?
Solved

W2K DNS and Internet problem

Posted on 2003-03-03
10
Medium Priority
?
866 Views
Last Modified: 2010-03-19
Hello,

I have a W2K AS server setup, connected to an ADSL Router/ modem, which also acts as DHCP server. It is set up as a PDC, although at present their no other computers on the network. (other software installed is ZoneAlarm 3.7, Oracle8, SQL server2000 and Domino R5).

The problem appears to be DNS: it takes forever to get a web page to show up and when I try localhost or 127.0.0.1 in a browser I give up before the page ever loads. There are 3 recurrent entries in the Event Viewer (app log):


ERROR -  SceCli

Security policy cannot be propagated. Cannot access the template. Error code = 3.
     \\mydom.com\sysvol\mydom.com\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.


ERROR - userEnv


The Group Policy client-side extension Security was passed flags (17) and returned a failure status code of (3).


Do i need DNS running on my server? I tried to set DNS to point to the router but it was having none of it. When I select DNS from Admin tools it says specified DNS server cannot be contacted. What should I do?! I've set up Nt servers in the past but W2K is a bit more complex...

p.s. Why when I right click and select properties for a folder does nothing happen?


0
Comment
Question by:markhoy
  • 4
  • 3
  • 2
  • +1
10 Comments
 

Expert Comment

by:jezcalvert
ID: 8057219
This problem is more likely due to insuffcient rights to the sysvol. This comes about through the fact access is gained via the local NIC and requests are looped back to the local server OS.

If the server is a dual NIC server try changing the order of the NIC's in the Control Pannel, Network & Dial-up, Tools, Advanced, Advanced Settings.

This is a problem with authentication and authorisation, I think the DNS problem is a red herring. Just to be sure have you used nslookup to proove name resolution.

Also this fault has been posted before but I don't have the link. If you type the exact error code in google you should be able to find it.
0
 
LVL 7

Author Comment

by:markhoy
ID: 8057613
but any ideas why right click > properties doesn't work?
0
 
LVL 7

Author Comment

by:markhoy
ID: 8057702
The server only has one NIC. File and print sharing is enabled. I can't right click on the sysvol folde to check permissions.

Are you sure the incomplete dns isn't an issue? I can't get to localhost in a broswer and the error message says "can't get to \\mydom.com"
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Expert Comment

by:jezcalvert
ID: 8057764
That provides you with the properties of the individual NIC, the problem can be caused by the order of the NIC's. To change the order you need to use the Advanced Settings.
0
 
LVL 7

Author Comment

by:markhoy
ID: 8057895
If i select advance properties of my Network connection (LAN) on the adapters/ bindings tab it shows:
LOCAL AREA NETWORK

file and printer sharing
     internet protocol (tcp/ip)


client for MS networks
    internet protocol (tcp/ip)

PROVIDER ORDER:

Network providers
    MS Windows Network

print providers

The properties of the LAN connection shows me my NIC properties.

Going back to the DNS bit, my Domain is called mydom.com but my server is called nihal. Within explorer I see nihal as part of mydom and sysvol is shared. (and I turned off ZOneAlarm and checked the logs an hour later. The previous error msg has gone
sceCli - Security policy in the Group policy objects are applied successfully.

But now i get a new error msg:

warning - 5781 - winlogon -  Dynamic registration or deregistration of one or more DNS records failed because no DNS servers are available. )

so the sysvol has been found but http browsing still takes forever...



0
 
LVL 2

Expert Comment

by:mdnewell
ID: 8060825
Hello,
You need DNS to run a Win2k DC. Check MS for installing ddns. The 2k DC needs to put entries in the DNS server to run. If you didn't have DNS setup when you ran dcpromo it should have prompted you to set it up.

Try here also.
http://www.microsoft.com/windows2000/techinfo/howitworks/communications/nameadrmgmt/w2kdns.asp

(Text may wrap so cut and paste into browser)


Let me know if you can't find what you need to clear this up and I'll help further but right now I'm short on time.

HTH,
Mike.
0
 
LVL 2

Expert Comment

by:mdnewell
ID: 8061110
I forgot,
External DNS problems could be caused by zone alarm not allowing DNS requests out so check that. Once you have dns setup on your server point the forwarder to a public dns server or your ISP's DNS server.

Do you have ICS setup anywhere or is the server plugged directly into the router?
0
 
LVL 7

Author Comment

by:markhoy
ID: 8063124
Hello,

have worked out that DNS IS the problem. Will reconfigure today. ZOneAlarm was stopping Distributed File Services and causing the initial errors. The new error msg is DNS and I alreay worked that out. Thanks for the input mdnewell but I will ask for this question to be deleted.
0
 

Accepted Solution

by:
SpideyMod earned 0 total points
ID: 8065089
PAQ'd and points refunded.

SpideyMod
Community Support Moderator @Experts Exchange
0
 
LVL 2

Expert Comment

by:mdnewell
ID: 8066110
Glad you got it fixed.
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes clients can lose connectivity with the Lotus Notes Domino Server, but there's not always an obvious answer as to why it happens.   Read this article to follow one of the first experiences I had with Lotus Notes on a client's machine, my…
How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question