Link to home
Start Free TrialLog in
Avatar of usmansultan
usmansultanFlag for Australia

asked on

DNS name does not exist

I am using windows 2003 standard edition (R2) as a domain controller and one more server would be added later on as an exchange server, but right now the problem i am facing is whenever  i tried to hook any client with windows xpon it  to windows 2003 i received the error which i have pasted below, later on there would around 40 computer that would be added to the server but  i wasted nearly whole day try to solve this problem, i removed AD from server and installed it again and also tried to changing and installing DNS few times but nothing seems to work out, i am using a static IP (192.168.0.10) and a gateway(192.168.0.1), i am using the DNS that we recieved from our ISP which we are also using in oulook, the DNS settings that we are using are=Primary DNS: 203.110.136.142, Alternate DNS: 203.110.136.131, i tried using a different DNS as well like 127.0.0.1, but it didnt workedl, same error, i think i have done something wrong in Forward lookup in DNS settings but not sure how to correct it, any help or guidance would be highly appreciated, as i am not sure what to do next. Thanks.



The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain EC3GLOBAL.COM:

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.EC3GLOBAL.COM

Common causes of this error include the following:

- The DNS SRV record is not registered in DNS.

- One or more of the following zones do not include delegation to its child zone:

EC3GLOBAL.COM
COM
. (the root zone)
Avatar of ylitvinov
ylitvinov
Flag of Australia image

You should set the clients to point to your server (192.168.0.10) as the primary DNS server. That should allow them to locate the DC DNS records and join the domain.
Avatar of Naga Bhanu Kiran Kota
hi

first of all the dns server your computer is trying to query is a dns server which will be able to resolve the internet dns requests while the request what your client does for say authentication or access of internal resources is the local domain. so you need to authorise the dns server within in your domain to resolve the query from internal resources and query the isp dns for external query.

i.e if client comp no.1 in your domain whats to talk to comp no.5 then the internal dns will resolve the issue not your isp dns. where as if your comp no.1 wants to talk to yahoo.com which is a internet address then it needs to query the isp provided dns server.

so in the clients computer you need to provided the dns server address of your domain and in your domain dns server you need to configure a secondary zone with the isp dns server address.

so when ever you clients request for any external address resolution then your dns server will forward the request.

revert back if required

bhanu
You could also check to see if DNS is configured correctly:

run netdiag (windows 2003 support tools) and dcdiag (windows 2003 resource kit) and make sure all tests are passed.

Andy Failures - cut and paste them onto the site for analysis by the experts...
Sorry - "Any failures"
As per the above.
With XP clients
you should NEVER set their dns server to be an external dns server ie your ISPs,
this will force them to take an age to login and as you have found be unable to join the domain.
You set the DNS server to forward all unresolvable requests to your ISP via the isps dns IPs you mention above on your DNS servers forwarders tab.
Go into DNS on your main DNS server
Right click on the server
Properties
Forwarders
Enter your ISPs dns servers IP addresses in here.

To save you having then to wander round to each one of your clients entering your own internal DNS servers IP address as the preferred simply use DHCP to distribute this out to the 40 odd client PCs.

Go into DHCP on which ever server you have it installed
Open it up
go into
Scope options
Right Click on Scope options
Select
Configure options
Now simply enter the IP address for any of the options you require.
Ie
DNS
DHCP
GATEWAY
etc etc
Refresh this when done,
reboot one of the clients thats set to dhcp and do an ipconfig /all
check to make sure the IP addresses you set above are being distributed out correctly.

You should have no problems now or in the future now adding clients to the domain.

Below is a link which is extremely good for setting up Active Directory etc from scratch with some really usfull links at the bottom.

Hope this helps you out.

Roy
Avatar of deannestrong
deannestrong

Also you might want to run nslookup from the cmd prompt. If it doesn't return your server by name then your missing the reverse ptr record. It's a common mistake.
Avatar of usmansultan

ASKER

Hi again.
Thanks a lot for quick reply and sorry for replying late as i am living in Brisbane and the time difference is around 10+ GMT, anyway i have followed all of your suggestions and now i am using the IP address of my server as a DNS on the client computer. I tried to add a secondary zone with the isp dns server address but its not accepting it secondly i am not sure what zone name should i use there.I have also enterred my ISPs dns servers IP addresses in forward DNS, but when i tried to connect winxp client on to the server i received an error that "trust relationship between the host and server has been failed", also when i tried the nslookup command it showed me that DNS request timed out and default server is unknown so i think i have done something wrong in configuring the DNS server , i wonder if it has to do anything about the reverse lookup as well or not , anyway i am almost there i just need a bit more help to finalize the installation, i am pasting all the tests nslookup, netdiag and dcdiag.
Thanks a lot for all your help and time.

