Jump to content

would someone kindly explain this "event" error

aspenjim

By aspenjim
in Windows 2000/2003/NT4

 Share

Recommended Posts

aspenjim

aspenjim

Posted
Posted (edited)

I admit I'm a rookie at domains. I have 1 - 40 client domain w/ a 2003 standard server and when I look in the event viewer, I see these errors on almost all clients. They logon to the domain and have all domain resources available. Here's the message with a screenie...

dns2.jpg

Everything seems to work properly, i just don't understand the error or how to correct it.

they all have this error also....

error.jpg

thanks to everyone helping me to understand and hopefully correct this.

jim

Edited by aspenjim
Link to comment
Share on other sites

aspenjim

aspenjim

Posted
  • Author
Posted

Yes, most PC's have this (actually all that I have looked at) and have since the server was installed in April. Most PC's had a fresh install of XP prior to server upgrade. I had one lately say the netlogon service wasn't running so I removed and readded it to the domain.

the dc has a clean log

I'm not sure how to add the suffix (in this case .local) as you mention

Link to comment
Share on other sites
cluberti

cluberti

Posted
Posted

I'm assuming it's a single DC, in a single domain forest, and it's the DNS and DHCP (and possibly WINS) server for the domain? Make sure that the DC points to itself (and ONLY itself) for DNS and WINS resolution, and that the clients ONLY point to the DC as their DNS server. If you need clients to have internet browsing access, you'll need to configure forwarders on your DC's DNS to point to your ISP's DNS servers (check with them to see if recursion should be enabled or disabled in this configuration).

These errors are 100% DNS resolution errors, so either your clients and DC have public DNS servers in their configuration, or your AD DNS is misconfigured and missing entries.

Link to comment
Share on other sites
aspenjim

aspenjim

Posted
  • Author
Posted

It is a single DC. When it was installed, the dns pointed toward itself. The "installers" of the server told me to put in the IP of the server in each client's dns settings. This is in a sheriff's dept where they have a cisco router doing dhcp. When I configured it as they told me, the internet just crawled. I ended up putting the ISP's dns settings as the secondary dns server (in the DC) and the internet became the normal speed. All clients are set to get dns automatically. As far as WINS, I don't have a clue about it's configuration. Also, I don't see in AD where to do any dns configuration. I fairly new at this (domains) and haven't had any formal training.

What should I look for in AD and WINS?

thanks for the input.

jim

Link to comment
Share on other sites
cluberti

cluberti

Posted
Posted

WINS is optional, and if you aren't sure where it is, you probably don't have it installed or configured. As to the errors, if you enter in your ISP's DNS settings, this will happen eventually. You have to remove those and use forwarders for AD DNS to work properly - no other DNS servers should be configured on any client or server machines than the ones on your own network (other than the ISP's DNS servers on the forwarders tab of your DNS server, of course). If things are slow when this is configured, check with your ISP to make sure of whether or not to enable recursion.

Link to comment
Share on other sites
aspenjim

aspenjim

Posted
  • Author
Posted

Would you mind posting (or emailing me) screenies of what the forwarder tab properly configured? and a screenie of where to find DNS in AD? as far as wins, I know where it is and in 7 years of experience (with small networks), have never had to configure it.

I am installing another SBS next week and would like to get it right (this is the 4th server install this year). I'm also trying to learn folder redirection and caching of local settings dir so domain logons don't take so long.

thanks again.

jim

Link to comment
Share on other sites
valter

valter

Posted
Posted

IN most of the cases the following works ... open registry and navigate to HKLM\System\CurecntControlSet\Services\Netlogon and edit DependOnService and add DNS to the list ... this is to be done on the server machine ...

Second option might be configuring the firewall if firewall is enabled on the server and/or clients, the following ports MUST be open UDP 53, TCP 135, 445, 1025, 389 ...

anyway, check the following link, excellent resource website for any network admin

Link to comment
Share on other sites
aspenjim

aspenjim

Posted
  • Author
Posted (edited)

thanks valter for the website.... looks like a great resource....

Valter... what exactly does that reg edit do?

Okay, I found the DNS forward tab and got it configured. I still don't know how to configure DNS in AD.

Now the error has turned to warnings, so I made progress....

error2.jpg

I will try and figure it out from the site that valter mentioned here

The terminology is a little over my head though (eg - single label namespace).

Here is a quote from that site that I would like to learn how to do...

This event will appear if the DNS Suffix on the TCP/IP properties on the Network card is invalid. In our case, the PC was setup with domainx in the field, rather than domainx.com. Once the DNS Suffix matched the AD or at least is a vaild "domain.extension" this error stops.

Again thanks to all for the guidance and I WILL eventually understand this.

Edited by aspenjim
Link to comment
Share on other sites
Stoic Joker

Stoic Joker

Posted
Posted

Judging by you event screenshot you domain name is wcso.local which is fine, if it was only wcso then it would be considered a single lable namespace.

Run ipconfig /all

Look at the Primary DNS Suffix line, it should read wcso.local (Your Domain Name), if it does your fine.

As far as the warnings go, just run:

ipconfig /registerdns

on the server, which should then allow it to properly find its own a** and stop the warnings.

Link to comment
Share on other sites
valter

valter

Posted
Posted
thanks valter for the website.... looks like a great resource....

Valter... what exactly does that reg edit do?

Okay, I found the DNS forward tab and got it configured. I still don't know how to configure DNS in AD.

Now the error has turned to warnings, so I made progress....

error2.jpg

I will try and figure it out from the site that valter mentioned here

The terminology is a little over my head though (eg - single label namespace).

Here is a quote from that site that I would like to learn how to do...

This event will appear if the DNS Suffix on the TCP/IP properties on the Network card is invalid. In our case, the PC was setup with domainx in the field, rather than domainx.com. Once the DNS Suffix matched the AD or at least is a vaild "domain.extension" this error stops.

Again thanks to all for the guidance and I WILL eventually understand this.

regedit is registry editor, you have to be very careful when working in registry editor, and if you're not sure what you're doing, then better don't do anything. Anyway, before you do anything in the registry editor, make sure you make a backup of your registry (File - Export - Export Rage set to All) ... the registry change I was refering to just tells Netlogon service not to start before DNS service is started ...

As per your 11165 error, check that dynamic updates on your DNS zone properties is set to allow secure, this should allow all computers to dynamically register with DNS server ...

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...