We help IT Professionals succeed at work.

Netdiag Warning: DNS Entries for DC not registered

jonyskids294
jonyskids294 asked
on
885 Views
Last Modified: 2008-08-21
I have taken administration of a SBS 2003 Sp2 box that has 8 users.  The first thing I noticed was that it was using a router for DNS & DHCP.  I switched this to the SBS box and now have this return from Netdiag:


.......................................

    Computer Name: ADDISON
    DNS Host Name: addison.eganllc.com
    System info : Microsoft Windows Server 2003 (Build 3790)
    Processor : x86 Family 15 Model 2 Stepping 9, GenuineIntel
    List of installed hotfixes :
        KB911564
        KB921503
        KB925398_WMP64
        KB925902
        KB926122
        KB927891
        KB928090-IE7
        KB929123
        KB929969
        KB930178
        KB931768-IE7
        KB931784
        KB931836
        KB932168
        KB933360
        KB933566-IE7
        KB933729
        KB933854
        KB935839
        KB935840
        KB935966
        KB936021
        KB936357
        KB936782
        KB937143-IE7
        KB938127-IE7
        KB939653-IE7
        KB941202
        KB941672
        KB943460
        Q147222


Netcard queries test . . . . . . . : Passed
    [WARNING] The net card 'RAS Async Adapter' may not be working because it has not received any packets.



Per interface results:

    Adapter : Server Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : addison
        IP Address . . . . . . . . : 192.168.16.2
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.16.1
        Primary WINS Server. . . . : 192.168.16.2
        Dns Servers. . . . . . . . : 192.168.16.2


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed

        WINS service test. . . . . : Passed


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{CDBAA84A-2B94-4F44-BE1D-BB6ECC4C2C96}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
    [WARNING] The DNS entries for this DC are not registered correctly on DNS server '192.168.16.2'. Please wait for 30 minutes for DNS server replication.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{CDBAA84A-2B94-4F44-BE1D-BB6ECC4C2C96}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{CDBAA84A-2B94-4F44-BE1D-BB6ECC4C2C96}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully

What should I do?
Comment
Watch Question

Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

Hi,

First open up DNS from Administrative Tools and check there's a Forward Lookup Zone for your domain name.

If it's there you can force your server to try and register the records it needs by running these at the command line:

net stop netlogon
net start netlogon
ipconfig /registerdns

Run NetDiag again after that and see if it helps. If not, check the Event Log, that will have more information about why.

Chris

Author

Commented:
Those steps did not change anything.
Event log:
The description for Event ID ( 4521 ) in Source ( DNS ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: 32, eganllc.local.

Any other Ideas?
Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

Helpful message isn't it...

It's having trouble loading the zone. Can you run DCDiag? It should be loading it from Active Directory and DCDiag may show us more.

Chris

Author

Commented:
Here it is:


Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests
   
   Testing server: Default-First-Site-Name\ADDISON
      Starting test: Connectivity
         The host c5ee0057-dc59-42bd-9b04-d8ff8471e79c._msdcs.eganllc.local could not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name

         (c5ee0057-dc59-42bd-9b04-d8ff8471e79c._msdcs.eganllc.local) couldn't

         be resolved, the server name (addison.eganllc.com) resolved to the IP

         address (192.168.16.2) and was pingable.  Check that the IP address is

         registered correctly with the DNS server.
         ......................... ADDISON failed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site-Name\ADDISON
      Skipping all tests, because server ADDISON is
      not responding to directory service requests
   
   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
   
   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
   
   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
   
   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
   
   Running partition tests on : eganllc
      Starting test: CrossRefValidation
         ......................... eganllc passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... eganllc passed test CheckSDRefDom
   
   Running enterprise tests on : eganllc.local
      Starting test: Intersite
         ......................... eganllc.local passed test Intersite
      Starting test: FsmoCheck
         ......................... eganllc.local passed test FsmoCheck
I will be more then happy to what ever you ask!
Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

Lets go with deleting eganllc.local from Forward Lookup Zones in the DNS Console. Give it 15 minutes or so then add it back in again (Primary, Active Directory Integrated, with Dynamic Updates set to Secure Only).

Once done, restart the Netlogon service and run ipconfig /registerdns once more. See if you end up with a folder under the zone called _msdcs after it's done.

Chris

Author

Commented:
To be clear currently thsi is my current DNS tree:

Addison (My Server)
 -Cached Lookups
 -Forward Lookup Zones
   -_mscds.eganllc.local
   - eganllc.local
-Reverse Lookup Zones
   -0.in-addr.arpa
   -127.in-addr.arpa
   -16.168.192.in-addr-arpa
   -255.in-addr-arpa

You would like me to delete eganllc.local and eganllc.local only?
Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

Okay, it'll be trying to register records in _msdcs.eganllc.local, it's unusual to see that one listed separately on an SBS Server. If you open the properties for that one, can you check that Dynamic Updates is enabled?