D:\Documents and Settings\Administrator.SERVER>netdiag

......................................

    Computer Name: SERVER
    DNS Host Name: Server.ec3global.com
    System info : Microsoft Windows Server 2003 R2 (Build 3790)
    Processor : x86 Family 15 Model 3 Stepping 4, GenuineIntel
    List of installed hotfixes :
        Q147222


Netcard queries test . . . . . . . : Passed
    [WARNING] The net card '1394 Net Adapter' may not be working because it has
not received any packets.

Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : Server
        IP Address . . . . . . . . : 192.168.0.10
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.0.1
        Dns Servers. . . . . . . . : 203.110.136.142
                                     203.110.136.131


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03>
'Messenger Service', <20> 'WINS' names is missing.
            No remote names have been found.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.
Global results:

Domain membership test . . . . . . : Passed

NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{4ECA8C3C-C882-45E7-8641-4BC8E5E6B769}
    1 NetBt transport currently configured.

Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
    [WARNING] You don't have a single interface with the <00> 'WorkStation
Service', <03> 'Messenger Service', <20> 'WINS' names defined.

Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Failed
    [WARNING] The DNS entries for this DC are not registered correctly on
DNS server '203.110.136.142'. Please wait for 30 minutes for DNS server
replication.
    [WARNING] The DNS entries for this DC are not registered correctly on
DNS server '203.110.136.131'. Please wait for 30 minutes for DNS server
replication.
    [FATAL] No DNS servers have the DNS records for this DC registered.

Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{4ECA8C3C-C882-45E7-8641-4BC8E5E6B769}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{4ECA8C3C-C882-45E7-8641-4BC8E5E6B769}
    The browser is bound to 1 NetBt transport.

DC discovery test. . . . . . . . . : Passed

DC list test . . . . . . . . . . . : Passed

Trust relationship test. . . . . . : Skipped

Kerberos test. . . . . . . . . . . : Passed

LDAP test. . . . . . . . . . . . . : Passed

Bindings test. . . . . . . . . . . : Passed

WAN configuration test . . . . . . : Skipped
    No active remote access connections.

Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully

D:\Documents and Settings\Administrator.SERVER>dcdiag

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\SERVER
      Starting test: Connectivity
         The host 1d3f39c8-5fe1-4ac7-bbb3-3cac30e1dc59._msdcs.ec3global.com
could not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name
         (1d3f39c8-5fe1-4ac7-bbb3-3cac30e1dc59._msdcs.ec3global.com) couldn't
         be resolved, the server name (Server.ec3global.com) resolved to the IP
         address (192.168.0.10) and was pingable.  Check that the IP address is
         registered correctly with the DNS server.
         ......................... SERVER failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\SERVER
      Skipping all tests, because server SERVER is
      not responding to directory service requests

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test
CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : ec3global
      Starting test: CrossRefValidation
         ......................... ec3global passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ec3global passed test CheckSDRefDom

   Running enterprise tests on : ec3global.com
      Starting test: Intersite
         ......................... ec3global.com passed test Intersite
      Starting test: FsmoCheck
         ......................... ec3global.com passed test FsmoCheck

 
NS Lookup
DNS request timed out.
Timeout was in 2 seconds
*** Cant find server name for address 203.110.136.142: Timed out
Default server unknown
Address: 203.110.136.142
You definitely have a problem with DNS configuration:

Here are your problems:

1) DNS test . . . . . . . . . . . . . : Failed
    [WARNING] The DNS entries for this DC are not registered correctly on
DNS server '203.110.136.142'. Please wait for 30 minutes for DNS server
replication.
    [WARNING] The DNS entries for this DC are not registered correctly on
DNS server '203.110.136.131'. Please wait for 30 minutes for DNS server
replication.
    [FATAL] No DNS servers have the DNS records for this DC registered.

2)Testing server: Default-First-Site-Name\SERVER
      Starting test: Connectivity
         The host 1d3f39c8-5fe1-4ac7-bbb3-3cac30e1dc59._msdcs.ec3global.com
could not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name
         (1d3f39c8-5fe1-4ac7-bbb3-3cac30e1dc59._msdcs.ec3global.com) couldn't
         be resolved, the server name (Server.ec3global.com) resolved to the IP
         address (192.168.0.10) and was pingable.  Check that the IP address is
         registered correctly with the DNS server.
         ......................... SERVER failed test Connectivity

3) NS Lookup
DNS request timed out.
Timeout was in 2 seconds
*** Cant find server name for address 203.110.136.142: Timed out
Default server unknown
Address: 203.110.136.142
(don't worry so much about this one - reverse lookup zones are not as important as forward lookup zones)

What is "203.110.136.142"?
If this is your ISP dns server - then can you ping it? (with your current settings)

