Active Directory or DNS failure.

Posted on 2005-04-28
Last Modified: 2010-03-18
I think I may have totally screwed up my network.  I have a windows 2000 server with 13 workstations.  I installed active directory and everything was working smoothly.  I then got broadband and ended up having router problems.  I ended up switching my serve's ip address from 1.251 subnet to 0.251 to get to the a moron.  Well soon as that happened I came back to 1.251 and all sorts of authentication problems started hapenning.  I don't know what's going on...can anyone help?
Question by:candg
    LVL 6

    Accepted Solution

    Start by posting some errors from event viewer, check if the the server dns settings are correct.
    LVL 4

    Expert Comment

    Well if you change your IP and you are using DHCP you must also change the DHCP scope options since it will still point to the old IP and it will also give the users the old IP scope.
    LVL 6

    Expert Comment


    Id check dns and make sure there are no references to the .0 address since your now back on the .1 range.

    Hope this helps

    Author Comment

    I have checked the DNS and there are no references to .0 address and in the DHCP there has been no change either.  I'm thinking about uninstalling active directory and maybe reinstalling...any comments?

    Author Comment

    Event View Log System Log:
    The DHCP service encountered the following error when  backing up the database:
    An error occurred while accessing the DHCP database. Look at the
    DHCP server event log for more information on this error.
    The JET Database call returned the following error : -1032.  Additional Debug Information: JetBackup.

    Event view log DNS SERVER
    The DNS server encountered a packet addressed to itself -- IP address
    The DNS server should never be sending a packet to itself.  This situation usually indicates a configuration error.
    Check the following areas for possible self-send configuration errors:
      1) Forwarders list. (DNS servers should not forward to themselves).
      2) Master lists of secondary zones.
      3) Notify lists of primary zones.
      4) Delegations of subzones.  Must not contain NS record for this DNS server unless subzone is also on this server.
    Example of self-delegation:
      -> This DNS server is the primary for the zone
      -> The zone contains a delegation of to,
      ( NS
      -> BUT the zone is NOT on this server.
    Note, you should make this delegation check (with nslookup or DNS manager) both on this DNS server and on the server(s) you delegated the subzone to. It is possible that the delegation was done correctly, but that the primary DNS for the subzone, has any incorrect NS record pointing back at this server. If this incorrect NS record is cached at this server, then the self-send could result.  If found, the subzone DNS server admin should remove the offending NS record.

    Author Comment

    DNS Server has updated its own host (A) records.  In order to insure that its DS-integrated peer DNS servers are able to replicate with this server, an attempt was made to update them with the new records through dynamic update.  An error was encountered during this update, the record data is the error code.
    If this DNS server does not have any DS-integrated peers, then this error
    should be ignored.
    If this DNS server's ActiveDirectory replication partners do not have the correct IP address(es) for this server, they will be unable to replicate with it.
    To insure proper replication:
    1) Find this server's ActiveDirectory replication partners that run the DNS server.
    2) Open DnsManager and connect in turn to each of the replication partners.
    3) On each server, check the host (A record) registration for THIS server.
    4) Delete any A records that do NOT correspond to IP addresses of this server.
    5) If there are no A records for this server, add at least one A record corresponding to an address on this server, that the replication partner can contact.  (In other words, if there multiple IP addresses for this DNS server, add at least one that is on the same network as the ActiveDirectory DNS server you are updating.)
    6) Note, that is not necessary to update EVERY replication partner.  It is only necessary that the records are fixed up on enough replication partners so that every server that replicates with this server will receive (through replication) the new data.

    Author Comment

    I solved my problem.  There is a trust issue between, what i'm guessing is active directory and the workstations.  There is knowledge base artice.;en-us;162797  Thanks for the advice fellers....I'm going to have to give the points to bmquintas, because he told me to look in the event viewer..and i found my problem.  Thanks

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    Have you ever set up your wireless router at home or in the office to find that you little pop-up bubble in the bottom right-hand corner of Windows read "IP Conflict - One of more computers on the network have been assigned the following IP address"…
    Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now