Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DNS problem?

Status
Not open for further replies.

DrSwaity

Technical User
Aug 27, 2003
35
CA
I've asked a similar question before, but I have more symptoms now. My question is I have two servers, one that is the PDC, and one that I'm still setting up. Here are the problems I'm getting:

1. Can't browse the network on any client PC.
Error : *DOMAIN* is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. The list of servers for this workgroup is not currently available.

2. The server I'm setting up doesn't "see" my PDC, nor does my PDC see my second server. This is making syncing of DNS records and A/D a problem.

3. The second server is set up as a member of a workgroup, should I not be able to set it as a member of a domain? When I try I see:
Error : A domain controller for the domain test.local could not be contacted. Ensure that the domain name is typed correcly. If the name is correct, click Details for troubleshooting information.

I'm suspecting DNS is the problem, however I don't really know what I'm doing.

Thanks for the help!
 
All member servers and client must be pointing to your Windows 2000 DNS server. This means that in TCP/IP properties, you must have the primary DNS server as the Windows 2000 DNS server's IP in your environment.



Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please contact (Sales@njcomputernetworks.com)
 
I did an ipconfig /all to find out what DNS server it was pointing to, and it does have the correct ip address in there. Again, I don't know if it makes a difference, however I run W2k3.
 
1. check n see if DNS is setup to accept dynamic updates.
2. check your dhcp settings for the correct dns server address.

can you ping by ip address??

with active directory, there isnt the notion on pdc/bdc anymore....
almost everything is multimaster replication (dont get to say that every day... :) )

Aftertaf

getting quite good at sorting out Windows problems...
An expert when it comes to crashing Linux distributions (mdk, debian - nothing withstands me)
 
type nslookup at a command prompt if it says defualt servers unknown then yer dns is wrong

it sounds a lot like a dns problem


 
Hi there, I've checked IP addresses on DHCP and DNS, and both point to the right place. Can DHCP and DNS use the same nic? Right now they share the same ip address.

Anyways, when I do nslookup it fails. Says Non-existant domain, Default Server : Unknown.

How can I fix this?

Thanks!
 
Okay, I've got nslookup to work, I added a HOST(A) to the Forward Lookup Zone, with my server name and IP address.

I really don't understand DNS, so maybe this isn't related, but I still have all the problems previously mentioned.

Which are:
1. Can't browse the network on any client PC.
Error : *DOMAIN* is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. The list of servers for this workgroup is not currently available.

2. The server I'm setting up doesn't "see" my PDC, nor does my PDC see my second server. This is making syncing of DNS records and A/D a problem.

3. The second server is set up as a member of a workgroup, should I not be able to set it as a member of a domain? When I try I see:
Error : A domain controller for the domain test.local could not be contacted. Ensure that the domain name is typed correcly. If the name is correct, click Details for troubleshooting information.

Thanks again!
 
ruin nsllokup
type the fqdn of your 1st dc and then the 2nd dc in the nslookup console

if both times you get good results returned .. then your dns is fine

It Still sounds like a dns error to me




 
Hi wheelandcog,

I did the nslookup and typed in the fqdn of the first dc. The second one isn't up and running fully yet, and I didn't try it. That worked fine. However, that is from a PC. if I launch NSlookup from the server in the DNS console, it tries to use the wrong IP for the dns server, but if I quit, and just launch from dos, it works fine. I've removed the dns server and re-added it. No change.

Thanks!



Dynamic updates are turned on, aftertaf.

 
check the dns server ip address in your servers lan settings..

sounds like dns is ok on yer client pc but the local connections dns settings are incorrect on the dc itself


 
Okay, so nslookup now works on both servers, but I'm still having the same problems, but I feel like we are getting close to an answer. This is frustrating. I wish I knew what was causing this!
 





have a look at yer eventlog master browser type errors .. you'll want browstat fromn the 2k resources tool kit

type nbtstat -c in a command prompt on a client pc that can
log on to the domain
do the client pcs have a problem logging on to the domain?


 
I think there is a problem with master browser. I can't do a ipconfig /registerdns. I get an error:
The system failed to register host (A) resource records (RRs) for network adapter
with settings:


When I do browstat status on the server I get a lot of info. I'll past the logfile in here.


