Solved

DNS question

Posted on 2006-11-22
12
912 Views
Last Modified: 2008-02-01
I have ran the netdiag tool with the following results for the DNS test.  Can someone translate this into English? Sorry first time setting up dns.




DNS test . . . . . . . . . . . . . : Failed
          [WARNING] Cannot find a primary authoritative DNS server for the name
            'pways50-fs1.pways50.com.'. [ERROR_TIMEOUT]
            The name 'pways50-fs1.pways50.com.' may not be registered in DNS.
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.pways50.com. re-registeration
 on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-Site-Name._site
s.pways50.com. re-registeration on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.pdc._msdcs.pways50.com. re-re
gisteration on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.gc._msdcs.pways50.com. re-reg
isteration on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-Site-Name._site
s.gc._msdcs.pways50.com. re-registeration on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.95a0b48d-9a62-4320-8d7a-f7653
0b7e593.domains._msdcs.pways50.com. re-registeration on DNS server '10.183.168.3
' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry 0eaf7fe7-9dbc-44b5-9088-9871d6a48d5b._ms
dcs.pways50.com. re-registeration on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _kerberos._tcp.dc._msdcs.pways50.com. re
-registeration on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _kerberos._tcp.Default-First-Site-Name._
sites.dc._msdcs.pways50.com. re-registeration on DNS server '10.183.168.3' faile
d.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.dc._msdcs.pways50.com. re-reg
isteration on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.ForestDnsZones.pways50.com. r
e-registeration on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-Site-Name._site
s.ForestDnsZones.pways50.com. re-registeration on DNS server '10.183.168.3' fail
ed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.DomainDnsZones.pways50.com. r
e-registeration on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-Site-Name._site
s.DomainDnsZones.pways50.com. re-registeration on DNS server '10.183.168.3' fail
ed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry pways50.com. re-registeration on DNS ser
ver '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry gc._msdcs.pways50.com. re-registeration
on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-Site-Name._site
s.dc._msdcs.pways50.com. re-registeration on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _kerberos._tcp.pways50.com. re-registera
tion on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _kerberos._tcp.Default-First-Site-Name._
sites.pways50.com. re-registeration on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _gc._tcp.pways50.com. re-registeration o
n DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _gc._tcp.Default-First-Site-Name._sites.
pways50.com. re-registeration on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _kerberos._udp.pways50.com. re-registera
tion on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _kpasswd._tcp.pways50.com. re-registerat
ion on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry _kpasswd._udp.pways50.com. re-registerat
ion on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry ForestDnsZones.pways50.com. re-registera
tion on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Failed to fix: DC DNS entry DomainDnsZones.pways50.com. re-registera
tion on DNS server '10.183.168.3' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
    [FATAL] Fix Failed: netdiag failed to re-register missing DNS entries for th
is DC on DNS server '10.183.168.3'.
    [FATAL] No DNS servers have the DNS records for this DC registered.



thanks for your help.
0
Comment
Question by:nkeever
12 Comments
 
LVL 3

Expert Comment

by:overcld9
ID: 17997918
What exactly are you trying to accomplish here?

Are you trying to setup DNS on your local domain?

IS this server going to be a webserver or host exchange?

Is this server a 2000 to 2003 upgrade?

0
 

Author Comment

by:nkeever
ID: 17997967
Trying to setup DNS for local domain. No webserver and no exchange. Server 2003.

thanks
0
 
LVL 19

Expert Comment

by:feptias
ID: 17998615
It sounds like you have not set the Preferred DNS server on the DC to point to itself. You can check the setting by typing "ipconfig /all" at the command prompt and look for the setting of "Preferred DNS server". You change the setting in the TCP/IP properties of the network interface (right-click My Network Places and select Properties, then right-click on "Local Area Connection" and select Properties again).

