Netlogon 5774 error help ... DNS problems.

[tknodav1]

Here is the error I get in the event viewer. I am aware of the Microsoft KB article that covers this error, but that hasn't helped me at all.
I actually get this SAME error at 2 different company sites I do work for, and both are referencing the server....

Registration of the DNS record '0dc5078b-5035-4f58-bfc8-8350124243ed._msdcs.nmc.org. 600 IN CNAME SERVER2000.nmc.org.' failed with the following error:
DNS name does not exist.

As far as relevant information, the server is running DNS, and has the 2 ISP DNS servers, and then itself referenced as DNS, so 3 in total. The DNS is the active-directory integrated type. And I just stepped through the wizard to set it up. I have forward and reverse lookup zones. I put an entry into the reverse lookup for the server.

Under forward lookup zones, there is '.' and 'nmc.org'. Under '.', there is 'arpa', which in turn has the subnet (192.168.0.xxx) and also 'org', which in turn has nmc under that.

Under 'org', there is 'nmc' ... which has one entry in it for name server 'server2000.nmc.org'.

Hopefully some of this information will be helpful.
Any help would be much appreciated!!

Cheers!!
Dave

 

[Poontos]

You mention the ISP's DNS servers are being utilized, but now how. Forwarding non-internally resolved DNS requests, or all traffic? If so, I imagine your ISP's DNS servers have no idea about your Active Directory setup/Internal DNS.

Check to see how exactly you are referrencing your ISP's DNS servers.

What IP addresses do you have in the Primary and Secondary DNS for your TCP/IP settings on the server NIC?

 

[tknodav1]

The way the DNS is set up on the server NIC is that under the initial tab, I have the 2 DNS servers of my ISP. If you click Advanced, then the DNS tab, there are 3 listed there. The first two are the ISP DNS servers, then the third one is the IP of the server. (Basically telling the server that itself is a DNS server).

IE.

68.4.16.xxx
68.6.16.xxx (These 2 are ISP DNS)
192.168.0.xxx (Server IP)

Does this help at all?? Thanks for the reply btw!!

 

[Poontos]

If you are running active directory and DNS locally on that server, you need to point the primary to your 192.168 IP of your server, and probably remove your ISP's IP's from there.

Then in your actual DNS daemon configuration, properties, forwarders - put in your ISP's DNS for stuff that cannot be resolved locally.

 

[tknodav1]

Okay great! Did that and I now have my clients resolving outside DNS's. I guess this is the last piece of the puzzle now ... When I try to ping outside for example www.yahoo.com, it resolves the host address correctly, but times out on the pinging. I am currently telling DHCP to tell clients to look at the server IP for the router/gateway. I'm sure if I changed the gateway to the actual router IP (d-link, using for testing) it would work. What do I need to have the server do the routing? Is this even the best-practice for the situation?

And I guess this begs the question, should I just let our router do the DHCP and/or DNS serving, since it was designed to do it in the first place. What are the disadvantages?

Again, thanks for all your help Poontos.
Cheers!
Dave

 

[Poontos]

Not sure about not being able to ping yahoo. This could have something to do with network ACL's (blocking ICMP traffic), although I can ping yahoo, so it probably would not be anything on yahoo's end, but rather your next few hops.

There is no DLINK router that I know that has DNS capability built-in, so I would point your clients to your internal AD/DNS server, and while you are at it, play with Win2K DHCP and have it server the clients, and disable DHCP on the router.

Hope this helps.. I just read through quickly cause I am back off to my studies.