Chris
Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

And if dynamic updates is already allowed, delete _msdcs.eganllc.local, then select eganllc.local and look for a greyed out folder called _msdcs, if that one exists, delete it. Then once again restart netlogon, etc.

Chris

Author

Commented:
Results of Netdiag:


.......................................

    Computer Name: ADDISON
    DNS Host Name: addison.eganllc.com
    System info : Microsoft Windows Server 2003 (Build 3790)
    Processor : x86 Family 15 Model 2 Stepping 9, GenuineIntel
    List of installed hotfixes :
        KB911564
        KB921503
        KB925398_WMP64
        KB925902
        KB926122
        KB927891
        KB928090-IE7
        KB929123
        KB929969
        KB930178
        KB931768-IE7
        KB931784
        KB931836
        KB932168
        KB933360
        KB933566-IE7
        KB933729
        KB933854
        KB935839
        KB935840
        KB935966
        KB936021
        KB936357
        KB936782
        KB937143-IE7
        KB938127-IE7
        KB939653-IE7
        KB941202
        KB941672
        KB943460
        Q147222


Netcard queries test . . . . . . . : Passed
    [WARNING] The net card 'RAS Async Adapter' may not be working because it has not received any packets.



Per interface results:

    Adapter : Server Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : addison
        IP Address . . . . . . . . : 192.168.16.2
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.16.1
        Primary WINS Server. . . . : 192.168.16.2
        Dns Servers. . . . . . . . : 192.168.16.2


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed

        WINS service test. . . . . : Passed


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{CDBAA84A-2B94-4F44-BE1D-BB6ECC4C2C96}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
    [WARNING] The DNS entries for this DC are not registered correctly on DNS server '192.168.16.2'. Please wait for 30 minutes for DNS server replication.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{CDBAA84A-2B94-4F44-BE1D-BB6ECC4C2C96}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{CDBAA84A-2B94-4F44-BE1D-BB6ECC4C2C96}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully

My DNS now looks like this:
Addison
 -Cahced Lookups
 - Forward Lookup Zones
    -eganllc.local
 -Reversed Lookup Zone

My Start of Authority is addison.eganllc.com (This seems strange to me. Shouldn't it be .local?)

Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

I take it that it didn't manage to add an _msdcs folder back under eganllc.local?

Deleting and recreating eganllc.local is the next step.

If it still doesn't play you'll want to get the Support Tools installed so we can use ADSIEdit to really delete it before making it again.

Chris

Author

Commented:
So I deleted eganllc.local and waited 15 minutes.....now there are no forward lookup zones.  (I have the Support Tools installed.)
Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

Create a new Forward Lookup Zone for eganllc.local now, then it's time to restart netlogon and run ipconfig /registerdns again.

Chris

Author

Commented:
Done...My Start of Authority is addison.eganllc.com (This seems strange to me. Shouldn't it be .local?)
Stll no _msdcs...Next step?
Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

We would expect it to be local, yes.

Can you have a look in a file for me?

C:\Windows\System32\config\netlogon.config

We're especially interested in seeing if it refers to itself as .local or .com in there.

Chris

Author

Commented:
Do you mean ntelogon.dns?  There is no netlogon.config

netlogon.dns

eganllc.local. 600 IN A 192.168.16.2
_ldap._tcp.eganllc.local. 600 IN SRV 0 100 389 addison.eganllc.com.
_ldap._tcp.Default-First-Site-Name._sites.eganllc.local. 600 IN SRV 0 100 389 addison.eganllc.com.
_ldap._tcp.pdc._msdcs.eganllc.local. 600 IN SRV 0 100 389 addison.eganllc.com.
_ldap._tcp.gc._msdcs.eganllc.local. 600 IN SRV 0 100 3268 addison.eganllc.com.
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.eganllc.local. 600 IN SRV 0 100 3268 addison.eganllc.com.
_ldap._tcp.21d1e990-64d2-4d7b-b810-dd8369ed0628.domains._msdcs.eganllc.local. 600 IN SRV 0 100 389 addison.eganllc.com.
gc._msdcs.eganllc.local. 600 IN A 192.168.16.2
c5ee0057-dc59-42bd-9b04-d8ff8471e79c._msdcs.eganllc.local. 600 IN CNAME addison.eganllc.com.
_kerberos._tcp.dc._msdcs.eganllc.local. 600 IN SRV 0 100 88 addison.eganllc.com.
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.eganllc.local. 600 IN SRV 0 100 88 addison.eganllc.com.
_ldap._tcp.dc._msdcs.eganllc.local. 600 IN SRV 0 100 389 addison.eganllc.com.
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.eganllc.local. 600 IN SRV 0 100 389 addison.eganllc.com.
_kerberos._tcp.eganllc.local. 600 IN SRV 0 100 88 addison.eganllc.com.
_kerberos._tcp.Default-First-Site-Name._sites.eganllc.local. 600 IN SRV 0 100 88 addison.eganllc.com.
_gc._tcp.eganllc.local. 600 IN SRV 0 100 3268 addison.eganllc.com.
_gc._tcp.Default-First-Site-Name._sites.eganllc.local. 600 IN SRV 0 100 3268 addison.eganllc.com.
_kerberos._udp.eganllc.local. 600 IN SRV 0 100 88 addison.eganllc.com.
_kpasswd._tcp.eganllc.local. 600 IN SRV 0 100 464 addison.eganllc.com.
_kpasswd._udp.eganllc.local. 600 IN SRV 0 100 464 addison.eganllc.com.
DomainDnsZones.eganllc.local. 600 IN A 192.168.16.2
_ldap._tcp.DomainDnsZones.eganllc.local. 600 IN SRV 0 100 389 addison.eganllc.com.
_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.eganllc.local. 600 IN SRV 0 100 389 addison.eganllc.com.
ForestDnsZones.eganllc.local. 600 IN A 192.168.16.2
_ldap._tcp.ForestDnsZones.eganllc.local. 600 IN SRV 0 100 389 addison.eganllc.com.
_ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones.eganllc.local. 600 IN SRV 0 100 389 addison.eganllc.com.
Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

