Solved

DS-Integrated peers ?

Posted on 2007-11-16
2
2,509 Views
Last Modified: 2010-04-21
Do I understand the attached message to mean that the DNS server on this machine is looking for another DNS server to sync with?
This is the only one in my newly created domain, there will be another eventually but not right away.  I just need to know if I understand this right.
Will this be resolved by majic when the next DNS server appears on the domain?


Event Type:	Error

Event Source:	DNS

Event Category:	None

Event ID:	6702

Date:		11/15/2007

Time:		4:51:46 PM

User:		N/A

Computer:	MYSERVER

Description:

DNS server has updated its own host (A) records.  In order to ensure that its DS-integrated peer DNS servers are able to replicate with this server, an attempt was made to update them with the new records through dynamic update.  An error was encountered during this update, the record data is the error code. 

 

If this DNS server does not have any DS-integrated peers, then this error 

should be ignored. 

 

If this DNS server's Active Directory replication partners do not have the correct IP address(es) for this server, they will be unable to replicate with it. 

 

To ensure proper replication: 

1) Find this server's Active Directory replication partners that run the DNS server. 

2) Open DnsManager and connect in turn to each of the replication partners. 

3) On each server, check the host (A record) registration for THIS server. 

4) Delete any A records that do NOT correspond to IP addresses of this server. 

5) If there are no A records for this server, add at least one A record corresponding to an address on this server, that the replication partner can contact.  (In other words, if there multiple IP addresses for this DNS server, add at least one that is on the same network as the Active Directory DNS server you are updating.) 

6) Note, that is not necessary to update EVERY replication partner.  It is only necessary that the records are fixed up on enough replication partners so that every server that replicates with this server will receive (through replication) the new data.
 

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Data:

0000: 7c 26 00 00               |&..

Open in new window

0
Comment
Question by:Salad-Dodger
2 Comments
 
LVL 9

Accepted Solution

by:
MSE-dwells earned 50 total points
ID: 20304234
Nod, because the server in question is both a DC and a DNS server, a strong potential exists for other DCs and clients/members to resolve certain records against it that are necessary for authentication and AD-replication, these records are in turn dependent upon the DCs 'A' records being present and upto-date.  

A circular dependency exists because DNS is relying upon AD-replication to transfer zone content between DNS servers and that AD-replication is in-turn dependent upon the DNS server containing the records necessary for any 2 DCs to successfully replicate with one another.  To ensure the 'A' records are present both locally and on other DNS servers that hold the AD-zones, all Windows DNS servers now register their own 'A' records (through dynamic update) against any DNS server listed as an 'NS' record within the AD-zone.  This differs from the normal mechanism of using DHCP Client since that only registers its own 'A' record against the name server configured within the DNS resolver.  This is designed to mitigate a fairly old issue known as the 'island' issue in which DCs configured as DNS servers were often configured to resolve against themselves thereby creating a potential pockets or 'islands' of zone content that was never able to converge since they knew only their own IP address.
0
 
LVL 1

Author Closing Comment

by:Salad-Dodger
ID: 31409659
Sory for the delay, had a password issue,
Thank you for the detail in your answer, that makes sense.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
nslookup returns non-existing domain 5 56
Exchange 2016 : 451.4.4.0 dns query failed exchange 10 42
Public DNS 2 41
Fortigate 100D NTP Issue 4 50
Most DNS problems are VERY easily troubleshot and identifiable if you can follow the steps a DNS query takes. I would like to share the step-by-step a DNS query takes from the origin to the destination. _____________________________________________…
This article is intended as an extension of a blog on Aging and Scavenging by the MS Enterprise Networking Team. In brief, Scavenging is used as follows: Each record in a zone which has been dynamically registered with an MS DNS Server will have…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now