Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

DNS Troubles?

Posted on 2003-02-24
6
Medium Priority
?
147 Views
Last Modified: 2010-03-18
I have a member server and 1 domain controller in my entire network. My member server logs into the domain with no problem, views and uses network shares with no problem, recieves DHCP info from this DC with no problem, etc. But if I try to view active directory users and computers from this machine, I get this message: "Naming information cannot be located because No authority could be contacted for authentication..." I actually reformatted the member server and started over, it worked fine for about an hour then went back to giving me this message. I also lost the ability to access the internet via NAT at this time, I cannot even access the net in the DC anymore unless I disable the private interface net card, everything was working fine earlier today - Whats going on?
0
Comment
Question by:Drizzt420
6 Comments
 
LVL 3

Expert Comment

by:netnightmare
ID: 8014648
If you do ipconfig /all from the member server does it list the IP of the DNS server? When you lose connectivity can you still ping the DC by IP and NETBIOS? I suspect it isn't getting this properly from the DHCP service. Try statically assigning the IP and DNS server IP addresses and see if this resolves it.

Dave
0
 
LVL 4

Author Comment

by:Drizzt420
ID: 8016004
I can ping the domain from the member using name and ip, vice versa is also true. I can delete all the dns entries for member server and do a succesful /registerdns

I DO NOT lose connectivity ever, I simply cannot view the active directory from the member server, which is preventing me from installing Exchange 2000 on this box
0
 
LVL 18

Expert Comment

by:chicagoan
ID: 8016689
Do you have have 2 network interfaces?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 22

Expert Comment

by:kristinaw
ID: 8018551
what service pack are you running? I used to have this problem a couple of years ago after first upgrading my domain. i, too, thought it was dns related. ipconfig /flushdns would fix the problem for awhile, but it would always return.

i also noticed that when the problem would occur and i would try to ping my domain controller (or anything else for that matter), it would reply with its netbios name rather than the fqdn. i finally solved the problem by disabling the 'dns client' service on my pc, and any other affected boxes. apparently what happens is the client has a dns cache which it checks before querying the dns server. for whatever reason, the client 'forgets' to go out and query the server whenever something isn't in its cache, and then you get all sorts of freaky problems.

so, disabling the dns client service causes the machine to always query the dns server. a little more traffic, sure, which i was more than willing to accept to get rid of such a frustrating problem.

btw, you can disable the service through windows group policy. very convenient if you decide to turn it off on a large number of clients.

hth,
kris.
0
 

Expert Comment

by:AltonD
ID: 8022423
does the server reference the DC DNS?

try this on the DC DNS:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;300202

I had same problem.  This fixed it.

Alton
0
 

Accepted Solution

by:
Laith98 earned 400 total points
ID: 8032333
Hi there Drizzt:
you error message is
"Naming Convention could not be located because:
No authority could be contacted for authentication.
Contact your system administrator to verify that your domain is properly configured and is currently online"

here is the solution:

Please do it first on the member server and if it is still does not  work do it on the DC

These errors may occur if the Kerberos realm is NOT equal to the NetBIOS domain name.

To fix this problem:

1. Use the Regedt32 to navigate to HKEY_LOCAL_MACHINE\SECURITY.

2. Use the Security / Permissions menu to grant Full Control to Administrators.

3. Navigate to HKEY_LOCAL_MACHINE\SECURITY\Policy\PolAcDmN.

4. Select the <No Name> Value Name and press Display Binary Data on the View menu.

5. The ASCII text in the Binary Data is the Kerberos realm, which must be the same as the NetBIOS domain name. To check it, navigate to HKEY_LOCAL_MACHINE\SECURITY\Policy\PolPrDmN, select the <No Name> Value Name and press Display Binary Data on the View menu. Select the Byte option on the Binary Data dialog. The ASCII text is the NetBIOS domain name. If the Kerberos realm is equal to the NetBIOS domain name, exit this procedure.

6. Double-click the <No Name> Value Name at HKEY_LOCAL_MACHINE\SECURITY\Policy\PolPrDmN.

7. Press CTRL+C to copy the data from the Binary Editor to the clipboard.

8. Double-click the <No Name> Value Name at HKEY_LOCAL_MACHINE\SECURITY\Policy\PolAcDmN.

9. Press CTRL+V to paste the NetBIOS domain name from the clipboard to the Kerberos realm in the Binary Editor.

NOTE: After making the above change, repeat steps 3 through 5 to verify that the Kerberos realm and the NetBIOS domain name are equal.

NOTE: You must shutdown and restart your server for these changes to take effect
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question