitesGetCloseSites returns successfully
01/30 12:24:26 [MISC] NlSitesGetCloseSites returns successfully
01/30 12:24:26 [SITE] NDNC list: Default-First-Site-Name e2007.x.x.co.uk
01/30 12:24:26 [MISC] NlSitesGetCloseSites returns successfully
01/30 12:24:26 [MISC] NlSitesGetCloseSites returns successfully
01/30 12:24:26 [SITE] NDNC list: Default-First-Site-Name e2007.x.xco.uk
01/30 12:24:26 [MISC] NlSitesGetCloseSites returns successfully
01/30 12:24:26 [MISC] NlSitesGetCloseSites returns successfully
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [MISC] Eventlog: 5782 (2) 9852 0000267c |&..
01/30 12:24:26 [MISC] Didn't log event since it was already logged.
01/30 12:24:26 [DNS] NlDnsScavengeWorker: Set DNS scavenger to run in 6 minutes (301984).
01/30 12:24:27 [MISC] In control handler (Opcode: 4)
01/30 12:24:31 [MAILSLOT] Received ping from DELL-002 x.x.co.uk. (null) on UDP LDAP
01/30 12:24:31 [MAILSLOT] ROTAMAT: Ping response 'Sam Logon Response Ex' (null) to \\DELL-002 Site: Default-First-Site-Name on UDP LDAP
ASKER
i moved the zone to all dc in domain, stop/strat netlogon, refresh dns server console, but do not see sites folder.
Okay, some of those are NetBIOS related and we don't care about them. Others are DNS related, but the majority are because the _sites folder isn't listed.
Lets shift back to "All Domain Controllers in the AD Domain" for DNS replication. I'd like to delete and recreate the DomainDNSZones and ForestDNSZones partitions. As this is a destructive operation it would be great to get a System State backup of the DC before we do it.
Let me know when you're ready.
Chris
ASKER
in that case i will have to do a full backup tonight, as the tape loader is in use at the moment. Can we continue Monday?
Sure, although a backup of it using NTBackup to the disk would be perfectly acceptable for this if you wish to continue?
Chris
ASKER
oh ok. bear with me
ASKER
i have created a system state backup of the e2007
Okay, cool.
The next set of tasks involve deleting and recreating DomainDNSZones and ForestDNSZones. From the Command prompt run:
ntdsutil
Domain Management
Connections
Connect to Server e2007
Quit
Select Operation Target
List Naming Contexts
Note the names of DC=DomainDnsZones and DC=ForestDnsZones at this point. We don't want to delete anything else, that would make a mess.
Quit
Delete NC DC=DomainDnsZones,DC=rotam
Delete NC DC=ForestDnsZones,DC=rotam
Quit
Quit
Once this is done give it half an hour to think about it. Then:
1. Open the DNS Console
2. Right click on the DNS Server
3. Select "Create Default Application Directory Partitions"
That creates a new version of the partitions we've just deleted.
Chris
ASKER
done, fingers crossed.
ASKER
Done, and the deleted paartitions, (numbers 3+4) are back in the "naming contexts"
Okay. I bet it still refuses to add records when restarting NetLogon?
Chris
ASKER
the sites folder still has not been remade
Okay. Well that's about everything we can do with the DNS portion of Active Directory. I'm pretty confident that our problem doesn't actually sit there. It is, after all, happily accepting updates from clients on your network.
If you'd like to, change the zone back to Standard Primary (Change, next to Type and untick the box). Then we can add back in the _sites folder to cheer that up. You should find it's only missing these three:
_ldap._tcp.Default-First-S
_kerberos._tcp.Default-Fir
_gc._tcp.Default-First-Sit
And lets reduce logging on NetLogon again:
nltest /dbflag:0x0
Restarting NetLogon once more afterwards so the change takes effect.
Lets move back to the server level (rather than up with AD). When running "ipconfig /registerdns" do we still get errors that no DNS servers are configured? If we do, I'd like to look at the possibility of upgrading Network Card Drivers and potentially reinstalling the latest Windows Service Pack.
Chris
ASKER
No errors in DNS at all after doing ipconfig /registerdns
Changed the Type back to Primary without AD integeration.
How do i get the sites folder back?
Changed the Type back to Primary without AD integeration.
How do i get the sites folder back?
Stop the DNS service, head to the zone file again, paste the extra lines in. Anywhere you like, just don't overwrite things that are there :)
Remember to increment the Serial Number, then start the DNS service up again.
Chris
ASKER
sites are back
Good, at least there's that.
What do you think about updating the drivers and re-running SP2?
Chris
ASKER
can do over teh weekend.
One weird thing i get is that sforest/donain dns zones earlier i ahve been unable to access a snap server on teh network via teh name, eg: \\snap2, but works by \\192.168.1.7
Any ideas or is it time related?
One weird thing i get is that sforest/donain dns zones earlier i ahve been unable to access a snap server on teh network via teh name, eg: \\snap2, but works by \\192.168.1.7
Any ideas or is it time related?
ASKER
sorry let me re-type that.
Since the removal of the forest/domain dnszones, i have been unable to access the snap server via name, but ok to access it using ip address.
Since the removal of the forest/domain dnszones, i have been unable to access the snap server via name, but ok to access it using ip address.
ASKER
"No network provider accepted the given network path" is the error message.
ASKER
have updated teh nic drivers, downloading sp2 now.
Can you resolve Snap2 to an IP Address when you Ping it?
And we might consider adding a WINS server here, it tends to be for the best unless you completely disable NetBIOS over TCP/IP.
The weekend is fine I'll be out for some of it, but will respond as and when I'm around :)
Chris
ASKER
"ping request could not find host snap2. Please check teh name and try again" when ping snap2.
Just install Wins server as default config, or anything i need to change?
Just install Wins server as default config, or anything i need to change?
For that one you can just create Snap2 as a Host (A) Record in your Forward Lookup Zone. Then it will work.
Default configuration for WINS, but you will have to tell all the clients and servers to use it (TCP/IP configuration) :)
Chris
ASKER
Will do. Thanks.
Hey there,
No, it's not normal, but it shouldn't be too hard to fix.
This should not be listed in TCP/IP configuration: 208.67.222.222
The only servers you should list there *must* be able to answer for the AD Domain, that one will not be able to. If you wish to use your ISPs servers they should be listed in the Forwarders tab in the properties for your DNS server.
The same may apply to 192.168.1.3 listed as the Gateway. Does it host a zone for your AD Domain?
> [FATAL] Could not open file C:\WINDOWS\system32\config
Normally happens when you use the 32-bit version of NetDiag on a 64-bit system. Install the Support Tools from the Windows 2003 64-bit CD / DVD.
And finally, I advise you remove co.uk from your DNS Suffix Search List.
HTH
Chris