mattk-tcw
asked on
DNS, DC communications issues
All:
Here is the setup:
1 MS 2003 Server as DC
1 MS 2003 Server as Backup DC running Exchange
1 MS 2003 Terminal Server
Approx. 20 users
I am receiving many compaints about Outlook locking up while "Trying to Retrieve information from the Exchange Server' as the Outlook message says. It seems as though, each time the issue is at it worst, the Exchange server logs Event 6702 about updating A records. I can't find where the issue is, but after running a couple tests (DCDiag and netdiag) there appears to be a definite issue. I am posting the NETDIAG /d:"DC Name" results below for additional info. Any help is appreciated as this is a huge issue for them.
>>>>>>>>>>>>>>>>>>>>>
..........................
Computer Name: "DC Name"2
DNS Host Name: "DC Name"2."domain".inc
System info : Microsoft Windows Server 2003 R2 (Build 3790)
Processor : x86 Family 6 Model 15 Stepping 6, GenuineIntel
List of installed hotfixes :
KB921503
KB925398_WMP64
KB925902
KB926122
KB927891
KB928090-IE7
KB929123
KB929969
KB930178
KB931768-IE7
KB931784
KB931836
KB932168
KB933360
KB933854
KB935839
KB935840
KB935966
KB936021
KB936357
KB936782
KB937143-IE7
KB938127-IE7
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : "DC Name"2
IP Address . . . . . . . . : 192.168.1.10
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.254
Primary WINS Server. . . . : 192.168.1.10
Dns Servers. . . . . . . . : 192.168.1.11
12.127.16.67
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.
WINS service test. . . . . : Passed
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{6B42B7BA-D6F5
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server '192.168.1.11' and other DCs also have some of the names registered.
[WARNING] The DNS entries for this DC are not registered correctly on DNS server '12.127.16.67'. Please wait for 30 minutes for DNS server replication.
Redir and Browser test . . . . . . : Failed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{6B42B7BA-D6F5
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{6B42B7BA-D6F5
The browser is bound to 1 NetBt transport.
[FATAL] Cannot send mailslot message to '\\"DC Name"*\MAILSLOT\NET\NETLOG
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Failed
'"DC Name"': Cannot find DC to get DC list from [test skipped].
Trust relationship test. . . . . . : Failed
[FATAL] Secure channel to domain '"domain"' is broken. [ERROR_NO_LOGON_SERVERS]
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Failed
Cannot find DC to run LDAP tests on. The error occurred was: The specified domain either does not exist or could not be contacted.
This computer cannot be joined to the ["DC Name"] domain because of one of the
following reasons.
1. The DNS SRV record for ["DC Name"] is not registered in DNS; or
2. A zone from the following list of DNS zones does not include delegation
to its child zone.
Such zones can include [_ldap._tcp.dc._msdcs."DC Name"], and root zone.
Ask your network/DNS administrator to perform the following actions: To
find out why the SRV record for ["DC Name"] is not registered in the DNS,
run the dcdiag command prompt tool with the command RegisterInDNS on the
domain controller that did not perform the registration.
[WARNING] Cannot find DC in domain '"DC Name"'. [ERROR_NO_SUCH_DOMAIN]
[WARNING] Failed to query SPN registration on DC '"DC Name"."domain".inc'.
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
Here is the setup:
1 MS 2003 Server as DC
1 MS 2003 Server as Backup DC running Exchange
1 MS 2003 Terminal Server
Approx. 20 users
I am receiving many compaints about Outlook locking up while "Trying to Retrieve information from the Exchange Server' as the Outlook message says. It seems as though, each time the issue is at it worst, the Exchange server logs Event 6702 about updating A records. I can't find where the issue is, but after running a couple tests (DCDiag and netdiag) there appears to be a definite issue. I am posting the NETDIAG /d:"DC Name" results below for additional info. Any help is appreciated as this is a huge issue for them.
>>>>>>>>>>>>>>>>>>>>>
..........................
Computer Name: "DC Name"2
DNS Host Name: "DC Name"2."domain".inc
System info : Microsoft Windows Server 2003 R2 (Build 3790)
Processor : x86 Family 6 Model 15 Stepping 6, GenuineIntel
List of installed hotfixes :
KB921503
KB925398_WMP64
KB925902
KB926122
KB927891
KB928090-IE7
KB929123
KB929969
KB930178
KB931768-IE7
KB931784
KB931836
KB932168
KB933360
KB933854
KB935839
KB935840
KB935966
KB936021
KB936357
KB936782
KB937143-IE7
KB938127-IE7
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : "DC Name"2
IP Address . . . . . . . . : 192.168.1.10
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.254
Primary WINS Server. . . . : 192.168.1.10
Dns Servers. . . . . . . . : 192.168.1.11
12.127.16.67
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.
WINS service test. . . . . : Passed
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{6B42B7BA-D6F5
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server '192.168.1.11' and other DCs also have some of the names registered.
[WARNING] The DNS entries for this DC are not registered correctly on DNS server '12.127.16.67'. Please wait for 30 minutes for DNS server replication.
Redir and Browser test . . . . . . : Failed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{6B42B7BA-D6F5
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{6B42B7BA-D6F5
The browser is bound to 1 NetBt transport.
[FATAL] Cannot send mailslot message to '\\"DC Name"*\MAILSLOT\NET\NETLOG
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Failed
'"DC Name"': Cannot find DC to get DC list from [test skipped].
Trust relationship test. . . . . . : Failed
[FATAL] Secure channel to domain '"domain"' is broken. [ERROR_NO_LOGON_SERVERS]
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Failed
Cannot find DC to run LDAP tests on. The error occurred was: The specified domain either does not exist or could not be contacted.
This computer cannot be joined to the ["DC Name"] domain because of one of the
following reasons.
1. The DNS SRV record for ["DC Name"] is not registered in DNS; or
2. A zone from the following list of DNS zones does not include delegation
to its child zone.
Such zones can include [_ldap._tcp.dc._msdcs."DC Name"], and root zone.
Ask your network/DNS administrator to perform the following actions: To
find out why the SRV record for ["DC Name"] is not registered in the DNS,
run the dcdiag command prompt tool with the command RegisterInDNS on the
domain controller that did not perform the registration.
[WARNING] Cannot find DC in domain '"DC Name"'. [ERROR_NO_SUCH_DOMAIN]
[WARNING] Failed to query SPN registration on DC '"DC Name"."domain".inc'.
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I helped a couple people out lately on the DCGetname. It can be from a number of different problems. But, the most likely and most common is the server doesn't have a HOST A record in DNS and that HOST A record hasn't replicated to the other DNS servers.
Try this.
Go to each server's command prompt and type
Ipconfig /register DNS
It will take about up to a days, or so, to replicate between servers. Instead, you may wish to consider replicating from your FSMO role holder server to the others DNS servers manually.
Try this.
Go to each server's command prompt and type
Ipconfig /register DNS
It will take about up to a days, or so, to replicate between servers. Instead, you may wish to consider replicating from your FSMO role holder server to the others DNS servers manually.
use NSLOOKUP or the DNS tools
ChiefIT: Jsoup @ Pobox.com
re move Space
re move Space
ASKER
As embarrassed as I am to have missed what should have been an obvious potential solution, I must say thanks to ajbritton for the answer. There was an ISP DNS entry where it shouldn't have been. The forwarders were set up correctly, but the bad address stayed in the DNS for the server. All is good now.
Thanks!
Thanks!
Are any of the 2 DC's GC's (Global Catalog) servers.