DNS and NTP issues after SP1

[Dell and Rodney]

After installing SP1 (WS2003) i ran Security Config Wizard. I believe i configured this correctly (well i think so anyway )

I have event id 1054 on the client and event IDs 4004, 4015 (appearing numerous times) on the server. Reading on these events they all tell me to set the correct DNS server addresses for my LAN - but it is so what am suppose to do to resolve this issue?

NTP- i set NTP address as net time set/sntp:192.168.1.1 - this is for my router so it picks up the time from there but i still get errors - anyone know how to resolve this or which address to set it to?

Cheers

[valter]

as per NTP open cmd and then type the following ..

• w32tm /config /manualpeerlist:NTP_server_IP_Address,0x8 /syncfromflags:MANUAL

• net stop w32time

• net start w32time

• w32tm /resync

NTP_server_IP_Address replace with the IP address of the closest NTP server fromt this list http://ntp.isc.org/bin/view/Servers/NTPPoolServers

[jpatto]

As for your DNS problem - try disabling the firewall (from the services panel and not turning it off). Do you still have the same problem?

[DiGGiTY]

These are likely erroneous errors... Do an ipconfig /registerdns from the W2K3 Sp1 machine first.

The description of these errors (which again, I believe are erroneous), follow:

4004

MessageId=4004

Severity=Error

SymbolicName=DNS_EVENT_DS_ZONE_ENUM_FAILED

The DNS server was unable to complete directory service enumeration of zone %1. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone. The event data contains the error.

4005

MessageId=4005

Severity=Informational

SymbolicName=DNS_EVENT_DS_ZONE_DELETE_DETECTED

The DNS server received indication that zone %1 was deleted from Active Directory. Since this zone was an Active Directory zone, it has been deleted from the DNS server.

[Dell and Rodney]

Thanks......i tried what you guys said some resolved the issue some didnt. I still get the odd ocassional 4004, 4015 error (not as much) however it wont load any profiles using AD and i get event id error 5719:

Event Type: Error

Event Source: NETLOGON

Event Category: None

Event ID: 5719

Date: 13/04/2005

Time: 09:11:01

User: N/A

Computer: computer

Description:

No Domain Controller is available for domain MSDOMAIN due to the following:

There are currently no logon servers available to service the logon request. .

Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Data:

0000: 5e 00 00 c0 ^..À

I tried to re-join to the domain - that falied im thinking this may be the problem leading the other issues - disabling the firewall stopped a few more errors.

So what could be wrong?

[DiGGiTY]

If you can't join the domain, its one of two things.

1. You aren't supplying an account name and password that has that permission.

2. Your IP settings aren't configured correctly (or DNS server is hosed)

[Dell and Rodney]

1 - I know im supplying the correct info and 100% sure about that.

2 - My IP settings are the same as they were before SP1 ive checked them again and see that each client has its own static IP provided by the router and the server has DNS set up but not sure if there is a problem there or not. Im notusing DHCP on th eserver but on the router (Incase someone wantes to go onto the internet so the server does not have to be on)

Thanks

[valter]

1 - I know im supplying the correct info and 100% sure about that.

2 - My IP settings are the same as they were before SP1 ive checked them again and see that each client has its own static IP provided by the router and the server has DNS set up but not sure if there is a problem there or not. Im notusing DHCP on th eserver but on the router (Incase someone wantes to go onto the internet so the server does not have to be on)

Thanks

<{POST_SNAPBACK}>

what do you mean by "static IP provided by the router"?

[Dell and Rodney]

what do you mean by "static IP provided by the router"?

I mean i have a Dynamic address supplied by my ISP i then use my router to assign internal/ local IP addresses to all the clients on the network i.e.

Dynamic IP

123.234.34.45 -->Router --> Machine 1 = 192.168.1.5

Machine 1 = 192.168.1.6

Machine 1 = 192.168.1.7

......

thanks

[valter]

so basically your router acts as a DHCP server and assigns dynamic IP addresses to the clients ...

[Dell and Rodney]

so basically your router acts as a DHCP server and assigns dynamic IP addresses to the clients ...

