Active Directory could not resolve DNS host name

[shivendra]

I have been running Windows 2003 EE and we are using 2 domain controller, one is DC and other is ADC. Both are also working as AD integrated DNS server but wheneve I restart my DC, I am getting the below error message everytime:

Event Type: Error
Event Source: NTDS Replication
Event Category: DS RPC Client
Event ID: 2087
Date: 8/29/2006
Time: 8:23:17 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: MESH
Description:
Active Directory could not resolve the following DNS host name of the source domain controller to an IP address. This error prevents additions, deletions and changes in Active Directory from replicating between one or more domain controllers in the forest. Security groups, group policy, users and computers and their passwords will be inconsistent between domain controllers until this error is resolved, potentially affecting logon authentication and access to network resources.

Source domain controller:
Server2
Failing DNS host name:
6e0d047e-eeff-4db8-a919-5c9e4ca8dd69._msdcs.bideonline.com

NOTE: By default, only up to 10 DNS failures are shown for any given 12 hour period, even if more than 10 failures occur. To log all individual failure events, set the following diagnostics registry value to 1:

Registry Path:
HKLM\System\CurrentControlSet\Services\NTDS\Diagnostics\22 DS RPC Client

Additional Data
Error value:
11004 The requested name is valid, but no data of the requested type was found.


For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

just after this error we recived this warning

Event Type: Warning
Event Source: NTDS KCC
Event Category: Knowledge Consistency Checker
Event ID: 1308
Date: 8/29/2006
Time: 8:26:44 AM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: MESH
Description:
The Knowledge Consistency Checker (KCC) has detected that successive attempts to replicate with the following domain controller has consistently failed.

[Pugsly]

Did you make sure that both DCs are still functioning? Also check that on both DCs the Netlogon and Sysvol share exists. There might be some problem with the DNS registration of the SRV records. Have you checked the DNS zones updatable? If you want to force and check the DNS registration trye the below:

Net stop netlogon
Del c:\windows\system32\config\netlogon.dns
Net start netlogon
Ipconfig /register DNS
Check the event viewer on the DC to know whether the registration went successful or failed

[Big Fish]

You can try to look at the below links to solve this issue:

Check the article made on "Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003"
http://support.microsoft.com/default...825036&sd=RMVP

Also, check "DNS Support for Active Directory"
http://technet2.microsoft.com/Window....mspx?mfr=true

And check how to Verify the Creation of SRV Records for a Domain Controller

http://support.microsoft.com/kb/241515/EN-US/

[dampos]

I have also your problem. I run on my DC
netdiag.exe /v > c:\netdiag.log
start c:\netdiag.log

repadmin.exe /showrepl dc* /verbose /all /intersite > c:\repl.txt
start c:\repl.txt

and I have this problem:

DCDIAG.LOG:
Domain Controller Diagnosis

Performing initial setup:
* Connecting to directory service on server DC_Name.
[DC_Name] LDAP search failed with error 58,
The specified server cannot perform the requested operation..
The host DC_Name could not be resolved to an
IP address. Check the DNS server, DHCP, server name, etc


REPL.TXT:
Repadmin experienced the following error trying to resolve the DC_NAME: dc*

Error: An error occured:

Win32 Error 8419(0x20e3): The DSA object could not be found.

what can I do?

Thank's,
Dampos

[dampos]

I understand my error and now I have a good answer by repadmin e netdiag.
There are not errors, but I have this error in Event Viewer:

Event Type: Warning
Event Source: NTDS Replication
Event Category: DS RPC Client
Event ID: 2088
Date: 11/07/2007
Time: 15.56.01
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: My DC
Description:
Active Directory could not use DNS to resolve the IP address of the source domain controller listed below. To maintain the consistency of Security groups, group policy, users and computers and their passwords, Active Directory successfully replicated using the NetBIOS or fully qualified computer name of the source domain controller.

Invalid DNS configuration may be affecting other essential operations on member computers, domain controllers or application servers in this Active Directory forest, including logon authentication or access to network resources.

You should immediately resolve this DNS configuration error so that this domain controller can resolve the IP address of the source domain controller using DNS.

Alternate server name:
wsus
Failing DNS host name:
352de2cf-1470-4b8a-bf16-84a0f80d3dcc._msdcs.contoso.it

NOTE: By default, only up to 10 DNS failures are shown for any given 12 hour period, even if more than 10 failures occur. To log all individual failure events, set the following diagnostics registry value to 1:

Registry Path:
HKLM\System\CurrentControlSet\Services\NTDS\Diagnostics\22 DS RPC Client

User Action:

1) If the source domain controller is no longer functioning or its operating system has been reinstalled with a different computer name or NTDSDSA object GUID, remove the source domain controller's metadata with ntdsutil.exe, using the steps outlined in MSKB article 216498.

2) Confirm that the source domain controller is running Active directory and is accessible on the network by typing "net view \\<source DC name>" or "ping <source DC name>".

3) Verify that the source domain controller is using a valid DNS server for DNS services, and that the source domain controller's host record and CNAME record are correctly registered, using the DNS Enhanced version of DCDIAG.EXE available on http://www.microsoft.com/dns

dcdiag /test:dns

4) Verify that that this destination domain controller is using a valid DNS server for DNS services, by running the DNS Enhanced version of DCDIAG.EXE command on the console of the destination domain controller, as follows:

dcdiag /test:dns

5) For further analysis of DNS error failures see KB 824449:
http://support.microsoft.com/?kbid=824449

Additional Data
Error value:
11004 The requested name is valid, but no data of the requested type was found.


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


What can I do?
Thank's
Dampos.