Solved

SBS 2003 Cannot create or modify users

Posted on 2011-03-02
114
529 Views
Last Modified: 2012-05-11
when we try to create a new user with the administrator account or change passwords in the server management gui we get an error that windows cannot compmlete the task because the system cannot find the file specified? Sometimes clicking on items in the users area I get a pop up aaying "unspecified error". When I manuall go to active directory users and computers I get an error "naming information cannot be located because: the specified domain either does not exist or could not be contacted". So active directory is corrupted?
0
Comment
Question by:sraley
  • 62
  • 51
114 Comments
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35016659
More likely your DNS isn't configured correctly, can you make sure the server has only it's own IP address in the DNS section of the TCP/IP properties of the network card.  There should be no other entries.

If you change this then restart the NETLOGON service.

Can you post the results of DCDIAG and NETDIAG

0
 

Author Comment

by:sraley
ID: 35016849
Yes the server is 192.168.1.254 and that is the only dns entry. Getting results now.
0
 

Author Comment

by:sraley
ID: 35016860
C:\Documents and Settings\Administrator.JVMLAW.000>netdiag

....................................

    Computer Name: SERVER
    DNS Host Name: server.jvmlaw.net
    System info : Microsoft Windows Server 2003 (Build 3790)
    Processor : x86 Family 15 Model 4 Stepping 7, GenuineIntel
    List of installed hotfixes :
        KB921503
        KB923561
        KB925398_WMP64
        KB925902
        KB926122
        KB927891
        KB929123
        KB930178
        KB931768
        KB931784
        KB931836
        KB932168
        KB933360
        KB933729
        KB933854
        KB935839
        KB935840
        KB935966
        KB936021
        KB936357
        KB936782
        KB937143
        KB938127
        KB938127-IE7
        KB938464
        KB939653
        KB941202
        KB941568
        KB941569
        KB941644
        KB941672
        KB941693
        KB942615
        KB942763
        KB942830
        KB942831
        KB942840
        KB943055
        KB943460
        KB943484
        KB943485
        KB944338
        KB944653
        KB945553
        KB946026
        KB947864
        KB948496
        KB948590
        KB948745
        KB948881
        KB949014
        KB950762
        KB950974
        KB951066
        KB951072-v2
        KB951698
        KB951746
        KB951748
        KB952004
        KB952069
        KB952954
        KB953298
        KB953838
        KB953838-IE7
        KB953839
        KB954155
        KB955069
        KB956572
        KB956802
        KB956803
        KB956844
        KB958469
        KB958644
        KB958869
        KB959426
        KB960225
        KB960803
        KB960859
        KB961063
        KB961501
        KB967715
        KB967723
        KB969059
        KB969883
        KB970238
        KB970483
        KB971032
        KB971657
        KB971961
        KB973507
        KB973540
        KB973815
        KB973825
        KB973869
        KB973917-v2
        KB974112
        KB974571
        KB975025
        KB977290
        KB977816
        KB978338
        KB978601
        KB978706
        KB979309
        KB980232
        KB981793
        Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : Server Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : server
        IP Address . . . . . . . . : 192.168.1.254
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.1.1
        Primary WINS Server. . . . : 192.168.1.254
        Dns Servers. . . . . . . . : 192.168.1.254


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed

        WINS service test. . . . . : Passed


Global results:


Domain membership test . . . . . . : Failed
    [WARNING] Ths system volume has not been completely replicated to the local
machine. This machine is not working properly as a DC.


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{F092118F-F9C8-4532-A15E-424BA1D9824C}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Passed
    PASS - All the DNS entries for DC are registered on DNS server '192.168.1.25
4' and other DCs also have some of the names registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{F092118F-F9C8-4532-A15E-424BA1D9824C}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{F092118F-F9C8-4532-A15E-424BA1D9824C}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Failed
        [FATAL] Cannot find DC in domain 'JVMLAW'. [ERROR_NO_SUCH_DOMAIN]


DC list test . . . . . . . . . . . : Failed
        'JVMLAW': Cannot find DC to get DC list from [test skipped].


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Skipped
        'JVMLAW': Cannot find DC to get DC list from [test skipped].


LDAP test. . . . . . . . . . . . . : Failed
    Cannot find DC to run LDAP tests on. The error occurred was: The specified d
omain either does not exist or could not be contacted.

