[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 578
  • Last Modified:

DNS not functioning... URGENT 500 points

Had to force demote a W2K server from a domain that was taken over by a new compnay( unbeknownst to client) anyhow...since have registered a new domain and set up on the demoted server and DNS will not create my _tcp _udp _msdcs and _sites folders. I have tried to recreate, have flushed dns registered dns, recreated the domain. I have tried everything on the posts I have found here on EE and am running out of options. I would prefer not to have to rebuild the server as it is just a temp server. Once it is functional I will be adding the 2 new Server 2003 servers and  demoting the W2K server. I just need it long enough to move 30 users over and long enough to move the 2 new servers onto the new domain...


Any suggestions would be greatly appreciated
















0
UMOS
Asked:
UMOS
  • 10
  • 5
  • 5
  • +1
2 Solutions
 
gpriceeeCommented:
http://support.microsoft.com/?id=257623

Go down to resolution.  It simply could be the suffix.
0
 
purplepomegraniteCommented:
You have Active Directory running on the Win2k server?
0
 
lrmooreCommented:

Windows 2000 DNS - Diagnosing Name Resolution Problems
http://www.microsoft.com/windows2000/techinfo/reskit/en-us/cnet/cncf_imp_zvri.asp

Windows 2000 DNS - Solving other common DNS problems
http://www.microsoft.com/windows2000/techinfo/reskit/en-us/cnet/cncf_imp_ibxf.asp
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
UMOSAuthor Commented:
Yes AD is running on the W2K server and was able to add a user to it
0
 
UMOSAuthor Commented:
gpriceee- it was not the suffix, any other ideas??
0
 
purplepomegraniteCommented:
Have you tried

Netdiag.exe /fix

from command prompt?  You will need to install the server support tools to get this command.
0
 
purplepomegraniteCommented:
Another article that refers to missing SRV information from DNS: http://support.microsoft.com/kb/241505/EN-US/
0
 
UMOSAuthor Commented:
yes I have run Netdiag.exe /fix and it comes up with errors and does not fx.

here are the results:

Computer Name: SERVEROLD
    DNS Host Name: ServerOld
    System info : Windows 2000 Server (Build 2195)
    Processor : x86 Family 6 Model 8 Stepping 6, GenuineIntel
    List of installed hotfixes :
        KB329115
        KB820888
        KB822831
        KB823182
        KB823559
        KB824105
        KB824151
        KB825119
        KB826232
        KB828035
        KB828741
        KB828749
        KB830352
        KB835732
        KB837001
        KB839643
        KB839645
        KB840315
        KB840987
        KB841356
        KB841533
        KB841872
        KB841873
        KB842526
        KB842773
        KB870763
        KB871250
        KB873333
        KB873339
        KB885250
        KB885834
        KB885835
        KB885836
        KB888113
        KB890175
        KB890859
        KB891781
        KB893066
        KB893086
        KB893803
        Q147222


Netcard queries test . . . . . . . : Passed
    [WARNING] The net card 'RAS Async Adapter' may not be working because it has not received any packets.



Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : ServerOld
        IP Address . . . . . . . . : 192.10.10.10
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.10.10.5
        Dns Servers. . . . . . . . : 192.10.10.13


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{AC4E62B1-5354-4BF1-82D5-EE8222F8402E}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed
    [WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
    [FATAL] Failed to fix: DC DNS entry local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-Site-Name._sites.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.gc._msdcs.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.c44782ac-fa3a-4583-a5f9-8c8d5040914c.domains._msdcs.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
    [FATAL] Failed to fix: DC DNS entry gc._msdcs.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
    [FATAL] Failed to fix: DC DNS entry fdd36a5b-013e-4fee-be6d-95c2ef6d7036._msdcs.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
    [FATAL] Failed to fix: DC DNS entry _kerberos._tcp.dc._msdcs.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
    [FATAL] Failed to fix: DC DNS entry _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.dc._msdcs.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
    [FATAL] Failed to fix: DC DNS entry _kerberos._tcp.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
    [FATAL] Failed to fix: DC DNS entry _kerberos._tcp.Default-First-Site-Name._sites.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
    [FATAL] Failed to fix: DC DNS entry _gc._tcp.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
    [FATAL] Failed to fix: DC DNS entry _gc._tcp.Default-First-Site-Name._sites.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
    [FATAL] Failed to fix: DC DNS entry _kerberos._udp.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
    [FATAL] Failed to fix: DC DNS entry _kpasswd._tcp.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
    [FATAL] Failed to fix: DC DNS entry _kpasswd._udp.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
    [FATAL] Fix Failed: netdiag failed to re-register missing DNS entries for this DC on DNS server '192.10.10.13'.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{AC4E62B1-5354-4BF1-82D5-EE8222F8402E}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{AC4E62B1-5354-4BF1-82D5-EE8222F8402E}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Failed
    [WARNING] The default SPN registration for 'HOST/SERVEROLD' is missing on DC 'ServerOld'.
    [WARNING] The default SPN registration for 'HOST/SERVEROLD' is missing on DC 'SERVER1'.
    [FATAL] The default SPNs are not properly registered on any DCs.


