VeeamON 2021: Free Online Conference - Register Now VeeamON 2021: Free Online Conference - Register Now

DNS Reverse/forward oddity!

Home Forums Server Operating Systems Windows Server 2000 / 2003 / 2003 R2 DNS Reverse/forward oddity!

Viewing 1 post (of 1 total)
  • Author
  • Avatar

    Hi there…

    I’m experiencing an oddity with Win2k SP4 (up to date hotfixes) DNS Server. Hopefully someone out there may have come across this and can help.

    I have two DC’s in a single labeled domain (yeah I know it shouldn’t be a single label but I inherited this domain :( ). The domain is called…wait for it… ‘domain’ …. (how embaressing huh). The first DC is also the DNS server.

    I have DNS set up to be dynamically updated through DHCP (quite normal) so I would expect to see host records for all the machines in the domain in the ‘forward lookup zone’ but I don’t.

    What I am seeing, and this took me by surprise, that the DHCP clients are registering PTR (Pointer) records in the ‘reverse lookup zone’ with nothing in the forward lookup zone.

    I’ve never seen this before… as far as I knew, Win2k DNS Server when installed using all the default options from the zone setup wizard, it would create a forward lookup zone which the dynamic DNS updates are stored in, not PTR records in the reverse!. If I delete a PTR record, and from the client machine do ipconfig /registerdns the record is re-added to the reverse lookup.

    Has me a bit bemused :(

    Thing is, what drew me to look in DNS was this application event log warning:

    Event Type: Warning
    Event Source: NETLOGON
    Event Category: None
    Event ID: 5781
    Date: 23/06/2005
    Time: 22:37:06
    User: N/A
    Computer: SERVER01
    Dynamic registration or deregistration of one or more DNS records failed because no DNS servers are available.
    0000: 2a 23 00 00 *#..

    This obviously indicates something is screwy with DNS somewhere, and I can only think it’s to do with the missing host records in ‘forward’ and the additions of PTR’s in the reverse zone. The DNS Server replies to nslookup fine (with HOST and PTR’s in place for the two DC’s) though.

    I have tried removing the DNS zones and re-added just the forward lookup zone but this hasn’t helped at all…

    This in turn is also stopping the other DC from replicating with the first DC – so the domain is currently wide open to a failure which could cause me to have to reinstall the DC’s and a new domain (and I guess you all know the pain of re-adding 100 PC’s to a new domain, moving/recreating profiles/logins/OU’s etc etc etc etc …)

    The rep error is:

    Event Type: Warning
    Event Source: NTDS KCC
    Event Category: (1)
    Event ID: 1265
    Date: 24/06/2005
    Time: 00:34:28
    User: N/A
    Computer: SERVER02
    The attempt to establish a replication link with parameters

    Partition: CN=Schema,CN=Configuration,DC=domain
    Source DSA DN: CN=NTDS Settings,CN=SERVER02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain
    Source DSA Address: ea23a972-d017-4335-8a26-3e0a0daff9ed._msdcs.domain
    Inter-site Transport (if any):

    failed with the following status:

    The DSA operation is unable to proceed because of a DNS lookup failure.

    The record data is the status code. This operation will be retried.
    0000: 4c 21 00 00 L!..

    Again this points to DNS not being happy :( and I’m seeing SAM errors on this DC too:

    Event Type: Error
    Event Source: SAM
    Event Category: None
    Event ID: 16650
    Date: 24/06/2005
    Time: 00:45:25
    User: N/A
    Computer: SERVER02
    The account-identifier allocator failed to initialize properly. The record data contains the NT error code that caused the failure. Windows 2000 will retry the initialization until it succeeds; until that time, account creation will be denied on this Domain Controller. Please look for other SAM event logs that may indicate the exact reason for the failure.
    0000: a7 02 00 c0 §..À

    I think these errors all stem from the DNS problem, but the DNS event log doesn’t report any problems.

    I’ve been round a number of MS articles for the event IDs above but nothing or has worked.

    I’d like to trying fixing this before it falls over and I end up working through a night to fix it. I’m planning to reinstall the entire domain but only after I’ve done some lab testing to ensure the install will go cleanly and quickly which I’m not getting much of a chance to do with other commitments.

    Any help would be massively appreciated…

    Cheers all


Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

Free Online Conference - May 25th and 26th

VeeamON 2021: Free Online Conference

Join us to gain your professional edge with technical and visionary learning from the brightest minds in IT at the definitive conference for Modern Data Protection.

Register Now

Sponsored By