We have 5 external sites connecting in to HQ via VPN.
Each one of these sites has a global catalog server running DNS.
The following event shows up in the System log quite a lot.
The dynamic registration of the DNS record '_ldap._tcp.<string value>.domains._msdcs.<Domain Name>. 600 IN SRV 0 100 389 <DC Name>.' failed on the following DNS server:
DNS server IP address: <IP Address> or HQ DC.
Returned Response Code (RCODE): 5
Returned Status Code: 10054
For computers and users to locate this domain controller, this record must be registered in DNS.
Determine what might have caused this failure, resolve the problem, and initiate registration of the DNS records by the domain controller. To determine what might have caused this failure, run DCDiag.exe. You can find this program on the Windows Server 2003 installation CD in Support\Tools\support.cab. To learn more about DCDiag.exe, see Help and Support Center. To initiate registration of the DNS records by this domain controller, run 'nltest.exe /dsregdns' from the command prompt on the domain controller or restart Net Logon service. Nltest.exe is available in the Microsoft Windows Server Resource Kit CD.
Or, you can manually add this record to DNS, but it is not recommended.
Error Value: An existing connection was forcibly closed by the remote host.
For more information, see Help and Support Center at