| Author |
Message |
Keith Ng
Guest
|
 Posted:
Fri Jan 14, 2005 12:36 am Post subject:
Windows cannot find the network path when joining to the dom |
|
|
Hi,
Just created a new AD domain (Windows 2003) under our company's root domain
(internet). The domain is something like windows.mycompany.com. We are using
BIND as a name server for our mycompany.com domain.The zone file for this
subdomain (windows.mycompany.com) is created on the DNS and I have updated
the zone file with the content of netlogon.dns (from the AD domain
controller).
All our PCs are registered under the mycompany.com. e.g. pc1.mycompany.com.
When I tried to join the workstations to this newly created domain, it said
Windows cannot find the network path. Verify the network path is correct.
I have used nslookup from the workstation and are able to query all the srv
records on the domain controller using our name server. I have also appended
the domain suffix windows.mycompany.com to the workstation which I intent to
join to the domain.
I ran netdiag on the domain controller and it failed on the DNS test. The
message is as follow.
DNS test . . . . . . . . . . . . . : Failed
[WARNING] Cannot find a primary authoritative DNS server for the
name
'dc1.windows.mycompany.com.'. [ERROR_TIMEOUT]
The name 'dc1.windows.mycompany.com.' may not be registered in
DNS.
[WARNING] The DNS entries for this DC are not registered correctly on
DNS se
rver 'our dns server'. Please wait for 30 minutes for DNS server
replication.
[FATAL] No DNS servers have the DNS records for this DC registered.
Since my AD domain is a subdomain (windows.mycompany.com) of the root
domain, do I have to register the DC under the subdomain instead of the root
domain. All the machines in our network are registered under the root domain
now.
Thanks
Keith |
|
| Back to top |
|
 |
Denis Wong @ Hong Kong
Guest
|
| Posted:
Fri Jan 14, 2005 10:49 am Post subject:
RE: Windows cannot find the network path when joining to the |
|
|
You should only have your server DNS in your PC TCPIP settings. You should
have you AD domain windows.mycompany.com as your forward lookup zone and in
your primary DNS suffix.
br,
Denis
"Keith Ng" wrote:
| Quote: | Hi,
Just created a new AD domain (Windows 2003) under our company's root domain
(internet). The domain is something like windows.mycompany.com. We are using
BIND as a name server for our mycompany.com domain.The zone file for this
subdomain (windows.mycompany.com) is created on the DNS and I have updated
the zone file with the content of netlogon.dns (from the AD domain
controller).
All our PCs are registered under the mycompany.com. e.g. pc1.mycompany.com.
When I tried to join the workstations to this newly created domain, it said
Windows cannot find the network path. Verify the network path is correct.
I have used nslookup from the workstation and are able to query all the srv
records on the domain controller using our name server. I have also appended
the domain suffix windows.mycompany.com to the workstation which I intent to
join to the domain.
I ran netdiag on the domain controller and it failed on the DNS test. The
message is as follow.
DNS test . . . . . . . . . . . . . : Failed
[WARNING] Cannot find a primary authoritative DNS server for the
name
'dc1.windows.mycompany.com.'. [ERROR_TIMEOUT]
The name 'dc1.windows.mycompany.com.' may not be registered in
DNS.
[WARNING] The DNS entries for this DC are not registered correctly on
DNS se
rver 'our dns server'. Please wait for 30 minutes for DNS server
replication.
[FATAL] No DNS servers have the DNS records for this DC registered.
Since my AD domain is a subdomain (windows.mycompany.com) of the root
domain, do I have to register the DC under the subdomain instead of the root
domain. All the machines in our network are registered under the root domain
now.
Thanks
Keith
|
|
|
| Back to top |
|
|
Kevin D. Goodknecht Sr. [
Guest
|
| Posted:
Fri Jan 14, 2005 8:47 pm Post subject:
Re: Windows cannot find the network path when joining to the |
|
|
In news:eOVrT7Z%23EHA.3260@TK2MSFTNGP14.phx.gbl,
Keith Ng <ngkeith@triumf.ca> commented
Then Kevin replied below:
| Quote: | Since my AD domain is a subdomain (windows.mycompany.com)
of the root domain, do I have to register the DC under
the subdomain instead of the root domain. All the
machines in our network are registered under the root
domain now.
|
Yes, the DC must register all its records in windows.mydomain.com. What you
should do is delegate the windows.mydomain.com to the DC and use an Active
Directory integrated zone Allowing only secure updates. This is many times
more secure than your current setup, and it's more reliable.
