?
Solved

Active Directory/DNS problems

Posted on 2006-05-25
5
Medium Priority
?
3,259 Views
Last Modified: 2012-06-21
First off I am green when it comes to domain stuff in a windows enviroment.  

Here it goes;

I have a network installation I am working on.  There will be six 2003 Standard servers, one at head office and the remaining being in remote branches with VPN access.  For the time being I am working on the first of the branch server.  

Primary server is up and running with no problems, added second server and joined the AD.  I think that is all working as the Active directing is syncing.

The problem is when the server was connected to the PDC the DNS was pointing to the pdc's dns.  When I now set the Branch server to use its own DNS I get many errors.

Event Type:      Error
Event Source:      DNS
Event Category:      None
Event ID:      4015
Date:            5/25/2006
Time:            12:25:48 PM
User:            N/A
Computer:      MSC-ST
Description:
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "000021A2: SvcErr: DSID-030A09F3, problem 5001 (BUSY), data 0". The event data contains the error.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 33 00 00 00               3...    


I  cannot do a NSlookup using the branch serve but the Main Server works fine.

I get a ****Cannot find a server name for address......

So in short The DNS is all screwed up on the second server.  It may be in the Active Directory for Sites and Services.

I hope somebody can help.
0
Comment
Question by:Newellnet
  • 3
  • 2
5 Comments
 
LVL 33

Expert Comment

by:NJComputerNetworks
ID: 16762502
If you suspect your DNS is messed up, I would suggest to temporarily set the DNS TCP/IP on your DC's to point to one Windows 2003 DC/DNS.  This way, all DC's will register in the central DNS server.  After you do this, reboot the DC's so that the DNS records get updated.

Wait for replication to occur in your environment.  And run DCDIAG to verify that the DC's and DNS is working properly.  Also check the event logs to verify that no errors occur.  Then install the DNS service on your remote DC. (The service must be installed before you point clients to the DNS server)

The default way to implement DNS is to use Active Directory Integrated DNS.  This means that the DNS database is saved in Active Directory rather then a file on the Os.  The advantage of this is that the DNS database becomes fault tolerant because all DC's will have a the DNS database in AD...regardless of whether they actually have the DNS service installed and are servicing clients.

In any case, point your environment to one DNS server.  Wait for replication to occur...verify that no errors exist.  Then point your DNS server locally to themselves as primary and point to the other (remote) DNS server as secondary.  

0
 
LVL 33

Expert Comment

by:NJComputerNetworks
ID: 16762523
0
 

Author Comment

by:Newellnet
ID: 16762576
OK I uninstalled DNS on the Branch server, pointed the DNS to use the primary server and restarted.

When I did this I get alot less errors but here is a what I get now;

Event Type:      Warning
Event Source:      MSDTC
Event Category:      SVC
Event ID:      53258
Date:            5/25/2006
Time:            1:28:34 PM
User:            N/A
Computer:      MSC-ST
Description:
MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC will continue to function and will use the existing security settings. Error Specifics: d:\nt\com\complus\dtc\dtc\adme\uiname.cpp:9280, Pid: 1648
No Callstack,
 CmdLine: C:\WINDOWS\system32\msdtc.exe

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 05 00 07 80               ...€    
0
 
LVL 33

Accepted Solution

by:
NJComputerNetworks earned 2000 total points
ID: 16762706
0
 

Author Comment

by:Newellnet
ID: 16762989
Thanks the following worked to fix the above error

David Grant (Last update 4/12/2005):
I corrected the error by doing the following:
1. Click Start -> Administrative Tools -> Component Services.
2. Click the "+" next to Component services to expand it.
3. Right click "My Computer" in the right window pane and select Properties.
4. Click the MS DTC Tab.
5. Click the "Security Configuration" button, a dialog box appears. Click "OK".
6. Click "OK" on the "My Computer Properties" box; this will take you back to the console.
7. Right click "My Computer" and select "Stop MS DTC" (this stops the MSDTC service.
8. Again, right click "My Computer" and select "Start MS DTC".
By following the above steps, it appears that this sets the MS DTC defaults resolving the error messages. Check the event log to verify that the problem is gone. You might also want to restart the server to verify this.  


It still leaves me with the following errors, I thought they were related to the previous one so I did not mention it.

Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1097
Date:            5/25/2006
Time:            1:55:05 PM
User:            NT AUTHORITY\SYSTEM
Computer:      MSC-ST
Description:
Windows cannot find the machine account, The Local Security Authority cannot be contacted .

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


and;

Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1030
Date:            5/25/2006
Time:            1:55:05 PM
User:            NT AUTHORITY\SYSTEM
Computer:      MSC-ST
Description:
Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.




0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
The Relationships Diagram is a good way to get an overall view of what a database is keeping track of. It is also where relationships are defined. A relationship specifies how two tables connect to each other. As you build tables in Microsoft Ac…
How to fix display issue, screen flickering issue when I plug in power cord to the machine. Before I start explaining the solution lets check out once the issue how it looks like after I connect the power cord. most of you also have faced this…

616 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question