DNS & DC

I'm having problems with DNS server/ exchange.

I keep getting these errors

he remote server did not respond to a connection attempt.
Unable to bind to the destination server in DNS.

I don't know how to fix this....

I did a netdiag /v  and received this error which I think is related

The DNS entries for this DC are not registered correctly on DNS server 207.155.183.72 & 207.155.183.73   (these are the DNS ip address on my router)

No DNS servers have the DNS record for this DC registered

If I do a nslookup it returns the name of the ip address 207.155.183.72   hudson.concentric.net

if I do a ls domain  returns hudson.concentric.net  but says  can't list domain (domain name) : Bad error value

Any help would be appreciated Please

WestonGroupAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

EladlaCommented:
http://www.winnetmag.com/Windows/Article/ArticleID/39651/39651.html
Try this.

Also, have your tryed setting the external DNS IPs on the server connection?
0
rafael_accCommented:
run netdiag /fix
0
WestonGroupAuthor Commented:
Tried netdiag /fix

this is what I received.  I think I have things setup in DNS incorrectly but not sure how to fix it....

[Warning] cannot find a primary authoriative DNS server for the name server.weston. [rcode_server_failure] the name server.weston. may not be registered in DNS

Failed to fix: DC DNS entry weston. re-registeration on DNS server 192.168.0.3 failed

netdiag failed to re-register missing DNS entries for theis DC on DNS server 192.168.0.3
no DNS servers have the DNS records for this DC registered.

I also already checked the queue folder for bad emails and there aren't any in that folder.

0
Top Threats of Q1 & How to Defend Against Them

WEBINAR: Join WatchGuard CTO and our Threat Research Team on Aug. 2nd to hear the findings from our Q1 Internet Security Report! Learn more about the top threats detected in the first quarter and how you can defend your business against them!

rafael_accCommented:
Check for the following dns srv records in your dns! There must be all of them! Check this link:
http://www.petri.co.il/active_directory_srv_records.htm

Instead of netdiag /fix, try also dcdiag /fix.

Cheers.
0
pcavenueCommented:
first off, the server needs to have the internal dns server in its first dns spot.  that is usually its self if the server is also the dns server..  ie if the server is 192.168.1.101 then the first dns entry on the server would be the same.  the seccond and third dns entrys can be your real dns servers on internet land.  this is also true on the workstations.  the first would be the server (192.168.1.101 in my example) the seccond and third wouldl be the true one.  when you run netdiag again you should get a pass on itself (registration wise), but a failure on the true dns server (one on internet )  ignore that one.

seccond you may need to do the followin to re-register the dns crap on the server.  try it without dooing this, but you may need to.  

ipconfig /flushdns
ipconfig /registerdns
net stop netlogon
net start netlogon

you didnt mention if the netdiag came back with a failure on the dns portion, but im guessing it did.  if this dosent fix the netdiag failure we go to the next step.  also, when the server boots, does it take a long time on the "prepairing network connections"?

-dp
0
WestonGroupAuthor Commented:
THis is how I have everything set up..... I'm not using DHCP everything is static on the network

ip 192.168.0.3
default gateway 192.168.0.1
preferred DNS 192.168.0.3
Alternate DNS 192.168.0.2  --------- this is the ip address of our second server

computer name server.weston
domain weston

I created forward and reverse lookups
standard primary
name = weston
            weston.dns
primary server = server.weston.
responsible person = admin.weston.

name server = server.weston 192.168.0.3

allow zone transfers to any server

main dns server is listening on all ip addresses
enabled forwarders to ip address 4.2.2.2

(did i set this up correctly)

I do a nslookup and get this error
can't find server name for address 192.168.0.3: non-existent domain
can't find server name for address 192.168.0.2: no response from server

default servers are not available
default server: unknown
address: 192.168.0.3

if I do a ls weston

ls weston
[unknown]
weston.        NS        server = server.weston
server          A          192.168.0.3


My internet works for now, but i'm having email problems getting errors unable to biind to dns of destination....

If I do a netdiag /v I get a dns error  (DNS entries for this DC are not registered correctly on DNS server 192.168.0.3)
no DNS servers have the DNS records for this DC registered


Thats the whole problem and all the setting I have currently....
Thanks
0
pcavenueCommented:
your correct on your first dns entry, thats your dns server (itself) the seccond one should be your real dns server (i.e. 207.155.183.72).  if that still gives you errors, you may have to do the following again....
ipconfig /flushdns
ipconfig /registerdns
net stop netlogon
net start netlogon

if no go then, toasting the dns and re adding it will surely fix you up.  below is the simiplified path...  \


good luck...


Just don't restart your DC during this please.

•      Delete your zone off the DNS server that you picked.
•      If the zone is AD integrated, make it a Primary
•      Goto winnt\system32\dns) and delete your zone.dns files and delete the one in the backup folder too
•      Delete the NETLOGON.DNS and NETLOGON.DNB files from winnt\system32\config
•      In the reg, HKLM\system\CurrentControlSet\Services\DNS\Zones, delete your zone's
•      folder
•      Reinstall DNS
•      Reinstall your current service pack.
•      Now recreate the zone in DNS
•      Enable Dynamic Updates to "YES" and not to Secure just yet.
•      ipconfig /flushdns
•      ipconfig /registerdns1
•      Stop and Restart NETLOGON (net stop netlogon – net start netlogon)

dan
0
WestonGroupAuthor Commented:
You mention using ipconfig/flushdns

I'm not runing DHCP I believe that is used only when using DHCP

Everything is static on our network

if i'm incorrect let me know thanks

0
pcavenueCommented:
no, the flush is for the dns, not dhcp.  when you do a registerdns it re-registeres it self anyway.  

release renew is dncp crap.