Sorry, yes. That's the one.

Create a eganllc.com Forward lookup zone in DNS if you could please. Then restart netlogon and run ipconfig /registerdns (yet again) :)

Could you also open up Active Directory Users and Computers, it has the domain name at the top of the tree. Is that one .com or .local? I'm hoping it's .com really.

Chris

Author

Commented:
So it is .local in ADU/C
I created the eganllc.com zone
My DNS
-Forward Lookup Zones
  -Eganllc.local
    -_msdcs
    -_sites
    -_tcp
    -_udp
    -DomainDnsZones
    -ForestDnsZones
  -Eganllc.com

Netdiag:
.....................................

    Computer Name: ADDISON
    DNS Host Name: addison.eganllc.com
    System info : Microsoft Windows Server 2003 (Build 3790)
    Processor : x86 Family 15 Model 2 Stepping 9, GenuineIntel
    List of installed hotfixes :
        KB911564
        KB921503
        KB925398_WMP64
        KB925902
        KB926122
        KB927891
        KB928090-IE7
        KB929123
        KB929969
        KB930178
        KB931768-IE7
        KB931784
        KB931836
        KB932168
        KB933360
        KB933566-IE7
        KB933729
        KB933854
        KB935839
        KB935840
        KB935966
        KB936021
        KB936357
        KB936782
        KB937143-IE7
        KB938127-IE7
        KB939653-IE7
        KB941202
        KB941672
        KB943460
        Q147222


Netcard queries test . . . . . . . : Passed
    [WARNING] The net card 'RAS Async Adapter' may not be working because it has not received any packets.



Per interface results:

    Adapter : Server Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : addison
        IP Address . . . . . . . . : 192.168.16.2
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.16.1
        Primary WINS Server. . . . : 192.168.16.2
        Dns Servers. . . . . . . . : 192.168.16.2


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed

        WINS service test. . . . . : Passed


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{CDBAA84A-2B94-4F44-BE1D-BB6ECC4C2C96}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Passed
    PASS - All the DNS entries for DC are registered on DNS server '192.168.16.2'.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{CDBAA84A-2B94-4F44-BE1D-BB6ECC4C2C96}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{CDBAA84A-2B94-4F44-BE1D-BB6ECC4C2C96}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully

Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

Someone has done something odd to the domain at some point to end up with the .com and .local split.

At least all the DNS entries are in place now. Could you run DCDiag again please? Need to see what that thinks is going on.

Chris

Author

Commented:

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests
   
   Testing server: Default-First-Site-Name\ADDISON
      Starting test: Connectivity
         ......................... ADDISON passed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site-Name\ADDISON
      Starting test: Replications
         ......................... ADDISON passed test Replications
      Starting test: NCSecDesc
         ......................... ADDISON passed test NCSecDesc
      Starting test: NetLogons
         ......................... ADDISON passed test NetLogons
      Starting test: Advertising
         ......................... ADDISON passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... ADDISON passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... ADDISON passed test RidManager
      Starting test: MachineAccount
         ......................... ADDISON passed test MachineAccount
      Starting test: Services
            IsmServ Service is stopped on [ADDISON]
         ......................... ADDISON failed test Services
      Starting test: ObjectsReplicated
         ......................... ADDISON passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... ADDISON passed test frssysvol
      Starting test: frsevent
         ......................... ADDISON passed test frsevent
      Starting test: kccevent
         ......................... ADDISON passed test kccevent
      Starting test: systemlog
         ......................... ADDISON passed test systemlog
      Starting test: VerifyReferences
         ......................... ADDISON passed test VerifyReferences
   
   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
   
   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
   
   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
   
   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
   
   Running partition tests on : eganllc
      Starting test: CrossRefValidation
         ......................... eganllc passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... eganllc passed test CheckSDRefDom
   
   Running enterprise tests on : eganllc.local
      Starting test: Intersite
         ......................... eganllc.local passed test Intersite
      Starting test: FsmoCheck
         ......................... eganllc.local passed test FsmoCheck
Well, seems we are getting to the bottom of it and I appreciate the time given.
PowerShell Developer
CERTIFIED EXPERT
Top Expert 2010
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
So..No errors in the last hour on the DNS event viewer.  I have website that is hosted externally at eganllc.com and this is no longer available from within the network.  Any ideas?