Try running "netdiag /fix" (no quotes) on your PDC
Reverse DNS or a PTR record is not actually required to run DNS in a 2003 / xp setup.
I have it running and probably an awful lot of other people, however its not a nessessity (sorry about the spelling on that one)
You dont need a secondary zone for your isp's dns servers ip's the ISP dns ip's go on the actual dns server in your dns gui via right clicking on it and selecting properties then forwarders.
This allows your dns server to forward requests out to your ISP's dns servers if it cant resolve them itself, after a few weeks your own dns server builds up a list of all the external lookup addresses that it has forwarded out to your isp and holds these in its own cache so saving it in the future having to forward the same requests back out to your isp.
The only requests it should never forward out are of course any of your internal clients and servers.

as suggested above
try
netdiag /fix
and also
dcdiag /fix

Heres a good guide for you as its an extremely well respected website with pictures so you can visualize what they are talking about.

Roy
You could try a dcdiag /fix - put it probably will not help your situation:

DCdiag /fix: "Only affects the MachineAccount test. It causes the test to fix the SPNs (Service Principal Names) on the domain controller's Machine Account Object."

(from http://technet2.microsoft.com/WindowsServer/en/library/39d6c272-5c2e-4db0-a79a-4d8fbf52dd411033.mspx?mfr=true)

This is not actually the problem in this case.

A Service Principal Name is:

"The name by which a client uniquely identifies an instance of a service"

Not much to do with DNS problems, I should think?
Just a quick question as I didn't see it in the posts above and I may have missed it.  Are you using your ISP's DNS address for the "DNS Server" address for your DNS Servers network adapter.?  Stupid basic question there.  Firstly Windows 2003 DNS servers should have their own ip as the DNS server entry for the NIC.  Also I would suggest using forwarders to your ISP through the DNS MMC.  If you set those entries as DNS server entries you will have "wierdness".  Microsoft recommends that you only use the DNS servers IP as it's DNS NIC assignment.

I have probably just babled here.  Let me know if I am not clear.
My guess is that the 203 address referenced is your ISP.  
you are right eric 203 address referenced is my ISP.
Ok,

So on your DNS server what is the DNS address assigned to the NIC?
Is it the ISP?  Also this is a windows 2003 server you have configured correct?  Like I stated above, if you have a internal DNS server (sounds like you do) then it's DNS entry needs to be it's own IP address.  At that point your system should (in most cases) be able to determine whether the FQDN that your searching is within your Authoritative domain.  If not it should go out side, using the root hints.  To provide a "straighter" path through your DNS server to your ISP DNS set up a forwarder address in the DNS MMC.  If you need further guidance on that let me know.  One of the "good things" about 2003 DNS vs 2000 DNS is that you can set up specific forwarders for specific domains.  As an example if you work with another organization and you need to query their DNS for a machine, you could set up a forwarder with their domain and their DNS server(s) as the settings.

I hope that all makes sense.  Just let me know if you need any other assistance should you choose to go that way.

Good Luck
I just re-read your original post.  Do you have a DNS server within your network... i.e. is  you DC also a DNS server?
The reason your DC isn't "working" is most likely tied to the fact that you don't have the authority to write to your ISP"s DNS server.  Therefore unless they add a SRV record for you Domain, which they will need to add an MX record as well when you want to bring Exchange into the mix.

And AD will not work without DNS, and most importantly you need to be able to modify/update the DNS records you will be registering.

If you are using the 192.168 subnet then you are most likely behind a firewall of sorts (yes/no?).  

I have the similiar situation at my home.. But there I am running SBS 2003 so all of my products are together.

I have configured my system as I described above.  As for the "world" being able to see my website or send me SMTP mail, my ISP has those records assigned to them and my internal DOMAIN is a .local domain (my ISP is authoritative for my registered domain).
The key entry in your message that poiints to this is as follows

"The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain EC3GLOBAL.COM:"

