Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 662
  • Last Modified:

Dns error 4016 and Computer restarts

I have one windows 2003 server. DNS is configured corrected with active directory integrated zone. Performaing, nslookpu correctly
give the IP address and visa versa. DNS server is pointed to itself. 10.1.1.10 I have both a forward and reverse lookup zones.

All computers can connect to server ok and go online without any problem. However, I continue to get only error 4016.. DNS Connection timed out attempting an active directory connection. Please get to see Active Directory is functioning correct. No other errors in system log or application log.

My domain is xxx.com and there is an actual company out there with xxx.com domain that is not us. So is it possible that it is trying to search for that domain and that domain fails to reply with the result the DNS log fill up and times out and it crashes.

Please help. I am helping a church.

Biren
0
birenshukla
Asked:
birenshukla
  • 15
  • 9
  • 9
2 Solutions
 
birenshuklaAuthor Commented:
There were a couple of HOST A records called 192.168.0.11 when this server was in a different network. I went and deleted those from everywhere in the DNS zones. Right now the DNS errors are not occuring. But like last night there was whole bunch of errors. So I am not sure what is triggering all of a sudden DNS errors.
0
 
TheCleanerCommented:
If the clients, etc, are all pointing internally for DNS resolution, than that DNS server should be the one resolving where AD is internally, etc.  (my point being that it shouldn't ever go externally for information about AD)

Have you done a netdiag to verify everything is working right?
0
 
birenshuklaAuthor Commented:
My DHCP is on the router and DNS on the server. Does dcdiag.exe differ from win 2000 and win 2003. I donwloaded and installed dcdiag.exe but I do under see ig under resource kit tools. I looked at the command prompt and there is no cddiag or netdiag but other tools. Can you give me a link to windows 2003 resource tools.

thanks
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
TheCleanerCommented:
0
 
birenshuklaAuthor Commented:
ok. I will try that. Also, I recently added the reverse lookup zone. Do I really need a reverse look up zone? I see errors in System log last night
Source: KDC Event Id 7 Security account manager failed KDC in an unexpected way. the error is in the data field. the account name was mchampman@xxx.com and I have other accounts @xxx.com. I also have adminsitrator@xxx.com...this was around the same time DNS errors were occuring...Any suggestions
0
 
birenshuklaAuthor Commented:
I think i have downloaded the same thing. This resource kit does not have dcdiag or netdiag. I am running it from the command prompt of d:
program files\resource kits\
do not have the OS CD.
is is safe to delete Reverse lookup zone.

0
 
Netman66Commented:
If I were you, I would shut off DHCP on the router and set it up on the server.  This will eliminate one problem.  My bet is the router is handing out DNS for the ISP to the clients.

You cannot have the ISP DNS server anywhere inside your LAN except on the Forwarder tab of your DNS server.

0
 
TheCleanerCommented:
dcdiag and netdiag are on the OS CD under support tools....they may be online as well, but I haven't looked elsewhere.

The reverse lookup zone isn't required internally, but it helps if you are going to do IP to name resolution.

There was a KB article about the event 7, but it pertains to 2000 server:  http://support.microsoft.com/kb/812499/en-us


I would delete the reverse lookup zone, and then if you need to add it, follow the instructions here:

http://technet2.microsoft.com/WindowsServer/en/Library/c12222ef-8350-48bc-8b48-25f78681d2a01033.mspx
http://technet2.microsoft.com/WindowsServer/en/Library/13dc5ca8-512a-42a9-9cc9-1a318722d66d1033.mspx
0
 
TheCleanerCommented:
oh...good find Netman66, I didn't even notice the statement he made about where his DHCP is...

Birenshukla...what is the Primary and Secondary DNS entries for a client?
0
 
birenshuklaAuthor Commented:
Ok. running netdiag...the netcard queries test failed. gets stats failed for Broadcom Gigabit Controller. none of the netcard provided satisfactory results. All other test passed.

All test in dcdiag passed.

The client Primary dns is my server 10.1.1.10 and DCHP and gateway as I said is 10.1.1.1. I agree that DHCP should be on the server but i am not sure if that is what the problem is here. I am troubleshooting remotely so wont be able to do that now.

I will delete reverse zone because we do not have an absolute need to do ip translation.

