spectraflame
asked on
DNS name does not exist error
I just re-installed WinXP Pro from scratch on a box that was previously on the network. Now I am getting the following error when trying to add this PC to the domain. Any thoughts as to why? Currently no other computer on the network is experiencing any problems.
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain HANNIBALBPW.ORG:
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.HANNI
Common causes of this error include the following:
- The DNS SRV record is not registered in DNS.
- One or more of the following zones do not include delegation to its child zone:
HANNIBALBPW.ORG
ORG
. (the root zone)
For information about correcting this problem, click Help.
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain HANNIBALBPW.ORG:
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.HANNI
Common causes of this error include the following:
- The DNS SRV record is not registered in DNS.
- One or more of the following zones do not include delegation to its child zone:
HANNIBALBPW.ORG
ORG
. (the root zone)
For information about correcting this problem, click Help.
ASKER
I ran the following command on my one and only DC/DNS server.
nslookup
set type=all
_ldap._tcp.dc._msdcs.hanni
The result was unknown, can't find.
From your suggestions, the only root zone that I found was in the cached folder. Is that the one that should be deleted?
When I right clicked on the forward and reverse lookup zones, I did not see any place to enable dynamic updates.
When I looked at the forwarders tab of the DNS properties, there is no IP address listed there at all? Should there be?
The follow are the statements that I found in the DNS event viewer on 9/19/04 at 11:16:57 am.
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
The DNS server was unable to complete directory service enumeration of zone _msdcs.hannibalbpw.org. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.
Does this help any?
Matthew
nslookup
set type=all
_ldap._tcp.dc._msdcs.hanni
The result was unknown, can't find.
From your suggestions, the only root zone that I found was in the cached folder. Is that the one that should be deleted?
When I right clicked on the forward and reverse lookup zones, I did not see any place to enable dynamic updates.
When I looked at the forwarders tab of the DNS properties, there is no IP address listed there at all? Should there be?
The follow are the statements that I found in the DNS event viewer on 9/19/04 at 11:16:57 am.
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
The DNS server was unable to complete directory service enumeration of zone _msdcs.hannibalbpw.org. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.
Does this help any?
Matthew
If you go to forwarders tab, the root zone isn't present, so that's okay.
Dynamic Updates are enabled in the properties of the zones (right-click the zone - properties).
If you don't have the _msdcs forward lookup zone in your DNS (you can check that using the DNS MMC as well), that's one of the problems.
You don't really need to define forwarders (external lookups will then use the root hints), but it can speed up external lookups a bit if you define your ISP's DNS servers there. Just make sure that they're listed *nowhere* in the TCP/IP settings as DNS servers in your network.
So for your single DC/DNS, verify that you have the following setup:
*** TCP/IP-Settings ***
* On your DC/DNS, make sure the only DNS listed in the TCP/IP properties is itself.
* On your domain members, enter your DC *only* as DNS server.
*** DNS Server Settings ***
* Right-click your forward and reverse lookup zones, choose properties, and make sure that they Dynamic Updates are enabled.
* In the properties page of your DNS servers, configure forwarders to point to your ISP's DNS. The forwarders section is the *only* entry in your network where your ISP's DNS should be listed.
* It's recommended (but not necessary) to set your zones to Active Directory integrated (this can be done in the properties of the zones as well).
Then continue as described above.
Dynamic Updates are enabled in the properties of the zones (right-click the zone - properties).
If you don't have the _msdcs forward lookup zone in your DNS (you can check that using the DNS MMC as well), that's one of the problems.
You don't really need to define forwarders (external lookups will then use the root hints), but it can speed up external lookups a bit if you define your ISP's DNS servers there. Just make sure that they're listed *nowhere* in the TCP/IP settings as DNS servers in your network.
So for your single DC/DNS, verify that you have the following setup:
*** TCP/IP-Settings ***
* On your DC/DNS, make sure the only DNS listed in the TCP/IP properties is itself.
* On your domain members, enter your DC *only* as DNS server.
