DNS name does not exist error

I just re-installed WinXP Pro from scratch on a box that was previously on the network.  Now I am getting the following error when trying to add this PC to the domain.  Any thoughts as to why?  Currently no other computer on the network is experiencing any problems.

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain HANNIBALBPW.ORG:

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.HANNIBALBPW.ORG

Common causes of this error include the following:

- The DNS SRV record is not registered in DNS.

- One or more of the following zones do not include delegation to its child zone:

HANNIBALBPW.ORG
ORG
. (the root zone)

For information about correcting this problem, click Help.
spectraflameAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

oBdACommented:
Your DNS server settings are incorrect; either on the client, or on the server (or both).
Verify that the SRV records are existing (see link below).
Then I'll give you the whole nine yards, check this against your setup:

*** TCP/IP-Settings ***
* On your first DC/DNS, make sure the only DNS listed in the TCP/IP properties is itself.
* On additional DCs, let them point to the first DC as primary, to themselves as secondary.
* On your domain members, enter your internal DCs.
* Do NOT enter your ISP's DNS server in the TCP/IP settings on any domain member. All DNS resolution needs to be done by your internal DNS servers *only*.

*** DNS Server Settings ***
* Delete the root zone (if present) in your DNS servers' forward lookup zones (the single dot, "."), to enable external lookups.
* Right-click your forward and reverse lookup zones, and make sure that they Dynamic Updates are enabled.
* In the properties page of your DNS servers, configure forwarders to point to your ISP's DNS. The forwarders section is the *only* entry in your network where your ISP's DNS should be listed.
* It's recommended (but not necessary) to set your zones to Active Directory integrated (this can be done in the properties of the zones as well).

Once you've checked this, open a command prompt and enter "ipconfig /registerdns", then stop and re-start the netlogon service. Check if the SRV records have been created (see link below).
For further troubleshooting, you can use dcdiag.exe and netdiag.exe to check your system for errors in the domain setup.

Troubleshooting Active Directory DNS Errors in Windows 2000
http://www.microsoft.com/windows2000/dns/tshoot/dns_tshoot2A.asp

Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382

Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003
http://support.microsoft.com/?kbid=825036

HOW TO: Troubleshoot DNS Name Resolution on the Internet in Windows 2000
http://support.microsoft.com/?kbid=316341

HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/?kbid=300202

Troubleshooting Common Active Directory Setup Issues in Windows 2000
http://support.microsoft.com/?kbid=260371

How to Verify the Creation of SRV Records for a Domain Controller
http://support.microsoft.com/?kbid=241515

How Domain Controllers Are Located in Windows
http://support.microsoft.com/?kbid=247811

How Domain Controllers Are Located in Windows XP
http://support.microsoft.com/?kbid=314861

HOW TO: Use the Network Diagnostics Tool (Netdiag.exe) in Windows 2000
http://support.microsoft.com/?kbid=321708

DCDiag and NetDiag in Windows 2000 Facilitate Domain Join and DC Creation
http://support.microsoft.com/?kbid=265706

Do not install the Support Tools from your installation CD, some tools were updates by the Service Packs. Here's the current version:
Windows 2000 SP4 Support Tools
http://www.microsoft.com/windows2000/downloads/servicepacks/SP4/supporttools.asp

SRV Resource Records May Not Be Created on Domain Controller
http://support.microsoft.com/?kbid=239897
0
spectraflameAuthor Commented:
I ran the following command on my one and only DC/DNS server.

nslookup
set type=all
_ldap._tcp.dc._msdcs.hannibalbpw.org

The result was unknown, can't find.


From your suggestions, the only root zone that I found was in the cached folder. Is that the one that should be deleted?

When I right clicked on the forward and reverse lookup zones, I did not see any place to enable dynamic updates.

When I looked at the forwarders tab of the DNS properties, there is no IP address listed there at all?  Should there be?

The follow are the statements that I found in the DNS event viewer on 9/19/04 at 11:16:57 am.

The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.

The DNS server was unable to complete directory service enumeration of zone _msdcs.hannibalbpw.org.  This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.

Does this help any?
Matthew
0
oBdACommented:
If you go to forwarders tab, the root zone isn't present, so that's okay.
Dynamic Updates are enabled in the properties of the zones (right-click the zone - properties).
If you don't have the _msdcs forward lookup zone in your DNS (you can check that using the DNS MMC as well), that's one of the problems.
You don't really need to define forwarders (external lookups will then use the root hints), but it can speed up external lookups a bit if you define your ISP's DNS servers there. Just make sure that they're listed *nowhere* in the TCP/IP settings as DNS servers in your network.
So for your single DC/DNS, verify that you have the following setup:
*** TCP/IP-Settings ***
* On your DC/DNS, make sure the only DNS listed in the TCP/IP properties is itself.
* On your domain members, enter your DC *only* as DNS server.

*** DNS Server Settings ***
* Right-click your forward and reverse lookup zones, choose properties, and make sure that they Dynamic Updates are enabled.
* In the properties page of your DNS servers, configure forwarders to point to your ISP's DNS. The forwarders section is the *only* entry in your network where your ISP's DNS should be listed.
* It's recommended (but not necessary) to set your zones to Active Directory integrated (this can be done in the properties of the zones as well).

Then continue as described above.
0
Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

spectraflameAuthor Commented:
For whatever it is worth, after starting and stopping the DNS services I was able to add the PC to the domain.

I do have the _msdcs forward lookup zone.

The only thing that concerns me now is when I run the nslookup, the server is still unknown.  Shouldn't I be seeing the server name along with the IP address?

My choices for Dynamic Updates are Secure, Secure & Non-Secure, or None.  Currently it is set to Secure.  Is this correct?  I forgot to mention earlier that this is 2003 Server.

Matthew
0
oBdACommented:
Secure should work; this setting allows only machines that authenticated successfully to register themselves (and is only available if the zone is AD integrated).
The reason you don't get the DNS server name is that you don't have a reverse lookup zone. Create one for your network, allow dynamic updates as well, enter "ipconfig /registerdns" on your DC, and you should see the server name as well.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
spectraflameAuthor Commented:
Thanks for all of your assistance.

Matthew
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.