Solved

DNS name does not exist error

Posted on 2004-10-21
1,902 Views
Last Modified: 2008-07-19
I just re-installed WinXP Pro from scratch on a box that was previously on the network.  Now I am getting the following error when trying to add this PC to the domain.  Any thoughts as to why?  Currently no other computer on the network is experiencing any problems.

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain HANNIBALBPW.ORG:

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.HANNIBALBPW.ORG

Common causes of this error include the following:

- The DNS SRV record is not registered in DNS.

- One or more of the following zones do not include delegation to its child zone:

HANNIBALBPW.ORG
ORG
. (the root zone)

For information about correcting this problem, click Help.
0
Question by:spectraflame
    6 Comments
     
    LVL 82

    Expert Comment

    by:oBdA
    Your DNS server settings are incorrect; either on the client, or on the server (or both).
    Verify that the SRV records are existing (see link below).
    Then I'll give you the whole nine yards, check this against your setup:

    *** TCP/IP-Settings ***
    * On your first DC/DNS, make sure the only DNS listed in the TCP/IP properties is itself.
    * On additional DCs, let them point to the first DC as primary, to themselves as secondary.
    * On your domain members, enter your internal DCs.
    * Do NOT enter your ISP's DNS server in the TCP/IP settings on any domain member. All DNS resolution needs to be done by your internal DNS servers *only*.

    *** DNS Server Settings ***
    * Delete the root zone (if present) in your DNS servers' forward lookup zones (the single dot, "."), to enable external lookups.
    * Right-click your forward and reverse lookup zones, and make sure that they Dynamic Updates are enabled.
    * In the properties page of your DNS servers, configure forwarders to point to your ISP's DNS. The forwarders section is the *only* entry in your network where your ISP's DNS should be listed.
    * It's recommended (but not necessary) to set your zones to Active Directory integrated (this can be done in the properties of the zones as well).

    Once you've checked this, open a command prompt and enter "ipconfig /registerdns", then stop and re-start the netlogon service. Check if the SRV records have been created (see link below).
    For further troubleshooting, you can use dcdiag.exe and netdiag.exe to check your system for errors in the domain setup.

    Troubleshooting Active Directory DNS Errors in Windows 2000
    http://www.microsoft.com/windows2000/dns/tshoot/dns_tshoot2A.asp

    Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS
    http://support.microsoft.com/?kbid=291382

    Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003
    http://support.microsoft.com/?kbid=825036

    HOW TO: Troubleshoot DNS Name Resolution on the Internet in Windows 2000
    http://support.microsoft.com/?kbid=316341

    HOW TO: Configure DNS for Internet Access in Windows 2000
    http://support.microsoft.com/?kbid=300202

    Troubleshooting Common Active Directory Setup Issues in Windows 2000
    http://support.microsoft.com/?kbid=260371

    How to Verify the Creation of SRV Records for a Domain Controller
    http://support.microsoft.com/?kbid=241515

    How Domain Controllers Are Located in Windows
    http://support.microsoft.com/?kbid=247811

    How Domain Controllers Are Located in Windows XP
    http://support.microsoft.com/?kbid=314861

    HOW TO: Use the Network Diagnostics Tool (Netdiag.exe) in Windows 2000
    http://support.microsoft.com/?kbid=321708

    DCDiag and NetDiag in Windows 2000 Facilitate Domain Join and DC Creation
    http://support.microsoft.com/?kbid=265706

    Do not install the Support Tools from your installation CD, some tools were updates by the Service Packs. Here's the current version:
    Windows 2000 SP4 Support Tools
    http://www.microsoft.com/windows2000/downloads/servicepacks/SP4/supporttools.asp

    SRV Resource Records May Not Be Created on Domain Controller
    http://support.microsoft.com/?kbid=239897
    0
     

    Author Comment

    by:spectraflame
    I ran the following command on my one and only DC/DNS server.

    nslookup
    set type=all
    _ldap._tcp.dc._msdcs.hannibalbpw.org

    The result was unknown, can't find.


    From your suggestions, the only root zone that I found was in the cached folder. Is that the one that should be deleted?

    When I right clicked on the forward and reverse lookup zones, I did not see any place to enable dynamic updates.

    When I looked at the forwarders tab of the DNS properties, there is no IP address listed there at all?  Should there be?

    The follow are the statements that I found in the DNS event viewer on 9/19/04 at 11:16:57 am.

    The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.

    The DNS server was unable to complete directory service enumeration of zone _msdcs.hannibalbpw.org.  This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.

    Does this help any?
    Matthew
    0
     
    LVL 82

    Expert Comment

    by:oBdA
    If you go to forwarders tab, the root zone isn't present, so that's okay.
    Dynamic Updates are enabled in the properties of the zones (right-click the zone - properties).
    If you don't have the _msdcs forward lookup zone in your DNS (you can check that using the DNS MMC as well), that's one of the problems.
    You don't really need to define forwarders (external lookups will then use the root hints), but it can speed up external lookups a bit if you define your ISP's DNS servers there. Just make sure that they're listed *nowhere* in the TCP/IP settings as DNS servers in your network.
    So for your single DC/DNS, verify that you have the following setup:
    *** TCP/IP-Settings ***
    * On your DC/DNS, make sure the only DNS listed in the TCP/IP properties is itself.
    * On your domain members, enter your DC *only* as DNS server.

    *** DNS Server Settings ***
    * Right-click your forward and reverse lookup zones, choose properties, and make sure that they Dynamic Updates are enabled.
    * In the properties page of your DNS servers, configure forwarders to point to your ISP's DNS. The forwarders section is the *only* entry in your network where your ISP's DNS should be listed.
    * It's recommended (but not necessary) to set your zones to Active Directory integrated (this can be done in the properties of the zones as well).

    Then continue as described above.
    0
     

    Author Comment

    by:spectraflame
    For whatever it is worth, after starting and stopping the DNS services I was able to add the PC to the domain.

    I do have the _msdcs forward lookup zone.

    The only thing that concerns me now is when I run the nslookup, the server is still unknown.  Shouldn't I be seeing the server name along with the IP address?

    My choices for Dynamic Updates are Secure, Secure & Non-Secure, or None.  Currently it is set to Secure.  Is this correct?  I forgot to mention earlier that this is 2003 Server.

    Matthew
    0
     
    LVL 82

    Accepted Solution

    by:
    Secure should work; this setting allows only machines that authenticated successfully to register themselves (and is only available if the zone is AD integrated).
    The reason you don't get the DNS server name is that you don't have a reverse lookup zone. Create one for your network, allow dynamic updates as well, enter "ipconfig /registerdns" on your DC, and you should see the server name as well.
    0
     

    Author Comment

    by:spectraflame
    Thanks for all of your assistance.

    Matthew
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Free Trending Threat Insights Every Day

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
    Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
    This video Micro Tutorial is the first in a two-part series that shows how to create and use custom scanning profiles in Nuance's PaperPort 14.5 (http://www.experts-exchange.com/articles/17490/). But the ability to create custom scanning profiles al…
    Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

    913 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now