*** DNS Server Settings ***
* Right-click your forward and reverse lookup zones, choose properties, and make sure that they Dynamic Updates are enabled.
* In the properties page of your DNS servers, configure forwarders to point to your ISP's DNS. The forwarders section is the *only* entry in your network where your ISP's DNS should be listed.
* It's recommended (but not necessary) to set your zones to Active Directory integrated (this can be done in the properties of the zones as well).
Then continue as described above.
ASKER
For whatever it is worth, after starting and stopping the DNS services I was able to add the PC to the domain.
I do have the _msdcs forward lookup zone.
The only thing that concerns me now is when I run the nslookup, the server is still unknown. Shouldn't I be seeing the server name along with the IP address?
My choices for Dynamic Updates are Secure, Secure & Non-Secure, or None. Currently it is set to Secure. Is this correct? I forgot to mention earlier that this is 2003 Server.
Matthew
I do have the _msdcs forward lookup zone.
The only thing that concerns me now is when I run the nslookup, the server is still unknown. Shouldn't I be seeing the server name along with the IP address?
My choices for Dynamic Updates are Secure, Secure & Non-Secure, or None. Currently it is set to Secure. Is this correct? I forgot to mention earlier that this is 2003 Server.
Matthew
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for all of your assistance.
Matthew
Matthew
Verify that the SRV records are existing (see link below).
Then I'll give you the whole nine yards, check this against your setup:
*** TCP/IP-Settings ***
* On your first DC/DNS, make sure the only DNS listed in the TCP/IP properties is itself.
* On additional DCs, let them point to the first DC as primary, to themselves as secondary.
* On your domain members, enter your internal DCs.
* Do NOT enter your ISP's DNS server in the TCP/IP settings on any domain member. All DNS resolution needs to be done by your internal DNS servers *only*.
*** DNS Server Settings ***
* Delete the root zone (if present) in your DNS servers' forward lookup zones (the single dot, "."), to enable external lookups.
* Right-click your forward and reverse lookup zones, and make sure that they Dynamic Updates are enabled.
* In the properties page of your DNS servers, configure forwarders to point to your ISP's DNS. The forwarders section is the *only* entry in your network where your ISP's DNS should be listed.
* It's recommended (but not necessary) to set your zones to Active Directory integrated (this can be done in the properties of the zones as well).
Once you've checked this, open a command prompt and enter "ipconfig /registerdns", then stop and re-start the netlogon service. Check if the SRV records have been created (see link below).
For further troubleshooting, you can use dcdiag.exe and netdiag.exe to check your system for errors in the domain setup.
Troubleshooting Active Directory DNS Errors in Windows 2000
http://www.microsoft.com/windows2000/dns/tshoot/dns_tshoot2A.asp
Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382
Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003
http://support.microsoft.com/?kbid=825036
HOW TO: Troubleshoot DNS Name Resolution on the Internet in Windows 2000
http://support.microsoft.com/?kbid=316341
HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/?kbid=300202
Troubleshooting Common Active Directory Setup Issues in Windows 2000
http://support.microsoft.com/?kbid=260371
How to Verify the Creation of SRV Records for a Domain Controller
http://support.microsoft.com/?kbid=241515
How Domain Controllers Are Located in Windows
http://support.microsoft.com/?kbid=247811
How Domain Controllers Are Located in Windows XP
http://support.microsoft.com/?kbid=314861
HOW TO: Use the Network Diagnostics Tool (Netdiag.exe) in Windows 2000
http://support.microsoft.com/?kbid=321708
DCDiag and NetDiag in Windows 2000 Facilitate Domain Join and DC Creation
http://support.microsoft.com/?kbid=265706
Do not install the Support Tools from your installation CD, some tools were updates by the Service Packs. Here's the current version:
Windows 2000 SP4 Support Tools
http://www.microsoft.com/windows2000/downloads/servicepacks/SP4/supporttools.asp
SRV Resource Records May Not Be Created on Domain Controller
http://support.microsoft.com/?kbid=239897