Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 688
  • Last Modified:

Event ID 2087

Hi,

Need help with this error on my server2:

Active Directory could not resolve the following DNS host name of the source domain controller to an IP address. This error prevents additions, deletions and changes in Active Directory from replicating between one or more domain controllers in the forest. Security groups, group policy, users and computers and their passwords will be inconsistent between domain controllers until this error is resolved, potentially affecting logon authentication and access to network resources.
 
Source domain controller:
 server
Failing DNS host name:
 75629aea-87c6-47a5-bb06-2722394ec279._msdcs.mydomain.com
 
NOTE: By default, only up to 10 DNS failures are shown for any given 12 hour period, even if more than 10 failures occur.  To log all individual failure events, set the following diagnostics registry value to 1:
 
Registry Path:
HKLM\System\CurrentControlSet\Services\NTDS\Diagnostics\22 DS RPC Client
 
User Action:
 
 1) If the source domain controller is no longer functioning or its operating system has been reinstalled with a different computer name or NTDSDSA object GUID, remove the source domain controller's metadata with ntdsutil.exe, using the steps outlined in MSKB article 216498.
 
 2) Confirm that the source domain controller is running Active directory and is accessible on the network by typing "net view \\<source DC name>" or "ping <source DC name>".
 
 3) Verify that the source domain controller is using a valid DNS server for DNS services, and that the source domain controller's host record and CNAME record are correctly registered, using the DNS Enhanced version of DCDIAG.EXE available on http://www.microsoft.com/dns 
 
  dcdiag /test:dns
 
 4) Verify that that this destination domain controller is using a valid DNS server for DNS services, by running the DNS Enhanced version of DCDIAG.EXE command on the console of the destination domain controller, as follows:
 
  dcdiag /test:dns
 
 5) For further analysis of DNS error failures see KB 824449:
   http://support.microsoft.com/?kbid=824449
 
Additional Data
Error value:
 11004 The requested name is valid, but no data of the requested type was found.


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
ITRick
Asked:
ITRick
  • 7
  • 5
  • 2
2 Solutions
 
Rob WilliamsCommented:
Have you tried #3/4 running DCDiag at a command line on your domain controller. DCDiag is available as part of the windows resource kit or from:
http://www3.ns.sympatico.ca/malagash/Downloads/Net/dcdiag.exe
Try as suggested
dcdiag.exe  /test:dns
or simply
dcdiag
and see if it reports any specific errors.
0
 
ITRickAuthor Commented:
Server:

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\SERVER
      Starting test: Connectivity
         ......................... SERVER passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\SERVER
      Starting test: Replications
         ......................... SERVER passed test Replications
      Starting test: NCSecDesc
         ......................... SERVER passed test NCSecDesc
      Starting test: NetLogons
         ......................... SERVER passed test NetLogons
      Starting test: Advertising
         ......................... SERVER passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... SERVER passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... SERVER passed test RidManager
      Starting test: MachineAccount
         ......................... SERVER passed test MachineAccount
      Starting test: Services
         ......................... SERVER passed test Services
      Starting test: ObjectsReplicated
         ......................... SERVER passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... SERVER passed test frssysvol
      Starting test: frsevent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... SERVER failed test frsevent
      Starting test: kccevent
         ......................... SERVER passed test kccevent
      Starting test: systemlog
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 07/16/2006   23:08:26
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 07/16/2006   23:08:26
            (Event String could not be retrieved)
         ......................... SERVER failed test systemlog
      Starting test: VerifyReferences
         ......................... SERVER passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : Domain
      Starting test: CrossRefValidation
         ......................... Domain passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Domain passed test CheckSDRefDom

   Running enterprise tests on : Domain.com
      Starting test: Intersite
         ......................... Domain.com passed test Intersite
      Starting test: FsmoCheck
         ......................... Domain.com passed test FsmoCheck

0
 
ITRickAuthor Commented:
Server2


Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\SERVER2
      Starting test: Connectivity
         ......................... SERVER2 passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\SERVER2
      Starting test: Replications
         ......................... SERVER2 passed test Replications
      Starting test: NCSecDesc
         ......................... SERVER2 passed test NCSecDesc
      Starting test: NetLogons
         Unable to connect to the NETLOGON share! (\\SERVER2\netlogon)
         [SERVER2] An net use or LsaPolicy operation failed with error 1203, No
network provider accepted the given network path..
         ......................... SERVER2 failed test NetLogons
      Starting test: Advertising
         Warning: DsGetDcName returned information for \\server.domain.com, wh
en we were trying to reach SERVER2.
         Server is not responding or is not considered suitable.
         ......................... SERVER2 failed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... SERVER2 passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... SERVER2 passed test RidManager
      Starting test: MachineAccount
         ......................... SERVER2 passed test MachineAccount
      Starting test: Services
         ......................... SERVER2 passed test Services
      Starting test: ObjectsReplicated
         ......................... SERVER2 passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... SERVER2 passed test frssysvol
      Starting test: frsevent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... SERVER2 failed test frsevent
      Starting test: kccevent
         ......................... SERVER2 passed test kccevent
      Starting test: systemlog
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 07/16/2006   23:08:09
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 07/16/2006   23:08:09
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 07/16/2006   23:22:18
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 07/16/2006   23:22:19
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 07/16/2006   23:22:19
            (Event String could not be retrieved)
         ......................... SERVER2 failed test systemlog
      Starting test: VerifyReferences
         ......................... SERVER2 passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : domain
      Starting test: CrossRefValidation
         ......................... domain passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... domain passed test CheckSDRefDom

   Running enterprise tests on : domain.com
      Starting test: Intersite
         ......................... domain.com passed test Intersite
      Starting test: FsmoCheck
         ......................... domain.com passed test FsmoCheck

0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
ITRickAuthor Commented:
Server2 DNS:

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\SERVER2
      Starting test: Connectivity
         ......................... SERVER2 passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\SERVER2

DNS Tests are running and not hung. Please wait a few minutes...

