How to create SRV record for Domain Controller

ulyses_96 · 22-05-2008

I am running active directory with 3 domain controllers

busfile2 running 2008 and has RID and PDC roles

busprint2 running 2003 has schema master domain master and infrastructure
master roles

busfile running 2003 . no roles

lately i have had all kinds of problems. computers cant connect to shares,
no replication in domain, i checked DNS ( which runs on a different computer
) and found SRV entries for busprint2 and busfile

there are no entries for busfile2.
Question: How can i re-create SRV entries in DNS for busfile2? ( i think
this would solve my problem).

any help welcomed! thanks!

--
ulyses96

Ace Fekay [MVP] · 22-05-2008

In news:[email protected],
ulyses_96 <[email protected]> typed:
> I am running active directory with 3 domain controllers
>
> busfile2 running 2008 and has RID and PDC roles
>
> busprint2 running 2003 has schema master domain master and
> infrastructure master roles
>
> busfile running 2003 . no roles
>
> lately i have had all kinds of problems. computers cant connect to
> shares, no replication in domain, i checked DNS ( which runs on a
> different computer ) and found SRV entries for busprint2 and busfile
>
> there are no entries for busfile2.
> Question: How can i re-create SRV entries in DNS for busfile2? ( i
> think this would solve my problem).
>
> any help welcomed! thanks!

Actually SRV creation is completely automatic. There are no manual
intervention required whatsoever. There are simple rules to follow to make
it work that are comprised of a series of simple configurations, settings
and guidelines that must be in place in order for it work. So this tells me
there are configuration problems in your infrastructure. Also what concerns
me is you are saying that DNS is on a "different" computer. What computer is
it on? Is the computer a domain controller?

Mainly I see this if any machine (DC or client) is pointing to an ISPs or
some other DNS server that doesn't host the AD zone name or have some sort
of reference to it (secondary zone, stub zone, or conditional forwarder).
Reason why, is AD stores it's resources and service locations in DNS in the
form of SRV records (those folders with the underscore in them). They are
used for a multitude of things, such as finding the domain when a client
logons, domain replication from one DC to another, authentication, and more.
To illustrate, if a client queried the external DNS for internal domain
information, it will not be able to supply the info. Also, if there is a mix
of internal and external DNS servers in ip properties, because of the way
the resolver service works, mixed results will occur.

Here is a summarized list of possible causes:
1. Single label name DNS domain name (extremely problematic).
2. SRV records missing (obviously due to mis-config)
3. Disjointed namespace.- AD domain name doesn't match the Primary DNS
Suffix and/or the zone name.
4. Using an ISP's or some other DNS server that is not hosting the AD zone
or that doesn't have a reference to it, in IP properties of the DCs and
clients.
5. DHCP Client service disabled on the DCs (a required service even if
statically configured)
6. DCs are possibly multihomed (more than one NIC not teamed - extremely
problematic)
7. 3rd party firewalls blocking traffic between the DCs
8. Antivirus software blocking functionality
9. Antispyware blocking functionality
10. etc....

Therefore it will be difficult to assist without seeing some configuration
information. To better assist, we'll need some configuration information.
Please post the following to better assist.

1. Unedited "ipconfig /all" of all three domain controllers.
2. The Active Directory DNS domain name (the FQDN) as it shows up in the
ADUC console.
3. What type of server is DNS installed on?
4. The spelling of the zone name being used for AD in that other DNS server.
5. Any errors in the Event logs on the DC under System, Replication Service
and Directory Services (post the Event ID# and Source names please)
6. Dcdiag /v /fix > c:\dcdiag.txt (post the dcdiag.txt as an attachment)
7. Netdiag /v /fix > c:\netdiag.txt (post the dcdiag.txt as an attachment)

(Netdiag and Dcdiag are part of the Windows Support Tools available on the
Windows CDROM.)