For instructions read this article:
Integrating Your Active Directory Namespace Into an Existing DNS
Infrastructure Without Name Overlap:
http://www.microsoft.com/windows2000/techinfo/reskit/deploymentscenarios/scenarios/dns_int_adns_to_dns_inf_wo_olap.asp
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
=================================== |
|
| Back to top |
|
|
Keith Ng
Guest
|
| Posted:
Fri Jan 14, 2005 11:49 pm Post subject:
Re: Windows cannot find the network path when joining to the |
|
|
Thanks for the information.
I found some information about my situation and it is called disjoint
namespace. However, I am not able to find out more about how to set up the
AD without having registering my DC under the subdomain.
Keith
"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:elFM$fk%23EHA.2180@TK2MSFTNGP10.phx.gbl...
> In news:eOVrT7Z%23EHA.3260@TK2MSFTNGP14.phx.gbl, |
|
| Back to top |
|
|
Kevin D. Goodknecht Sr. [
Guest
|
| Posted:
Sat Jan 15, 2005 6:15 am Post subject:
Re: Windows cannot find the network path when joining to the |
|
|
In news:eQV2UFm%23EHA.1604@TK2MSFTNGP12.phx.gbl,
Keith Ng <ngkeith@triumf.ca> commented
Then Kevin replied below:
| Quote: | Thanks for the information.
I found some information about my situation and it is
called disjoint namespace. However, I am not able to find
out more about how to set up the AD without having
registering my DC under the subdomain.
|
The DC should not have a disjointed namespace, it should register its
records in the zone that has the matching name of the AD domain. If you
intentionally set your DC up with a disjointed namespace you will have to
manually create all its "A" records and SRV records and disable dynamic
registration on the DC. This is not an easy chore to manually create all the
correct records and should be left to someone that understands fully what
records you must create, and they must be in the AD domain zone. Clients are
not required to register in DNS and can therefore be disjointed from the AD
namespace, but when it come to joining them to the domain, they will still
look in the zone named with the AD domain name.
So if all your clients are using the BIND DNS delegate the AD subzone to the
DNS that has the DCs records in it. They can then find the DC.
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
=================================== |
|
| Back to top |
|
|
Kevin D. Goodknecht Sr. [
Guest
|
| Posted:
Mon Jan 17, 2005 7:24 pm Post subject:
Re: Windows cannot find the network path when joining to the |
|
|
In news:%23IJ83PM$EHA.3368@TK2MSFTNGP15.phx.gbl,
Keith Ng <ngkeith@triumf.ca> commented
Then Kevin replied below:
| Quote: | Kevin, thanks for you information.
Since there is policy in our company that all the host
has to be registered under the root domain. I think I
might have to try manually updating the 'A' and 'SRV'
records on the zone file (windows.mycompany.com).
I would like to know if every DC keep their own copy of
netlogon.dns (I mean the content of this file is
different from DC to DC)? Does this file got update only
when there are changes on the AD service and new DC
created?
|
Yes, each DC has its own distinct copy of the Netlogon.dns and these records
need to be added to the AD domain zone. In addition you need an "A" record
for the FQDN of the DC in this zone, the netlogon.dns only has records
created by the netlogon service, which doesn't include the "A" host for the
DC name. The primary DNS suffix on a DC must match the AD domain name. If it
doesn't, that can be fixed with a script.
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
=================================== |
|
| Back to top |
|
|
Keith Ng
Guest
|
| Posted:
Mon Jan 17, 2005 7:24 pm Post subject:
Re: Windows cannot find the network path when joining to the |
|
|
Kevin, thanks for you information.
Since there is policy in our company that all the host has to be registered
under the root domain. I think I might have to try manually updating the 'A'
and 'SRV' records on the zone file (windows.mycompany.com).
