My problem started with one of the users unable to see printers on the network he could see our pdc but not our bdc.
and I was unable to connect to the laptop either.

we removed laptop name from domain and tried to add into domain however we were unable to do so and got the following error
"DNS server failure£
(error code 0x0000232A RCODE_SERVER_FAILURE)
The query was for the SRV record for _ldap.tcp.dc.msdcs.XXX

The DNS server used by this computer contains incorrect root hints (it lists dns servers)
One or more of the following zones contains incorrect delegation:  (the root zone)

The wierd part about this is that the laptop is cannot connect to our domain and we have it in a workgroup however you can ping our pdc which is our DNS server but not bds which is also a DNS server.

If anyone can help would appreciate it.

p.s I will have the laptop in front of me on Monday.

thanks Edel7

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Is this the only PC with the issue?   Any chance you could post a portion of your DNS logs?  

I found an issue related to this concerning 2000 workstations.   The error messages wer almost identical.   The resolution was to recreate the zone.  

I also found an issue that had to do with single label domain name (no .com or .net, etc.)  pointed to the follwing KB article - http://support.microsoft.com/?id=300684

Good Luck
edel7Author Commented:
Yes this is the only pc causing problems
Excuse my ignorance but how do you recreate the zone?

Thanks edel7
If the laptop is the only machine with the issue, do not recreate the zone on the server.  

Concentrate on the laptop.   What OS are you running?   Is your IP address DHCP or static?  
PMI ACP® Project Management

Prepare for the PMI Agile Certified Practitioner (PMI-ACP)® exam, which formally recognizes your knowledge of agile principles and your skill with agile techniques.

edel7Author Commented:
I am running windows XP and the ip address is dhcp
Possibly it was hit with an exploit of DNS. Consider rebuilding it. Has it been loaded with all of the upgrades from MS, including those for the DNS exloits?

What used to be a fix, would be to use its registry, highlight DHCP, delete it all, reboot and let it self repair by reloading. I won't advise that. But attest to it having worked before.

Try examining all networking/TCP properties for the PC in question. Anything it has defined will override dhcp including dns servers, so run a search & destroy on any hard-coded addresses on the PC. Let it get the server addresses through dhcp. Revisit the dhcp server while you are at it, and look for corruptions.

Look also at default webpages and search engines, such as google. Some exploits are more definable by things they do such as for which servers are redefined.

Have you also run the latest AV patterns on it, such as from Symantec? These can ID some of the malwares that could have exploited you.

Run ipconfig/all to see what addresses it uses for dns, and verify them all.  Run a ping -a on them as further validation.

Look for rogue server on your network, maybe someone is running a browser service you want to know about.

Also consider running a static address as part of debugging, but in this case I do not think it necessary.

Install zonealarm, have it block everything, then report on any program trying to dial out. Also run TaskManager to see if there's anything running that you prefer to not run (but most exploits are simply redefining addresses to host files)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
> SRV record for _ldap

Actually, LDAP is used to lookup mail records - for email. So, do suppose that you could be stuck with an exploited vulnerability (malware) that is trying to use its own smtp engine to send reports to about what is going on inside your network. I think it'd be wise to have this box as isolated as possible until you figure out what is wrong with it or rebuild it from scratch.  The latter may get it up quicker, while the former may give a clue as to how some infection got in, which would enable another method you can use to retrain staff in what to not do, such as clicking on popups that say they may have won something. Anything they win of course, belongs to the company who's equipment was used <heh>   ;-)

Get this box scanned!
Sunbow,  THose are good suggestions,  but I think those apply to a DNS issue that affects the DNS server, and symptons would show on all clients using that DNS, not just this one laptop.   Edel this is correct right?  Just this laptop has trouble?      If so, then concentrate on this laptop for the source of the trouble.  

Sunbow did mention a few points which you should lookat.   Any firewalls on this laptop?   AV on this laptop?   Have you run a Ad-aware scn on this laptop?      

Can you manually add another DNS if one is available and do you get the same issue?  

Can you run nslookup from the dos prompt and what's the result?

edel7Author Commented:
Yes it is just this laptop that is causing trouble I've ran nslookup and it is pointing to out dns server there are no firewalls on laptop, we didn't run ad-aware scn on laptop.

I have manually added the other dns server but same problem.

I have manually destroyed all ref to dns servers but problem still there

I am going to re-build machine this afternoon

Many thanks Edel
Last thing to attmept is a re-install of Internet Explorer.    You'd be surprised how many problems just go away after IE is reapplied.  

Good Luck
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking

From novice to tech pro — start learning today.