        [WARNING] Cannot find DC in domain 'JVMLAW'. [ERROR_NO_SUCH_DOMAIN]


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully
0
 

Author Comment

by:sraley
ID: 35016866
dcdiag

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site\SERVER
      Starting test: Connectivity
         ......................... SERVER passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site\SERVER
      Starting test: Replications
         ......................... SERVER passed test Replications
      Starting test: NCSecDesc
         ......................... SERVER passed test NCSecDesc
      Starting test: NetLogons
         Unable to connect to the NETLOGON share! (\\SERVER\netlogon)
         [SERVER] An net use or LsaPolicy operation failed with error 53, The ne
twork path was not found..
         ......................... SERVER failed test NetLogons
      Starting test: Advertising
         ......................... SERVER passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... SERVER passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... SERVER passed test RidManager
      Starting test: MachineAccount
         ......................... SERVER passed test MachineAccount
      Starting test: Services
            IsmServ Service is stopped on [SERVER]
         ......................... SERVER failed test Services
      Starting test: ObjectsReplicated
         ......................... SERVER passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... SERVER passed test frssysvol
      Starting test: frsevent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... SERVER failed test frsevent
      Starting test: kccevent
         ......................... SERVER passed test kccevent
      Starting test: systemlog
         ......................... SERVER passed test systemlog
      Starting test: VerifyReferences
         ......................... SERVER passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : jvmlaw
      Starting test: CrossRefValidation
         ......................... jvmlaw passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... jvmlaw passed test CheckSDRefDom

   Running enterprise tests on : jvmlaw.net
      Starting test: Intersite
         ......................... jvmlaw.net passed test Intersite
      Starting test: FsmoCheck
         Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
         A Global Catalog Server could not be located - All GC's are down.
         Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
         A Time Server could not be located.
         The server holding the PDC role is down.
         Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 135
5
         A Good Time Server could not be located.
         Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
         A KDC could not be located - All the KDCs are down.
         ......................... jvmlaw.net failed test FsmoCheck
0
 

Author Comment

by:sraley
ID: 35016871
Do I need to run FSMO to seize roles?
0
 

Author Comment

by:sraley
ID: 35016908
checking with operations master gui is states that server.jvmlaw.net has the RID, PDCa nd infrastructure roles
0
 

Author Comment

by:sraley
ID: 35016940
active schema master and domain trusts says that the server has the roles.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35017025
if you run NETDOM QUERY FSMO does it say that your SBS server has all 5 roles?
0
 

Author Comment

by:sraley
ID: 35017034
Yes

C:\Documents and Settings\Administrator.JVMLAW.000>netdom query fsmo
Schema owner                server.jvmlaw.net

Domain role owner           server.jvmlaw.net

PDC role                    server.jvmlaw.net

RID pool manager            server.jvmlaw.net

Infrastructure owner        server.jvmlaw.net

The command completed successfully.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35017046
OK, excellent.

What forward lookup zones do you have configured in DNS? There should be one for _msdcs.jvmlaw.net?

The DCDIAG says there are other DC's listed so in the DNS console under this zone what can you see?
0
 

Author Comment

by:sraley
ID: 35017137
under jvmlaw.net I have the _msdcs folder
In that I have a DC, domains, gc and pdc folders. all entries in there for ldap, kerbos all say server.jvmlaw.net.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35017191
and there are no other entries here?
only server.jvmlaw.net?
0
 

Author Comment

by:sraley
ID: 35017231
thats all I see
0
 

Author Comment

by:sraley
ID: 35017238
is there a dns report I can spit here to show you all the dns entries?
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35017249
using Active Directory Sites and Services can you expand Default-First-Site

How many servers do you see listed?

Can you expand server.jvmlaw.net and then right click on NTDS Settings, is there a check in the Global Catalog check box?
0
 

Author Comment

by:sraley
ID: 35017450
yes only server.jvmlaw.net is listed and the box is checked for global catalog server.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35017471
Can you uncheck the box, then click apply, then check it again and click apply.
0
 

Author Comment

by:sraley
ID: 35017487
done
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35017495
OK, now try your user creation again.
0
 

Author Comment

by:sraley
ID: 35017521
add user wizard could not create the user. Click ok to cancel
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35017537
OK, can you from a command prompt run IPCONFIG /FLUSHDNS followed by IPCONFIG /REGISTERDNS

Also can you remove the WINS address from the properties of your network card, and disable the WINS service.  Once that's done, if possible can you reboot the server
0
 

Author Comment

by:sraley
ID: 35017582
those are done but I need a few minutes before I can reboot. should i wait the 15 minutes that states in 15 mins errors from register dns will be in event viewer?
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35017596
don't worry too much about that, it's pretty instant in a single DC network :)
0
 

Author Comment

by:sraley
ID: 35018040
rebooting now
0
 

Author Comment

by:sraley
ID: 35018408
not fixed after reboot
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35018453
:(

OK, next thing is to recreate the DNS zone, this is going to sound a bit drastic but it is safe.

In the DNS console I want you to delete your forward lookup zone for your internal domain.

Once that's done create a new empty one with the same name, don't make it Active Directory integrated at the moment.

Then run DCDIAG /FIX and restart the NETLOGON service the. Run IPCONFIG /FLUSHDNS

then try again
0
 

Author Comment

by:sraley
ID: 35018513
dcdiag /fix still says fsmo and gc are broke. I changed time server to a nist time server in registry and still says it can't find time server.

