Link to home
Start Free TrialLog in
Avatar of eberhardt2329
eberhardt2329

asked on

dns issues

Hello Everyday at this client they have to reboot there server for there internet to come back. I looked in the event viewer, and have allot of this message. Please help

event id 4000

The DNS server was unable to open Active Directory.  This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.
Avatar of mikeleebrla
mikeleebrla
Flag of United States of America image

can you give us a little more about their setup? how many DCs? how many DNS servers? do they run dhcp etc?

is this DNS server pointed to itself for DNS name resolution?
is this dns server a standard or AD indegrated DNS server?
Avatar of eberhardt2329
eberhardt2329

ASKER

There are two 2003 servers at two different scholls. it is running active directory. I am more of a novell guy so anything you can do to help would be great. They are both running dhcp, and dns. and they are pointed back at the same ip address fopr dns. everythig is working right now because I rebooted, but how do I make sure this does not happen wednesday?
what IP address are they pointed to for DNS name resolution? they both should be pointed to themselves.
from looking at this (and your other post on the same problem) it looks like a simple DNS issue.  It looks like these (servers DNS and DHCP) can't authenticate w/ AD since they can't see it b/c of DNS problems.

are both of these 2003 servers in the same or different domains?
they are all conected. I have found two other issues on the event viewer. 4015, and 4016 all kinda relate to the same thing. The server I am on right now does resolve to itself for dns, but the other server resolved to another dns, if I put it to its own ip, then the internet stops working. I will put it to teh ip address of this server and test. Thank you so much, and I am sorry I am having such issues with this
well DNS is definetly not configured right.  the way it SHOULD be set up is all machines (servers and workstatiions) should be pointed to an active directory DNS server (usually a domain controller).  These internal/private DNS servers will use "root hints" to answer queries that they dont know the answer to.  you can put any ISPs public dns server on the FORWARDERS tab of the dns server.  In this case your internal dns server will forward queries it doesnt know the answer to to this ISPs dns server.  you do this b/c sometimes the root hints servers are busy.

see this dns FAQ page below:

http://support.microsoft.com/kb/291382

also,  after you make ANY change flush the machines dns cache out that you are testing the result of the change on. the command for this is ipconfig -flushdns

also, rather than testing by seeing if the machine can go out to the internet, test it by doing an NSLOOKUP. for example run nslookup www.yahoo.com and see which error you get.  post your errors here.  this will help you out alot more than simply knowing that "the machine can't get out to the internet"
what I did on both machine is set the primary dns as themselves, and the secopndary as the other dns and this seems to be working. I will flush dns and make sure it is still working. is this why it was stopping everyday? it woul deventually time out because of dns? I need to make sure this does not continue toi happen, I will post back after I flush dns. Thank youi so much
ok I flushed both dns, and ran nslookup on both. this is what I get

1st server
Server:  gusdsrv2.gusd.local
Address:  204.48.199.251

DNS request timed out.
    timeout was 2 seconds.
*** Request to gusdsrv2.gusd.local timed-out

2nd server
Server:  UnKnown
Address:  204.48.198.250

DNS request timed out.
    timeout was 2 seconds.
*** Request to UnKnown timed-out

Then I just tried to get to yahoo.com and both connected no problem.. What do I need to do?
what did you do and nslookup on?  nslookup www.yahoo.com or what?

do you have a forwarder setup on each of the DNS servers?  this is done by opening the DNS console, rightclicking on the server, choose properties, then go to the fowarders tab.  you can put the IP address of any public DNS server there.

66.218.71.63 and 216.109.116.17 are two of yahoo's DNS servers.

i also noticed that these DNS servers have PUBLIC addresses (204.48.198.250). why is that? do all the workstations at this site have public ips assigned to them?
yes I put in nslookup -www.yahoo.com

 i will check teh forwarders
ASKER CERTIFIED SOLUTION
Avatar of mikeleebrla
mikeleebrla
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Are you getting an Event ID: 4013 with it also?
If so look ath this MS KB: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q316685

mikeleebrla - Has a valid point and intrest in the Public IP rather than and internal IP set like 192.168.x.x What are your Servers TCP/IP settitgs for Primary and Secondary DNS Servers? They should point to the same IP numbers as the Windows DNS servers IP. Usually they point to themselves...