Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

DNS name does not exist error

Posted on 2004-10-21
6
Medium Priority
?
1,935 Views
Last Modified: 2008-07-19
I just re-installed WinXP Pro from scratch on a box that was previously on the network.  Now I am getting the following error when trying to add this PC to the domain.  Any thoughts as to why?  Currently no other computer on the network is experiencing any problems.

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain HANNIBALBPW.ORG:

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.HANNIBALBPW.ORG

Common causes of this error include the following:

- The DNS SRV record is not registered in DNS.

- One or more of the following zones do not include delegation to its child zone:

HANNIBALBPW.ORG
ORG
. (the root zone)

For information about correcting this problem, click Help.
0
Comment
Question by:spectraflame
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 85

Expert Comment

by:oBdA
ID: 12373432
Your DNS server settings are incorrect; either on the client, or on the server (or both).
Verify that the SRV records are existing (see link below).
Then I'll give you the whole nine yards, check this against your setup:

*** TCP/IP-Settings ***
* On your first DC/DNS, make sure the only DNS listed in the TCP/IP properties is itself.
* On additional DCs, let them point to the first DC as primary, to themselves as secondary.
* On your domain members, enter your internal DCs.
* Do NOT enter your ISP's DNS server in the TCP/IP settings on any domain member. All DNS resolution needs to be done by your internal DNS servers *only*.

*** DNS Server Settings ***
* Delete the root zone (if present) in your DNS servers' forward lookup zones (the single dot, "."), to enable external lookups.
* Right-click your forward and reverse lookup zones, and make sure that they Dynamic Updates are enabled.
* In the properties page of your DNS servers, configure forwarders to point to your ISP's DNS. The forwarders section is the *only* entry in your network where your ISP's DNS should be listed.
* It's recommended (but not necessary) to set your zones to Active Directory integrated (this can be done in the properties of the zones as well).

Once you've checked this, open a command prompt and enter "ipconfig /registerdns", then stop and re-start the netlogon service. Check if the SRV records have been created (see link below).
For further troubleshooting, you can use dcdiag.exe and netdiag.exe to check your system for errors in the domain setup.

Troubleshooting Active Directory DNS Errors in Windows 2000
http://www.microsoft.com/windows2000/dns/tshoot/dns_tshoot2A.asp

Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382

Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003
http://support.microsoft.com/?kbid=825036

HOW TO: Troubleshoot DNS Name Resolution on the Internet in Windows 2000
http://support.microsoft.com/?kbid=316341

HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/?kbid=300202

Troubleshooting Common Active Directory Setup Issues in Windows 2000
http://support.microsoft.com/?kbid=260371

How to Verify the Creation of SRV Records for a Domain Controller
http://support.microsoft.com/?kbid=241515

How Domain Controllers Are Located in Windows
http://support.microsoft.com/?kbid=247811

How Domain Controllers Are Located in Windows XP
http://support.microsoft.com/?kbid=314861

HOW TO: Use the Network Diagnostics Tool (Netdiag.exe) in Windows 2000
http://support.microsoft.com/?kbid=321708

DCDiag and NetDiag in Windows 2000 Facilitate Domain Join and DC Creation
http://support.microsoft.com/?kbid=265706

Do not install the Support Tools from your installation CD, some tools were updates by the Service Packs. Here's the current version:
Windows 2000 SP4 Support Tools
http://www.microsoft.com/windows2000/downloads/servicepacks/SP4/supporttools.asp

SRV Resource Records May Not Be Created on Domain Controller
http://support.microsoft.com/?kbid=239897
0
 

Author Comment

by:spectraflame
ID: 12373841
I ran the following command on my one and only DC/DNS server.

nslookup
set type=all
_ldap._tcp.dc._msdcs.hannibalbpw.org

The result was unknown, can't find.


From your suggestions, the only root zone that I found was in the cached folder. Is that the one that should be deleted?

When I right clicked on the forward and reverse lookup zones, I did not see any place to enable dynamic updates.

When I looked at the forwarders tab of the DNS properties, there is no IP address listed there at all?  Should there be?

The follow are the statements that I found in the DNS event viewer on 9/19/04 at 11:16:57 am.

The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.

The DNS server was unable to complete directory service enumeration of zone _msdcs.hannibalbpw.org.  This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.

Does this help any?
Matthew
0
 
LVL 85

Expert Comment

by:oBdA
ID: 12374042
If you go to forwarders tab, the root zone isn't present, so that's okay.
Dynamic Updates are enabled in the properties of the zones (right-click the zone - properties).
If you don't have the _msdcs forward lookup zone in your DNS (you can check that using the DNS MMC as well), that's one of the problems.
You don't really need to define forwarders (external lookups will then use the root hints), but it can speed up external lookups a bit if you define your ISP's DNS servers there. Just make sure that they're listed *nowhere* in the TCP/IP settings as DNS servers in your network.
So for your single DC/DNS, verify that you have the following setup:
*** TCP/IP-Settings ***
* On your DC/DNS, make sure the only DNS listed in the TCP/IP properties is itself.
* On your domain members, enter your DC *only* as DNS server.

*** DNS Server Settings ***
* Right-click your forward and reverse lookup zones, choose properties, and make sure that they Dynamic Updates are enabled.
* In the properties page of your DNS servers, configure forwarders to point to your ISP's DNS. The forwarders section is the *only* entry in your network where your ISP's DNS should be listed.
* It's recommended (but not necessary) to set your zones to Active Directory integrated (this can be done in the properties of the zones as well).

Then continue as described above.
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 

Author Comment

by:spectraflame
ID: 12383612
For whatever it is worth, after starting and stopping the DNS services I was able to add the PC to the domain.

I do have the _msdcs forward lookup zone.

The only thing that concerns me now is when I run the nslookup, the server is still unknown.  Shouldn't I be seeing the server name along with the IP address?

My choices for Dynamic Updates are Secure, Secure & Non-Secure, or None.  Currently it is set to Secure.  Is this correct?  I forgot to mention earlier that this is 2003 Server.

Matthew
0
 
LVL 85

Accepted Solution

by:
oBdA earned 1000 total points
ID: 12383793
Secure should work; this setting allows only machines that authenticated successfully to register themselves (and is only available if the zone is AD integrated).
The reason you don't get the DNS server name is that you don't have a reverse lookup zone. Create one for your network, allow dynamic updates as well, enter "ipconfig /registerdns" on your DC, and you should see the server name as well.
0
 

Author Comment

by:spectraflame
ID: 12383886
Thanks for all of your assistance.

Matthew
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nslookup is a command line driven utility supplied as part of most Windows operating systems that can reveal information related to domain names and the Internet Protocol (IP) addresses associated with them. In simple terms, it is a tool that can …
This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question