   Running enterprise tests on : jvmlaw.net
      Starting test: Intersite
         ......................... jvmlaw.net passed test Intersite
      Starting test: FsmoCheck
         Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
         A Global Catalog Server could not be located - All GC's are down.
         Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
         A Time Server could not be located.
         The server holding the PDC role is down.
         Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 135
5
         A Good Time Server could not be located.
         Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
         A KDC could not be located - All the KDCs are down.
         ......................... jvmlaw.net failed test FsmoCheck

C:\Program Files\Support Tools>

Didn't work
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35018528
Is that after re-creating the zone?
0
 

Author Comment

by:sraley
ID: 35018649
yes
there is no msdcs or other folders in the zone after recreating non active directory zone.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35018681
And you have restarted the NETLOGON Service?

Try IPCONFIG /REGISTERDNS

Also run NETDIAG /FIX

This is a bit odd.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35018780
The type of zone just dictates where the zone is stored it's not relevant to what it can support
0
 

Author Comment

by:sraley
ID: 35019417
I lost remote desktop so waiting for my tech to get there and get that back up.
0
 

Author Comment

by:sraley
ID: 35020846
the owner decided to reinstall windows server now.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35020868
WHAT?!?!? That's a bit extreme!
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35020875
This can be fixed, is there no way of changing his mind?
0
 

Author Comment

by:sraley
ID: 35020898
i'm trying to get remote access to try these things you said.
0
 

Author Comment

by:sraley
ID: 35022191
active directory is telling me domain doesn't exist
0
 

Author Comment

by:sraley
ID: 35022233
netdiag /fix results

        KB974112
        KB974571
        KB975025
        KB977290
        KB977816
        KB978338
        KB978601
        KB978706
        KB979309
        KB980232
        KB981793
        Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : Server Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : server
        IP Address . . . . . . . . : 192.168.1.254
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.1.1
        Dns Servers. . . . . . . . : 192.168.1.254


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed
            No remote names have been found.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.


Global results:


Domain membership test . . . . . . : Failed
    [WARNING] Ths system volume has not been completely replicated to the local
machine. This machine is not working properly as a DC.


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{F092118F-F9C8-4532-A15E-424BA1D9824C}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
    [FATAL] Failed to fix: DC DNS entry jvmlaw.net. re-registeration on DNS serv
er '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.jvmlaw.net. re-registeration
on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-Site._sites.jvm
law.net. re-registeration on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.pdc._msdcs.jvmlaw.net. re-reg
isteration on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.f71845bd-e77e-4ef5-a7b4-8ac1d
e2f873e.domains._msdcs.jvmlaw.net. re-registeration on DNS server '192.168.1.254
' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry a9f8be4c-dbf9-49f5-975e-9aa83d50137b._ms
dcs.jvmlaw.net. re-registeration on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _kerberos._tcp.dc._msdcs.jvmlaw.net. re-
registeration on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _kerberos._tcp.Default-First-Site._sites
.dc._msdcs.jvmlaw.net. re-registeration on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.dc._msdcs.jvmlaw.net. re-regi
steration on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-Site._sites.dc.
_msdcs.jvmlaw.net. re-registeration on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _kerberos._tcp.jvmlaw.net. re-registerat
ion on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _kerberos._tcp.Default-First-Site._sites
.jvmlaw.net. re-registeration on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _kerberos._udp.jvmlaw.net. re-registerat
ion on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _kpasswd._tcp.jvmlaw.net. re-registerati
on on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _kpasswd._udp.jvmlaw.net. re-registerati
on on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry DomainDnsZones.jvmlaw.net. re-registerat
ion on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.DomainDnsZones.jvmlaw.net. re
-registeration on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-Site._sites.Dom
ainDnsZones.jvmlaw.net. re-registeration on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry ForestDnsZones.jvmlaw.net. re-registerat
ion on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.ForestDnsZones.jvmlaw.net. re
-registeration on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-Site._sites.For
estDnsZones.jvmlaw.net. re-registeration on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.gc._msdcs.jvmlaw.net. re-regi
steration on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-Site._sites.gc.
_msdcs.jvmlaw.net. re-registeration on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry gc._msdcs.jvmlaw.net. re-registeration o
n DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _gc._tcp.jvmlaw.net. re-registeration on
 DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _gc._tcp.Default-First-Site._sites.jvmla
w.net. re-registeration on DNS server '192.168.1.254' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Fix Failed: netdiag failed to re-register missing DNS entries for th
is DC on DNS server '192.168.1.254'.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{F092118F-F9C8-4532-A15E-424BA1D9824C}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{F092118F-F9C8-4532-A15E-424BA1D9824C}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Failed
        [FATAL] Cannot find DC in domain 'JVMLAW'. [ERROR_NO_SUCH_DOMAIN]


DC list test . . . . . . . . . . . : Failed
        'JVMLAW': Cannot find DC to get DC list from [test skipped].


