Problems with DNS/Active Directory

[dawks]

We rebooted our 2000 Server due to some weird connectivity issue, and when the server came back online, the System Log was filled with a bunch of events, just like these. Various DNS errors.. And now, I cannot add an XP machine to the domain (i could fine just yesterday).
The error message:

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.ourdomainname

Common causes of this error include the following:

- The DNS SRV record is not registered in DNS.

- One or more of the following zones do not include delegation to its child zone:

lccdom
. (the root zone)

Also, there appears to be two previous blocks of error messages just like those in the link in the System Log in Event viewer. So I guess this has happened before (also before i was here), but it maybe fixes itself over time?

I'm not sure what to look for in the DNS server MMC, but there are some records and they are referencing the correct IP address..

Any ideas?

 

[djdrastic]

Could You Please Post A

dcdiag and a test nslookup on your dns server

If you need direct help pm me and we can chat on IM

 

[dawks]

Ok, I've done more snooping, and this appears to be my exact issue to.

There is an (A) record for the server, and the XP Pro box I am trying to join to the domain can look up the servers IP no problem.. So I'm not sure where the problem is..

Note: This information is intended for a network administrator. If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\WINDOWS\debug\dcdiag.txt.

The domain name lcc might be a NetBIOS domain name. If this is the case, verify that the domain name is properly registered with WINS.

If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.

DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain lcc:

The query was for the SRV record for _ldap._tcp.dc._msdcs.lcc

The following domain controllers were identified by the query:

serv1.lcc

Common causes of this error include:

- Host (A) records that map the name of the domain controller to its IP addresses are missing or contain incorrect addresses.

- Domain controllers registered in DNS are not connected to the network or are not running.

For information about correcting this problem, click Help.

And this is nslookup.. I've noticed I need the period after the lcc for it to work. As seen below..

> lcc
Server: UnKnown
Address: 172.25.200.26

*** UnKnown can't find lcc: Non-existent domain
> lcc.
Server: UnKnown
Address: 172.25.200.26

Name: lcc
Address: 172.25.200.26

 

[stash]

Three words:

SINGLE LABEL DOMAIN

Your problems are because your domain name is lcc, and not lcc.something. This will not work with 2000 SP4 and higher unless you make some registry changes. It is typically recommended that you rebuild the domain, because the registry changes have to be made on EVERY machine in the domain (client, server, dc) and they are different depending on the OS.

Search the MS KB for single label domain for more info.

 

[dawks]

Originally posted by: STaSh
Three words:

SINGLE LABEL DOMAIN

Your problems are because your domain name is lcc, and not lcc.something. This will not work with 2000 SP4 and higher unless you make some registry changes. It is typically recommended that you rebuild the domain, because the registry changes have to be made on EVERY machine in the domain (client, server, dc) and they are different depending on the OS.

Search the MS KB for single label domain for more info.

Yup, I've noticed this on a few sites.. Weird thing is, I joined this system and two others to the domain with no problems last week. I dis-joined it from the domain to experiment with profiles and such, but couldnt get it to join back..

Its it easy to change a domains name? or is this the sort of thing that screams 'START FRESH'.

 

[stash]

If you are at 2003 FFL, you can change the domain name but it is not a trivial process. The doc for it is like 70 pages.

 

[dawks]

Any idea why/how I joined this system and others to the domain earlier? I messed with a few server settings (DNS) but not sure which would have changed it..

How do Win98 machines join the domain? DNS? WINS? We have a WINS server setup, and there are several 98 machines on the domain.. I have not touched the WINS server.

We might create a new domain eventually, but I'd like to figure out whats happened to this one... It WAS working properly.

 

[stash]

Did you install SP4 on it since you successfully joined it to the domain? If the box was running SP3, it wouldn't care that the domain name was single-label.

9x machines don't use DNS at all, which is why they don't care if the domain is single label or not. They don't have any concept of FQDN, they just use netbios.

 

[spyordie007]

If you are at 2003 FFL, you can change the domain name but it is not a trivial process. The doc for it is like 70 pages.

He's not (OP says 2000 server, so I'm assuming that is a DC).

Depending on your setup (I'm assuming you're small). It may actually be easier to move yourself over to a 2003 FFL and than do a domain rename. It may be easier than creating a new domain (but that's up to you to evaluate ).