Thank you,

--
Regards,
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
MVP Microsoft MVP - Directory Services
Microsoft Certified Trainer

For urgent issues, you may want to contact Microsoft PSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Infinite Diversities in Infinite Combinations

ulyses_96 · 23-05-2008

Thank you for your reply.

the problems im encountering are on a subdomain of the main domain.
the subdomain doesnt have it's own dns servers. all servers and clients
point to the dns server which is running on our Main domain controllers.
i did a dcdiagnose /test:dns from one of the domain controllers in teh
subdomain and got this log. but it doesnt say how to fix it.
im also getting replication errors etc.

Directory Server Diagnosis
Performing initial setup: Trying to find home server... Home Server =
busfile2 * Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\BUSFILE2 Starting test:
Connectivity The host
6c74d3db-fdfe-495c-bc08-04ac54de49bd._msdcs.busad.mydomain.com could
not be resolved to an IP address. Check the DNS server, DHCP, server
name, etc. ......................... BUSFILE2 failed test
Connectivity Doing primary tests
Testing server: Default-First-Site-Name\BUSFILE2
Starting test: DNS DNS Tests are running and not
hung. Please wait a few minutes... .........................
BUSFILE2 passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : busad
Running enterprise tests on : busad.mydomain.com Starting test: DNS
Test results for domain controllers:
DC: busfile2.busad.mydomain.com Domain:
busad.mydomain.com
TEST: Basic (Basc)
Error: No LDAP connectivity
No host records (A or AAAA) were found for this DC

TEST: Records registration (RReg)
Network Adapter [00000006] Intel(R)
82566DC-2 Gigabit Network Connection: Warning:
Missing CNAME record at DNS server 10.75.90.30:

6c74d3db-fdfe-495c-bc08-04ac54de49bd._msdcs.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.30:
_ldap._tcp.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.30:

_ldap._tcp.afaeada9-b590-42ff-ac5a-c548c083dee2.domains._msdcs.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.30:
_kerberos._tcp.dc._msdcs.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.30:
_ldap._tcp.dc._msdcs.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.30:
_kerberos._tcp.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.30:
_kerberos._udp.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.30:
_kpasswd._tcp.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.30:

_ldap._tcp.Default-First-Site-Name._sites.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.30:

_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.30:

_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.30:

_kerberos._tcp.Default-First-Site-Name._sites.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.30:
_ldap._tcp.gc._msdcs.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.30:

_gc._tcp.Default-First-Site-Name._sites.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.30:

_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.30:
_ldap._tcp.pdc._msdcs.busad.mydomain.com

Warning:
Missing CNAME record at DNS server 10.75.90.31:

6c74d3db-fdfe-495c-bc08-04ac54de49bd._msdcs.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.31:
_ldap._tcp.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.31:

_ldap._tcp.afaeada9-b590-42ff-ac5a-c548c083dee2.domains._msdcs.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.31:
_kerberos._tcp.dc._msdcs.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.31:
_ldap._tcp.dc._msdcs.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.31:
_kerberos._tcp.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.31:
_kerberos._udp.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.31:
_kpasswd._tcp.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.31:

_ldap._tcp.Default-First-Site-Name._sites.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.31:

_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.31:

_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.31:

_kerberos._tcp.Default-First-Site-Name._sites.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.31:
_ldap._tcp.gc._msdcs.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.31:

_gc._tcp.Default-First-Site-Name._sites.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.31:

_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.busad.mydomain.com

Warning:
Missing SRV record at DNS server 10.75.90.31:
_ldap._tcp.pdc._msdcs.busad.mydomain.com

Error: Record registrations cannot be found for all the
network adapters
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
_________________________________________________________________
Domain: busad.mydomain.com busfile2
PASS FAIL n/a n/a n/a FAIL n/a

......................... busad.mydomain.com failed test DNS
--
ulyses96

"Ace Fekay [MVP]" wrote:

> In news:[email protected],
> ulyses_96 <[email protected]> typed:
> > I am running active directory with 3 domain controllers
> >
> > busfile2 running 2008 and has RID and PDC roles
> >
> > busprint2 running 2003 has schema master domain master and
> > infrastructure master roles
> >
> > busfile running 2003 . no roles
> >
> > lately i have had all kinds of problems. computers cant connect to
> > shares, no replication in domain, i checked DNS ( which runs on a
> > different computer ) and found SRV entries for busprint2 and busfile
> >
> > there are no entries for busfile2.
> > Question: How can i re-create SRV entries in DNS for busfile2? ( i
> > think this would solve my problem).
> >
> > any help welcomed! thanks!
>
> Actually SRV creation is completely automatic. There are no manual
> intervention required whatsoever. There are simple rules to follow to make
> it work that are comprised of a series of simple configurations, settings
> and guidelines that must be in place in order for it work. So this tells me
> there are configuration problems in your infrastructure. Also what concerns
> me is you are saying that DNS is on a "different" computer. What computer is
> it on? Is the computer a domain controller?
>
> Mainly I see this if any machine (DC or client) is pointing to an ISPs or
> some other DNS server that doesn't host the AD zone name or have some sort
> of reference to it (secondary zone, stub zone, or conditional forwarder).
> Reason why, is AD stores it's resources and service locations in DNS in the
> form of SRV records (those folders with the underscore in them). They are
> used for a multitude of things, such as finding the domain when a client
> logons, domain replication from one DC to another, authentication, and more.
> To illustrate, if a client queried the external DNS for internal domain
> information, it will not be able to supply the info. Also, if there is a mix
> of internal and external DNS servers in ip properties, because of the way
> the resolver service works, mixed results will occur.
>
> Here is a summarized list of possible causes:
> 1. Single label name DNS domain name (extremely problematic).
> 2. SRV records missing (obviously due to mis-config)
> 3. Disjointed namespace.- AD domain name doesn't match the Primary DNS
> Suffix and/or the zone name.
> 4. Using an ISP's or some other DNS server that is not hosting the AD zone
> or that doesn't have a reference to it, in IP properties of the DCs and
> clients.
> 5. DHCP Client service disabled on the DCs (a required service even if
> statically configured)
> 6. DCs are possibly multihomed (more than one NIC not teamed - extremely
> problematic)
> 7. 3rd party firewalls blocking traffic between the DCs
> 8. Antivirus software blocking functionality
> 9. Antispyware blocking functionality
> 10. etc....
>
> Therefore it will be difficult to assist without seeing some configuration
> information. To better assist, we'll need some configuration information.
> Please post the following to better assist.
>
> 1. Unedited "ipconfig /all" of all three domain controllers.
> 2. The Active Directory DNS domain name (the FQDN) as it shows up in the
> ADUC console.
> 3. What type of server is DNS installed on?
> 4. The spelling of the zone name being used for AD in that other DNS server.
> 5. Any errors in the Event logs on the DC under System, Replication Service
> and Directory Services (post the Event ID# and Source names please)
> 6. Dcdiag /v /fix > c:\dcdiag.txt (post the dcdiag.txt as an attachment)
> 7. Netdiag /v /fix > c:\netdiag.txt (post the dcdiag.txt as an attachment)
>
> (Netdiag and Dcdiag are part of the Windows Support Tools available on the
> Windows CDROM.)
>
> Thank you,
>
>
> --
> Regards,
> Ace
>
> This posting is provided "AS-IS" with no warranties or guarantees and
> confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
> MVP Microsoft MVP - Directory Services
> Microsoft Certified Trainer
>
> For urgent issues, you may want to contact Microsoft PSS directly. Please
> check http://support.microsoft.com for regional support phone numbers.
>
> Infinite Diversities in Infinite Combinations
>
>
>

ulyses_96 · 23-05-2008

here is the dcdiag on another one of the domains.