Status for domain DOMAIN on transport \Device\NwlnkNb
Browsing is active on domain.
Master name cannot be determined from GetAdapterStatus. Using \\IBMSERVER
Master browser is running build 3790
1 backup servers retrieved from master IBMSERVER
\\IBMSERVER
There are 4 servers in domain DOMAIN on transport \Device\NwlnkNb
There are 1 domains in domain DOMAIN on transport \Device\NwlnkNb


Status for domain DOMAIN on transport \Device\NetBT_Tcpip_{6B91B7CC-D9FC-4219-
BEA1-94B52DB60604}
Browsing is active on domain.
Master browser name is: IBMSERVER
Master browser is running build 3790
1 backup servers retrieved from master IBMSERVER
\\IBMSERVER
There are 35 servers in domain DOMAIN on transport \Device\NetBT_Tcpip_{6B
91B7CC-D9FC-4219-BEA1-94B52DB60604}
There are 2 domains in domain DOMAIN on transport \Device\NetBT_Tcpip_{6B9
1B7CC-D9FC-4219-BEA1-94B52DB60604}


Status for domain DOMAIN on transport \Device\NetBT_Tcpip_{BF412A15-CB2D-41A3-
9F4F-EBDB2C197756}
Browsing is NOT active on domain. Status : 6118
Master browser name is held by: IBMSERVER
Master browser is running build 3790


Status for domain DOMAIN on transport \Device\NwlnkIpx
Browsing is active on domain.
Master name cannot be determined from GetAdapterStatus. Using \\IBMSERVER
Master browser is running build 3790
1 backup servers retrieved from master IBMSERVER
\\IBMSERVER
Unable to retrieve server list from IBMSERVER: 1231


Status for domain DOMAIN on transport \Device\NetBT_Tcpip_{CE3FA129-3EA9-4930-
9760-70087A8C3CF8}
Browsing is active on domain.
Master name cannot be determined from GetAdapterStatus. Using \\IBMSERVER
Master browser is running build 3790
1 backup servers retrieved from master IBMSERVER
\\IBMSERVER
There are 2 servers in domain DOMAIN on transport \Device\NetBT_Tcpip_{CE3
FA129-3EA9-4930-9760-70087A8C3CF8}
There are 0 domains in domain DOMAIN on transport \Device\NetBT_Tcpip_{CE3
FA129-3EA9-4930-9760-70087A8C3CF8}


Well, I don't really understand this, but why does it list I have more than 1 server, when thats all i have? Anyways, if this makes sense to you, please help me deciefer it.

Thanks
 
!!!!!!
make your dns zone accept dynamic updates...
if you cant ipconfig /registerdns then this absolutely needs solving first!
otherwise you will enter all A records manually, and if dhcp changes the ip of a client, youll have the updates to do manually!

make double sure your DNS servers point to themselves in their TCPIP config!


Aftertaf

"Resolve is never stronger than the night before it was never weaker
 
aftertaf:

I double checked, and the dns is allowing unsecure + secure updates. I also checked the tcp/ip config, and it is pointing to the dns server.

One thing I noticed tho, from my readings, I don't know if DNS is linking up to A/D. How do I check? Could this possibly be the problem?

Thanks for all the help guys!
 
if it is an 'active directory integrated zone' then it is in AD and replicated as such to every DC in the domain that has dns service installed.



Aftertaf

"Resolve is never stronger than the night before it was never weaker
 
Right, its set to active directory integrated zone, but I can't see any dns info when browsing through active directory. Where about should I look for that? Also, I heard that there should be _tcp and _udp folders in dns management, but I don't see those either.

Thanks for the fast responses!
 
you dont see the dns info in AD like users & comp objects...

you need to change the view of your console to 'advanced' view to see these folders...

have you setup reverse lookup zones??

Aftertaf

"Resolve is never stronger than the night before it was never weaker
 
I have set up a reverse lookup zone. Wheither or not I did it correctly is a different story. I think I did it right, it seemed pretty straight forward.

As for AD, I set it to advanced, and under system I see MicrosoftDNS, and in there its only one folder, RoodDNSServers, and in there I have about 15 items, all a.root-server....b.root-server, and one that is @.

is this normal?

Anyways, DNS records are updating, I watched the dns record get added to the server when my laptop did an ipconfig /renew.

But still the other server can't connect with dcpromo to my domain. Also, I still can't browse the network.

Thanks for all the help! I'm very much looking forward to a solution, as this server needs to be implemented early next week! :)

 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top