DNS zones are missing
My DNS zones are missing.
I get an error in event log:
The DNS server was unable to open Active Directory
I read one post that mentioned the security log being full, i tried to increase the size of the file allowed and delete the log. This has not worked. If this is indeed the problem.
Anyone any ideas?
Bit of a panic as non of users can access their files through mapped drives.
I would deinstall DNS and reinstall it ... I had DNS problems a while ago and a reinstall sorted out all of the problems
Is it best to have DNS on my main dc, or can it reside just as well on my other dc
Tried to uninstall and reinstall DNS.
It completed but then i got a Cannot contact the DNS server message.
Am a bit stuck here.
Help please anyone.
Hiyah I have DNS setup on both servers in one of my schools the second ones a backup in case the first one fails ... The workstations primary DNS setting in TCIP is pointing at the first and the secondary is pointing at the second I'm not a huge DNS expert though and have never had the chance to see if it works OK !!!
Just a thought .. have you done all of the server updates? Which server software is it your running?
Server 2003 Std. Not sure if i have updated for a bit, why would that be an issue?
Cos it might be an active directory problem rather than DNS or both maybe ... Doing all of the updates and patches can sometimes get rid of problems that are difficult to cure otherwise ... The first question I always ask is ... "have you done all of the updates?" if not do them now and see if the problem is still there afterwards ...
Second thought ... try installing DNS on your second server and see if you get the same error ....
Cheers Brian .. PS where are you?
Ok makes sense. I am in North England and having a bad day. I have Server 2008 on other server have since installed dns on this server but not really made much diff yet.
I have got a record for my pc in the dns forward zone on the dns server i just created, but still cannot connect to the shared drives using netbios name, ip address works fine.
i am going to run updates on 2003 server asap
The DNS server was unable to connect to the domain naming FSMO ourdc.domain.co.uk. No modifications to Directory Partitions are possible until the FSMO server is available for LDAP connections. The event data contains the error code
event id: 4510
seems like its something to do with AD maybe??
I can authenticate, AD looks ok.
I ran the updates but the problem persists.
Run dcdiag to check if the fsmo roles are assigned properly.
ye netdowm /query looks good
Schema owner ourdc.ourschool.town.sch.uk
Domain role owner ourdc.ourschool.town.sch.uk
PDC role ourdc.ourschool.town.sch.uk
RID pool manager ourdc.ourschool.town.sch.uk
Infrastructure owner ourdc.ourschool.town.sch.uk
The command completed successfully.
i substituted real name of domain
I am trying to run through some tests
When i run repadmin/syncall
CALLBACK MESSAGE: Error contacting server 6978fd70-ec3b-4ab2-8b56-836f0909398e._msdcs.ourschool.ourtown.sch.uk (network error): -2146893022 (0x80090322):
The target principal name is incorrect.
SyncAll exited with fatal Win32 error: 8440 (0x20f8):
The naming context specified for this replication operation is invalid.
Phew. Its resolved. Well its running and people are able to get the UNC shares and DNS is reainstalled on the offending DC.
The solution was to reset the kerberos passwords for the domain controller.
I saw a post regarding this and thought it looked relevant.
I ended up running netdom resetpwd on both dcs, as the problamatic one didint seem to show any improvement after running it.