I guess so but whether this helps or not if i try and ping another pc/ Client on the network i use ping 192.168.1***

......sorry i just noticed what i wrote on my previous post. It should have read:

Dynamic IP (from ISP) = 123.234.34.45 (as an example)

123.234.34.45 -->Router

Router Assigns local/internal IP address to all pcs on network ->

so

Machine 1 = 192.168.1.5

Machine 2 = 192.168.1.6

Machine 3 = 192.168.1.7

sorry for the confusion hope that makes sense

[x243]

You haven't described the hardware in your server, specifically, whether it is multihomed (i.e. more than 1 NIC). From what I've read it sounds like your network clients receive IPs through DHCP from your router device, and this I inferred, but these DHCP clients use the router's IP address as the primary DNS server so they can get online when the domain controller is offline? Where does the IP address of the AD server fit into this? If you don't have the network clients set to use the IP address of the AD server as their primary DNS server, then you've seriously circumvented the Windows domain. What you need to do is set the primary DNS server as the domain controller in the DHCP settings, then set up forwarders on the domain controller's DNS that point to yoiur ISP's DNS servers.

The DNS errors you're getting on the server sound like a common problem with multihomed setups. In Network Connections (in the Control Panel), click on Advanced (at the top), then click on Advanced Settings... In the first box, make sure the active NIC (the one that communicates with the LAN) is listed first. If it's not, do it and then reboot. See if it doesn't fix your DNS problems. Also check that the primary DNS server that is manually configured on the server NIC is not the loopback address. You might hear conflicting reports about using loopback versus IP for the DNS address, but I always use the static IP and have never had problems.

[Dell and Rodney]

You haven't described the hardware in your server, specifically, whether it is multihomed (i.e. more than 1 NIC).

1 NIC on the server however i can increase this to 2 if that would help.

From what I've read it sounds like your network clients receive IPs through DHCP from your router device

Yes they receive local IPs from the router

but these DHCP clients use the router's IP address as the primary DNS server so they can get online when the domain controller is offline?

Yes only for the PCs that dont require to login to the server

Where does the IP address of the AD server fit into this? If you don't have the network clients set to use the IP address of the AD server as their primary DNS server, then you've seriously circumvented the Windows domain

The server has its own static IP address assigned by the router. So the preferred DNS is the same IP address (pointing to it self) as the server.

The clients (that do connect to the server) have static IP addresses again assigned by the router. The primary DNS is the servers DNS, so i think that has been done correctly.

What you need to do is set the primary DNS server as the domain controller in the DHCP settings, then set up forwarders on the domain controller's DNS that point to yoiur ISP's DNS servers.

Would i still need to do this after explaining the above? if yes coudl you explain a bit more in how i should set it up as i woudl imagine having the router giving DHCP addresses allows users to connect to the internet when the server is turned off (the same users that dont use the server)

Advanced Settings... In the first box, make sure the active NIC (the one that communicates with the LAN) is listed first. If it's not, do it and then reboot.

I checked that and i have Local Area Connection listed at the top both for server and clients.

Also check that the primary DNS server that is manually configured on the server NIC is not the loopback address. You might hear conflicting reports about using loopback versus IP for the DNS address, but I always use the static IP and have never had problems

I dont understand what i need to do here and how i should check if the server's NIC is not on the loopback address.

Again these problems only occured after installing SP1 on the server. Thanks again for everyones help

[valter]

Well if your clients don't have your AD server DNS address in their TCP/IP properties, how do you expect them to log on onto domain? As far as I understood, your clients receive dynamic IP from the router that acts as DHCP and the DNS server they use is DNS built into your router ... so where your AD server IP comes in here?

as per loopback address ... if your server's IP is 192.168.1.2 then in primary DNS of the servers TCP/IP properties put 192.168.1.2 and not 127.0.0.1 or 127.0.0.2 or 127.0.0.3 (these are loopback IP addresses)

[Dell and Rodney]

Well if your clients don't have your AD server DNS address in their TCP/IP properties, how do you expect them to log on onto domain? As far as I understood, your clients receive dynamic IP from the router that acts as DHCP and the DNS server they use is DNS built into your router ... so where your AD server IP comes in here?

The clients (that do connect to the server) have static IP addresses again assigned by the router. The primary DNS is the servers DNS, so i think that has been done correctly.

Ok when i wrote that i meant that all the clients that connect to the server have their primary DNS as the servers IP. Clients receive STATIC IP from router this is local or internal IP which is assigned by the router (192.168.1.5 etc)

Thanks