DNS issues?
Our primary domain controller which has the FSMO roles on it, stops authenticating users periodically. The server appears to be working ok and all of sudden, we will get calls that users are unable to log into different programs, also, once this happens, we are unable to quickly nav to \\servername\netlogon. It will take several minutes for it to come up. Once we reboot the server everything is fine for about 4 hours...give or take an hour.
Have you seen anything like this or have any suggestions as to where to check? We have ran dcdiag on the server an everything looks fine.
One thing is have seen is consistent Event errors 4010
he DNS server was unable to create a resource record for x.x.xx.in-addr.arpa. in zone 10.in-addr.arpa. The Active Directory definition of this resource record is corrupt or contains an invalid DNS name. The event data contains the error.
and 4016
The DNS server timed out attempting an Active Directory service operation on DC=_ldap._tcp.d7f56b51-217
and
The DNS server timed out attempting an Active Directory service operation on DC=x,DC=x.x.x.in-addr.arpa
Penny for your thoughts...
Have you seen anything like this or have any suggestions as to where to check? We have ran dcdiag on the server an everything looks fine.
One thing is have seen is consistent Event errors 4010
he DNS server was unable to create a resource record for x.x.xx.in-addr.arpa. in zone 10.in-addr.arpa. The Active Directory definition of this resource record is corrupt or contains an invalid DNS name. The event data contains the error.
and 4016
The DNS server timed out attempting an Active Directory service operation on DC=_ldap._tcp.d7f56b51-217
and
The DNS server timed out attempting an Active Directory service operation on DC=x,DC=x.x.x.in-addr.arpa
Penny for your thoughts...
Hi,
Have you tried running a netdiag and dcdiag to gather more information?
Have you tried running a netdiag and dcdiag to gather more information?
How many domain controllers do you have? Check the DNS settings in your network settings on each server. Make sure they are pointing to the correct internal DNS server. Look at your DNS name servers and forwarders tabs. Make sure everything is correct.
you have an issue with your dns
seems there are some station or server using the worng preferred DNS1, DNS2
if i were you
1- check all pcs and server network property and ensure all having the correct dns
2- from each workstation use
c:\nslookup domain.com
to ensure that it seeing your correct server
3- open your dns and delete the old record -not existing any more- it might be curropted
4- if you didnt be able to solve the problem
immediatelly prepare a new server, install all windows update and latest service pack
join it to the domain
run dcpromo
then move the 5 FSMO rules to it
and try
5- be sure that you backed up your previous DC server system state + full drive C
seems there are some station or server using the worng preferred DNS1, DNS2
if i were you
1- check all pcs and server network property and ensure all having the correct dns
2- from each workstation use
c:\nslookup domain.com
to ensure that it seeing your correct server
3- open your dns and delete the old record -not existing any more- it might be curropted
4- if you didnt be able to solve the problem
immediatelly prepare a new server, install all windows update and latest service pack
join it to the domain
run dcpromo
then move the 5 FSMO rules to it
and try
5- be sure that you backed up your previous DC server system state + full drive C
Check your MSDCS file folders under DNS forward lookup zones and see if any are greyed out.
post the log of netdiag
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for trying to help.
I wish you the best, sorry mate...