I would like to know if every DC keep their own copy of netlogon.dns (I mean
the content of this file is different from DC to DC)? Does this file got
update only when there are changes on the AD service and new DC created?
Thanks very much for your help.
Keith
"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:u6jUYdp%23EHA.1404@TK2MSFTNGP11.phx.gbl... |
|
| Back to top |
|
|
Keith Ng
Guest
|
| Posted:
Wed Jan 19, 2005 3:22 am Post subject:
Re: Windows cannot find the network path when joining to the |
|
|
Kevin D. Goodknecht Sr. [MVP] wrote:
| Quote: | In news:%23IJ83PM$EHA.3368@TK2MSFTNGP15.phx.gbl,
Keith Ng <ngkeith@triumf.ca> commented
Then Kevin replied below:
Kevin, thanks for you information.
Since there is policy in our company that all the host
has to be registered under the root domain. I think I
might have to try manually updating the 'A' and 'SRV'
records on the zone file (windows.mycompany.com).
I would like to know if every DC keep their own copy of
netlogon.dns (I mean the content of this file is
different from DC to DC)? Does this file got update only
when there are changes on the AD service and new DC
created?
Yes, each DC has its own distinct copy of the Netlogon.dns and these records
need to be added to the AD domain zone. In addition you need an "A" record
for the FQDN of the DC in this zone, the netlogon.dns only has records
created by the netlogon service, which doesn't include the "A" host for the
DC name. The primary DNS suffix on a DC must match the AD domain name. If it
doesn't, that can be fixed with a script.
Thanks Kevin, |
I just manually changed the domain suffix of the DC to mycompany.com.
After reboot, all the entries in the netlogon.dns have pointed to
mycompany.com instead of windows.mycompany.com for the DC.
I have sent the content of the file to our DNS manager.
Will let you know if this is working or not.
Thanks again for your help.
Keith |
|
| Back to top |
|
|
Keith Ng
Guest
|
| Posted:
Thu Jan 20, 2005 10:56 pm Post subject:
Re: Windows cannot find the network path when joining to the |
|
|
Keith Ng wrote:
| Quote: | Kevin D. Goodknecht Sr. [MVP] wrote:
In news:%23IJ83PM$EHA.3368@TK2MSFTNGP15.phx.gbl,
Keith Ng <ngkeith@triumf.ca> commented
Then Kevin replied below:
Kevin, thanks for you information.
Since there is policy in our company that all the host
has to be registered under the root domain. I think I
might have to try manually updating the 'A' and 'SRV'
records on the zone file (windows.mycompany.com).
I would like to know if every DC keep their own copy of
netlogon.dns (I mean the content of this file is
different from DC to DC)? Does this file got update only
when there are changes on the AD service and new DC
created?
Yes, each DC has its own distinct copy of the Netlogon.dns and these
records
need to be added to the AD domain zone. In addition you need an "A"
record
for the FQDN of the DC in this zone, the netlogon.dns only has records
created by the netlogon service, which doesn't include the "A" host
for the
DC name. The primary DNS suffix on a DC must match the AD domain name.
If it
doesn't, that can be fixed with a script.
Thanks Kevin,
I just manually changed the domain suffix of the DC to mycompany.com.
After reboot, all the entries in the netlogon.dns have pointed to
mycompany.com instead of windows.mycompany.com for the DC.
I have sent the content of the file to our DNS manager.
Will let you know if this is working or not.
Thanks again for your help.
Keith
|
Hi Kevin,
I still have no luck with this.
Here is the log file from netdiag.
DNS test . . . . . . . . . . . . . : Failed
Interface {25AAA8F5-5A7A-4B15-8225-8D239924C849}
DNS Domain:
DNS Servers: xxx.xxx.xxx.xx
IP Address: Expected registration with PDN (primary DNS
domain name):
Hostname: DC1.mycompany.com.
Authoritative zone: mycompany.com.
