c_ur_f8
asked on
Windows Server 2003 trusts/logons/dns
I have 3 Windows 2003 servers. The primary is the SBS2003 and I also have an Enterprise and Standard Edition. I have been getting thousands of logon failures (Event ID 529) and consequently I am having issues now where servers and computers are not logging onto the resources and having access to the files on the various drives. I am also having issues where I cannot access outside Internet sites such as www.yahoo.com. What advise can you give me?
Thanks
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I used yahoo.com as an example. I can get to mail.yahoo.com and my.yahoo.com, but not www.yahoo.com. Any further thoughts?
Yes. www.yahoo.com returns a lerger than 512 DNS packet.
Are you using a firewall that "checks" DNS for errors?
Are you using a firewall that "checks" DNS for errors?
ASKER
I'm not in control of the firewall, but we do have a unit that may be the cause and effect of many of our problems. It is also running DHCP which I need to get onto one of my 2003 servers, but I'm having issues with that authorizing. I'm wondering if I have an AD issue, DNS issue or something else that I'm not thinking of.
My assumption for yahoo is the firewall.
Check ou the following for DHCP: http://support.microsoft.com/default.aspx?scid=kb;en-us;303317
Check ou the following for DHCP: http://support.microsoft.com/default.aspx?scid=kb;en-us;303317
ASKER
It lets me authorize, but won't give the permissions.
Have you seen the following error?
C:\Documents and Settings\administrator.CRS ENGINEERS> repadmin /showreps
Default-First-Site-Name\CR SXCHANGE
DC Options: IS_GC
Site Options: (none)
DC object GUID: 7293b1f4-20c9-4db3-9161-bc f6ee3b0d58
DC invocationID: bd922d11-0231-4ed7-9ea5-03 21e1626d63
==== INBOUND NEIGHBORS ========================== ========== ==
DC=crsengineers,DC=com
Default-First-Site-Name\CR SWEB via RPC
DC object GUID: 0ed5a2ec-3cb5-4c08-a5cb-68 c27661164d
Last attempt @ 2005-04-18 10:29:24 failed, result 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
1 consecutive failure(s).
Last success @ 2005-04-18 09:56:30.
Default-First-Site-Name\CR SACCNT via RPC
DC object GUID: a107ffdf-2cb0-4aae-aae2-fd 1c79192743
Last attempt @ 2005-04-18 10:31:09 failed, result 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
1 consecutive failure(s).
Last success @ 2005-04-18 09:56:30.
CN=Configuration,DC=crseng ineers,DC= com
Default-First-Site-Name\CR SACCNT via RPC
DC object GUID: a107ffdf-2cb0-4aae-aae2-fd 1c79192743
Last attempt @ 2005-04-18 10:35:56 was successful.
Default-First-Site-Name\CR SWEB via RPC
DC object GUID: 0ed5a2ec-3cb5-4c08-a5cb-68 c27661164d
Last attempt @ 2005-04-18 10:35:56 was successful.
CN=Schema,CN=Configuration ,DC=crseng ineers,DC= com
Default-First-Site-Name\CR SACCNT via RPC
DC object GUID: a107ffdf-2cb0-4aae-aae2-fd 1c79192743
Last attempt @ 2005-04-18 10:29:54 failed, result 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
1 consecutive failure(s).
Last success @ 2005-04-18 09:56:30.
Default-First-Site-Name\CR SWEB via RPC
DC object GUID: 0ed5a2ec-3cb5-4c08-a5cb-68 c27661164d
Last attempt @ 2005-04-18 10:30:24 failed, result 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
1 consecutive failure(s).
Last success @ 2005-04-18 09:56:30.
DC=DomainDnsZones,DC=crsen gineers,DC =com
Default-First-Site-Name\CR SWEB via RPC
DC object GUID: 0ed5a2ec-3cb5-4c08-a5cb-68 c27661164d
Last attempt @ 2005-04-18 10:30:39 failed, result 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
1 consecutive failure(s).
Last success @ 2005-04-18 09:56:30.
Default-First-Site-Name\CR SACCNT via RPC
DC object GUID: a107ffdf-2cb0-4aae-aae2-fd 1c79192743
Last attempt @ 2005-04-18 10:31:24 failed, result 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
1 consecutive failure(s).
Last success @ 2005-04-18 09:56:30.
DC=ForestDnsZones,DC=crsen gineers,DC =com
Default-First-Site-Name\CR SWEB via RPC
DC object GUID: 0ed5a2ec-3cb5-4c08-a5cb-68 c27661164d
Last attempt @ 2005-04-18 10:30:54 failed, result 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
1 consecutive failure(s).