-dp

good luck
0
fettigcj07Commented:
Your server should not be server.weston.  as you stated (or was the trailing period meant as punctiuation to your sentance?) there should be a TLD listed. personally i use .local which would make your DC server.weston.local

can't find server name for address 192.168.0.3: non-existent domain       > This error has to do with a failure in reverse DNS of your 1st server
can't find server name for address 192.168.0.2: no response from server > This error says that your 2nd server isn't running DNS
responsible person = admin.weston.                                                      > This isn't valid. The 1st . is an @ from the email of the responsible person: admin@weston.
                                                                                                          > isn't a valid e-mail address. not critical but shows underlying problems.


I'd say your problems stem from failure during the DCPROMO process. when the domain controller was promoted from a member server to a DC it was most likely configured to point to somewhere else for its DNS services and thus didn't make the registration for advanced windows services in its own DNS records. this is also why the clients are unable to find a domain controller to process their logons from your previous thread. Additionally your domain name doesn't comply with standards, it is missing the TLD information after the last period. that's definately not helping you either. I'd say some rather drastic measures should be taken, depending on your environment and what maintenance windows are available and how long they are you should pursue fixing your domain name first. I can't say that that is what is causing your problems because i've not ever made a domain without a TLD of some sort - like I said, I usually use .local

http://www.microsoft.com/windowsserver2003/downloads/domainrename.mspx is the link to microsoft's How-to on renaming the domain.
0
WestonGroupAuthor Commented:
I agree with the fact that things were set up incorrectly initally, is it possible to rename everything with an already established network without running into other problems

also that link is for windows server 2003 i'm running server 2000  will the same steps apply?

Thanks
0
fettigcj07Commented:
Sorry i thought you'd said 2003 DC somewhere. You can't rename a 2000 domain. unfortunately. Your problem just compounded by about 3 fold. Give me and the rest a little bit to ponder how to fix this without just scrapping the whole domain and moving all the client PCs to a new domain (2003 SBS server costs less than $2K including hardware...) and setting your current servers up as members of that new SBS 2003 domain.
0
WestonGroupAuthor Commented:
Ok Thanks for your help
0
fettigcj07Commented:
Unless someone else has some brilliant sollution I'd say your going to have to get messier than you will enjoy. Solutions i can see you doing on your own:

1) Scrap it and start fresh by installing a fresh domain controller, either using 2003 SBS or whatever 2000 your currently licensed for on new hardware
Pros: it's cleanest, it allows you to use a test environment before rolling out the new domain and you can test 2-5 workstation's behaviors BEFORE going live with the new domain.
Cons: It's a bloody large load of work. It requires new hardware. It can be screwed up again.

2) Rent a server, migrate to it, rebuild your server as above, migrate back, return the rental
Pros: Same as 1, but without the hardware cost.
Cons: It's even more work. the rental cost is a sunk cost, there is no redemptive value in accounting terms to that cash flow as you don't get to retain the asset.

3) Upgrade your existing domain to 2003 and then rename and fix your additional problems.
Pros: It doesn't require as much time as 1, you can use your existing hardware
Cons: It's not guarunteed to work. some of your problems sound rather convoluted and in all honesty I'd hate playing with a production environment. Users get upset easily at outages and it sounds like yours are fairly frazled already from previous problems. Trying to fix a problem you don't fully understand while attempting to maintain user service is nearly impossible

4)  ignore the lack of TLD and try to resolve your DNS problems
Pros: It's cheap.
Cons: It's quite possibly a waste of time. because the TLD is missing the wzards aren't doing their jobs at automated configuration. while a manual configuration might be able to compensate for those deficiencies this action-plan is essentially calling for thrashing about like a monkey hoping to hit the right button on a keyboard.

5) Let someone else figure it out. Hire an outside support contract and outsource your IT problems.
Pros: It's effective, it gets the problem off your plate and allows you to get back to big-picture planning rather than mud-pounding in the trenches.
Cons: You need to find a reliable value-added support company to help - VARs are a dime a dozen and alot of them aren't worth the time of your interview. It's seen as expensive but it's really not once you consider the company productivity you gain from things working as they should. It's a security hazard - even the best VARs have employees quit and take your passwords with them. While your own employees knowing your admin pass is dangerous when you fire them or they quit you KNOW about it. a VAR may not be as responsible as you might want. But again, that comes back to hiring a quality company and not a 2-bit fly-by-night operation.

ultimately I've seen enough posts from you to advise you to go with door #5, and not just for this problem. Find a company that will take on the IT infrastructure for you so that you can stop wasting time on all this crap and get back to your companies core goals. That's why companies like mine exist, to service other companies IT needs and make it so they don't have to wear the network administrator hat on top of all their other hats. Now you just need to find a big enough solutions provider.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.