As you (most likely) don't have the authority to write DNS records to your ISP and I am assuming that EC3GLOBAL.COM is the registered domain name.  You won't have a SRV record, which in DNS is used to denote the DC.
Thanks eric a lot for all your help till now, yes i have DNS server within my network, and my DC is also a DNS server, and now there is one domain which is ec3global.com, later on i have to add another domain, so do i have to configure the DNS again.
Is your DNS server the Authority for ec3global.com
When you registered the Domain Name you may have had to provide a DNS server(s) that would be the authority for that registration.
How do you normally provide the authority of registration, because when i was installing DNS server i didnt came across or it might be possible that i have skipped it..
how would i create a SRV record, which in DNS is used to denote the DC.
That is actually a step/process that occurs with the cooperation of your ISP or IANA (in the usa) or whomever you "purchased" your domain from.
For example when I purchase my name for my domain, I had to either use the authority that I purchased the domain from or provide alternate DNS entries.  In my case/example  I provided my ISP as the Authority for bsi-ak.com (my registered domain)  I utilize a .local namespace within my local network (bsi-ak.local)  This .local is not registerable/browseable across the internet, just like the IP range you stated that your systems have. (192.168.x.x, 10.x.x.x, 169.254.x.x) those three address spaces are used primarily for internal networks and then you would have a "public" address.  If you were to nslookup on mine (nslookup www.bsi-ak.com), providing your access to the internet and dns functioned you would get my external IP.  That is the address that my ISP sends traffic as designated by me to.  For example SMTP (Exchange Mail) goes there and my router sends the port 25 traffic to my internal address of my server.  Within my local network, I have DNS running and it supports the 192.168.x.x that I use.  If my DNS server can't determine the name of a host (www.google.com) then it passes the DNS request using a forwarder to my ISP's dns server(s).
Let me ask a few questions and see if I can give you a start ok.
1.  What ip address/network are you using for your internal network.
2.  What precesence does your network need on the big I (Internet, e.g.  WWW, Email, etc.).
3.  Are you client machines all physical to your internal network?

Let's start there.
You said you would be adding another domain?  
Are you hosting them on an Internet Server.?
Thanks a lot eric for all your help so far.I am going to answer your questions and give you more information about our network.
1.  What ip address/network are you using for your internal network
On server 2003 i am IP iam using is 192.168.0.10, subnet is 192.168.0.1, and for preferred DNS i am using 192.168.0.10 again, i am using 192.168.10 as a DNS on my client machines as well which are running winxp and win2000.Also on DNS management i have created a forward lookup zone (ec3global.com), i have added my ISP DNS addresses in forward Tab:which are; 203.110.136.142 and 203.110.136.131.
2.  What precesence does your network need on the big I (Internet, e.g.  WWW, Email, etc.).
We already have got our website which is www.ec3global.com, but i have to install exchange 2007 as well, and we normally host websites (.NET) from our server so i have install Application server.
3.  Are you client machines all physical to your internal network?
yes all of the client machines are physical.
You said you would be adding another domain?
I have to add one more domain, which would be Qtic.com.So for installing another domain do i have to add any zone in DNS?  
Are you hosting them on an Internet Server.?
I am not sure about that.Sorry.

Thanks a lot.I will be looking forward for your professional guidnace..
You answered the Internet server question with your websites statement.
What is your windows domain name (FQDN) on your windows 2003 DC.?
(just for grins I ran an nslookup on your www.ec3global.com and it returned  203.110.158.58)

DNS can be a bear to manage, and with the changes in 2003 it is vital that it is set correctly.
Did the chanages to your DNS configuration help?

You obviously have a firewall in place between your network and the ISP?
Therefore I would surmize that you are going to be using some form of Port Forwarding.
As an example, when someone sends my domain an email (eric.bender@bsi-ak.com)  my ISP knows to forward those requests to my external IP address on port 25.  My router is configured to listen for Port 25 traffic and allow it to my exchange server.
The same for port 80 traffic and WWW.

As for the qtic.com domain, that will be separate server yes/no?  
my FQDN is server.ec3global.com, and server is the name of the computer on which server 2003 is installed ec3global.com is the domain name.After DNS configuration i run dcdiag, and it passed all the test except the trust relationship test and IP security test, and when i tried to connect the second server which is the exchange server it gave an error that RPC server unavailable, i think that has to do with trust relationship, and i pinged the IP address internally 203.110.158.58 but it was timing out, and when i tried to nslookup on ec3global.com it gave me a message that "Cant find server name for address 192.168.0.10: Non -existent domain.
Server: Unknown
Address: 192.168.0.10

Name: ec3global.com
Address: 192.168.0.10.

Why its giving a message that its a non existent domain....
For QTIC.com it will be on the same server but in a new forest.
Im out,
missed too much over night and a lot of points were already mentioned.
Host Name. . . . . . . . . : Server
        IP Address . . . . . . . . : 192.168.0.10
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.0.1
        Dns Servers. . . . . . . . : 203.110.136.142
                                     203.110.136.131

One point
Be very very careful giving out all your true IP address settings on here,
you can ask a moderator to 192.xxx.xxx.xxx them for you.
Thats right i am using
Host Name. . . . . . . . . : ec3global.com (Server is the name of the computer on which i have deployed server2003 standard edition)
        IP Address . . . . . . . . : 192.168.0.10
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.0.1
        Dns Servers. . . . . . . . : 203.110.136.142
                                     203.110.136.131(These two DNS addresses are my ISP addresses so i have added them in the forward lookup zone, also i am going to add one more domain on the same server so do i to configure forward lookup zone again, right now the DNS that i am using internally is 192.168.0.10  )
ASKER CERTIFIED SOLUTION
Avatar of eric_bender
eric_bender
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial