Solved

DNS Event Log. Many errors

Posted on 2007-03-28
13
231 Views
Last Modified: 2010-04-07
Hello all,
I am new to this DC at my new job. I have been left with many errors in the DNS log.
I have 2 DC's and both replicate with one another.

I am a novice and do not know where to begin with all these errors.
Please help.
I have also attached a screen shot to show you the mess I am in.
http://download.yousendit.com/AAED1E625C86A6C5
Thanks everyone.
0
Comment
Question by:mancoi
  • 6
  • 6
13 Comments
 
LVL 11

Expert Comment

by:Zenith63
ID: 18811863
Can you post the actual details of those 7063 and 9999 errors, those numbers can mean many different things?  Double click one of the 7063s and do a screenshot, then do one of the 9999s as well.  (Best check if all the 7063s are similar errors, I'm sure they are...)
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 18812019

What operating system are we dealing with here?

There is a bug in Windows 2000 DNS that produces that error, but may not apply to you. This is the related support article for it:

http://support.microsoft.com/kb/838969

Otherwise, check the Forwarder settings for your server (properties for the DNS server, forwarders tab). It could simply be that the event is exactly what it says and the forwarders in your list are no good.

Chris
0
 

Author Comment

by:mancoi
ID: 18812109
I have 2 windows 2000 servers ( DC's) The rivafs1 is the Primary and this one I am sending you screen shots on is the secondary.

This is a screen shot of those errors and I also got one about the Forwarders.
http://download.yousendit.com/1297249550F7F26E
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 18812151

As a first step I recommend you remove all of those Forwarders. It's more likely that your error is caused by those than the bug details in the MS article above.

You don't need Forwarders to resolve names, while they may be useful they aren't essential. If there is a specific reason you want to keep them then certainly do, but check them one by one rather than having all of them listed in there right now.

When you take the forwarders out your server will use the Root Hints file (which you can see by opening the properties for the DNS server and selecting the Root Hints tab) to resolve names via the Root servers (they look after "." and only provide directions to the next step, like .com).

Chris
0
 

Author Comment

by:mancoi
ID: 18812224
If I remove the Forwarders....Is there a possibility to mess up my network. Will all clients be able to access the internet without running the the IPCONFIG /FLUSHDNS?

Let me know if I can run into danger going this route
Thanks
0
 

Author Comment

by:mancoi
ID: 18812255
This is my DCDIAG and NETDIAG commands if this helps.


Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

C:\Documents and Settings\Administrator>dcdiag

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\RIVADATA2
      Starting test: Connectivity
         ......................... RIVADATA2 passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\RIVADATA2
      Starting test: Replications
         ......................... RIVADATA2 passed test Replications
      Starting test: NCSecDesc
         ......................... RIVADATA2 passed test NCSecDesc
      Starting test: NetLogons
         ......................... RIVADATA2 passed test NetLogons
      Starting test: Advertising
         ......................... RIVADATA2 passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... RIVADATA2 passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... RIVADATA2 passed test RidManager
      Starting test: MachineAccount
         ......................... RIVADATA2 passed test MachineAccount
      Starting test: Services
         ......................... RIVADATA2 passed test Services
      Starting test: ObjectsReplicated
         ......................... RIVADATA2 passed test ObjectsReplicated
      Starting test: frssysvol
         There are errors after the SYSVOL has been shared.
         The SYSVOL can prevent the AD from starting.
         ......................... RIVADATA2 passed test frssysvol
      Starting test: kccevent
         ......................... RIVADATA2 passed test kccevent
      Starting test: systemlog
         ......................... RIVADATA2 passed test systemlog

   Running enterprise tests on : lan-rivayamaha.com
      Starting test: Intersite
         ......................... lan-rivayamaha.com passed test Intersite
      Starting test: FsmoCheck
         ......................... lan-rivayamaha.com passed test FsmoCheck

C:\Documents and Settings\Administrator>netdiag

.....................................

