Solved

DNS SERVER FAILURE

Posted on 2003-11-28
9
2,977 Views
Last Modified: 2013-12-23
Hi,
My problem started with one of the users unable to see printers on the network he could see our pdc but not our bdc.
and I was unable to connect to the laptop either.

we removed laptop name from domain and tried to add into domain however we were unable to do so and got the following error
"DNS server failure£
(error code 0x0000232A RCODE_SERVER_FAILURE)
The query was for the SRV record for _ldap.tcp.dc.msdcs.XXX

The DNS server used by this computer contains incorrect root hints (it lists dns servers)
One or more of the following zones contains incorrect delegation:  (the root zone)

The wierd part about this is that the laptop is cannot connect to our domain and we have it in a workgroup however you can ping our pdc which is our DNS server but not bds which is also a DNS server.

If anyone can help would appreciate it.

p.s I will have the laptop in front of me on Monday.

thanks Edel7





0
Comment
Question by:edel7
  • 4
  • 3
  • 2
9 Comments
 
LVL 33

Expert Comment

by:MikeKane
ID: 9838168
Is this the only PC with the issue?   Any chance you could post a portion of your DNS logs?  


I found an issue related to this concerning 2000 workstations.   The error messages wer almost identical.   The resolution was to recreate the zone.  


I also found an issue that had to do with single label domain name (no .com or .net, etc.)  pointed to the follwing KB article - http://support.microsoft.com/?id=300684


Good Luck
0
 

Author Comment

by:edel7
ID: 9838267
Yes this is the only pc causing problems
Excuse my ignorance but how do you recreate the zone?

Thanks edel7
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 9838288
If the laptop is the only machine with the issue, do not recreate the zone on the server.  

Concentrate on the laptop.   What OS are you running?   Is your IP address DHCP or static?  
0
Create the perfect environment for any meeting

You might have a modern environment with all sorts of high-tech equipment, but what makes it worthwhile is how you seamlessly bring together the presentation with audio, video and lighting. The ATEN Control System provides integrated control and system automation.

 

Author Comment

by:edel7
ID: 9838462
I am running windows XP and the ip address is dhcp
0
 
LVL 24

Accepted Solution

by:
SunBow earned 500 total points
ID: 9839473
Possibly it was hit with an exploit of DNS. Consider rebuilding it. Has it been loaded with all of the upgrades from MS, including those for the DNS exloits?

What used to be a fix, would be to use its registry, highlight DHCP, delete it all, reboot and let it self repair by reloading. I won't advise that. But attest to it having worked before.

Try examining all networking/TCP properties for the PC in question. Anything it has defined will override dhcp including dns servers, so run a search & destroy on any hard-coded addresses on the PC. Let it get the server addresses through dhcp. Revisit the dhcp server while you are at it, and look for corruptions.

Look also at default webpages and search engines, such as google. Some exploits are more definable by things they do such as for which servers are redefined.

Have you also run the latest AV patterns on it, such as from Symantec? These can ID some of the malwares that could have exploited you.

Run ipconfig/all to see what addresses it uses for dns, and verify them all.  Run a ping -a on them as further validation.

Look for rogue server on your network, maybe someone is running a browser service you want to know about.

Also consider running a static address as part of debugging, but in this case I do not think it necessary.

Install zonealarm, have it block everything, then report on any program trying to dial out. Also run TaskManager to see if there's anything running that you prefer to not run (but most exploits are simply redefining addresses to host files)
0
 
LVL 24

Expert Comment

by:SunBow
ID: 9839498
> SRV record for _ldap

Actually, LDAP is used to lookup mail records - for email. So, do suppose that you could be stuck with an exploited vulnerability (malware) that is trying to use its own smtp engine to send reports to about what is going on inside your network. I think it'd be wise to have this box as isolated as possible until you figure out what is wrong with it or rebuild it from scratch.  The latter may get it up quicker, while the former may give a clue as to how some infection got in, which would enable another method you can use to retrain staff in what to not do, such as clicking on popups that say they may have won something. Anything they win of course, belongs to the company who's equipment was used <heh>   ;-)

Get this box scanned!
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 9839534
Sunbow,  THose are good suggestions,  but I think those apply to a DNS issue that affects the DNS server, and symptons would show on all clients using that DNS, not just this one laptop.   Edel this is correct right?  Just this laptop has trouble?      If so, then concentrate on this laptop for the source of the trouble.  

Sunbow did mention a few points which you should lookat.   Any firewalls on this laptop?   AV on this laptop?   Have you run a Ad-aware scn on this laptop?      

Can you manually add another DNS if one is available and do you get the same issue?  

Can you run nslookup from the dos prompt and what's the result?

0
 

Author Comment

by:edel7
ID: 9849645
Yes it is just this laptop that is causing trouble I've ran nslookup and it is pointing to out dns server there are no firewalls on laptop, we didn't run ad-aware scn on laptop.

I have manually added the other dns server but same problem.

I have manually destroyed all ref to dns servers but problem still there

I am going to re-build machine this afternoon

Many thanks Edel
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 9850134
Last thing to attmept is a re-install of Internet Explorer.    You'd be surprised how many problems just go away after IE is reapplied.  

Good Luck
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question