What this means is that if the Domain Controller has an IP address of, say, 192.168.1.250 then the setting for Preferred DNS server should be 192.168.1.250. You must have the DNS server service installed and running on the DC.
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 

Author Comment

by:nkeever
ID: 17998681
Your suggestions have been verified and passed inspection. Next step or any other suggestions?
Thanks again
0
 
LVL 23

Expert Comment

by:gecko_au2003
ID: 17998751
have you manually configured your forward and reverse lookup zones ?
0
 
LVL 19

Expert Comment

by:feptias
ID: 17998772
I assume that means that Preferred DNS server is already pointing to itself, yes?
Next step: Open the DNS Management Console and navigate to the Forward Lookup Zones. Find the FLZ that has the same name as your Windows domain. Right-click on it and select Properties. What is the setting for Dynamic Updates? It should be Nonsecure and secure.
0
 
LVL 19

Expert Comment

by:feptias
ID: 17998812
Should have said, Secure updates is good too (probably better) - the options available depend partly on whether the zone is AD-Integrated or not.
0
 

Author Comment

by:nkeever
ID: 17998934
feptias
That is what i have.
Also what is the benefit to having the zone AD-intergrated?
Thanks again

I am heading out of the office soon and will not be back until Monday. Thanks for your help.
0
 
LVL 19

Expert Comment

by:feptias
ID: 17999041
AD-Integrated zones are automatically replicated to other DC's in the domain. Not much benefit if you only have one DC. The point I was making is not whether it is AD-Integrated, just that it must allow dynamic updates. If dynamic updates is set to None, then the DC will not be able to create all the records and sub-folders that are required in DNS. That would match with the original description of your problem.

Have you tried running DCDIAG?
0
 

Author Comment

by:nkeever
ID: 18019245
Just ran dcdiag and here are the results. While i wait for a reply i will try and figure out what this all means. thanks




   Testing server: Default-First-Site-Name\PWAYS50-FS1
      Starting test: Connectivity
         The host 0eaf7fe7-9dbc-44b5-9088-9871d6a48d5b._msdcs.pways50.com could
not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name
         (0eaf7fe7-9dbc-44b5-9088-9871d6a48d5b._msdcs.pways50.com) couldn't be
         resolved, the server name (pways50-fs1.pways50.com) resolved to the IP
         address (10.183.168.3) and was pingable.  Check that the IP address is
         registered correctly with the DNS server.
         ......................... PWAYS50-FS1 failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\PWAYS50-FS1
      Skipping all tests, because server PWAYS50-FS1 is
      not responding to directory service requests

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : pways50
      Starting test: CrossRefValidation
         ......................... pways50 passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... pways50 passed test CheckSDRefDom

   Running enterprise tests on : pways50.com
      Starting test: Intersite
         ......................... pways50.com passed test Intersite
      Starting test: FsmoCheck
         ......................... pways50.com passed test FsmoCheck

C:\Program Files\Support Tools>
0
 
LVL 19

Accepted Solution

by:
feptias earned 500 total points
ID: 18026998
Open the DNS Management Console on the DC and navigate to the Forward Lookup Zones. In there you should see a zone called pways50.com and it should contain a Host (A) record called "pways50-fs1" with a Data value of 10.183.168.3.

Below pways50.com there should be a folder called _msdcs. In _msdcs there should be an Alias (CNAME) record called "0eaf7fe7-9dbc-44b5-9088-9871d6a48d5b" with a data value of "pways50-fs1.pways50.com".

If the DNS forward lookup zones do not have that structure and contain those resource records then please try the following:
Set the zone type for pways50.com as AD-Integrated
Set the dynamic updates as "Secure only"
Now restart the Windows Netlogon service (or reboot the DC)
Look again at the DNS fwd lookup zones mentioned above, but you may need to select refresh from the Action drop down menu or the right-click pop-up menu to make sure you are looking at current info.

It would also be useful to see the output from ipconfig /all on the DC - can you post that please.

Finally, here are some links that might help (copied from an answer posted by another expert, so I hope they are ok):
What are the most common DNS related Dcpromo errors? How do I fix them?
http://www.petri.co.il/troubleshooting_dcpromo_errors.htm
10 DNS Errors That Will Kill Your Network
http://www.mcpmag.com/features/article.asp?EditorialsID=413
Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382
Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003
http://support.microsoft.com/?kbid=825036
How to Verify the Creation of SRV Records for a Domain Controller
http://support.microsoft.com/?kbid=241515
0
 

Author Comment

by:nkeever
ID: 18028134
Ok I followed your instructions and now see the folders you mentioned. My original problem was that after 8 hours I would lose my mapped connection to my server and would have to log out and log back in to get the drives to work. After following your instruction and restarting the netlogon service I went to two of my workstations that were not able to connect to the server this morning and tried them again. Without having to log off and back on I was able to connect to my server. After reviewing some of the post on this site everything came down to DNS. So the first test has passed, and now I will wait for 8 hours and make sure everything is still working wonderfully before reporting back. Thanks for all your help.

0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question