2003 Server DNS/FS errors
I've been putting out fires on a few slightly running servers. Both are 2003 Server DCs. It looks like something is wrong in DNS and I don't know where to begin. Gumby and Pokey aren't talking , syncing and the like. Here's one from the Gumby event viewer:
Active Directory could not resolve the following DNS host name of the source domain controller to an IP address. This error prevents additions, deletions and changes in Active Directory from replicating between one or more domain controllers in the forest. Security groups, group policy, users and computers and their passwords will be inconsistent between domain controllers until this error is resolved, potentially affecting logon authentication and access to network resources.
Source domain controller:
mypdc
Failing DNS host name:
c7f3f9b7-1221-4a80-8421-d9
--> These are the messages on the other DC. My guess is that they're related and it is definitely having an effect on AD and FS in addition to DNS.
You should immediately resolve this DNS configuration error so that this domain controller can resolve the IP address of the source domain controller using DNS.
Alternate server name:
Gumby
Failing DNS host name:
49e455af-7533-4890-8fcf-24
The Connection object for this domain controller will be ignored, and a new temporary connection will be established to ensure that replication continues. Once replication with this domain controller resumes, the temporary connection will be removed.
Additional Data
Error value:
1908 Could not find the domain controller for this domain.
The Knowledge Consistency Checker (KCC) has detected that successive attempts to replicate with the following domain controller has consistently failed.
Attempts:
3
Domain controller:
CN=NTDS Settings,CN=Gumby,CN=Serve
Period of time (minutes):
F R S
The File Replication Service is having trouble enabling replication from Gumby to MYPDC for c:\windows\sysvol\domain using the DNS name gumby.cumc.local. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name gumby.cumc.local from this computer.
[2] FRS is not running on gumby.cumc.local.
[3] The topology information in the Active Directory for this replica has not yet replicated to all the Domain Controllers.
I don't know enough about it to know where to begin. These servers should have been replaced and I'm working on it, but it's a slow process.
Any help would be appreciated.
Active Directory could not resolve the following DNS host name of the source domain controller to an IP address. This error prevents additions, deletions and changes in Active Directory from replicating between one or more domain controllers in the forest. Security groups, group policy, users and computers and their passwords will be inconsistent between domain controllers until this error is resolved, potentially affecting logon authentication and access to network resources.
Source domain controller:
mypdc
Failing DNS host name:
c7f3f9b7-1221-4a80-8421-d9
--> These are the messages on the other DC. My guess is that they're related and it is definitely having an effect on AD and FS in addition to DNS.
You should immediately resolve this DNS configuration error so that this domain controller can resolve the IP address of the source domain controller using DNS.
Alternate server name:
Gumby
Failing DNS host name:
49e455af-7533-4890-8fcf-24
The Connection object for this domain controller will be ignored, and a new temporary connection will be established to ensure that replication continues. Once replication with this domain controller resumes, the temporary connection will be removed.
Additional Data
Error value:
1908 Could not find the domain controller for this domain.
The Knowledge Consistency Checker (KCC) has detected that successive attempts to replicate with the following domain controller has consistently failed.
Attempts:
3
Domain controller:
CN=NTDS Settings,CN=Gumby,CN=Serve
Period of time (minutes):
F R S
The File Replication Service is having trouble enabling replication from Gumby to MYPDC for c:\windows\sysvol\domain using the DNS name gumby.cumc.local. FRS will keep retrying.
Following are some of the reasons you would see this warning.
[1] FRS can not correctly resolve the DNS name gumby.cumc.local from this computer.
[2] FRS is not running on gumby.cumc.local.
[3] The topology information in the Active Directory for this replica has not yet replicated to all the Domain Controllers.
I don't know enough about it to know where to begin. These servers should have been replaced and I'm working on it, but it's a slow process.
Any help would be appreciated.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
We have been having other issues similar. But this looks almost obvious. Netdiag and Dcdiag /test:dns were both pointing at a DNS address that someone put in a few days ago. I went into S&S and replicated and it worked. Then I removed 8.8.8.8 as the second DNS IP from each DC. I read on the page I posted I believe that you're not supposed to list a DNS server off the network. Tests looked a lot better afterward but I believe a Netbt GUID that showed an error is one of the same error messages I had previously. I'm going to let it run for a while and reply back with results.
Using an external DNS server would definitly cause the problem you describe. (unless said DNS server was populated with your domain details somehow). Usual practice is to point each DC to itself first, then the other DC.
ASKER
Both were helpful. Someone who was here used 8.8.8.8 for DNS and that caused more problems than I could imagine. Although I haven't figured out why FRS is hit or miss and why I get NetBT (GUID) errors some times then don't I've got our AD guy coming in this evening and will hopefully have it resolved by then. Thank you to everyone.
ASKER
https://support.microsoft.com/en-us/help/824449/troubleshooting-active-directory-replication-failures-that-occur-because-of-dns-lookup-failures,-event-id-2087,-or-event-id-2088
I'm looking into that right now.