DNS Issues with Active Directory

Recently Our DC (Windows 2003 Enterprise ED. Server) has been registering the following error in the event viewer:

The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "000020E3: SvcErr: DSID-031B063D, problem 5002 (UNAVAILABLE), data 0". The event data contains the error.

The error registers everyday around the same time, twice.

Nothing was changed in our network configuration that could have triggered this, and eventhough our knowledge of DNS is not extensive, we checked everything in DNS(nslookup) to see if DNS was malfunctioning, but it seems to be working properly. Also Active Directory doesn't seem to be malfunctioning. There are no signs of ill effect on the overall system either, but the errors are disturbing none the less.

Does anyone have any idea what is going on?

Assistance will be highly appreciated.

JT.
NVGEBEAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

KevNetCommented:
How many servers are you running, and how many running DNS.
As its at the same times each day, could be a replication problem
Seelan NaidooMicrosoft Systems AdminCommented:
I had that some time with Win2k and not win2k3. But it might still apply..

This problem occurs because Active Directory has a limitation of approximately 800 values that can be associated with a single object. In an Active Directory-integrated DNS zone, DNS names are represented by dnsNode objects, and DNS records are stored as values in the multi-valued dnsRecord attribute on dnsNode objects, causing the error messages.

I have documented the solution and its filed somewhere at work, and will look it up on Monday..
NVGEBEAuthor Commented:
We were running 2 DNS servers, one being the mailserver(Exchange 2003), which is also a DC, but since then I have stopped DNS on the Exchange Server to see if it would get rid of the error, but to no avail.

Active Directory seems to be replicating o.k. between the 2 DC's.



I would appreciate it very much SEANUK777 if you can forward me the information on Monday.

JT
OWASP: Forgery and Phishing

Learn the techniques to avoid forgery and phishing attacks and the types of attacks an application or network may face.

Seelan NaidooMicrosoft Systems AdminCommented:
I think the Event ID was 4015 - Can you verify this ?

Try the following:

Point each DNS server to the other as preferred, then point it to itself as an alternate DNS server.

Run the following and post the results:
netdiag /fix
and
dcdiag /fix



Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
NVGEBEAuthor Commented:
The event is indeed 4015.

I have made the recommended changes to the systems, and am waiting to see if this will resolve the issue.

I will inform you of te results.

Thank you for the support.

Regards,

JT
NVGEBEAuthor Commented:
Problems have become more intense. This morning our Exchange Server was down(reason unknown) All our accounts were locked out(except for some) and I keep getting access denied errors when trying to connect to AD from my workstation.

When starting AD on the DC, I have no problems, but remotely it returns an access denied error.

Querying the knowledge database, I tend to still think it's a DNS problem, but I have no idea how to repair DNS, other then uninstalling and reinstalling it. I get WINPROXY errors, all of a sudden, also.

Regards,

JT
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.