Primary DNS server: ns1.mycompany.com xxx.xxx.xxx.x
Authoritative NS:xxx.xxx.xxx.x xxx.xxx.xxx.xx
Check the DNS registration for DCs entries on DNS server 'xxx.xxx.xxx.x'
Query for DC DNS entry windows.mycompany.com. on DNS server
xxx.xxx.xxx.xx failed.
DNS Error code: 0x0000251D |
|
| Back to top |
|
|
Kevin D. Goodknecht Sr. [
Guest
|
| Posted:
Thu Jan 20, 2005 11:24 pm Post subject:
Re: Windows cannot find the network path when joining to the |
|
|
In news:OX$m$Dx$EHA.1404@TK2MSFTNGP11.phx.gbl,
Keith Ng <ngkeith@triumf.ca> commented
Then Kevin replied below:
| Quote: | Hi Kevin,
I still have no luck with this.
Here is the log file from netdiag.
DNS test . . . . . . . . . . . . . : Failed
Interface {25AAA8F5-5A7A-4B15-8225-8D239924C849}
DNS Domain:
DNS Servers: xxx.xxx.xxx.xx
IP Address: Expected registration with
PDN (primary DNS domain name):
Hostname: DC1.mycompany.com.
Authoritative zone: mycompany.com.
Primary DNS server: ns1.mycompany.com
xxx.xxx.xxx.x Authoritative NS:xxx.xxx.xxx.x
xxx.xxx.xxx.xx
Check the DNS registration for DCs entries on DNS server
'xxx.xxx.xxx.x' Query for DC DNS entry
windows.mycompany.com. on DNS server xxx.xxx.xxx.xx
failed.
DNS Error code: 0x0000251D
|
That is because it looks like you have a possible disjointed namespace. What
is the AD Domain name in AD Users & Computers?
What ever it is that should be the Primary DNS suffix. Then the netlogon.dns
will have the correct info for the DNS admin to create.
257623 Domain Controller's Domain Name System Suffix Does Not Match Domain
Name
http://support.microsoft.com/?id=257623&sd=RMVP
After you get this info you need to disable DNS registration on the DC to
prevent 5774 errors.
246804 - How to Enable-Disable Windows 2000 Dynamic DNS Registrations:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;246804
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
=================================== |
|
| Back to top |
|
|
Keith Ng
Guest
|
| Posted:
Fri Jan 21, 2005 2:48 am Post subject:
Re: Windows cannot find the network path when joining to the |
|
|
Kevin D. Goodknecht Sr. [MVP] wrote:
| Quote: | In news:OX$m$Dx$EHA.1404@TK2MSFTNGP11.phx.gbl,
Keith Ng <ngkeith@triumf.ca> commented
Then Kevin replied below:
Hi Kevin,
I still have no luck with this.
Here is the log file from netdiag.
DNS test . . . . . . . . . . . . . : Failed
Interface {25AAA8F5-5A7A-4B15-8225-8D239924C849}
DNS Domain:
DNS Servers: xxx.xxx.xxx.xx
IP Address: Expected registration with
PDN (primary DNS domain name):
Hostname: DC1.mycompany.com.
Authoritative zone: mycompany.com.
Primary DNS server: ns1.mycompany.com
xxx.xxx.xxx.x Authoritative NS:xxx.xxx.xxx.x
xxx.xxx.xxx.xx
Check the DNS registration for DCs entries on DNS server
'xxx.xxx.xxx.x' Query for DC DNS entry
windows.mycompany.com. on DNS server xxx.xxx.xxx.xx
failed.
DNS Error code: 0x0000251D
That is because it looks like you have a possible disjointed namespace. What
is the AD Domain name in AD Users & Computers?
What ever it is that should be the Primary DNS suffix. Then the netlogon.dns
will have the correct info for the DNS admin to create.
257623 Domain Controller's Domain Name System Suffix Does Not Match Domain
Name
http://support.microsoft.com/?id=257623&sd=RMVP
After you get this info you need to disable DNS registration on the DC to
prevent 5774 errors.
