PHWinfo - Afficher un message

12/03/2006, 05h58

Allen wrote:
> When I go into AD Sites and Services to manually replicate DC1 and
> DC2, I get an error on one server and another error on the other.
>
> DC1 Reads:
> The following error occurred during the attempt to synchronize the
> domain controllers: The DSA operation is unable to proceed because of
> a DNS lookup failure.
>
> DC2 Reads:
> The following error occured during the attempt to contact the domain
> controllers: The RPC server is unavailable.
>
> I am getting a couple of errors showing in Event Viewer. Some of
> which are the following:
>
> Event ID 5773
> The DNS server for this DC does not support dynamic DNS. Add the DNS
> records from the file '%SystemRoot%\System32\Config\netlogon.dns' to
> the DNS server serving the domain referenced in that file.
>
> Event ID 409
> The DNS server list of restricted interfaces contains IP addresses
> that are not configured for use at the server computer.
>
>
> Use the DNS manager server properties, interfaces dialog, to verify
> and
> reset the IP addresses the DNS server should listen on. For more
> information, see "To restrict a DNS server to listen only on selected
> addresses" in the online .
>
> I have pinged DC1 from DC2 and vice versa with no problem. I did so
> by both IP and by server name. Both of which were successful. I
> checked the SVR records and both servers were in DNS properly.
> However, when I did the DCDIAG it gave me some errors as well.
>
> DC2's server GUID DNS name could not be resolved to an IP address. The
> server name resolved to an IP address and was pingable.
>
> It also stated during primary tests for "Testing server" that DC2 is
> skipping all tests because it is not responding to directory service
> requests. The rest of the tests pass.
>
> When running the NTDSUTIL command I also get the following:
>
> ldap_modify_sW error 0x34(52 (unavailable)
> extended error 000020AF
> svcErr DSID-032101CF
> Problem 5002 (unavailable) data 8524
>
> win32 error 0x20af
> couldn't be contacted.
>
>
> I am not sure where to go from here. Any recommendations would be
> appreciated.

Errors like this typically mean you are using your ISP's DNS (or router's)
IP address in TCP/IP properties.
Use only the local AD DNS server's IP address for DNS in TCP/IP properties.
(Usually the DC's address)

You could also have other problems, but posting you ipconfig /all, your AD
Domain name, and the list of zones you have in DNS can verify this.

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This s
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oe.com/OEBackup/Default.aspx
===================================

12/03/2006, 05h58	#2
Kevin D. Goodknecht Sr. [MVP] Messages: n/a Hébergeur:	Re: DNS Replication between DC1 & DC1 Allen wrote: > When I go into AD Sites and Services to manually replicate DC1 and > DC2, I get an error on one server and another error on the other. > > DC1 Reads: > The following error occurred during the attempt to synchronize the > domain controllers: The DSA operation is unable to proceed because of > a DNS lookup failure. > > DC2 Reads: > The following error occured during the attempt to contact the domain > controllers: The RPC server is unavailable. > > I am getting a couple of errors showing in Event Viewer. Some of > which are the following: > > Event ID 5773 > The DNS server for this DC does not support dynamic DNS. Add the DNS > records from the file '%SystemRoot%\System32\Config\netlogon.dns' to > the DNS server serving the domain referenced in that file. > > Event ID 409 > The DNS server list of restricted interfaces contains IP addresses > that are not configured for use at the server computer. > > > Use the DNS manager server properties, interfaces dialog, to verify > and > reset the IP addresses the DNS server should listen on. For more > information, see "To restrict a DNS server to listen only on selected > addresses" in the online . > > I have pinged DC1 from DC2 and vice versa with no problem. I did so > by both IP and by server name. Both of which were successful. I > checked the SVR records and both servers were in DNS properly. > However, when I did the DCDIAG it gave me some errors as well. > > DC2's server GUID DNS name could not be resolved to an IP address. The > server name resolved to an IP address and was pingable. > > It also stated during primary tests for "Testing server" that DC2 is > skipping all tests because it is not responding to directory service > requests. The rest of the tests pass. > > When running the NTDSUTIL command I also get the following: > > ldap_modify_sW error 0x34(52 (unavailable) > extended error 000020AF > svcErr DSID-032101CF > Problem 5002 (unavailable) data 8524 > > win32 error 0x20af > couldn't be contacted. > > > I am not sure where to go from here. Any recommendations would be > appreciated. Errors like this typically mean you are using your ISP's DNS (or router's) IP address in TCP/IP properties. Use only the local AD DNS server's IP address for DNS in TCP/IP properties. (Usually the DC's address) You could also have other problems, but posting you ipconfig /all, your AD Domain name, and the list of zones you have in DNS can verify this. -- Best regards, Kevin D. Goodknecht Sr. [MVP] Hope This s =================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue, to respond directly to me remove the nospam. from my email address. =================================== http://www.lonestaramerica.com/ http://support.wftx.us/ https://secure.lsaol.com/ =================================== Use Outlook Express?... Get OE_Quotefix: It will strip signature out and more http://home.in.tum.de/~jain/software/oe-quotefix/ =================================== Keep a back up of your OE settings and folders with OEBackup: http://www.oe.com/OEBackup/Default.aspx ===================================