I fear that this server needs a rebuild which is not an option for sometime.  
Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

Yeah, as long as the eganllc.com zone is on your DNS Server it won't like answering names it doesn't explicitly know about in that domain.

The solution to that one is to create a www record in the eganllc.com zone with the public IP of the website. If anything I suspect that would be the reason for any kind of rename attempt.

Chris

Author

Commented:
Okay,  So what type of record and where.  My external mx record is hosted on DynamicDNS.org and www points to my webserver host.
Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

Sorry, should have given more detail.

In the DNS Console, expand Forward Lookup Zones and select eganllc.com. Right click and select new Host (A) Record, give it the name www, then the IP for your webserver host.

This won't effect anything externally, just what your network clients see.

Chris

Author

Commented:
No go.  So my cname for www in my DynamicDNS.org account points to a url not an IP.  When creating the host record I use the IP of the webserver but it can not be resolved.

On another level I am concerned how this split domain will affect Group Policies.  Any ideas?
Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

Is the URL it points to in the eganllc.com domain? If not, create a CNAME (Alias) in the eganllc.com (deleting the Host (A) Record first), and point it at the URL.

Not sure about, it's not a good thing, but I expected DCDiag to complain rather more.

Do you have an XP client? You could run rsop.msc (Resultant Set of Policy Tool) and GPResult.exe (on the command line) which will tell you if policies are being processed properly.

Chris

Author

Commented:
Okay we are looking good.  It seems Group Policies are working.  I can get to our external webpage.  I can not get to sharepoint internally either at \\compnayweb or our external address that is fc.eganllc.com:444   Just these last few details and we can write this off as success of sorts.

Author

Commented:
Okay I have sharepoint working as well.  Group Polices seems to be working.  My final issue is that as of yesterday we can not recieve emails on our Trios.  If I run the CEICW it fails on email. Could this be related to DNS issues?
Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

Potentially, yes. Exchange is installed on there? Is that working?

Chris

Author

Commented:
Exchange is still working.  Except from on our phones.  I re-ran the CEICW and it errors out.
icwlog:

12/12/2007 9:10 AM
C:\Program Files\Microsoft Windows Small Business Server\Networking\ICW\wizrfire.dll, version 5.2.2893.0
calling CRFireCommit::ValidatePropertyBag (0x2dfff0).
Call to This is a Router Single Nic configuration only Web Publishing will be configured, Basic Firewall will not be configured. () returned ok.
Call to Reading web publishing selection () returned ok.
Call to Reading OWA publishing selection () returned ok.
Call to Reading RUP publishing selection () returned ok.
Call to Reading Monitoring publishing selection () returned ok.
Call to Reading OMA publishing selection () returned ok.
Call to Reading RPC publishing selection () returned ok.
Call to Reading Companyweb publishing selection () returned ok.
Call to Reading ROOT publishing selection () returned ok.
Web publishing selections:
OWA publishing: 1
RUP publishing: 1
Monitoring publishing: 1
OMA publishing: 1
RPC publishing: 1
Companyweb publishing: 1
ROOT publishing: 0
Call to CRFireCommit::ValidatePropertyBag () returned ok.

12/12/2007 9:10 AM
C:\Program Files\Microsoft Windows Small Business Server\Networking\ICW\wizcert.dll, version 5.2.2893.0
Calling CCertCommit::ValidatePropertyBag
Require SSL for OWA: 1
Require SSL for Remote Portal: 1
Require SSL for Monitoring: 0
Require SSL for OMA: 0
Require SSL for CompanyWeb: 0
Require 128 Bit Encryption: 1
Cert selection: -1
CCertCommit::ValidatePropertyBag returned OK