246804 - How to Enable-Disable Windows 2000 Dynamic DNS Registrations:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;246804
Thanks Kevin, looks like I have to change my AD namespace design. |
Keith |
|
| Back to top |
|
|
Kevin D. Goodknecht Sr. [
Guest
|
| Posted:
Fri Jan 21, 2005 6:47 am Post subject:
Re: Windows cannot find the network path when joining to the |
|
|
In news:OhsaZFz$EHA.2112@TK2MSFTNGP14.phx.gbl,
Keith Ng <ngkeith@triumf.ca> commented
Then Kevin replied below:
| Quote: | Thanks Kevin, looks like I have to change my AD namespace
design.
|
Not really, sub domains are usually easier to work with and manage because
it puts AD in its own namespace.
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
=================================== |
|
| Back to top |
|
|
Keith Ng
Guest
|
| Posted:
Tue Jan 25, 2005 2:56 am Post subject:
Re: Windows cannot find the network path when joining to the |
|
|
Kevin D. Goodknecht Sr. [MVP] wrote:
| Quote: | In news:OhsaZFz$EHA.2112@TK2MSFTNGP14.phx.gbl,
Keith Ng <ngkeith@triumf.ca> commented
Then Kevin replied below:
Thanks Kevin, looks like I have to change my AD namespace
design.
Not really, sub domains are usually easier to work with and manage because
it puts AD in its own namespace.
Hi Kevin, |
Now I have re-registered our DC (DC1) under the DNS namespace
windows.mycompany.com instead mycompany.com. However, the netdiag DNS
test still fail on me.
Here is the error.
DNS test . . . . . . . . . . . . . : Failed
Interface {25AA80F5-5A7A-4B15-8225-8D237724C849}
DNS Domain:
DNS Servers: xxx.xxx.xx.xx
IP Address: Expected registration with PDN (primary DNS
domain name):
Hostname: DC1.windows.mycompany.com.
Authoritative zone: windows.mycompany.com.
Primary DNS server: ns1.mycompany.com xxx.xxx.xx.xx
Authoritative NS:xxx.xxx.xx.xx
Check the DNS registration for DCs entries on DNS server 'xxx.xxx.xx.xx'
Query for DC DNS entry windows.mycompany.com. on DNS server
xxx.xxx.xx.xx failed.
DNS Error code: 0x0000251D
The Record is correct on DNS server 'xxx.xxx.xx.xx'.
The Record is correct on DNS server 'xxx.xxx.xx.xx'.
The Record is correct on DNS server 'xxx.xxx.xx.xx'.
The Record is correct on DNS server 'xxx.xxx.xx.xx'.
[WARNING] The DNS entries for this DC are not registered correctly on
DNS server 'xxx.xxx.xx.xx'. Please wait for 30 minutes for DNS server
replication.
[FATAL] No DNS servers have the DNS records for this DC registered.
I have ran nslookup and verified that DC1 is under windows.mycompany.com
instead of mycompany.com. (I have done dcdemote and promote).
Thanks
Keith |
|
| Back to top |
|
|
Kevin D. Goodknecht Sr. [
Guest
|
| Posted:
Tue Jan 25, 2005 6:46 am Post subject:
Re: Windows cannot find the network path when joining to the |
|
|
In news:%23RH%23lclAFHA.3744@TK2MSFTNGP15.phx.gbl,
Keith Ng <ngkeith@triumf.ca> commented
Then Kevin replied below:
| Quote: | Now I have re-registered our DC (DC1) under the DNS
namespace windows.mycompany.com instead mycompany.com.
However, the netdiag DNS test still fail on me.
Here is the error.
DNS test . . . . . . . . . . . . . : Failed
Interface {25AA80F5-5A7A-4B15-8225-8D237724C849}
DNS Domain:
DNS Servers: xxx.xxx.xx.xx
IP Address: Expected registration with
PDN (primary DNS domain name):
Hostname: DC1.windows.mycompany.com.
Authoritative zone: windows.mycompany.com.
Primary DNS server: ns1.mycompany.com
xxx.xxx.xx.xx Authoritative NS:xxx.xxx.xx.xx
Check the DNS registration for DCs entries on DNS server
'xxx.xxx.xx.xx' Query for DC DNS entry
windows.mycompany.com. on DNS server xxx.xxx.xx.xx failed.