ISP's DNS is not used anywhere on the LAN on clients or the server.
0
 
birenshuklaAuthor Commented:
results from running dcdiag /test:dns


Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests
   
   Testing server: Default-First-Site\MUMBAI
      Starting test: Connectivity
         ......................... MUMBAI passed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site\MUMBAI
   
   Running partition tests on : TAPI3Directory
   
   Running partition tests on : ForestDnsZones
   
   Running partition tests on : DomainDnsZones
   
   Running partition tests on : Schema
   
   Running partition tests on : Configuration
   
   Running partition tests on : Company Name
   
   Running enterprise tests on : CompanyName.com
      Starting test: DNS
         Test results for domain controllers:
           
            DC: mumbai.ForumInfoTech.com
            Domain: CompanyName.com

                 
               TEST: Forwarders/Root hints (Forw)
                  Error: Root hints list has invalid root hint server: a.root-servers.net. (198.41.0.4)
                  Error: Root hints list has invalid root hint server: b.root-servers.net. (192.228.79.201)
                  Error: Root hints list has invalid root hint server: c.root-servers.net. (192.33.4.12)
                  Error: Root hints list has invalid root hint server: d.root-servers.net. (128.8.10.90)
                  Error: Root hints list has invalid root hint server: e.root-servers.net. (192.203.230.10)
                  Error: Root hints list has invalid root hint server: f.root-servers.net. (192.5.5.241)
                  Error: Root hints list has invalid root hint server: g.root-servers.net. (192.112.36.4)
                  Error: Root hints list has invalid root hint server: h.root-servers.net. (128.63.2.53)
                  Error: Root hints list has invalid root hint server: i.root-servers.net. (192.36.148.17)
                  Error: Root hints list has invalid root hint server: j.root-servers.net. (192.58.128.30)
                  Error: Root hints list has invalid root hint server: k.root-servers.net. (193.0.14.129)
                  Error: Root hints list has invalid root hint server: l.root-servers.net. (198.32.64.12)
                  Error: Root hints list has invalid root hint server: m.root-servers.net. (202.12.27.33)
         
         Summary of test results for DNS servers used by the above domain controllers:

            DNS server: 128.63.2.53 (h.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.63.2.53
               
            DNS server: 128.8.10.90 (d.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.8.10.90
               
            DNS server: 192.112.36.4 (g.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.112.36.4
               
            DNS server: 192.203.230.10 (e.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.203.230.10
               
            DNS server: 192.228.79.201 (b.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.228.79.201
               
            DNS server: 192.33.4.12 (c.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.33.4.12
               
            DNS server: 192.36.148.17 (i.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.36.148.17
               
            DNS server: 192.5.5.241 (f.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.5.5.241
               
            DNS server: 192.58.128.30 (j.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.58.128.30
               
            DNS server: 193.0.14.129 (k.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 193.0.14.129
               
            DNS server: 198.32.64.12 (l.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 198.32.64.12
               
            DNS server: 198.41.0.4 (a.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 198.41.0.4
               
            DNS server: 202.12.27.33 (m.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 202.12.27.33
               
         Summary of DNS test results:
         
                                            Auth Basc Forw Del  Dyn  RReg Ext  
               ________________________________________________________________
            Domain: companyname.com
               mumbai                       PASS PASS FAIL PASS PASS PASS n/a  
         
         ......................... companyname.com failed test DNS
0
 
Netman66Commented:
Your server is querying the ISP and the root hints for the existence of itself - remove any ISP DNS server settings from the server's NIC.

You should also set Forwarding to the ISP.

0
 
birenshuklaAuthor Commented:
Ok. There is no reference to ISP's DNS other than gateway information on the NIC. However, I just added the ISP's DNS server in the forwarder list. or should I add the gateway ip in teh forwarder.

the dcdiag dns test is not running after i added
0
 
birenshuklaAuthor Commented:
after adding what I did I am starting to receive DCOM error in system log.
it says could nto communicate with IP address wit the configured protocol event id 10009
0
 
birenshuklaAuthor Commented:
the ip address was the isp's dns server that i picked up from the router. I removed those ip from the forwarder and put the gateway ip address
0
 
Netman66Commented:
I'm not sure how this is all configured, but my bet is on the router supplying DHCP.

The errors in your last log indicate it is looking for valid DNS entries for your server on the root hints servers.  

Is the IP for the server being given out by the router?

The Gateway should be the router for all workstations and the server.

Can you provide an IPCONFIG /all for the server here?

0
 
Netman66Commented:
You will require a Reverse Zone for AD, so removing that might be causing some of the results we now see.

0
 
Netman66Commented:
Check the Forward Zone also - see if there are any entries in there for something that is NOT in your network.  I'm wondering if the NIC was given ISP info and it registered in DNS as such.

0
 
birenshuklaAuthor Commented:
thanks for your help.

the server has static ip. I changed the forwarder to the ip address of the gateway and ran the dcdiag test. All the tests passed. Howerver, the system log contines to throw DCOM error could nto communicate with the gateway ip.