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Skipped
        'JVMLAW': Cannot find DC to get DC list from [test skipped].


LDAP test. . . . . . . . . . . . . : Failed
    Cannot find DC to run LDAP tests on. The error occurred was: The specified d
omain either does not exist or could not be contacted.

        [WARNING] Cannot find DC in domain 'JVMLAW'. [ERROR_NO_SUCH_DOMAIN]


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully

C:\Documents and Settings\Administrator.JVMLAW.000>
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35022234
what is DNS doing?
Has the zone been re-created?
0
 

Author Comment

by:sraley
ID: 35022242
I'm afraid to reboot since the test failed saying it wasn't acting as a domain controller.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35022250
It's not acting as a domain controller because of the DNS, we need to resolve the DNS issue.

Has the zone been re-created? Did you restart the NETLOGON service?
0
 

Author Comment

by:sraley
ID: 35022253
dns zone has not changed.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35022268
Can you check c:\Windows\system32\Config\netlogon.dns

What does this file have in it?
0
 

Author Comment

by:sraley
ID: 35022813
jvmlaw.net. 600 IN A 192.168.1.254
_ldap._tcp.jvmlaw.net. 600 IN SRV 0 100 389 server.jvmlaw.net.
_ldap._tcp.Default-First-Site._sites.jvmlaw.net. 600 IN SRV 0 100 389 server.jvmlaw.net.
_ldap._tcp.pdc._msdcs.jvmlaw.net. 600 IN SRV 0 100 389 server.jvmlaw.net.
_ldap._tcp.f71845bd-e77e-4ef5-a7b4-8ac1de2f873e.domains._msdcs.jvmlaw.net. 600 IN SRV 0 100 389 server.jvmlaw.net.
a9f8be4c-dbf9-49f5-975e-9aa83d50137b._msdcs.jvmlaw.net. 600 IN CNAME server.jvmlaw.net.
_kerberos._tcp.dc._msdcs.jvmlaw.net. 600 IN SRV 0 100 88 server.jvmlaw.net.
_kerberos._tcp.Default-First-Site._sites.dc._msdcs.jvmlaw.net. 600 IN SRV 0 100 88 server.jvmlaw.net.
_ldap._tcp.dc._msdcs.jvmlaw.net. 600 IN SRV 0 100 389 server.jvmlaw.net.
_ldap._tcp.Default-First-Site._sites.dc._msdcs.jvmlaw.net. 600 IN SRV 0 100 389 server.jvmlaw.net.
_kerberos._tcp.jvmlaw.net. 600 IN SRV 0 100 88 server.jvmlaw.net.
_kerberos._tcp.Default-First-Site._sites.jvmlaw.net. 600 IN SRV 0 100 88 server.jvmlaw.net.
_kerberos._udp.jvmlaw.net. 600 IN SRV 0 100 88 server.jvmlaw.net.
_kpasswd._tcp.jvmlaw.net. 600 IN SRV 0 100 464 server.jvmlaw.net.
_kpasswd._udp.jvmlaw.net. 600 IN SRV 0 100 464 server.jvmlaw.net.
DomainDnsZones.jvmlaw.net. 600 IN A 192.168.1.254
_ldap._tcp.DomainDnsZones.jvmlaw.net. 600 IN SRV 0 100 389 server.jvmlaw.net.
_ldap._tcp.Default-First-Site._sites.DomainDnsZones.jvmlaw.net. 600 IN SRV 0 100 389 server.jvmlaw.net.
ForestDnsZones.jvmlaw.net. 600 IN A 192.168.1.254
_ldap._tcp.ForestDnsZones.jvmlaw.net. 600 IN SRV 0 100 389 server.jvmlaw.net.
_ldap._tcp.Default-First-Site._sites.ForestDnsZones.jvmlaw.net. 600 IN SRV 0 100 389 server.jvmlaw.net.
_ldap._tcp.gc._msdcs.jvmlaw.net. 600 IN SRV 0 100 3268 server.jvmlaw.net.
_ldap._tcp.Default-First-Site._sites.gc._msdcs.jvmlaw.net. 600 IN SRV 0 100 3268 server.jvmlaw.net.
gc._msdcs.jvmlaw.net. 600 IN A 192.168.1.254
_gc._tcp.jvmlaw.net. 600 IN SRV 0 100 3268 server.jvmlaw.net.
_gc._tcp.Default-First-Site._sites.jvmlaw.net. 600 IN SRV 0 100 3268 server.jvmlaw.net.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35022839
So it's all there which means restarting the NETLOGON service should put it all back.

Have you restarted the NETLOGON service?

