Solved

DNS SERVER FAILURE

Posted on 2003-11-28
9
2,949 Views
Last Modified: 2013-12-23
Hi,
My problem started with one of the users unable to see printers on the network he could see our pdc but not our bdc.
and I was unable to connect to the laptop either.

we removed laptop name from domain and tried to add into domain however we were unable to do so and got the following error
"DNS server failure£
(error code 0x0000232A RCODE_SERVER_FAILURE)
The query was for the SRV record for _ldap.tcp.dc.msdcs.XXX

The DNS server used by this computer contains incorrect root hints (it lists dns servers)
One or more of the following zones contains incorrect delegation:  (the root zone)

The wierd part about this is that the laptop is cannot connect to our domain and we have it in a workgroup however you can ping our pdc which is our DNS server but not bds which is also a DNS server.

If anyone can help would appreciate it.

p.s I will have the laptop in front of me on Monday.

thanks Edel7





0
Comment
Question by:edel7
  • 4
  • 3
  • 2
9 Comments
 
LVL 33

Expert Comment

by:MikeKane
ID: 9838168
Is this the only PC with the issue?   Any chance you could post a portion of your DNS logs?  


I found an issue related to this concerning 2000 workstations.   The error messages wer almost identical.   The resolution was to recreate the zone.  


I also found an issue that had to do with single label domain name (no .com or .net, etc.)  pointed to the follwing KB article - http://support.microsoft.com/?id=300684


Good Luck
0
 

Author Comment

by:edel7
ID: 9838267
Yes this is the only pc causing problems
Excuse my ignorance but how do you recreate the zone?

Thanks edel7
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 9838288
If the laptop is the only machine with the issue, do not recreate the zone on the server.  

Concentrate on the laptop.   What OS are you running?   Is your IP address DHCP or static?  
0
 

Author Comment

by:edel7
ID: 9838462
I am running windows XP and the ip address is dhcp
0
New! My Passport Wireless Pro Wi-Fi Mobile Storage

Portable wireless storage to offload, edit, and stream anywhere.

High-capacity, wireless mobile storage designed to accompany professional photographers and videographers in the field to easily offload, edit and stream captured photos and high-definition videos.

 
LVL 24

Accepted Solution

by:
SunBow earned 500 total points
ID: 9839473
Possibly it was hit with an exploit of DNS. Consider rebuilding it. Has it been loaded with all of the upgrades from MS, including those for the DNS exloits?

What used to be a fix, would be to use its registry, highlight DHCP, delete it all, reboot and let it self repair by reloading. I won't advise that. But attest to it having worked before.

Try examining all networking/TCP properties for the PC in question. Anything it has defined will override dhcp including dns servers, so run a search & destroy on any hard-coded addresses on the PC. Let it get the server addresses through dhcp. Revisit the dhcp server while you are at it, and look for corruptions.

Look also at default webpages and search engines, such as google. Some exploits are more definable by things they do such as for which servers are redefined.

Have you also run the latest AV patterns on it, such as from Symantec? These can ID some of the malwares that could have exploited you.

Run ipconfig/all to see what addresses it uses for dns, and verify them all.  Run a ping -a on them as further validation.

Look for rogue server on your network, maybe someone is running a browser service you want to know about.

Also consider running a static address as part of debugging, but in this case I do not think it necessary.

Install zonealarm, have it block everything, then report on any program trying to dial out. Also run TaskManager to see if there's anything running that you prefer to not run (but most exploits are simply redefining addresses to host files)
0
 
LVL 24

Expert Comment

by:SunBow
ID: 9839498
> SRV record for _ldap

Actually, LDAP is used to lookup mail records - for email. So, do suppose that you could be stuck with an exploited vulnerability (malware) that is trying to use its own smtp engine to send reports to about what is going on inside your network. I think it'd be wise to have this box as isolated as possible until you figure out what is wrong with it or rebuild it from scratch.  The latter may get it up quicker, while the former may give a clue as to how some infection got in, which would enable another method you can use to retrain staff in what to not do, such as clicking on popups that say they may have won something. Anything they win of course, belongs to the company who's equipment was used <heh>   ;-)

Get this box scanned!
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 9839534
Sunbow,  THose are good suggestions,  but I think those apply to a DNS issue that affects the DNS server, and symptons would show on all clients using that DNS, not just this one laptop.   Edel this is correct right?  Just this laptop has trouble?      If so, then concentrate on this laptop for the source of the trouble.  

Sunbow did mention a few points which you should lookat.   Any firewalls on this laptop?   AV on this laptop?   Have you run a Ad-aware scn on this laptop?      

Can you manually add another DNS if one is available and do you get the same issue?  

Can you run nslookup from the dos prompt and what's the result?

0
 

Author Comment

by:edel7
ID: 9849645
Yes it is just this laptop that is causing trouble I've ran nslookup and it is pointing to out dns server there are no firewalls on laptop, we didn't run ad-aware scn on laptop.

I have manually added the other dns server but same problem.

I have manually destroyed all ref to dns servers but problem still there

I am going to re-build machine this afternoon

Many thanks Edel
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 9850134
Last thing to attmept is a re-install of Internet Explorer.    You'd be surprised how many problems just go away after IE is reapplied.  

Good Luck
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now