Link to home
Create AccountLog in
Avatar of YashoVardhan
YashoVardhan

asked on

Server 2003

I have a single domain, Windows 2003 Enterprise Server

From any xp pro workstation administrator can login to the server, but when any user tries to login, it fails and  " Domain could not be found"  error message is received.  All users can login from any windows 7 workstation.  All user has admin privileges.

xp pro stations have sp3
SOLUTION
Avatar of Skyler Kincaid
Skyler Kincaid
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
ASKER CERTIFIED SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Avatar of YashoVardhan
YashoVardhan

ASKER

Additional info

Getting a boot ime error

Boottime error - "Atleast one service or driver failed to start during startup


No error or conflict found in device manager

Event Viewer - The DNS server was unable to open zone _msdcs.AjjerLLC.com in the Active Directory from the application directory partition ForestDnsZones.AjjerLLC.com. This DNS server is configured to obtain and use information from the directory for this zone and is
unable to load the zone without it. Check that the Active Directory is functioning
properly and reload the zone. The event data is the error code.

EventID 4007

I donot remeber where(what Screen) I got the next error from

DNS error - The DNS server encountered error 32 attempting to load zone
 _msdcs.AJJERLLC.local from Active Directory.
The DNS server will attempt to load this zone again on the next
timeout cycle. This can be caused by high Active Directory load
and may be a transient condition.

Please see the attachedscreen shot of the DNS management

I ran NSLookup from command prompt
Please see attached screen shot of the nslookup


My IP Settings

IP Address   192.168.1.2
Subnet mask  255.225.255.0
Default Gateway 192.168.1.1  (Routers LAN Address)

Prefered DNS   192.168.1.1

Network topology

Router
(Right now I have delegated DHCP to Router because Server DHCP was not working.
Once the present problem is cleared then I will redelgate the DHCP to server)

DHCP Address pool

192.168.1.100 thru 200

1 Server
5 Workstations with XP Pro SP3
6 Laptops with Windows 7
2 Workstations with Windows 7
1 Mac Book Pro

We also have Trend Micro Worry Free Business Security Services Standard Version 8.0
This is installed on a seperate computer which acts as a server for trend micro
DNS.bmp
nslookup.bmp
Correction

IP Address for DNS is 192.168.1.2 not 192.168.1.1 as it was erroneous in my last coment
From the above comment I understand that Users are trying to RDp to the DNS/AD server? There seems to be an issue with your DNS zone. I dont see the _msdcs.AjjerLLC.com zone in your screenshot. Was it deleted? In that case you need to recreate it and restart the netlogin servuce. I can only see  _msdcs.AjjerLLC.local in the screenshot. You could run a dcdiag and see if it throws any errors.
Attn: ssujai

Attached in the new screenshot of DNS  In previous screen shot I thin the view was hidden
Here is the DNS screenshot
Notice cached lookup I didn't try anything with it, I do not know what is it

Notice on reverse lookup zone there are 4 entries
only correct one is 1.168.192
I tried to delete the other 3 by right clicking on each of them but delete option was not there, However when I right clicked on 1.168.192 I was getting delete option.  Please advise me in detail how can I delete them.
Do I delete the entire reverse lookup zone and recreate it, If yes then the step by step guidance will be helpful.  I am novice


When I ran DCDIAG no error came

Should have I run DCDIAG /TEST:DNS
DNS-With-expanded-reverse-lookup.bmp
Does your DHCP include settings to register the hosts in DNS?
domain controller was also DHCP server and when I started having problem.
To  cut down one possible problem  I delegated the DHCP role to router.  Domain controller is not DHCP at this time.  Once this problem is solved then I will bring DHCP role to Domain controller,
The issue is likely not with DHCP,
The router DHCP pushes which DNS servers to the clients?
This might be where your issue is I.e. the DHCP is pushing public DNS servers that have no information about your AD domain.

Check your windows DHCP scope options to see whether the ONLY DNS/name server you are pushing to the clients is the IP of the AD DC. The internal DNS is the only one that has the information on about the domain.
Dc has the DNS address for itself
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
attached are the results of DCDIAG  & DCDIAG /TEST:DNS
Errors in dcdiag
dcdiag-2.bmp
dcdiag-1.bmp
dcdiag-2a.bmp
I cant see the first screenshot. In the last screenshot there is a message like "failed test Machine account. Is there any more info available on that from the output? Is your Dc residing on the the Domain controller's OU?