Are there any errors in the event logs?
0
 

Author Comment

by:sraley
ID: 35022883
yep but i did it again and ran netdiag again and still same error. event viewer got a netlogon error about dynamic updates turned off so I turned it on and ran netdiag again and still errors about dns. app event log is full since it can't query group policy objects.
0
 

Author Comment

by:sraley
ID: 35022887
nothing in dns log since this morning (early morning)
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35022941
There is clearly something wring wit the DNS service. Let's remove it and re-install it.

Click Start € Control Panel > Add or Remove Programs.
Click Add/Remove Windows Components.
select the Networking Services then detaild.
Uncheck thr Domain Name System (DNS) check box, click OK, and then click Next.

Then do the reverse to re-install DNS

Once done, check for the jvmlaw.net forward lookup zone to make sure it's there, if it isn't recreate it.  Then restart the NETLOGON service again.

Check also the DNS services are running in the services console.

0
 

Author Comment

by:sraley
ID: 35022969
lets hope this doesn't prompt me for disk
0
 

Author Comment

by:sraley
ID: 35023071
done and restarted netlogon. dns services running. don't have all the subfolders in dns gui
0
 

Author Comment

by:sraley
ID: 35023167
still getting AD errors. Trying to create a user tells me the specified domain doesnt' exist or could not be contacted.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35023168
Very odd!!!

Any antivirus/firewall/security software? If so, can you remove it?

The server only has 1 NIC? And its definitely pointing to itself for DNS?
0
 

Author Comment

by:sraley
ID: 35023219
symantec is on here and I can remove it. Yes only one NIC and dns entry is only the .254 address.
0
 

Author Comment

by:sraley
ID: 35023317
symantec uninstall is locked up.
0
 

Author Comment

by:sraley
ID: 35023343
i'm rebooting
0
 

Author Comment

by:sraley
ID: 35023442
upon reboot exchange services won't start. in event log in dns there is an entry dns server enountered error 32 attempting to load zone jvmlaw.net from active directory. Event ID 4521
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 

Author Comment

by:sraley
ID: 35023525
rebooted after taking care of symantec and still exchange fails and can't do anything in user AD because it can't find the domain.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35024521
OK, how is the DNS zone looking after symantec has been removed?

Don't worry too much about Exchange once we get DNS working exchange will start working.
0
 

Author Comment

by:sraley
ID: 35026168
dns looks the same
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35026181
I am missing something here.

Can you post the results of IPCONFIG /ALL please
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35026226
can you also from the server goto a command prompt and type:

telnet localhost 53

What happens? Does it connect and you get a flashing cursor or does it not connect?
0
 

Author Comment

by:sraley
ID: 35026297
looks like it connects with flashing cursor. Man do you sleep like me ? :)
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35026301
OK, so it's connecting.

What about the IPCONFIG /ALL?

I don't sleep ;)
0
 

Author Comment

by:sraley
ID: 35026432
Windows IP Configuration

   Host Name . . . . . . . . . . . . : server
   Primary Dns Suffix  . . . . . . . : jvmlaw.net
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : jvmlaw.net

Ethernet adapter Server Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
   Physical Address. . . . . . . . . : 00-13-72-2A-C7-C6
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.1.254
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.1.254

C:\Program Files\Support Tools>
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35026548
and that's it? Completely unmodified?
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35026630
In the DNS console, right click the DNS server and select properties, under interfaces what do you have selected? And what is listed under IP addresses?
0
 

Author Comment

by:sraley
ID: 35026666
192.168.1.254. Listen on All IP Addresses.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35026684
Can you specify "Only the following IP addresses" and check the box for your servers IP.

We need to look at the Application/System Event logs as well, there must be something in there that tells us what is going on.

Is the server being used at the moment?
0
 

Author Comment

by:sraley
ID: 35026732
yeah server is being used. I'll try to download the log and attach here.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35026741
I am suprised the server is being used, without DNS is pretty non-functional.

I am wondering if it's possible there is another device on the network with the same IP address?
0
 

Author Comment

by:sraley
ID: 35026789
here are logs as txt files.
APP.txt
sys.txt
0
 

Author Comment

by:sraley
ID: 35026794
Change IP of server? I am doing this remotely today and my tech is off doing other work so I don't think I could do a shutdown and talk someone over the phone of what to test ping while server off.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35026914
How are you connected? Via RDP? If so there's no chance we can change the IP.
0
 

Author Comment

by:sraley
ID: 35027046
using team viewer and have access to rdp.  Users can't get into share drives this morning so I don't know what I need to do this morning.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35027058
that's because DNS isn't working, if you are using teamviewer then we should be able to change the IP.

In Server Manager run the Change Server IP Address wizard.