DNS Error code: 0x0000251D
The Record is correct on DNS server 'xxx.xxx.xx.xx'.
The Record is correct on DNS server 'xxx.xxx.xx.xx'.
The Record is correct on DNS server 'xxx.xxx.xx.xx'.
The Record is correct on DNS server 'xxx.xxx.xx.xx'.
[WARNING] The DNS entries for this DC are not registered
correctly on DNS server 'xxx.xxx.xx.xx'. Please wait for
30 minutes for DNS server replication.
[FATAL] No DNS servers have the DNS records for this
DC registered.
I have ran nslookup and verified that DC1 is under
windows.mycompany.com instead of mycompany.com. (I have
done dcdemote and promote).
Thanks
Keith
|
What is this DC using for DNS, itself or BIND?
I highly suggest pointing it to itself for DNS, setting it zone to allow
secure updates, then delegate the subdomain from BIND to the DC.
That way the DC can register its records and all clients can find the DC by
looking at the BIND.
I believe I asked before but is the AD domain name in ADUC
windows.mycompany.com?
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
=================================== |
|
| Back to top |
|
|
Keith Ng
Guest
|
| Posted:
Tue Jan 25, 2005 10:05 pm Post subject:
Re: Windows cannot find the network path when joining to the |
|
|
Kevin D. Goodknecht Sr. [MVP] wrote:
| Quote: | In news:%23RH%23lclAFHA.3744@TK2MSFTNGP15.phx.gbl,
Keith Ng <ngkeith@triumf.ca> commented
Then Kevin replied below:
Now I have re-registered our DC (DC1) under the DNS
namespace windows.mycompany.com instead mycompany.com.
However, the netdiag DNS test still fail on me.
Here is the error.
DNS test . . . . . . . . . . . . . : Failed
Interface {25AA80F5-5A7A-4B15-8225-8D237724C849}
DNS Domain:
DNS Servers: xxx.xxx.xx.xx
IP Address: Expected registration with
PDN (primary DNS domain name):
Hostname: DC1.windows.mycompany.com.
Authoritative zone: windows.mycompany.com.
Primary DNS server: ns1.mycompany.com
xxx.xxx.xx.xx Authoritative NS:xxx.xxx.xx.xx
Check the DNS registration for DCs entries on DNS server
'xxx.xxx.xx.xx' Query for DC DNS entry
windows.mycompany.com. on DNS server xxx.xxx.xx.xx failed.
DNS Error code: 0x0000251D
The Record is correct on DNS server 'xxx.xxx.xx.xx'.
The Record is correct on DNS server 'xxx.xxx.xx.xx'.
The Record is correct on DNS server 'xxx.xxx.xx.xx'.
The Record is correct on DNS server 'xxx.xxx.xx.xx'.
[WARNING] The DNS entries for this DC are not registered
correctly on DNS server 'xxx.xxx.xx.xx'. Please wait for
30 minutes for DNS server replication.
[FATAL] No DNS servers have the DNS records for this
DC registered.
I have ran nslookup and verified that DC1 is under
windows.mycompany.com instead of mycompany.com. (I have
done dcdemote and promote).
Thanks
Keith
What is this DC using for DNS, itself or BIND?
I highly suggest pointing it to itself for DNS, setting it zone to allow
secure updates, then delegate the subdomain from BIND to the DC.
That way the DC can register its records and all clients can find the DC by
looking at the BIND.
I believe I asked before but is the AD domain name in ADUC
windows.mycompany.com?
|
Kevin, I really apprciate for your help.
Our DNS is running on BIND and our AD domain is windows.mycompany.com.
As I mentioned perviously, our DNS admin has just created a subdomain
called windows.mycompany.com and registered the DC under this subdomain.
I can't really delegate this subdomain to the DC as we have almost 900
nodes in the network and they are mixed with Windows and Linux machines.
It would be very difficult to assign the DNS IP to the Windows clients
through DHCP as our DHCP server does not distribute IP address to PCs
based on what OSs they are running. And the other things is I am not the
DNS/DHCP admin and I don't have control of those servers
Keith |
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in