12/12/2007 9:10 AM
C:\Program Files\Microsoft Windows Small Business Server\Networking\ICW\wizemail.dll, version 5.2.2893.0
calling CEmailCommit::ValidatePropertyBag ().
calling pdispPPPBag->QueryInterface (IPropertyPagePropertyBag, 0x6e50c).
Call to pdispPPPBag->QueryInterface () returned ok.
calling ReadInt4 (0x2dfff0, DB5E5E45-3598-4F1D-8FF7-0ED35B9EB6A4).
Call to ReadInt4 () returned ok.
The out param of ReadInt4() is 1.
calling CValidatePropertyUtil.ValidatePropertyInteger ().
Call to CValidatePropertyUtil.ValidatePropertyInteger () returned ok.
calling ReadBool (0x2dfff0, F71526DD-9C19-4fe9-B7DB-FD4360909275).
Call to ReadBool () returned ok.
The out param of ReadBool() is 0.
calling CValidatePropertyUtil.ValidatePropertyBool ().
Call to CValidatePropertyUtil.ValidatePropertyBool () returned ok.
calling ReadString (0x2dfff0, 6AB26DC4-94B7-47F6-88B1-A7CB280C38A6).
Call to ReadString () returned ok.
The out param of ReadString() is outbound.mailhop.org.
calling CValidatePropertyUtil.ValidatePropertyHostNameorIPAddressList ().
Call to CValidatePropertyUtil.ValidatePropertyHostNameorIPAddressList () returned ok.
calling ReadBool (0x2dfff0, 65E07667-C9D4-4005-8C6F-BEA9B3544AC2).
Call to ReadBool () returned ok.
The out param of ReadBool() is 1.
calling CValidatePropertyUtil.ValidatePropertyBool ().
Call to CValidatePropertyUtil.ValidatePropertyBool () returned ok.
calling ReadBool (0x2dfff0, DB5E5E46-3598-4F1D-8FF7-0ED35B9EB6A4).
Call to ReadBool () returned ok.
The out param of ReadBool() is 0.
calling CValidatePropertyUtil.ValidatePropertyBool ().
Call to CValidatePropertyUtil.ValidatePropertyBool () returned ok.
calling ReadBool (0x2dfff0, 1DB7A50F-98F8-452f-868B-1AAC56585DD0).
Call to ReadBool () returned ok.
The out param of ReadBool() is 1.
calling CValidatePropertyUtil.ValidatePropertyBool ().
Call to CValidatePropertyUtil.ValidatePropertyBool () returned ok.
calling ReadInt4 (0x2dfff0, C9D8697B-0D4C-4767-8F1F-4CE415098774).
Call to ReadInt4 () returned ok.
The out param of ReadInt4() is 0x1.
calling CValidatePropertyUtil.ValidatePropertyLong ().
Call to CValidatePropertyUtil.ValidatePropertyLong () returned ok.
calling ReadString (0x2dfff0, C9D8697C-0D4C-4767-8F1F-4CE415098774).
Call to ReadString () returned ok.
The out param of ReadString() is outbound.mailhop.org.
calling CValidatePropertyUtil.ValidatePropertyHostNameorIPAddressList ().
Call to CValidatePropertyUtil.ValidatePropertyHostNameorIPAddressList () returned ok.
calling ReadString (0x2dfff0, AC817832-E18E-491E-BF54-FDD641DC5C54).
Call to ReadString () returned ok.
The out param of ReadString() is jonyskids.
calling ReadString (0x2dfff0, AC817833-E18E-491E-BF54-FDD641DC5C54).
Error 0x8000ffff returned from call to ReadString().
calling ReadSafeArray (0x2dfff0, AC817833-E18E-491E-BF54-FDD641DC5C54).
Call to ReadSafeArray () returned ok.
calling ReadBool (0x2dfff0, AC817831-E18E-491E-BF54-FDD641DC5C54).
Call to ReadBool () returned ok.
The out param of ReadBool() is 1.
calling CValidatePropertyUtil.ValidatePropertyBool ().
Call to CValidatePropertyUtil.ValidatePropertyBool () returned ok.
calling ReadBool (0x2dfff0, 65E07667-C9D4-4005-8C6F-BEA9B3544AC2).
Call to ReadBool () returned ok.
The out param of ReadBool() is 1.
calling CValidatePropertyUtil.ValidatePropertyBool ().
Call to CValidatePropertyUtil.ValidatePropertyBool () returned ok.
calling ReadString (0x2dfff0, 01637C90-B142-41C4-8520-6B2E0F891BE7).
Call to ReadString () returned ok.
The out param of ReadString() is eganllc.com.
calling ReadBool (0x2dfff0, 1DB7A50F-98F8-452f-868B-1AAC56585DD0).
Call to ReadBool () returned ok.
The out param of ReadBool() is 1.
calling ReadInt4 (0x2dfff0, C9D8697B-0D4C-4767-8F1F-4CE415098774).
Call to ReadInt4 () returned ok.
The out param of ReadInt4() is 0x1.
calling CValidatePropertyUtil.ValidatePropertyHostName ().
Call to CValidatePropertyUtil.ValidatePropertyHostName () returned ok.
calling AttachCommiter.Validate(pPPPBag) (0x2dfff0, 01637C90-B142-41C4-8520-6B2E0F891BE7).
calling CAttachCommiter::Validate (0x2dfff0).
calling CAttachCommiter::Validate:ReadVariant (0x0).
calling CAttachCommiter::Validate:m_spDoc.CoCreateInstance (0x0).
calling CAttachCommiter::Validate:m_spDoc->loadXML (0x0).
Call to CAttachCommiter::Validate () returned ok.
Call to CEMailCommit::ValidatePropertyBag () returned ok.
calling CNetCommit::Commit (3014640).
calling CNetCommit::ValidatePropertyBag ().