Just change the last digit on the IP and complete the wizard.
0
 

Author Comment

by:sraley
ID: 35027213
sorry not share drives, they came up just slow. exchange is down. was on the phone with them and didn't get a good explanation
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35027295
you going to try the IP address change I gave details of above?
0
 

Author Comment

by:sraley
ID: 35027357
error occurred while changing ip address
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35027379
oh? What was the error?
0
 

Author Comment

by:sraley
ID: 35027389
here is the changeiplog.txt
3/3/2011 9:24 AM
Current User:  administrator
Old IP Address:  192.168.1.254
Old 'intended' IP Address:  192.168.1.254
Old Subnet Mask:  255.255.255.0
New IP Address:  192.168.1.253
New Subnet Mask:  255.255.255.0
ModifyPrivateNicProperties returned OK
ConfigureDns returned OK
ConfigureDHCP returned OK
ConfigureIIS returned OK
*** ConfigureExchange returned ERROR 8007203a
"Generic Error"; hr is 0x8007203a.
Error message box (msg id 10): An error occurred while changing the IP address. Your server might be partially configured. We recommend that you run the Change IP Address Tool again and enter the original IP address of the server.

If this error message appears again, ensure that the local network adapter is enabled in Network Connections and that it is connected to a switch or hub that has power. Also, open Services, and ensure that any services having a startup type of Automatic are running.

If the error message still occurs, see the log file at C:\Program Files\Microsoft Windows Small Business Server\Support\Changeiplog.txt.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35027411
so what is the IP address now? Run IPCONFIG to see

Also check the services console, anything set to automatic that hasn't started?
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35027428
Also, from a command prompt type:

netstat -an | findstr :53

and post the results please.
0
 

Author Comment

by:sraley
ID: 35027500
C:\Program Files\Support Tools>ipconfig

Windows IP Configuration


Ethernet adapter Server Local Area Connection:

   Connection-specific DNS Suffix  . :
   IP Address. . . . . . . . . . . . : 192.168.1.253
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1

C:\Program Files\Support Tools>netstat -an | findstr :53
  TCP    0.0.0.0:53             0.0.0.0:0              LISTENING
  TCP    127.0.0.1:53           0.0.0.0:0              LISTENING
  UDP    0.0.0.0:5316           *:*
  UDP    0.0.0.0:5327           *:*
  UDP    0.0.0.0:53007          *:*
  UDP    0.0.0.0:53011          *:*
  UDP    0.0.0.0:53033          *:*
  UDP    0.0.0.0:53058          *:*
  UDP    0.0.0.0:53064          *:*
  UDP    0.0.0.0:53074          *:*
  UDP    0.0.0.0:53083          *:*
  UDP    0.0.0.0:53089          *:*
  UDP    0.0.0.0:53141          *:*
  UDP    0.0.0.0:53194          *:*
  UDP    0.0.0.0:53209          *:*
  UDP    0.0.0.0:53251          *:*
  UDP    0.0.0.0:53271          *:*
  UDP    0.0.0.0:53285          *:*
  UDP    0.0.0.0:53297          *:*
  UDP    0.0.0.0:53298          *:*
  UDP    0.0.0.0:53312          *:*
  UDP    0.0.0.0:53325          *:*
  UDP    0.0.0.0:53418          *:*
  UDP    0.0.0.0:53454          *:*
  UDP    0.0.0.0:53474          *:*
  UDP    0.0.0.0:53503          *:*
  UDP    0.0.0.0:53528          *:*
  UDP    0.0.0.0:53548          *:*
  UDP    0.0.0.0:53557          *:*
  UDP    0.0.0.0:53564          *:*
  UDP    0.0.0.0:53580          *:*
  UDP    0.0.0.0:53601          *:*
  UDP    0.0.0.0:53602          *:*
  UDP    0.0.0.0:53615          *:*
  UDP    0.0.0.0:53637          *:*
  UDP    0.0.0.0:53652          *:*
  UDP    0.0.0.0:53663          *:*
  UDP    0.0.0.0:53675          *:*
  UDP    0.0.0.0:53699          *:*
  UDP    0.0.0.0:53732          *:*
  UDP    0.0.0.0:53763          *:*
  UDP    0.0.0.0:53770          *:*
  UDP    0.0.0.0:53784          *:*
  UDP    0.0.0.0:53868          *:*
  UDP    0.0.0.0:53869          *:*
  UDP    0.0.0.0:53870          *:*
  UDP    0.0.0.0:53874          *:*
  UDP    0.0.0.0:53903          *:*
  UDP    0.0.0.0:53905          *:*
  UDP    0.0.0.0:53906          *:*
  UDP    0.0.0.0:53959          *:*
  UDP    127.0.0.1:53           *:*
  UDP    192.168.1.253:53       *:*

C:\Program Files\Support Tools>




0
 

Author Comment

by:sraley
ID: 35027510
a few exchange services are not started because it states dependency group failed to start
0
 

Author Comment

by:sraley
ID: 35027523
ms exchange system attendant starts and stops error.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35027530
on the properties of the network card can you change the DNS address to 127.0.0.1 instead of the 192.168.1.253

Then restart the netlogon service and check the DNS zone again
0
 

Author Comment

by:sraley
ID: 35027531
information store says it depends on this EXIFS? I dont' see that in the list of services.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35027553
don't worry about that at the moment, can you make the DNS change above
0
 

Author Comment

by:sraley
ID: 35027585
changes dns and zone still the same and users don't have internet now. I'm guessing because of dhcp?
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35027603
no, more than likely because the DHCP will be using the old DNS address, let's set the server back to the old IP.