The ip for the server is NOT given by router. it is static.

Gateway is the router for all wks and server.

I am sorry but I am pretty confident that the ipconfig info is correct.

I thik we are close. I has to do with the forwarding. Where do those root hints come from and how can you verify that they are valid DNS entries? This server used to be in a different network.

Any ideas?
0
 
TheCleanerCommented:
The DNS should be configured as follows:

ON the DNS server, set the DNS primary to itself, don't put in a secondary (for now)

Inside DNS, remove anything from the forwarders tab. (just for testing for now, it will use root hints)


I agree with netman that an IPconfig will help.
0
 
birenshuklaAuthor Commented:
I havent removed reverse DNS yet. I checked the forwarded earlier today and remove a 192.168...ip from earlier network. Actually, i removed every reference of that ip from the DNS.
0
 
TheCleanerCommented:
Your dcdiag passes now, because your "gateway" is now forwarding outgoing requests using its primary DNS entry.


The Root Hints servers are basically "root DNS servers" on the internet.  Their current valid addresses are here:

http://www.internic.net/zones/named.root
0
 
TheCleanerCommented:
Also, check in DNS in your forward lookup zone for all NS (name server) records.  The only ones listed should be your server and any other internal DNS server if there is one.
0
 
Netman66Commented:
If the server was on a different network then this is significant if the IP address was changed.

If so, remove ALL entries in every contiainer in DNS that has a bad IP address.  Restart the Netlogon service on the DC and it will reregister.

0
 
birenshuklaAuthor Commented:
The cleaner...I got your points thanks.
Checked DNS forward records and just like to said name server is mumbai.xxx.com
and rest are A records of my workstation. For all you konw, we may have resovled the probem. I havent seen any dns
logs since 10AM this morning. I have tried to put both the gateway ip and ISP's DNS server ip in forwarded and got a
dcom error on both. We do not have a concenses on what it should be?

Windows IP Configuration

   Host Name . . . . . . . . . . . . : mumbai
   Primary Dns Suffix  . . . . . . . : xxx.com
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : xxx.com

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme 5751 Gigabit Con
r
   Physical Address. . . . . . . . . : 00-13-20-09-C0-CF
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 10.1.1.10
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.1.1.1
   DNS Servers . . . . . . . . . . . : 10.1.1.10
0
 
TheCleanerCommented:
If you want to know your ISP's DNS servers they want you to use, just call them.

Or you can remote into the router at 10.1.1.1 and look and see what its DNS settings are, and just use the same in your forwarder.
0
 
birenshuklaAuthor Commented:
that is exactly what i did but it gave me the DCOM error on those. I know logically that is what it should be. I only got two DCOM error for two IP's. Since removing the remanants of 192.168...I had not restarted the netlogon service.
I just did.
Friends, I think i will continue to monitor the log and look for any errors. I will let you guys know what it is doign tomorrow. Thanks a bunch for your promptness and enlightening suggestions.
0
 
Netman66Commented:
WINS Proxy Enabled. . . . . . . . : Yes

I'm not sure this is the desired effect - is it?

Unless you have RAS or VPN capablility the requires this, then you can disable it.

http://support.microsoft.com/?kbid=319848

0
 
birenshuklaAuthor Commented:
we have a combination of 2000 and xp wks. earlier, i was seeing some slowness in internet on some workstations. But adding the ip address of server in wins made a huge difference. I am not sure if I need it. I suspect that due the the forwarding not set, there was some slowness. once i do not see any errors in event log, i will definately remove it. Thanks for a great suggestion!
0
 
Netman66Commented:
Yes, if you are not using WINS on the server then putting the server on the WINS tab of the client just caused it to forward WINS broadcasts (likely) to the router.

Once DNS is working properly, this should be disabled since you have no WINS servers locally.

0
 
birenshuklaAuthor Commented:
Guys. Without deleted the reverse lookup zone and just deleted all references to old subnet from DNS and setting up the forwarding seems to have resolved the problem. My many thanks to both of you for your promptness and help in this very important matter. The server is not longer rebooting. However, I am receiving a new error in my System Log from one computer about Master Browser etc Event ID 8003. I don't think that this is a major issue but I am working on it to nail it down. Funny that it started happening around the time we messed with DNS.
0
 
Netman66Commented:
Master browser election entries are normal.  Unless it specifically complains it cannot find any, then these are safe to ignore.
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

  • 15
  • 9
  • 9
Tackle projects and never again get stuck behind a technical roadblock.
Join Now