Domain Controller Diagnosis

Performing initial setup:
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\BUSFILE
Starting test: Connectivity
The host
afd425ec-3e8b-47af-9d2b-811e9b03be5b._msdcs.busad.mydomain.com could not be
resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(afd425ec-3e8b-47af-9d2b-811e9b03be5b._msdcs.busad.mydomain.com) couldn't
be resolved, the server name (busfile.busad.mydomain.com) resolved to
the IP address (10.150.41.20) and was pingable. Check that the IP
address is registered correctly with the DNS server.
......................... BUSFILE failed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\BUSFILE
Skipping all tests, because server BUSFILE is
not responding to directory service requests

Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom

Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom

Running partition tests on : busad
Starting test: CrossRefValidation
......................... busad passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... busad passed test CheckSDRefDom

Running enterprise tests on : busad.mydomain.com
Starting test: Intersite
......................... busad.mydomain.com passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
......................... busad.mydomain.com failed test FsmoCheck

--
ulyses96

"Ace Fekay [MVP]" wrote:

> In news:[email protected],
> ulyses_96 <[email protected]> typed:
> > I am running active directory with 3 domain controllers
> >
> > busfile2 running 2008 and has RID and PDC roles
> >
> > busprint2 running 2003 has schema master domain master and
> > infrastructure master roles
> >
> > busfile running 2003 . no roles
> >
> > lately i have had all kinds of problems. computers cant connect to
> > shares, no replication in domain, i checked DNS ( which runs on a
> > different computer ) and found SRV entries for busprint2 and busfile
> >
> > there are no entries for busfile2.
> > Question: How can i re-create SRV entries in DNS for busfile2? ( i
> > think this would solve my problem).
> >
> > any help welcomed! thanks!
>
> Actually SRV creation is completely automatic. There are no manual
> intervention required whatsoever. There are simple rules to follow to make
> it work that are comprised of a series of simple configurations, settings
> and guidelines that must be in place in order for it work. So this tells me
> there are configuration problems in your infrastructure. Also what concerns
> me is you are saying that DNS is on a "different" computer. What computer is
> it on? Is the computer a domain controller?
>
> Mainly I see this if any machine (DC or client) is pointing to an ISPs or
> some other DNS server that doesn't host the AD zone name or have some sort
> of reference to it (secondary zone, stub zone, or conditional forwarder).
> Reason why, is AD stores it's resources and service locations in DNS in the
> form of SRV records (those folders with the underscore in them). They are
> used for a multitude of things, such as finding the domain when a client
> logons, domain replication from one DC to another, authentication, and more.
> To illustrate, if a client queried the external DNS for internal domain
> information, it will not be able to supply the info. Also, if there is a mix
> of internal and external DNS servers in ip properties, because of the way
> the resolver service works, mixed results will occur.
>
> Here is a summarized list of possible causes:
> 1. Single label name DNS domain name (extremely problematic).
> 2. SRV records missing (obviously due to mis-config)
> 3. Disjointed namespace.- AD domain name doesn't match the Primary DNS
> Suffix and/or the zone name.
> 4. Using an ISP's or some other DNS server that is not hosting the AD zone
> or that doesn't have a reference to it, in IP properties of the DCs and
> clients.
> 5. DHCP Client service disabled on the DCs (a required service even if
> statically configured)
> 6. DCs are possibly multihomed (more than one NIC not teamed - extremely
> problematic)
> 7. 3rd party firewalls blocking traffic between the DCs
> 8. Antivirus software blocking functionality
> 9. Antispyware blocking functionality
> 10. etc....
>
> Therefore it will be difficult to assist without seeing some configuration
> information. To better assist, we'll need some configuration information.
> Please post the following to better assist.
>
> 1. Unedited "ipconfig /all" of all three domain controllers.
> 2. The Active Directory DNS domain name (the FQDN) as it shows up in the
> ADUC console.
> 3. What type of server is DNS installed on?
> 4. The spelling of the zone name being used for AD in that other DNS server.
> 5. Any errors in the Event logs on the DC under System, Replication Service
> and Directory Services (post the Event ID# and Source names please)
> 6. Dcdiag /v /fix > c:\dcdiag.txt (post the dcdiag.txt as an attachment)
> 7. Netdiag /v /fix > c:\netdiag.txt (post the dcdiag.txt as an attachment)
>
> (Netdiag and Dcdiag are part of the Windows Support Tools available on the
> Windows CDROM.)
>
> Thank you,
>
>
> --
> Regards,
> Ace
>
> This posting is provided "AS-IS" with no warranties or guarantees and
> confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
> MVP Microsoft MVP - Directory Services
> Microsoft Certified Trainer
>
> For urgent issues, you may want to contact Microsoft PSS directly. Please
> check http://support.microsoft.com for regional support phone numbers.
>
> Infinite Diversities in Infinite Combinations
>
>
>