This is proving pretty difficult to do now without actually seeing your server.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35027608
levae the DNS as 127.0.0.1
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35027662
can you run:

nslookup -d2 -q=soa jvmlaw.net

and

nslookup -d2 -q=soa server.jvmlaw.net

and post the results please
0
 

Author Comment

by:sraley
ID: 35027675
you want access?
I changed IP back to 254 and then went into NIC and changed dns back to 127.0.0.1
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35027698
We are not allowed to offer remote access.  Some of us have contact details in our profiles which you can access by clicking on our names in any of our posts.

Let's continue in this thread for now.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35027707
can you run the commands above please?
0
 

Author Comment

by:sraley
ID: 35027952
first

C:\Program Files\Support Tools>nslookup -d2 -q=soa jvmlaw.net
------------
SendRequest(), len 40
    HEADER:
        opcode = QUERY, id = 1, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        1.0.0.127.in-addr.arpa, type = PTR, class = IN

------------
------------
Got answer (63 bytes):
    HEADER:
        opcode = QUERY, id = 1, rcode = NOERROR
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 1,  authority records = 0,  additional = 0

    QUESTIONS:
        1.0.0.127.in-addr.arpa, type = PTR, class = IN
    ANSWERS:
    ->  1.0.0.127.in-addr.arpa
        type = PTR, class = IN, dlen = 11
        name = localhost
        ttl = 3600 (1 hour)

------------
Server:  localhost
Address:  127.0.0.1

------------
SendRequest(), len 39
    HEADER:
        opcode = QUERY, id = 2, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        jvmlaw.net.jvmlaw.net, type = SOA, class = IN

------------
------------
Got answer (119 bytes):
    HEADER:
        opcode = QUERY, id = 2, rcode = NXDOMAIN
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 1

    QUESTIONS:
        jvmlaw.net.jvmlaw.net, type = SOA, class = IN
    AUTHORITY RECORDS:
    ->  jvmlaw.net
        type = SOA, class = IN, dlen = 42
        ttl = 3600 (1 hour)
        primary name server = server.jvmlaw.net
        responsible mail addr = hostmaster.jvmlaw.net
        serial  = 3
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)
    ADDITIONAL RECORDS:
    ->  server.jvmlaw.net
        type = A, class = IN, dlen = 4
        internet address = 192.168.1.254
        ttl = 3600 (1 hour)

------------
------------
SendRequest(), len 28
    HEADER:
        opcode = QUERY, id = 3, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        jvmlaw.net, type = SOA, class = IN

------------
------------
Got answer (98 bytes):
    HEADER:
        opcode = QUERY, id = 3, rcode = NOERROR
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 1,  authority records = 0,  additional = 1

    QUESTIONS:
        jvmlaw.net, type = SOA, class = IN
    ANSWERS:
    ->  jvmlaw.net
        type = SOA, class = IN, dlen = 42
        ttl = 3600 (1 hour)
        primary name server = server.jvmlaw.net
        responsible mail addr = hostmaster.jvmlaw.net
        serial  = 3
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)
    ADDITIONAL RECORDS:
    ->  server.jvmlaw.net
        type = A, class = IN, dlen = 4
        internet address = 192.168.1.254
        ttl = 3600 (1 hour)

------------
jvmlaw.net
        type = SOA, class = IN, dlen = 42
        ttl = 3600 (1 hour)
        primary name server = server.jvmlaw.net
        responsible mail addr = hostmaster.jvmlaw.net
        serial  = 3
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)
server.jvmlaw.net
        type = A, class = IN, dlen = 4
        internet address = 192.168.1.254
        ttl = 3600 (1 hour)

C:\Program Files\Support Tools>
0
 

Author Comment

by:sraley
ID: 35027961
second
C:\Program Files\Support Tools>nslookup -d2 -q=soa server.jvmlaw.net
------------
SendRequest(), len 40
    HEADER:
        opcode = QUERY, id = 1, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        1.0.0.127.in-addr.arpa, type = PTR, class = IN

------------
------------
Got answer (63 bytes):
    HEADER:
        opcode = QUERY, id = 1, rcode = NOERROR
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 1,  authority records = 0,  additional = 0

    QUESTIONS:
        1.0.0.127.in-addr.arpa, type = PTR, class = IN
    ANSWERS:
    ->  1.0.0.127.in-addr.arpa
        type = PTR, class = IN, dlen = 11
        name = localhost
        ttl = 3600 (1 hour)

