Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1907
  • Last Modified:

The DSA operation is unable to proceed because of a DNS lookup failure.

I have been working on this event error log for most of the day and I can't figure out why this is not resolving. The error message:

_____________________________________________________________________
Source: NTDS KCC
Event ID: 1265

The attempt to establish a replication link with parameters
 
 Partition: CN=Schema,CN=Configuration,DC=server,DC=f-clinic,DC=com
 Source DSA DN: CN=NTDS Settings,CN=SERVER4,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=server,DC=f-clinic,DC=com
 Source DSA Address: 2591aaa9-ddc4-4227-ac2a-b9454ad65985._msdcs.server.f-clinic.com
 Inter-site Transport (if any):
 
 failed with the following status:
 
 The DSA operation is unable to proceed because of a DNS lookup failure.
 
 The record data is the status code.  This operation will be retried.
_____________________________________________________________________

I have followed all of the steps that were recommended by Microsoft and others but it continues to give me that error.

I believe the issue is directly related to the fact that I have two DC's and every time I try to make the one that should be primary it resorts (changes) back to what should be the secondary on it's own. Anyone know whats going on?
0
bizzie247
Asked:
bizzie247
1 Solution
 
BigC666Commented:
0
 
PakaCommented:
Sounds like a DNS problem.  Try nslookup to see if you can resolve both servers (on both servers).  If you can't resolve, then ensure you have proper dns entries on tcp/ip settings.  It could also be a connectivity issue between between servers - check by pinging and tracert between the servers.

What do you mean by making one primary or secondary?  Are you setting up a primary/secondary DNS zone?  If so, you're much better off using an Active Directory integrated zone.
0
 
smeekCommented:
Download and install netdiag and dcdiag from Support Tools folder on CD.  Run them and dump to text file.  Can also google and download from MS site.

Look for errors to narrow down problem source.

Steve  
0
 
bizzie247Author Commented:
EVENTID.net  is the best thing since sliced bread!!!
0
 
LukeScharfCommented:
I ran into this recently.  ipconfig /all showed that I had ::1 (the IPv6 equivalent of 127.0.0.1) listed as the first DNS server, even though I hadn't explicitly specified it.  The host's was a half-configured AD controller with the DNS server installed, so there was a DNS listener on ::1 that was giving incorrect information.

A quick workaround was disable IPv6 on all active interfaces (which removes ::1 from the DNS search-list -- IPv6 still runs on the loopback adapter).  After that, I was able to go through the normal steps to repair the host's relationship with AD: dcpromo /forceremove, clean up the machine-account on the real AD controllers, add the host back to the domain, and run dcpromo to upgrade to full-blown AD controller.

Of course, if you use IPv6 for production work, then you will want to use a somewhat different solution.
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now