Herb Martin · 23-05-2008

"ulyses_96" <[email protected]> wrote in message
news:[email protected]...
> Thank you for your reply.
>
> the problems im encountering are on a subdomain of the main domain.
> the subdomain doesnt have it's own dns servers. all servers and clients
> point to the dns server which is running on our Main domain controllers.

Then they need to host the DYNAMIC Zone that corresponds to this
(sub) Domain.

While unusual for a different domain to hold your DNS servers it is
not impossible -- it is howeve a practical necessity to use DYNAMIC
DNS Zones for the AD domains and let the DCs register themselves.

> i did a dcdiagnose /test:dns from one of the domain controllers in teh
> subdomain and got this log. but it doesnt say how to fix it.
> im also getting replication errors etc.
>
>
>
> Directory Server Diagnosis
> Performing initial setup: Trying to find home server... Home Server
> =
> busfile2 * Identified AD Forest.
> Done gathering initial info.
> Doing initial required tests
> Testing server: Default-First-Site-Name\BUSFILE2 Starting test:
> Connectivity The host
> 6c74d3db-fdfe-495c-bc08-04ac54de49bd._msdcs.busad.mydomain.com
> could
> not be resolved to an IP address. Check the DNS server, DHCP,
> server
> name, etc. ......................... BUSFILE2 failed test
> Connectivity Doing primary tests
> Testing server: Default-First-Site-Name\BUSFILE2
> Starting test: DNS DNS Tests are running and not
> hung. Please wait a few minutes... .........................
> BUSFILE2 passed test DNS
> Running partition tests on : ForestDnsZones
> Running partition tests on : DomainDnsZones
> Running partition tests on : Schema
> Running partition tests on : Configuration
> Running partition tests on : busad
> Running enterprise tests on : busad.mydomain.com Starting test:
> DNS
> Test results for domain controllers:
> DC: busfile2.busad.mydomain.com Domain:
> busad.mydomain.com
> TEST: Basic (Basc)
> Error: No LDAP connectivity
> No host records (A or AAAA) were found for this DC
>
> TEST: Records registration (RReg)
> Network Adapter [00000006] Intel(R)
> 82566DC-2 Gigabit Network Connection: Warning:
> Missing CNAME record at DNS server 10.75.90.30:
>
> 6c74d3db-fdfe-495c-bc08-04ac54de49bd._msdcs.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.30:
> _ldap._tcp.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.30:
>
> _ldap._tcp.afaeada9-b590-42ff-ac5a-c548c083dee2.domains._msdcs.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.30:
> _kerberos._tcp.dc._msdcs.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.30:
> _ldap._tcp.dc._msdcs.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.30:
> _kerberos._tcp.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.30:
> _kerberos._udp.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.30:
> _kpasswd._tcp.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.30:
>
> _ldap._tcp.Default-First-Site-Name._sites.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.30:
>
> _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.30:
>
> _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.30:
>
> _kerberos._tcp.Default-First-Site-Name._sites.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.30:
> _ldap._tcp.gc._msdcs.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.30:
>
> _gc._tcp.Default-First-Site-Name._sites.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.30:
>
> _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.30:
> _ldap._tcp.pdc._msdcs.busad.mydomain.com
>
> Warning:
> Missing CNAME record at DNS server 10.75.90.31:
>
> 6c74d3db-fdfe-495c-bc08-04ac54de49bd._msdcs.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.31:
> _ldap._tcp.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.31:
>
> _ldap._tcp.afaeada9-b590-42ff-ac5a-c548c083dee2.domains._msdcs.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.31:
> _kerberos._tcp.dc._msdcs.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.31:
> _ldap._tcp.dc._msdcs.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.31:
> _kerberos._tcp.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.31:
> _kerberos._udp.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.31:
> _kpasswd._tcp.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.31:
>
> _ldap._tcp.Default-First-Site-Name._sites.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.31:
>
> _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.31:
>
> _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.31:
>
> _kerberos._tcp.Default-First-Site-Name._sites.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.31:
> _ldap._tcp.gc._msdcs.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.31:
>
> _gc._tcp.Default-First-Site-Name._sites.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.31:
>
> _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.busad.mydomain.com
