• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 388
  • Last Modified:

DNS

I am getting a couple of error in the event log which are event id 6702, 5774 and i also ran this test but not sure what it means or how to fix it. I ran this test netdiag /test:dns and came up with this. I was looking at one of my other servers dns and i noticed the one that is bad is missing a couple things in it. When i open up the dns under the forward lookup zones there is no _msdcs.domainname.com and on my other good server there is one. Also there is a cached folder with the   .    that i cannot delete also. Thanks for any help


C:\Program Files\Resource Kit>netdiag /test:dns

..........

    Computer Name: HCLSERVER
    DNS Host Name: hclserver.int2.hospitalcooperative.com
    System info : Windows 2000 Server (Build 2195)
    Processor : x86 Family 15 Model 2 Stepping 7, GenuineIntel
    List of installed hotfixes :
        KB820888
        KB822831
        KB823182
        KB823559
        KB823980
        KB824105
        KB824141
        KB824146
        KB824151
        KB825119
        KB826232
        KB828028
        KB828035
        KB828741
        KB828749
        KB830352
        KB834707-IE6SP1-20040929.091901
        KB835732
        KB837001
        KB839643-DirectX9
        KB839645
        KB840315
        KB840987
        KB841356
        KB841533
        KB841872
        KB841873
        KB842526
        KB867282-IE6SP1-20050127.163319
        KB870763
        KB871250
        KB873333
        KB873339
        KB885250
        KB885834
        KB885835
        KB885836
        KB888113
        KB889293-IE6SP1-20041111.235619
        KB890047
        KB890175
        KB891711
        KB891781
        Q147222
        Q329115
        Q816093
        Q828026


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{3044D371-E6CD-4176-B149-CC1859E16C3C}
    1 NetBt transport currently configured.


DNS test . . . . . . . . . . . . . : Failed
          [WARNING] Cannot find a primary authoritative DNS server for the name
            'hclserver.int2.hospitalcooperative.com.'. [RCODE_SERVER_FAILURE]
            The name 'hclserver.int2.hospitalcooperative.com.' may not be regist
ered in DNS.
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '204.118.157.8'. Please wait for 30 minutes for DNS server replication.
       [WARNING] The DNS entries for this DC cannot be verified right now on DNS
 server 204.118.157.9, ERROR_TIMEOUT.
    [FATAL] No DNS servers have the DNS records for this DC registered.


The command completed successfully

C:\Program Files\Resource Kit>
0
jjatsk
Asked:
jjatsk
  • 3
  • 2
2 Solutions
 
oBdACommented:
You need to correct your DNS settings; there's at least one external DNS server listed in your TCP/IP properties. I guess you're suffering from long logon times as well?
Assuming you have two DCs, both running DNS, the following setup is correct:

*** TCP/IP-Settings ***
* On your first DC/DNS, make sure the only DNS listed in the TCP/IP properties is itself.
* On your second DC, let it point to the first DC as primary, to itself as secondary.
* On your domain members, enter both DCs as primary and secondary DNS.
* Do NOT enter your ISP's DNS server in the TCP/IP settings on any domain member. All DNS resolution needs to be done by your internal DNS servers *only*.

*** DNS Server Settings ***
* Delete the root zone (if present) in your DNS servers' forward lookup zones (the single dot, "."), to enable external lookups.
* Right-click your forward and reverse lookup zones, go to Properties, and make sure that Dynamic Updates are enabled.
* In the properties page of your DNS servers, configure forwarders to point to your ISP's DNS. The forwarders section is the *only* entry in your network where your ISP's DNS should be listed.
* It's recommended (but not necessary) to set your zones to Active Directory integrated (this can be done in the properties of the zones as well).

Once you've checked this, open a command prompt and enter "ipconfig /registerdns", then stop and re-start the netlogon service. Check if the SRV records have been created (see link below).

10 DNS Errors That Will Kill Your Network
http://www.mstraining.com/misc/10_dns_errors_that_will_kill_you.htm

Troubleshooting Active Directory DNS Errors in Windows 2000
http://www.microsoft.com/windows2000/dns/tshoot/dns_tshoot2A.asp

Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382

Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003
http://support.microsoft.com/?kbid=825036

Windows 2000 DNS and Active Directory Information and Technical Resources
http://support.microsoft.com/?kbid=298448

HOW TO: Troubleshoot DNS Name Resolution on the Internet in Windows 2000
http://support.microsoft.com/?kbid=316341

HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/?kbid=300202

Setting Up the Domain Name System for Active Directory
http://support.microsoft.com/?kbid=237675

Troubleshooting Common Active Directory Setup Issues in Windows 2000
http://support.microsoft.com/?kbid=260371

How to Verify the Creation of SRV Records for a Domain Controller
http://support.microsoft.com/?kbid=241515

How Domain Controllers Are Located in Windows
http://support.microsoft.com/?kbid=247811

How Domain Controllers Are Located in Windows XP
http://support.microsoft.com/?kbid=314861

SRV Resource Records May Not Be Created on Domain Controller
http://support.microsoft.com/?kbid=239897
0
 
jjatskAuthor Commented:
I ran the test again and everything passed this time but i still cant delete the   .    in the dns??


*** TCP/IP-Settings ***
* On your first DC/DNS, make sure the only DNS listed in the TCP/IP properties is itself.   <--ONLY ONE DC I WAS LOOKING AT MY OTHER SERVER AT MY OTHER OFFICE

* On your domain members, enter both DCs as primary and secondary DNS.    I ENTERED IN THE SERVERS DNS ON ALL THE CLIENTS EXCEPT 2 COMPUTERS I CANT REMOTE INTO

* Do NOT enter your ISP's DNS server in the TCP/IP settings on any domain member. All DNS resolution needs to be done by your internal DNS servers *only*.   DONE

*** DNS Server Settings ***
* Delete the root zone (if present) in your DNS servers' forward lookup zones (the single dot, "."), to enable external lookups.  I RIGHT CLICK ON IT AND THERE IS NO OPTION TO DELETE

* Right-click your forward and reverse lookup zones, go to Properties, and make sure that Dynamic Updates are enabled.  SECURED UPDATE ONLY IS CHECKED

* In the properties page of your DNS servers, configure forwarders to point to your ISP's DNS. The forwarders section is the *only* entry in your network where your ISP's DNS should be listed. DONE

* It's recommended (but not necessary) to set your zones to Active Directory integrated (this can be done in the properties of the zones as well). WHEN I RIGHT CLICK ON THE FOWARD LOOKUP ZONES AND THE REVERSE LOOKUP ZONES I DONT GET "PROPERTIES"  JUST WHEN I RIGHT CLICK ON THE DOMAIN NAME I GET THAT.
0
 
jjatskAuthor Commented:
Checked this morning and i am not getting any errors but would still like to know how to delete the   .  Folder in DNS. It doesnt give me any option to delete the  . folder. I can delete everything thats in it but not that folder itself??
0
 
oBdACommented:
If you were able configure forwarders, then you don't have a root zone. You're probably looking at the root zone under "Cached Lookup Zones"; that's not deletable. The root zone that you would have needed to delete would have been under Forward Lookup Zones. So you should be fine now.
0
 
jjatskAuthor Commented:
Oh... Yeah thats the one i was looking at is under the Cached Lookup Zones. Well now that thats solved i think thats it. Thanks a bunch on the help.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now