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Passed
    IPSec policy service is active, but no policy is assigned.


The command completed successfully
0
 
purplepomegraniteCommented:
If you look in the DNS event log, are there any errors there?  Also in the system event log, anything generated at the time you ran netdiag?
0
 
purplepomegraniteCommented:
The error means that the DNS server refused the update - so we need to establish why.  

Before you promoted the server to AD again, did you uninstall and reinstall the DNS?  Or was it left as is from the previous set-up?
0
 
UMOSAuthor Commented:
dns event log- registration of the DNS record_kerberos_udp.local139.org 600 in SRV 0 100 88 serverold failed with the following error DNS operation refused.
event 5744
----and___

The DNS server machine currently has no DNS domain name.  Its DNS name is a single label hostname with no domain (example:  "host" rather than "host.microsoft.com").
 
You might have forgotten to configure a primary DNS domain for the server computer. For more information, see either "DNS server log reference" or "To configure the primary DNS suffix for a client computer" in the online Help.
 
While the DNS server has only a single label name, all zones created will have default records (SOA and NS) created using only this single label name for the server's hostname.  This can lead to incorrect and failed referrals when clients and other DNS servers use these records to locate this server by name.
 
To correct this problem:
  1) open ControlPanel
  2) open System applet
  3) select NetworkIdentification tab
  4) click the "Properties" button and enter a domain name or workgroup name;  this name will be used as your DNS domain name
  5) reboot to initialize with new domain name
 
After reboot, the DNS server will attempt to fix up default records, substituting new DNS name of this server, for old single label name.  However, you should review to make sure zone's SOA and NS records now properly use correct domain name of this server.
0
 
UMOSAuthor Commented:
DNS was left from previous setup.
0
 
lrmooreCommented:
0
 
UMOSAuthor Commented:
also when running ipconfig the primary and connection speccific DNS entries are blank
0
 
UMOSAuthor Commented:
lrmoore - yes and to no avail
0
 
UMOSAuthor Commented:
do you recommend a rebuild...we have spent enough time researching this problem to have build 3 probably????
0
 
gpriceeeCommented:
Back from lunch . . . .
It seems like you're going through a lot for the 30 users.  It really doesn't take all that long to rebuild anyway, so why not?

You inherited it; why not take full control of it so you're not stuck there on weekends fixing something else.
0
 
gpriceeeCommented:
Out of curiosity, did you remove the old server via ADSI Edit?
0
 
UMOSAuthor Commented:
no did a dcpromo /force removal

see the whole host of problems we were faced with here and you can see where we started
http://www.experts-exchange.com/Operating_Systems/Windows_Server_2003/Q_21387459.html
0
 
gpriceeeCommented:
Did you ever resolve the SYSVOL issue?

"Computer W2KSERVER cannot become a

domain controller until this process is complete.

The system volume will then be shared as SYSVOL.

 

To check for the SYSVOL share, at the command

prompt, type:

net share

 

When File Replication Service completes the

initialization process, the SYSVOL share will

appear."
0
 
UMOSAuthor Commented:
W2Kserver is the old server prior to demotion...we have renamed it to serverold so I am not sure why this is showing up like it is.
0
 
gpriceeeCommented:
If you removed all accounts for it from Active Directory, and you're running into issues like this; I'd redo it.
You're at a client and want to ensure that what you do lasts.
0

Featured Post

Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

  • 10
  • 5
  • 5
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now