    Computer Name: RIVADATA2
    DNS Host Name: rivadata2.lan-rivayamaha.com
    System info : Windows 2000 Server (Build 2195)
    Processor : x86 Family 6 Model 10 Stepping 0, AuthenticAMD
    List of installed hotfixes :
        KB820888
        KB822343
        KB822831
        KB823182
        KB823559
        KB824105
        KB824151
        KB825119
        KB826232
        KB828035
        KB828741
        KB828749
        KB832353
        KB832359
        KB834707-IE6SP1-20040929.091901
        KB835732
        KB837001
        KB839643
        KB839643-DirectX9
        KB839645
        KB840315
        KB840987
        KB841356
        KB841533
        KB841872
        KB841873
        KB842526
        KB842773
        KB867282-IE6SP1-20050127.163319
        KB870763
        KB871250
        KB873333
        KB873339
        KB883939-IE6SP1-20050428.125228
        KB885250
        KB885834
        KB885835
        KB885836
        KB888113
        KB889293-IE6SP1-20041111.235619
        KB890046
        KB890047
        KB890175
        KB890859
        KB890923-IE6SP1-20050225.103456
        KB891711
        KB891781
        KB893066
        KB893086
        KB893756
        KB893803
        KB893803v2
        KB894320
        KB896358
        KB896422
        KB896423
        KB896424
        KB896688-IE6SP1-20051004.130236
        KB896727-IE6SP1-20050719.165959
        KB897715-OE6SP1-20050503.210336
        KB899587
        KB899588
        KB899589
        KB899591
        KB900725
        KB901017
        KB901214
        KB902400
        KB904706
        KB905414
        KB905495-IE6SP1-20050805.184113
        KB905749
        KB905915-IE6SP1-20051122.175908
        KB908519
        KB908523
        KB908531
        KB911280
        KB911564
        KB911567-OE6SP1-20060316.165634
        KB912812-IE6SP1-20060322.182418
        KB912919
        KB913580
        KB914388
        KB914389
        KB916281-IE6SP1-20060526.162249
        KB917008
        KB917159
        KB917422
        KB917537
        KB917736
        KB917953
        KB918118
        KB918899-IE6SP1-20060725.123917
        KB920213
        KB920670
        KB920683
        KB920685
        KB920958
        KB921398
        KB921883
        KB922582
        KB922616
        KB922760-IE6SP1-20061018.120000
        KB923191
        KB923414
        KB923694-OE6SP1-20061106.120000
        KB923980
        KB924191
        KB924270
        KB924667
        KB925398_WMP64
        KB925454-IE6SP1-20061116.120000
        KB925486-IE6SP1-20060918.120000
        KB926247
        KB926436
        KB928090-IE6SP1-20070125.120000
        KB928843
        KB929969-IE6SP1-20061220.120000
        KB931836
        Q147222
        Q828026
        Update Rollup 1


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : rivadata2.LAN-RIVAYAMAHA.COM
        IP Address . . . . . . . . : 10.0.0.2
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 10.0.0.1
        Dns Servers. . . . . . . . : 10.0.0.3


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenge
r Service', <20> 'WINS' names is missing.
            No remote names have been found.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{12BC7111-E6B3-45B8-8DAF-8C0EC4AA017F}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed
    [WARNING] You don't have a single interface with the <00> 'WorkStation Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Passed
    PASS - All the DNS entries for DC are registered on DNS server '10.0.0.3' an
d other DCs also have some of the names registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{12BC7111-E6B3-45B8-8DAF-8C0EC4AA017F}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{12BC7111-E6B3-45B8-8DAF-8C0EC4AA017F}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Passed
    Secure channel for domain 'LAN-RIVAYAMAHA' is to '\\rivafs1.lan-rivayamaha.c
om'.


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Passed
    IPSec policy service is active, but no policy is assigned.


The command completed successfully

C:\Documents and Settings\Administrator>^A



0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 70

Expert Comment

by:Chris Dent
ID: 18812285

> If I remove the Forwarders....Is there a possibility to mess up my network. Will all clients be able to access the internet
> without running the the IPCONFIG /FLUSHDNS?

Yes, they will be absolutely fine. Provided that your DNS server is allowed outbound TCP and UDP traffic on Port 53 to everywhere. It's possible you have it locked down on a firewall so your DNS server can only talk to the IP addresses listed in the Forwarders tab.

Chris
0
 

Author Comment

by:mancoi
ID: 18812305
Why are they there, why did someone put them there?
There is only a proxy server in place. I will test this out tomorrow.
I will let you know how  I make out in the morning.
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 18812376

Why? Because they were useful at the time, or believed to be required. There's no easy answer to that one though.

They do have some benefits, you get to help keep internet traffic down slightly very slightly and you don't have to have your DNS server asking others all over the world to find an answer.

As far as I'm concerned the first thing you should do when trying to troubleshoot a DNS problem like this is remove other peoples DNS servers from the equation. You'll still have to rely on the Root Servers and lots of others for specific requests, but you're not reliant on a single server, or very small group of servers for absolutely everything.

Once done you can check the problem out again and if it's gone decide what you're going to do with the Forwarders (either abandon them entirely or put different ones in their place).

Chris
0
 

Author Comment

by:mancoi
ID: 18816341

How does my DCDIAG and NETDIAG look?
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 18816363

Perfect :) Except for a couple of really minor NetBIOS bits, those are very inconsequential.

Chris
0
 

Author Comment

by:mancoi
ID: 18816474
Thanks Chris-Dent.
I took off those forwarders and I will now check the event logs daily to see if those errors come back.
I hope they stop giving errors.
Thanks
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 18816504

You could leave this question open until you're sure? Community Support can re-open it if you need to.

Otherwise I hope it all goes well.

Chris
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now