Call to Querying for the property bag () returned ok.
Property bag is not dirty, skipping validation
calling CNetCommit::Common ().
calling CNetCommit::GetLanNicInfo ().
LAN NIC Guid: {CDBAA84A-2B94-4F44-BE1D-BB6ECC4C2C96}
Call to Converting LAN NIC Guid () returned ok.
Call to Getting IP address for the LAN NIC () returned ok.
Call to Reading in the LAN NIC info () returned ok.
Call to Fixing the TCP/IP NIC Binding order () returned ok.
Dhcp server is installed and not disabled
Call to Set DHCP Server to start up automatically () returned ok.
DNS server is installed and not disabled
Call to Changing startup type for DNS () returned ok.
Call to Clearing DNS server entries on the LAN NIC () returned ok.
Call to Setting DNS server IP for the LAN NIC () returned ok.
Call to Resetting DNS recursion timeout () returned ok.
Call to Resetting client dns query timouts in config.dat () returned ok.
Call to DsGetDcName for local domain name () returned ok.
Call to Disabling RRAS routing () returned ok.
calling CNetCommit::DoRouter ().
Call to Clearing the default gateway on the LAN NIC () returned ok.
Call to Setting default gateway on the LAN NIC () returned ok.
Call to Setting DNS forwarders () returned ok.
Call to Preparing DNS for DNS listener reset () returned ok.
Call to Resetting DNS listeners () returned ok.
URL to the router is http://192.168.16.1
Call to Adding routers IP address to the intranet zone () returned ok.
Call to CNetCommit::DoRouter () returned ok.
Call to Configuring for router connection () returned ok.
calling ConfigureIE ().
calling SetInternetOptions ((null), (null), (null)).
calling InternetSetOptionA (NULL, INTERNET_OPTION_PER_CONNECTION_OPTION).
Call to InternetSetOptionA () returned ok.
Call to SetInternetOptions () returned ok.
calling InternetSetOption_AutodialConnection ().
Call to InternetSetOption_AutodialConnection () returned ok.
calling InternetSetOption_AutodialMode (4).
Call to InternetSetOption_AutodialMode () returned ok.
calling InternetSetOption_DisableAutodial (0).
Call to InternetSetOption_DisableAutodial () returned ok.
Call to ConfigureIE () returned ok.
Call to Configuring IE for router connection () returned ok.
Call to Notifying client setup for Default gateway as the router () returned ok.
calling RegisterMSBOExchangeBP (0).
Error 0x1 returned from call to RegisterMSBOExchangeBP().
Call to Unregistering the smtp sink () returned ok.
Call to GetLocalDomainName () returned ok.
Call to Reading in the local domain name () returned ok.
Local Domain Name is: eganllc.local
Call to Enabling secure dynamic DNS updates () returned ok.
Call to Disabling RoundRobin for DNS server () returned ok.
Call to GetLocalDomainName () returned ok.
Call to Configuring DHCP options () returned ok.
Call to Disabling the RASUTO service () returned ok.
Call to Configuring w32time parameters for fulltime () returned ok.
Call to Configuring the time service () returned ok.
Call to Notifying RWW for ISA () returned ok.
Call to CNetCommit::Common () returned ok.
Call to CNetCommit::Commit () returned ok.
calling CRFireCommit::CommitEx (0x2dfff0).
calling CRFireCommit::ValidatePropertyBag (0x2dfff0).
Call to This is a Router Single Nic configuration only Web Publishing will be configured, Basic Firewall will not be configured. () returned ok.
Call to Reading web publishing selection () returned ok.
Call to Reading OWA publishing selection () returned ok.
Call to Reading RUP publishing selection () returned ok.
Call to Reading Monitoring publishing selection () returned ok.
Call to Reading OMA publishing selection () returned ok.
Call to Reading RPC publishing selection () returned ok.
Call to Reading Companyweb publishing selection () returned ok.
Call to Reading ROOT publishing selection () returned ok.
Web publishing selections:
OWA publishing: 1
RUP publishing: 1
Monitoring publishing: 1
OMA publishing: 1
RPC publishing: 1
Companyweb publishing: 1
ROOT publishing: 0
Call to CRFireCommit::ValidatePropertyBag () returned ok.
Call to GetPrivateNICGuid () returned ok.
Call to GetIPAddress for private nic () returned ok.
Call to GetSubnetMask for private nic () returned ok.
RUP is published
Call to Fixing the inheritance for root dir () returned ok.
Call to Unpublishing the default web site () returned ok.
Call to Fixing the inheritance for companyweb dir () returned ok.
Call to Unpublishing companyweb () returned ok.
Call to Publishing /Exchange () returned ok.
