DNS error : Windows 2003 Server

Got my DNS on my Windows 2003 Server Enterprise as a PDC and will be running my exchange server on a member server (Windows 2003 Server Standard).  In preparing for the exchange server deployment, I need to run several tools and tests to make sure the deploy will be succesful.

One of the tools I ran failed on me, which I ran on my PDC.

dcdiag /f:readme

This is my output:

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests
   
   Testing server: Default-First-Site-Name\HAMSERVER
      Starting test: Connectivity
         The host e44c29e4-4272-4054-8c56-7a190027454f._msdcs.hamfarm.com could not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name

         (e44c29e4-4272-4054-8c56-7a190027454f._msdcs.hamfarm.com) couldn't be

         resolved, the server name (HamServer.hamfarm.com) resolved to the IP

         address (192.168.80.110) and was pingable.  Check that the IP address

         is registered correctly with the DNS server.
         ......................... HAMSERVER failed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site-Name\HAMSERVER
      Skipping all tests, because server HAMSERVER is
      not responding to directory service requests
   
   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
   
   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
   
   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
   
   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
   
   Running partition tests on : hamfarm
      Starting test: CrossRefValidation
         ......................... hamfarm passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... hamfarm passed test CheckSDRefDom
   
   Running enterprise tests on : hamfarm.com
      Starting test: Intersite
         ......................... hamfarm.com passed test Intersite
      Starting test: FsmoCheck
         ......................... hamfarm.com passed test FsmoCheck

As you can see, why is it failing?  Is it because my DNS isn't setup correctly?  If so, please show me how to correct this.
LVL 9
Pentrix2Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

oBdACommented:
Check the TCP/IP settings on your DC as well; while you're at it, make sure the domain members are configured correctly as well.

*** TCP/IP-Settings ***
* On your DC/DNS, make sure the only DNS listed in the TCP/IP properties is itself.
* On your domain members, enter only your DC as primary.
* Do NOT enter your ISP's DNS server in the TCP/IP settings on any domain member. All DNS resolution needs to be done by your internal DNS servers *only*.

*** DNS Server Settings ***
* Delete the root zone (if present) in your DNS server's forward lookup zones (the single dot, "."), to enable external lookups.
* Right-click your forward and reverse lookup zones, go to Properties, and make sure that Dynamic Updates are enabled.
* In the properties page of your DNS servers, configure forwarders to point to your ISP's DNS. The forwarders section is the *only* entry in your network where your ISP's DNS should be listed.
* It's recommended (but not necessary) to set your zones to Active Directory integrated (this can be done in the properties of the zones as well).
* You might want to create a reverse lookup zone for your network as well.

Once you've checked this, open a command prompt and enter "ipconfig /registerdns", then stop and re-start the netlogon service. Check if the SRV records have been created (see link below).

Oh, and in case you haven't done so yet, install a WINS server on your DC as well; Exchange wants one.

Troubleshooting Active Directory DNS Errors in Windows 2000
http://www.microsoft.com/windows2000/dns/tshoot/dns_tshoot2A.asp

Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382

Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003
http://support.microsoft.com/?kbid=825036

How to Verify the Creation of SRV Records for a Domain Controller
http://support.microsoft.com/?kbid=241515

SRV Resource Records May Not Be Created on Domain Controller
http://support.microsoft.com/?kbid=239897

HOW TO: Set Up the Domain Name System for Active Directory in Windows Server 2003
http://support.microsoft.com/?kbid=816584

HOW TO: Configure DNS for Internet Access in Windows Server 2003
http://support.microsoft.com/?kbid=323380

HOW TO: Troubleshoot DNS Name Resolution on the Internet in Windows Server 2003
http://support.microsoft.com/?kbid=816567

Exchange Server 2003 and Exchange 2000 Server require NetBIOS name resolution for full functionality
http://support.microsoft.com/?kbid=837391

HOW TO: Install WINS in Windows Server 2003
http://support.microsoft.com/?kbid=323429
0
Pentrix2Author Commented:
I don't see the area to see if Dynamic Updates to be enabled?  I do see an area and it says, Secure Updates only for Dynamic Updates.

As far as a WINS server, I did install it but haven't configured it.  Can you tell me on how to configure this WINS?  I did noticed that Exchange 2003 requires WINS.
0
Pentrix2Author Commented:
I did try to see if my SRV Records are created but this is the output I'm receiving.

c:\nslookup
*** Can't find server name for address 192.168.80.110: Non-existent domain
Default Server:  UnKnown
Address:  192.168.80.110

Then, I'm suppose to type

>set type=all    
>_ldap._tcp.dc._msdcs.hamfarm
Server:  UnKnown
Address:  192.168.80.110

*** UnKnown can't find _ldap._tcp.dc.msdcs.hamfarm:  Non-existent domain
Server:  UnKnown
Address:  192.168.80.110

How do I fix this?
0
Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Antknee869Commented:
Actually you might try pointiing HAMSERVER's Primary DNS setting in its TCP/IP properties to another DNS server (not itself), prferebablt the main DNS server in your domain. Leave the secondary blank.
 I have seen cases where a domain controller won't register it's records properly if it is poitning to itself as primary DNS.
At a command prompt type:
ipconfig /flushDNS
net stop netlogon & net start netlogon
ipconfig /registerdns

Wait a little while and check again. You can also use DNSLINT. I belive it is in the Support Tools on the server CD. Otherwise jusy Google it. Very nice utility
0
Pentrix2Author Commented:
So I shouldn't be using the PDC as the DNS server, I should use a member server?
0
Antknee869Commented:
The PDC should be fine. I use a DNS in my "hub" site.
0
Pentrix2Author Commented:
Because right now I"m using the PDC as my DNS server, as well as my WINS, RRAS, Media Streaming, DHCP and file server.  Everything works properly but just not the DNS portion.

The reason is because I'm trying to get my exchange 2003 server enterprise on it too.  BTW, I'm using windows 2003 server enterprise edition.

0
Antknee869Commented:
Depending on the size of your network, you may want to offload DNS on to another server. You should also have at least two DNS servers.
Do you have more than one DNS server on your network?

0
Pentrix2Author Commented:
Not at this point, this is just my test environment, but curious how would I make 2 DNS servers?  Make one primary and other trusted?
0
Antknee869Commented:
Generally, you want to use AD-Integrated DNS for and Active Directory infrastructure.
So, I am assuming you have one standalone DNS server? If you go to Administrative Tools > DNS and right click on one of your zones and select Properties. You will see a Type entry. It will say Primary if you are using a standalone non-AD Integrated DNS. It will say Active Directory Integrated if, well.... you know.
I would do this:
1. Convert your Zones in on your one DNS server to AD-Integrated.
2. Point your other server's primary DNS setting in TCP/IP properties to the one DNS server.
3. Either reboot the servers or issue the commands I listed above
4. verify that DNS is working OK. Use DCDIAG and DNSLINT.
5. If DNS is working you can install a second DNS server. Since it is a test lab, this is not too critical but would be good practice for setting up a production AD network.
To install a second AD Integrated DNS server go to Add/Remove programs > Windows setup > Network Services and select DNS. If you give the server 30-60 minutes it will popualte itself through AD replication.
If it is standalone, you need to do some config. I recommend AD integrated, but if you want to use standalone, LMK and I will give directions on this
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
id_suzyqCommented:
This is likely there is an error with using a top level domain.   See KB Article ID : 300684 You need to modify registy on 2000 box and can use policy for 2003
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking

From novice to tech pro — start learning today.