UMOS
asked on
DNS not functioning... URGENT 500 points
Had to force demote a W2K server from a domain that was taken over by a new compnay( unbeknownst to client) anyhow...since have registered a new domain and set up on the demoted server and DNS will not create my _tcp _udp _msdcs and _sites folders. I have tried to recreate, have flushed dns registered dns, recreated the domain. I have tried everything on the posts I have found here on EE and am running out of options. I would prefer not to have to rebuild the server as it is just a temp server. Once it is functional I will be adding the 2 new Server 2003 servers and demoting the W2K server. I just need it long enough to move 30 users over and long enough to move the 2 new servers onto the new domain...
Any suggestions would be greatly appreciated
Any suggestions would be greatly appreciated
You have Active Directory running on the Win2k server?
Windows 2000 DNS - Diagnosing Name Resolution Problems
http://www.microsoft.com/windows2000/techinfo/reskit/en-us/cnet/cncf_imp_zvri.asp
Windows 2000 DNS - Solving other common DNS problems
http://www.microsoft.com/windows2000/techinfo/reskit/en-us/cnet/cncf_imp_ibxf.asp
ASKER
Yes AD is running on the W2K server and was able to add a user to it
ASKER
gpriceee- it was not the suffix, any other ideas??
Have you tried
Netdiag.exe /fix
from command prompt? You will need to install the server support tools to get this command.
Netdiag.exe /fix
from command prompt? You will need to install the server support tools to get this command.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
yes I have run Netdiag.exe /fix and it comes up with errors and does not fx.
here are the results:
Computer Name: SERVEROLD
DNS Host Name: ServerOld
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 6 Model 8 Stepping 6, GenuineIntel
List of installed hotfixes :
KB329115
KB820888
KB822831
KB823182
KB823559
KB824105
KB824151
KB825119
KB826232
KB828035
KB828741
KB828749
KB830352
KB835732
KB837001
KB839643
KB839645
KB840315
KB840987
KB841356
KB841533
KB841872
KB841873
KB842526
KB842773
KB870763
KB871250
KB873333
KB873339
KB885250
KB885834
KB885835
KB885836
KB888113
KB890175
KB890859
KB891781
KB893066
KB893086
KB893803
Q147222
Netcard queries test . . . . . . . : Passed
[WARNING] The net card 'RAS Async Adapter' may not be working because it has not received any packets.
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : ServerOld
IP Address . . . . . . . . : 192.10.10.10
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.10.10.5
Dns Servers. . . . . . . . : 192.10.10.13
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{AC4E62B1-5354 -4BF1-82D5 -EE8222F84 02E}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Failed
[FATAL] Failed to fix: DC DNS entry local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-S ite-Name._ sites.loca l139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.gc._msdcs.local 139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-S ite-Name._ sites.gc._ msdcs.loca l139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.c44782ac-fa3a-4 583-a5f9-8 c8d5040914 c.domains. _msdcs.loc al139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry gc._msdcs.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry fdd36a5b-013e-4fee-be6d-95 c2ef6d7036 ._msdcs.lo cal139.org . re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _kerberos._tcp.dc._msdcs.l ocal139.or g. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _kerberos._tcp.Default-Fir st-Site-Na me._sites. dc._msdcs. local139.o rg. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.dc._msdcs.local 139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-S ite-Name._ sites.dc._ msdcs.loca l139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _kerberos._tcp.local139.or g. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _kerberos._tcp.Default-Fir st-Site-Na me._sites. local139.o rg. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _gc._tcp.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _gc._tcp.Default-First-Sit e-Name._si tes.local1 39.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _kerberos._udp.local139.or g. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _kpasswd._tcp.local139.org . re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _kpasswd._udp.local139.org . re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Fix Failed: netdiag failed to re-register missing DNS entries for this DC on DNS server '192.10.10.13'.
[FATAL] No DNS servers have the DNS records for this DC registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{AC4E62B1-5354 -4BF1-82D5 -EE8222F84 02E}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{AC4E62B1-5354 -4BF1-82D5 -EE8222F84 02E}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Failed
[WARNING] The default SPN registration for 'HOST/SERVEROLD' is missing on DC 'ServerOld'.
[WARNING] The default SPN registration for 'HOST/SERVEROLD' is missing on DC 'SERVER1'.
[FATAL] The default SPNs are not properly registered on any DCs.
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Passed
IPSec policy service is active, but no policy is assigned.
The command completed successfully
here are the results:
Computer Name: SERVEROLD
DNS Host Name: ServerOld
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 6 Model 8 Stepping 6, GenuineIntel
List of installed hotfixes :
KB329115
KB820888
KB822831
KB823182
KB823559
KB824105
KB824151
KB825119
KB826232
KB828035
KB828741
KB828749
KB830352
KB835732
KB837001
KB839643
KB839645
KB840315
KB840987
KB841356
KB841533
KB841872
KB841873
KB842526
KB842773
KB870763
KB871250
KB873333
KB873339
KB885250
KB885834
KB885835
KB885836
KB888113
KB890175
KB890859
KB891781
KB893066
KB893086
KB893803
Q147222
Netcard queries test . . . . . . . : Passed
[WARNING] The net card 'RAS Async Adapter' may not be working because it has not received any packets.