Call to Publishing /ExchWeb () returned ok.
Call to Publishing /Public () returned ok.
Call to Publishing /ExAdmin () returned ok.
Call to Publishing RUP () returned ok.
Call to Publishing client help for RUP () returned ok.
Call to Publishing Monitoring () returned ok.
Call to Publishing OMA () returned ok.
Call to Publishing ActiveSync () returned ok.
Call to Publishing RPC () returned ok.
Call to Configuring RPC over HTTP () returned ok.
Call to Publishing Companyweb () returned ok.
Call to Publishing Companyweb _layouts () returned ok.
Call to Publishing Companyweb _vti_bin () returned ok.
Call to Publishing Companyweb _wpresources () returned ok.
Call to Notify RUP for OWA () returned ok.
Call to Notify RUP for Monitoring () returned ok.
Call to Notify RUP for RPC () returned ok.
Call to Notify RUP for Companyweb () returned ok.
Call to Restricting exhchangeoma to local server only () returned ok.
Call to Restricting ConnectComputer to local network only () returned ok.
Call to GetInternetServerName () returned ok.
Call to GetNetbiosDomainName () returned ok.
Call to NotifyProvisioning () returned ok.
Call to Limiting number of connections () returned ok.
Call to Sending RUP intro mail () returned ok.
Call to Saving web publishing selection () returned ok.
calling Set Web Publishing Rules (0x0).
Call to GetPrivateNICGuid () returned ok.
Call to WMIGetIPAddress () returned ok.
Call to IISConfig Set () returned ok.
Call to Setting default logon domain for OMA () returned ok.
Call to Setting Anonymous Access () returned ok.
Call to CRFireCommit::Commit () returned ok.
Calling CCertCommit::CommitEx
Calling CCertCommit::ValidatePropertyBag
Require SSL for OWA: 1
Require SSL for Remote Portal: 1
Require SSL for Monitoring: 0
Require SSL for OMA: 0
Require SSL for CompanyWeb: 0
Require 128 Bit Encryption: 1
Cert selection: -1
CCertCommit::ValidatePropertyBag returned OK
Opening the cert store returned OK
Reading the computer name returned OK
Reading the fully qualified server name returned OK
CCertCommit::EnableSSL returned OK
CCertCommit::RequireSSL returned OK
CCertCommit::NotifyRemoteUserPortal returned OK
Reading the Internet Server Name returned OK
Updating provisioning info returned OK
Sending RUP intro mail returned OK
CCertCommit::SaveUserSelections returned OK
CCertCommit::CommitEx returned OK
calling CEmailCommit::Commit (0x1191708).
calling CEmailCommit::ValidatePropertyBag ().
calling pdispPPPBag->QueryInterface (IPropertyPagePropertyBag, 0x6e488).
Call to pdispPPPBag->QueryInterface () returned ok.
calling ReadInt4 (0x2dfff0, DB5E5E45-3598-4F1D-8FF7-0ED35B9EB6A4).
Call to ReadInt4 () returned ok.
The out param of ReadInt4() is 1.
calling CValidatePropertyUtil.ValidatePropertyInteger ().
Call to CValidatePropertyUtil.ValidatePropertyInteger () returned ok.
calling ReadBool (0x2dfff0, F71526DD-9C19-4fe9-B7DB-FD4360909275).
Call to ReadBool () returned ok.
The out param of ReadBool() is 0.
calling CValidatePropertyUtil.ValidatePropertyBool ().
Call to CValidatePropertyUtil.ValidatePropertyBool () returned ok.
calling ReadString (0x2dfff0, 6AB26DC4-94B7-47F6-88B1-A7CB280C38A6).
Call to ReadString () returned ok.
The out param of ReadString() is outbound.mailhop.org.
calling CValidatePropertyUtil.ValidatePropertyHostNameorIPAddressList ().
Call to CValidatePropertyUtil.ValidatePropertyHostNameorIPAddressList () returned ok.
calling ReadBool (0x2dfff0, 65E07667-C9D4-4005-8C6F-BEA9B3544AC2).
Call to ReadBool () returned ok.
The out param of ReadBool() is 1.
calling CValidatePropertyUtil.ValidatePropertyBool ().
Call to CValidatePropertyUtil.ValidatePropertyBool () returned ok.
calling ReadBool (0x2dfff0, DB5E5E46-3598-4F1D-8FF7-0ED35B9EB6A4).
Call to ReadBool () returned ok.
The out param of ReadBool() is 0.
calling CValidatePropertyUtil.ValidatePropertyBool ().
Call to CValidatePropertyUtil.ValidatePropertyBool () returned ok.
calling ReadBool (0x2dfff0, 1DB7A50F-98F8-452f-868B-1AAC56585DD0).
Call to ReadBool () returned ok.
The out param of ReadBool() is 1.
calling CValidatePropertyUtil.ValidatePropertyBool ().
Call to CValidatePropertyUtil.ValidatePropertyBool () returned ok.
calling ReadInt4 (0x2dfff0, C9D8697B-0D4C-4767-8F1F-4CE415098774).
Call to ReadInt4 () returned ok.
The out param of ReadInt4() is 0x1.
calling CValidatePropertyUtil.ValidatePropertyLong ().
Call to CValidatePropertyUtil.ValidatePropertyLong () returned ok.