>
> Warning:
> Missing SRV record at DNS server 10.75.90.31:
> _ldap._tcp.pdc._msdcs.busad.mydomain.com
>
> Error: Record registrations cannot be found for all the
> network adapters
> Summary of DNS test results:
> Auth Basc Forw Del Dyn RReg
> Ext
>
> _________________________________________________________________
> Domain: busad.mydomain.com busfile2
> PASS FAIL n/a n/a n/a FAIL n/a
>
> ......................... busad.mydomain.com failed test DNS
> --
> ulyses96
>
>
> "Ace Fekay [MVP]" wrote:
>
>> In news:[email protected],
>> ulyses_96 <[email protected]> typed:
>> > I am running active directory with 3 domain controllers
>> >
>> > busfile2 running 2008 and has RID and PDC roles
>> >
>> > busprint2 running 2003 has schema master domain master and
>> > infrastructure master roles
>> >
>> > busfile running 2003 . no roles
>> >
>> > lately i have had all kinds of problems. computers cant connect to
>> > shares, no replication in domain, i checked DNS ( which runs on a
>> > different computer ) and found SRV entries for busprint2 and busfile
>> >
>> > there are no entries for busfile2.
>> > Question: How can i re-create SRV entries in DNS for busfile2? ( i
>> > think this would solve my problem).
>> >
>> > any help welcomed! thanks!
>>
>> Actually SRV creation is completely automatic. There are no manual
>> intervention required whatsoever. There are simple rules to follow to
>> make
>> it work that are comprised of a series of simple configurations, settings
>> and guidelines that must be in place in order for it work. So this tells
>> me
>> there are configuration problems in your infrastructure. Also what
>> concerns
>> me is you are saying that DNS is on a "different" computer. What computer
>> is
>> it on? Is the computer a domain controller?
>>
>> Mainly I see this if any machine (DC or client) is pointing to an ISPs or
>> some other DNS server that doesn't host the AD zone name or have some
>> sort
>> of reference to it (secondary zone, stub zone, or conditional forwarder).
>> Reason why, is AD stores it's resources and service locations in DNS in
>> the
>> form of SRV records (those folders with the underscore in them). They are
>> used for a multitude of things, such as finding the domain when a client
>> logons, domain replication from one DC to another, authentication, and
>> more.
>> To illustrate, if a client queried the external DNS for internal domain
>> information, it will not be able to supply the info. Also, if there is a
>> mix
>> of internal and external DNS servers in ip properties, because of the way
>> the resolver service works, mixed results will occur.
>>
>> Here is a summarized list of possible causes:
>> 1. Single label name DNS domain name (extremely problematic).
>> 2. SRV records missing (obviously due to mis-config)
>> 3. Disjointed namespace.- AD domain name doesn't match the Primary DNS
>> Suffix and/or the zone name.
>> 4. Using an ISP's or some other DNS server that is not hosting the AD
>> zone
>> or that doesn't have a reference to it, in IP properties of the DCs and
>> clients.
>> 5. DHCP Client service disabled on the DCs (a required service even if
>> statically configured)
>> 6. DCs are possibly multihomed (more than one NIC not teamed - extremely
>> problematic)
>> 7. 3rd party firewalls blocking traffic between the DCs
>> 8. Antivirus software blocking functionality
>> 9. Antispyware blocking functionality
>> 10. etc....
>>
>> Therefore it will be difficult to assist without seeing some
>> configuration
>> information. To better assist, we'll need some configuration information.
>> Please post the following to better assist.
>>
>> 1. Unedited "ipconfig /all" of all three domain controllers.
>> 2. The Active Directory DNS domain name (the FQDN) as it shows up in the
>> ADUC console.
>> 3. What type of server is DNS installed on?
>> 4. The spelling of the zone name being used for AD in that other DNS
>> server.
>> 5. Any errors in the Event logs on the DC under System, Replication
>> Service
>> and Directory Services (post the Event ID# and Source names please)
>> 6. Dcdiag /v /fix > c:\dcdiag.txt (post the dcdiag.txt as an attachment)
>> 7. Netdiag /v /fix > c:\netdiag.txt (post the dcdiag.txt as an
>> attachment)
>>
>> (Netdiag and Dcdiag are part of the Windows Support Tools available on
>> the
>> Windows CDROM.)
>>
>> Thank you,
>>
>>
>> --
>> Regards,
>> Ace
>>
>> This posting is provided "AS-IS" with no warranties or guarantees and
>> confers no rights.
>>
>> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
>> MVP Microsoft MVP - Directory Services
>> Microsoft Certified Trainer
>>
>> For urgent issues, you may want to contact Microsoft PSS directly. Please
>> check http://support.microsoft.com for regional support phone numbers.
>>
>> Infinite Diversities in Infinite Combinations
>>
>>
>>