------------
Server:  localhost
Address:  127.0.0.1

------------
SendRequest(), len 46
    HEADER:
        opcode = QUERY, id = 2, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        server.jvmlaw.net.jvmlaw.net, type = SOA, class = IN

------------
------------
Got answer (126 bytes):
    HEADER:
        opcode = QUERY, id = 2, rcode = NXDOMAIN
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 1

    QUESTIONS:
        server.jvmlaw.net.jvmlaw.net, type = SOA, class = IN
    AUTHORITY RECORDS:
    ->  jvmlaw.net
        type = SOA, class = IN, dlen = 42
        ttl = 3600 (1 hour)
        primary name server = server.jvmlaw.net
        responsible mail addr = hostmaster.jvmlaw.net
        serial  = 3
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)
    ADDITIONAL RECORDS:
    ->  server.jvmlaw.net
        type = A, class = IN, dlen = 4
        internet address = 192.168.1.254
        ttl = 3600 (1 hour)

------------
------------
SendRequest(), len 35
    HEADER:
        opcode = QUERY, id = 3, rcode = NOERROR
        header flags:  query, want recursion
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        server.jvmlaw.net, type = SOA, class = IN

------------
------------
Got answer (98 bytes):
    HEADER:
        opcode = QUERY, id = 3, rcode = NOERROR
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 1

    QUESTIONS:
        server.jvmlaw.net, type = SOA, class = IN
    AUTHORITY RECORDS:
    ->  jvmlaw.net
        type = SOA, class = IN, dlen = 35
        ttl = 3600 (1 hour)
        primary name server = server.jvmlaw.net
        responsible mail addr = hostmaster.jvmlaw.net
        serial  = 3
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)
    ADDITIONAL RECORDS:
    ->  server.jvmlaw.net
        type = A, class = IN, dlen = 4
        internet address = 192.168.1.254
        ttl = 3600 (1 hour)

------------
jvmlaw.net
        type = SOA, class = IN, dlen = 35
        ttl = 3600 (1 hour)
        primary name server = server.jvmlaw.net
        responsible mail addr = hostmaster.jvmlaw.net
        serial  = 3
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)
server.jvmlaw.net
        type = A, class = IN, dlen = 4
        internet address = 192.168.1.254
        ttl = 3600 (1 hour)

C:\Program Files\Support Tools>
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35027990
in the properties of the network card under TCP/IP click advanced, what is there in the DNS suffix box?
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35028061
let's manually load DNS so that Exchane will start to function.

Can you goto c:\windows\system32\dns

Open the jvmlaw.net.dns file in notepad

then copy and past the content of c:\Windows\system32\Config\netlogon.dns in to the section after where it says zone record. (there should be one line with just a ; on it, paste it on the line under this.  Then change the serial number number to whatever it is now +1

Once you've done that save the jvmlaw.net.dns and go in to the DNS console, right click the zone and select reload.

Do you now have the entries in the zone?
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35028928
Any joy?
0
 

Author Comment

by:sraley
ID: 35029018
dns suffix is checked to append primary dns suffix
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35029034
And the dns file as above? Did you copy the contents? Did it update the zone?
0
 

Author Comment

by:sraley
ID: 35029057
did the changes but reload is greyed out
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35029073
You may need to wait for the console to finish, click off the zone and then try again
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35029405
If that doesn't work restatement DNS services and then reload the console.
0
 

Author Comment

by:sraley
ID: 35029415
I did all the cut and paste and all changes.Waited, reload finally appeared and dns looks the same.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35029463
Looks the same? As in the zones haven't been recreated????
0
 

Author Comment

by:sraley
ID: 35029647
the same zone that we deleted and recreated is still there with no added entries after changing the dns file.
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 35029658
I'm trying to sort out EE aproved remote access.
0
 

Author Comment

by:sraley
ID: 35029793
what is this service dependency on information store?
jvmservice.png
0
 
LVL 74

Accepted Solution

by:
Glen Knight earned 500 total points
ID: 35032306
OK, so to fix this we did the following:

we ran the following commands:

dnscmd /SERVERNAME /zonereload forwardlocupzonename
this then allowed us to access the console and add the secure and non-secure updates and change the zone so that it wasn't stored in Active Directory, as we couldn't read from AD at the moment this was critical.

we then ran DCDIAG /FIX followed by NETDIAG /FIX and restarted the netlogon service just to be sure.

Run IPCONFIG /FLUSHDNS

We now had a working DNS zone.

We then needed to set the Burflags to D4 as per: http://support.microsoft.com/kb/316790
Once done the NETDIAG and DCDIAG came back clean.

more info on dnscmd: http://technet.microsoft.com/en-us/library/cc756116(WS.10).aspx
0
 

Author Comment

by:sraley
ID: 35032327
thanks never used or seen dnscmd before.
0
 

Author Closing Comment

by:sraley
ID: 35032393
Fantastic
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
Resolve DNS query failed errors for Exchange
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now