calling ReadString (0x2dfff0, C9D8697C-0D4C-4767-8F1F-4CE415098774).
Call to ReadString () returned ok.
The out param of ReadString() is outbound.mailhop.org.
calling CValidatePropertyUtil.ValidatePropertyHostNameorIPAddressList ().
Call to CValidatePropertyUtil.ValidatePropertyHostNameorIPAddressList () returned ok.
calling ReadString (0x2dfff0, AC817832-E18E-491E-BF54-FDD641DC5C54).
Call to ReadString () returned ok.
The out param of ReadString() is jonyskids.
calling ReadString (0x2dfff0, AC817833-E18E-491E-BF54-FDD641DC5C54).
Error 0x8000ffff returned from call to ReadString().
calling ReadSafeArray (0x2dfff0, AC817833-E18E-491E-BF54-FDD641DC5C54).
Call to ReadSafeArray () returned ok.
calling ReadBool (0x2dfff0, AC817831-E18E-491E-BF54-FDD641DC5C54).
Call to ReadBool () returned ok.
The out param of ReadBool() is 1.
calling CValidatePropertyUtil.ValidatePropertyBool ().
Call to CValidatePropertyUtil.ValidatePropertyBool () returned ok.
calling ReadBool (0x2dfff0, 65E07667-C9D4-4005-8C6F-BEA9B3544AC2).
Call to ReadBool () returned ok.
The out param of ReadBool() is 1.
calling CValidatePropertyUtil.ValidatePropertyBool ().
Call to CValidatePropertyUtil.ValidatePropertyBool () returned ok.
calling ReadString (0x2dfff0, 01637C90-B142-41C4-8520-6B2E0F891BE7).
Call to ReadString () returned ok.
The out param of ReadString() is eganllc.com.
calling ReadBool (0x2dfff0, 1DB7A50F-98F8-452f-868B-1AAC56585DD0).
Call to ReadBool () returned ok.
The out param of ReadBool() is 1.
calling ReadInt4 (0x2dfff0, C9D8697B-0D4C-4767-8F1F-4CE415098774).
Call to ReadInt4 () returned ok.
The out param of ReadInt4() is 0x1.
calling CValidatePropertyUtil.ValidatePropertyHostName ().
Call to CValidatePropertyUtil.ValidatePropertyHostName () returned ok.
calling AttachCommiter.Validate(pPPPBag) (0x2dfff0, 01637C90-B142-41C4-8520-6B2E0F891BE7).
calling CAttachCommiter::Validate (0x2dfff0).
calling CAttachCommiter::Validate:ReadVariant (0x0).
calling CAttachCommiter::Validate:m_spDoc.CoCreateInstance (0x0).
calling CAttachCommiter::Validate:m_spDoc->loadXML (0x0).
Call to CAttachCommiter::Validate () returned ok.
Call to CEMailCommit::ValidatePropertyBag () returned ok.
calling pdispPPPBag->QueryInterface (IPropertyPagePropertyBag, 0x6e4f4).
Call to pdispPPPBag->QueryInterface () returned ok.
calling ReadInt4 (0x2dfff0, DB5E5E45-3598-4F1D-8FF7-0ED35B9EB6A4).
Call to ReadInt4 () returned ok.
The out param of ReadInt4() is 1.
calling GetDomainAndControllerNames ().
Call to GetDomainAndControllerNames () returned ok.
calling GetOrganizationName (\\addison.eganllc.com, DC=eganllc,DC=local).
Call to GetOrganizationName () returned ok.
calling GetFirstAdministrativeGroup (\\addison.eganllc.com, DC=eganllc,DC=local, EGANLLC).
Call to GetFirstAdministrativeGroup () returned ok.
calling GetFirstRoutingGroup (\\addison.eganllc.com, DC=eganllc,DC=local, EGANLLC, first administrative group).
Call to GetFirstRoutingGroup () returned ok.
Call to SetCookieAuthentication () returned ok.
Error 0x8007203a returned from call to Enabling Wireless admin for OMA().
Error 0x8007203a returned from call to CEMailCommit::Commit().
calling GetBOConnector ().
Call to GetBOConnector () returned ok.
calling spADs->PutEx (ADS_PROPERTY_CLEAR, msExchSmtpOutboundSecurityPassword).
Call to spADs->PutEx () returned ok.
calling spADs->SetInfo ().
Call to spADs->SetInfo () returned ok.

Author

Commented:
Chris,

I am new to this forum and did not mean to close the issue.  I still can not get the Mobile email to work.  Ant ideas?
Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

Hi,

Sorry, meant to post last night.

Errors from CEICW can be very misleading, however I'm not going to be much good with those. I don't get involved in SBS much, more with DNS and Active Directory.

That said, you can get the question opened up again by dropping a post into Community Support (https://www.experts-exchange.com/Community_Support/General/).

Then it would be good to get one of the SBS guys involved. Perhaps place a request for further assistance in the same post. There are some very good guys on SBS that may be able to help further.

I'm still a little troubled by the mismatch in the naming, I don't think you've seen the end of problems caused by that.

Chris

Author

Commented:
Chris,

Thanks for the advice and the help.  I am pretty sure I am headed for a rebuild.

Cheers,
JON

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.