Last success @ 2005-04-18 09:56:30.
Default-First-Site-Name\CR SACCNT via RPC
DC object GUID: a107ffdf-2cb0-4aae-aae2-fd 1c79192743
Last attempt @ 2005-04-18 10:31:41 failed, result 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
1 consecutive failure(s).
Last success @ 2005-04-18 09:56:30.
Source: Default-First-Site-Name\CR SWEB
******* 1 CONSECUTIVE FAILURES since 2005-04-18 09:56:30
Last error: 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
Source: Default-First-Site-Name\CR SACCNT
******* 1 CONSECUTIVE FAILURES since 2005-04-18 09:56:30
Last error: 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
Have you seen the following error?
C:\Documents and Settings\administrator.CRS
Default-First-Site-Name\CR
DC Options: IS_GC
Site Options: (none)
DC object GUID: 7293b1f4-20c9-4db3-9161-bc
DC invocationID: bd922d11-0231-4ed7-9ea5-03
==== INBOUND NEIGHBORS ==========================
DC=crsengineers,DC=com
Default-First-Site-Name\CR
DC object GUID: 0ed5a2ec-3cb5-4c08-a5cb-68
Last attempt @ 2005-04-18 10:29:24 failed, result 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
1 consecutive failure(s).
Last success @ 2005-04-18 09:56:30.
Default-First-Site-Name\CR
DC object GUID: a107ffdf-2cb0-4aae-aae2-fd
Last attempt @ 2005-04-18 10:31:09 failed, result 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
1 consecutive failure(s).
Last success @ 2005-04-18 09:56:30.
CN=Configuration,DC=crseng
Default-First-Site-Name\CR
DC object GUID: a107ffdf-2cb0-4aae-aae2-fd
Last attempt @ 2005-04-18 10:35:56 was successful.
Default-First-Site-Name\CR
DC object GUID: 0ed5a2ec-3cb5-4c08-a5cb-68
Last attempt @ 2005-04-18 10:35:56 was successful.
CN=Schema,CN=Configuration
Default-First-Site-Name\CR
DC object GUID: a107ffdf-2cb0-4aae-aae2-fd
Last attempt @ 2005-04-18 10:29:54 failed, result 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
1 consecutive failure(s).
Last success @ 2005-04-18 09:56:30.
Default-First-Site-Name\CR
DC object GUID: 0ed5a2ec-3cb5-4c08-a5cb-68
Last attempt @ 2005-04-18 10:30:24 failed, result 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
1 consecutive failure(s).
Last success @ 2005-04-18 09:56:30.
DC=DomainDnsZones,DC=crsen
Default-First-Site-Name\CR
DC object GUID: 0ed5a2ec-3cb5-4c08-a5cb-68
Last attempt @ 2005-04-18 10:30:39 failed, result 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
1 consecutive failure(s).
Last success @ 2005-04-18 09:56:30.
Default-First-Site-Name\CR
DC object GUID: a107ffdf-2cb0-4aae-aae2-fd
Last attempt @ 2005-04-18 10:31:24 failed, result 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
1 consecutive failure(s).
Last success @ 2005-04-18 09:56:30.
DC=ForestDnsZones,DC=crsen
Default-First-Site-Name\CR
DC object GUID: 0ed5a2ec-3cb5-4c08-a5cb-68
Last attempt @ 2005-04-18 10:30:54 failed, result 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
1 consecutive failure(s).
Last success @ 2005-04-18 09:56:30.
Default-First-Site-Name\CR
DC object GUID: a107ffdf-2cb0-4aae-aae2-fd
Last attempt @ 2005-04-18 10:31:41 failed, result 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
1 consecutive failure(s).
Last success @ 2005-04-18 09:56:30.
Source: Default-First-Site-Name\CR
******* 1 CONSECUTIVE FAILURES since 2005-04-18 09:56:30
Last error: 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
Source: Default-First-Site-Name\CR
******* 1 CONSECUTIVE FAILURES since 2005-04-18 09:56:30
Last error: 8524 (0x214c):
The DSA operation is unable to proceed because of a DNS lookup failure.
Do you have the server looking at an external DNS address?
http://support.microsoft.com/?kbid=263624
http://support.microsoft.com/?kbid=263624
ASKER
Nope. I verified this already. The servers are only looking at their own IP for DNS.
The old standard called for a 512 limit on DNS packets; yahoo returns a larger packet. The 512 limit is gone.