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : ServerOld
IP Address . . . . . . . . : 192.10.10.10
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.10.10.5
Dns Servers. . . . . . . . : 192.10.10.13
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{AC4E62B1-5354
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Failed
[FATAL] Failed to fix: DC DNS entry local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-S
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.gc._msdcs.local
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-S
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.c44782ac-fa3a-4
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry gc._msdcs.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry fdd36a5b-013e-4fee-be6d-95
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _kerberos._tcp.dc._msdcs.l
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _kerberos._tcp.Default-Fir
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.dc._msdcs.local
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-S
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _kerberos._tcp.local139.or
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _kerberos._tcp.Default-Fir
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _gc._tcp.local139.org. re-registeration on DNS server '192.10.10.13' failed.
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _gc._tcp.Default-First-Sit
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _kerberos._udp.local139.or
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _kpasswd._tcp.local139.org
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Failed to fix: DC DNS entry _kpasswd._udp.local139.org
DNS Error code: DNS_ERROR_RCODE_REFUSED
[FATAL] Fix Failed: netdiag failed to re-register missing DNS entries for this DC on DNS server '192.10.10.13'.
[FATAL] No DNS servers have the DNS records for this DC registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{AC4E62B1-5354
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{AC4E62B1-5354
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Failed
[WARNING] The default SPN registration for 'HOST/SERVEROLD' is missing on DC 'ServerOld'.
[WARNING] The default SPN registration for 'HOST/SERVEROLD' is missing on DC 'SERVER1'.
[FATAL] The default SPNs are not properly registered on any DCs.
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Passed
IPSec policy service is active, but no policy is assigned.
The command completed successfully
If you look in the DNS event log, are there any errors there? Also in the system event log, anything generated at the time you ran netdiag?
The error means that the DNS server refused the update - so we need to establish why.
Before you promoted the server to AD again, did you uninstall and reinstall the DNS? Or was it left as is from the previous set-up?
Before you promoted the server to AD again, did you uninstall and reinstall the DNS? Or was it left as is from the previous set-up?
ASKER
dns event log- registration of the DNS record_kerberos_udp.local1 39.org 600 in SRV 0 100 88 serverold failed with the following error DNS operation refused.
event 5744
----and___
The DNS server machine currently has no DNS domain name. Its DNS name is a single label hostname with no domain (example: "host" rather than "host.microsoft.com").
You might have forgotten to configure a primary DNS domain for the server computer. For more information, see either "DNS server log reference" or "To configure the primary DNS suffix for a client computer" in the online Help.
While the DNS server has only a single label name, all zones created will have default records (SOA and NS) created using only this single label name for the server's hostname. This can lead to incorrect and failed referrals when clients and other DNS servers use these records to locate this server by name.
To correct this problem:
1) open ControlPanel
2) open System applet
3) select NetworkIdentification tab
4) click the "Properties" button and enter a domain name or workgroup name; this name will be used as your DNS domain name
5) reboot to initialize with new domain name
After reboot, the DNS server will attempt to fix up default records, substituting new DNS name of this server, for old single label name. However, you should review to make sure zone's SOA and NS records now properly use correct domain name of this server.
event 5744
----and___
The DNS server machine currently has no DNS domain name. Its DNS name is a single label hostname with no domain (example: "host" rather than "host.microsoft.com").
You might have forgotten to configure a primary DNS domain for the server computer. For more information, see either "DNS server log reference" or "To configure the primary DNS suffix for a client computer" in the online Help.
While the DNS server has only a single label name, all zones created will have default records (SOA and NS) created using only this single label name for the server's hostname. This can lead to incorrect and failed referrals when clients and other DNS servers use these records to locate this server by name.
To correct this problem:
1) open ControlPanel
2) open System applet
3) select NetworkIdentification tab
4) click the "Properties" button and enter a domain name or workgroup name; this name will be used as your DNS domain name
5) reboot to initialize with new domain name
After reboot, the DNS server will attempt to fix up default records, substituting new DNS name of this server, for old single label name. However, you should review to make sure zone's SOA and NS records now properly use correct domain name of this server.
ASKER
DNS was left from previous setup.
ASKER
also when running ipconfig the primary and connection speccific DNS entries are blank
ASKER
lrmoore - yes and to no avail
ASKER
do you recommend a rebuild...we have spent enough time researching this problem to have build 3 probably????
Back from lunch . . . .
It seems like you're going through a lot for the 30 users. It really doesn't take all that long to rebuild anyway, so why not?
You inherited it; why not take full control of it so you're not stuck there on weekends fixing something else.
It seems like you're going through a lot for the 30 users. It really doesn't take all that long to rebuild anyway, so why not?
You inherited it; why not take full control of it so you're not stuck there on weekends fixing something else.
Out of curiosity, did you remove the old server via ADSI Edit?
ASKER
no did a dcpromo /force removal
see the whole host of problems we were faced with here and you can see where we started
https://www.experts-exchange.com/questions/21387459/when-trying-to-demote-a-server-and-remove-using-DCPROMO.html
see the whole host of problems we were faced with here and you can see where we started
https://www.experts-exchange.com/questions/21387459/when-trying-to-demote-a-server-and-remove-using-DCPROMO.html
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
W2Kserver is the old server prior to demotion...we have renamed it to serverold so I am not sure why this is showing up like it is.
If you removed all accounts for it from Active Directory, and you're running into issues like this; I'd redo it.
You're at a client and want to ensure that what you do lasts.
You're at a client and want to ensure that what you do lasts.
Go down to resolution. It simply could be the suffix.