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : domain

   Running enterprise tests on : domain.com
      Starting test: DNS
         Test results for domain controllers:

            DC: server2.domain.com
            Domain: domain.com


               TEST: Forwarders/Root hints (Forw)
                  Error: Root hints list has invalid root hint server: a.root-se
rvers.net. (198.41.0.4)
                  Error: Root hints list has invalid root hint server: b.root-se
rvers.net. (192.228.79.201)
                  Error: Root hints list has invalid root hint server: c.root-se
rvers.net. (192.33.4.12)
                  Error: Root hints list has invalid root hint server: d.root-se
rvers.net. (128.8.10.90)
                  Error: Root hints list has invalid root hint server: e.root-se
rvers.net. (192.203.230.10)
                  Error: Root hints list has invalid root hint server: f.root-se
rvers.net. (192.5.5.241)
                  Error: Root hints list has invalid root hint server: g.root-se
rvers.net. (192.112.36.4)
                  Error: Root hints list has invalid root hint server: h.root-se
rvers.net. (128.63.2.53)
                  Error: Root hints list has invalid root hint server: i.root-se
rvers.net. (192.36.148.17)
                  Error: Root hints list has invalid root hint server: j.root-se
rvers.net. (192.58.128.30)
                  Error: Root hints list has invalid root hint server: k.root-se
rvers.net. (193.0.14.129)
                  Error: Root hints list has invalid root hint server: l.root-se
rvers.net. (198.32.64.12)
                  Error: Root hints list has invalid root hint server: m.root-se
rvers.net. (202.12.27.33)

         Summary of test results for DNS servers used by the above domain contro
llers:

            DNS server: 128.63.2.53 (h.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 128.63.2.53

            DNS server: 128.8.10.90 (d.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 128.8.10.90

            DNS server: 192.112.36.4 (g.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 192.112.36.4

            DNS server: 192.203.230.10 (e.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 192.203.230.10

            DNS server: 192.228.79.201 (b.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 192.228.79.201

            DNS server: 192.33.4.12 (c.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 192.33.4.12

            DNS server: 192.36.148.17 (i.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 192.36.148.17

            DNS server: 192.5.5.241 (f.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 192.5.5.241

            DNS server: 192.58.128.30 (j.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 192.58.128.30

            DNS server: 193.0.14.129 (k.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 193.0.14.129

            DNS server: 198.32.64.12 (l.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 198.32.64.12

            DNS server: 198.41.0.4 (a.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 198.41.0.4

            DNS server: 202.12.27.33 (m.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 202.12.27.33

         Summary of DNS test results:

                                            Auth Basc Forw Del  Dyn  RReg Ext
               ________________________________________________________________
            Domain: domain.com
               server2                      PASS PASS FAIL PASS PASS PASS n/a

         ......................... domain.com failed test DNS

0
 
ITRickAuthor Commented:
Ok... Those are the test I ran... dcdiag /test:dns passed all the way on server

The first post is Server the second post is Server2 at my second location Third post is the DNS test on Server2


If anyone knows how to fix this please let me know.

Also I had to change the name of the real domain name to just domain.


Thanks,
Rick
0
 
Rob WilliamsCommented:
In my opinion, something is not right with your DNS. Were there any specific errors in the Event logs?. If so could you post the Event ID's and Source. Check your DNS management console to make sure the Host records are correct for all servers.
Is this a new problem, or on going?
0
 
ITRickAuthor Commented:
13508
1006
1030

No errors in DNS Event logs... But all the other errors point to DNS.

0
 
Rob WilliamsCommented:
13508 may indicate the file replication service between the machines is being blocked. First step would be to at least temporarily disable the Windows, or any other software firewall, to see if there is an improvement.

The other two can be numerous things, one of which is an expired password, probably for a system service account.
Is the server with the above event errors an upgraded server from 2000, or has it been re-named?

Confirm on the server NIC's that they only point to your internal DNS servers, and the IP's are correct. Do not allow them to also point to the ISP.
0
 
ITRickAuthor Commented:
Well the DNS is getting worst on its own now... I posted its changes here:

http://www.experts-exchange.com/Operating_Systems/Windows_Server_2003/Q_21921846.html

0
 
Rob WilliamsCommented:
Any luck with your server changes ITRick ?
I have been following the other thread. You are in good hands with James/Jay_Jay70.
--Rob
0
 
ITRickAuthor Commented:
No luck yet haven't read all replies yet, been away for a couple of days.
0
 
Rob WilliamsCommented:
Thanks ITRick,
--Rob
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

  • 7
  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now