Ace Fekay [MVP] · 24-05-2008

In news:[email protected],
ulyses_96 <[email protected]> typed:
> Thank you for your reply.
>
> the problems im encountering are on a subdomain of the main domain.
> the subdomain doesnt have it's own dns servers. all servers and
> clients point to the dns server which is running on our Main domain
> controllers.
> i did a dcdiagnose /test:dns from one of the domain controllers in teh
> subdomain and got this log. but it doesnt say how to fix it.
> im also getting replication errors etc.

Thank you for the dcdiag output. This is telling me more than likely name
resolution is not working and/or connectivity is being blocked.

Dcdiag will NOT tell you how to fix it. It is a status reporting tool to
help diagnose issues.

So you are saying that the child DCs are pointed ONLY to the parent DC/DNS
server(s)?

Is there a firewall between the child domain and the parent domain?

What Event log errors (post all of them including the EventID# and Source
names please).
Please post the following as well to get a better handle of your
infrastructure config:

1. Unedited ipconfig /all from two of your DCs in the child and two DCs in
the parent.
2. The exact zone name spellng in DNS in the parent and whether updates are
allowed on the zone.
3. Does the child domain name show up as a folder under the parent domain
name in DNS?
4. The AD DNS domain name as it shows up in ADUC on the parent and the child
DCs.
5. If the SRV records exist under the parent zone.
6. Any errors in the Event logs on the DC under System, Replication Service
and Directory Services (post the Event ID# and Source names please)
7. Dcdiag /v /fix > c:\dcdiag.txt (post the dcdiag.txt as an attachment)
8. Netdiag /v /fix > c:\netdiag.txt (post the dcdiag.txt as an attachment)
9. More than one subnet? If so, describe the connectivity and components
(firewall, VPN, T1, ADSL, SDSL, cable, FIOS, dialup, etc etc)
10. Forwarder(s) configured?

Ace