Cannot access ADUC on DC

Hi,
I have a customer with a small setup between two sites. I got a call
this morning saying they cannot access any network shares on the server
at one site (both Serer 2003). I was unable to RDP to the server either
as it will not authenticate the administrator user. Onsite today and
luckily the console isn't locked so I tried to access aduc from there
and get the message:
naming information cannot be located for the following reason server is
not operational. Looking about the internet points to dns problems but
all look good there, however there are numerous 4000,4007,4015 entries
in the event log of dns stating check AD is functioning and reload the zone.
The server at the other site seems fine.
Any ideas how to progress on this, I didn't want to reboot this server
in case I was unable to login after.
I normally only deal with SBS and have never come across this issue before.
Thanks for any replies.
Simon

Hello Simon,

Make sure DNS on all NICs is only configured to use domain internal DNS servers.
Please post an unedited ipconfig /all from the DC/DNS servers, so we can
exclude this.

Also run the support tools dcdiag /v, netdiag /v to check for errors.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hi,
> I have a customer with a small setup between two sites. I got a call
> this morning saying they cannot access any network shares on the
> server
> at one site (both Serer 2003). I was unable to RDP to the server
> either
> as it will not authenticate the administrator user. Onsite today and
> luckily the console isn't locked so I tried to access aduc from there
> and get the message:
> naming information cannot be located for the following reason server
> is
> not operational. Looking about the internet points to dns problems but
> all look good there, however there are numerous 4000,4007,4015 entries
> in the event log of dns stating check AD is functioning and reload the
> zone.
> The server at the other site seems fine.
> Any ideas how to progress on this, I didn't want to reboot this server
> in case I was unable to login after.
> I normally only deal with SBS and have never come across this issue
> before.
> Thanks for any replies.
> Simo

Hi Meinholf

Thanks for the reply, I'm not on site now but can confirm that ipconfig
/all showed only this server and also the server at the other location
as dns servers. The server didn't have those tools installed so I
couldn't run them, I'll be back onsite tomorrow with my server CDs to
install these. Luckily the main app is sql and this is still running fine.
Simon

Meinolf Weber [MVP-DS] wrote:
> Hello Simon,
>
> Make sure DNS on all NICs is only configured to use domain internal DNS
> servers. Please post an unedited ipconfig /all from the DC/DNS servers,
> so we can exclude this.
>
> Also run the support tools dcdiag /v, netdiag /v to check for errors.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>> Hi,
>> I have a customer with a small setup between two sites. I got a call
>> this morning saying they cannot access any network shares on the
>> server
>> at one site (both Serer 2003). I was unable to RDP to the server
>> either
>> as it will not authenticate the administrator user. Onsite today and
>> luckily the console isn't locked so I tried to access aduc from there
>> and get the message:
>> naming information cannot be located for the following reason server
>> is
>> not operational. Looking about the internet points to dns problems but
>> all look good there, however there are numerous 4000,4007,4015 entries
>> in the event log of dns stating check AD is functioning and reload the
>> zone.
>> The server at the other site seems fine.
>> Any ideas how to progress on this, I didn't want to reboot this server
>> in case I was unable to login after.
>> I normally only deal with SBS and have never come across this issue
>> before.
>> Thanks for any replies.
>> Simon
>
>

Hello Simon,

Running applications like SQL or Exchange on DCs is not recommended. DCs
should only do there basic job, AD/DNS/GC and maybe DHCP if no member server
exists.

Make sure that the DNS servers are not forwarding to themself, forwarders
should be configured to the ISPs DNS server. Also if not done create a reverse
lookup zone.

Additional see:
http://www.eventid.net/display.asp?e...ce=DNS&phase=1

http://www.eventid.net/display.asp?e...ce=DNS&phase=1

http://www.eventid.net/display.asp?e...ce=DNS&phase=1

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hi Meinholf
>
> Thanks for the reply, I'm not on site now but can confirm that
> ipconfig
> /all showed only this server and also the server at the other location
> as dns servers. The server didn't have those tools installed so I
> couldn't run them, I'll be back onsite tomorrow with my server CDs to
> install these. Luckily the main app is sql and this is still running
> fine.
> Simon
> Meinolf Weber [MVP-DS] wrote:
>
>> Hello Simon,
>>
>> Make sure DNS on all NICs is only configured to use domain internal
>> DNS servers. Please post an unedited ipconfig /all from the DC/DNS
>> servers, so we can exclude this.
>>
>> Also run the support tools dcdiag /v, netdiag /v to check for errors.
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>> Hi,
>>> I have a customer with a small setup between two sites. I got a call
>>> this morning saying they cannot access any network shares on the
>>> server
>>> at one site (both Serer 2003). I was unable to RDP to the server
>>> either
>>> as it will not authenticate the administrator user. Onsite today and
>>> luckily the console isn't locked so I tried to access aduc from
>>> there
>>> and get the message:
>>> naming information cannot be located for the following reason server
>>> is
>>> not operational. Looking about the internet points to dns problems
>>> but
>>> all look good there, however there are numerous 4000,4007,4015
>>> entries
>>> in the event log of dns stating check AD is functioning and reload
>>> the
>>> zone.
>>> The server at the other site seems fine.
>>> Any ideas how to progress on this, I didn't want to reboot this
>>> server
>>> in case I was unable to login after.
>>> I normally only deal with SBS and have never come across this issue
>>> before.
>>> Thanks for any replies.
>>> Simo

Hi Meinolf,

Thanks again. This is a customer I inherited and never installed this
system. Not only is the DC used for sql etc it's also used as a
workstation by a vet in the practise where it is. I have told them many
times about this. I wouldn't allow one of my SBS sites to use their
server for anything but SBS related functions. I'll check out on those
links when I am onsite in the morning.
The system has been running for a couple of years as is so I am confused
why this issue would occur now.
Regards
Simon

Meinolf Weber [MVP-DS] wrote:
> Hello Simon,
>
> Running applications like SQL or Exchange on DCs is not recommended. DCs
> should only do there basic job, AD/DNS/GC and maybe DHCP if no member
> server exists.
>
> Make sure that the DNS servers are not forwarding to themself,
> forwarders should be configured to the ISPs DNS server. Also if not done
> create a reverse lookup zone.
>
> Additional see:
> http://www.eventid.net/display.asp?e...ce=DNS&phase=1
>
>
> http://www.eventid.net/display.asp?e...ce=DNS&phase=1
>
>
> http://www.eventid.net/display.asp?e...ce=DNS&phase=1
>
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>> Hi Meinholf
>>
>> Thanks for the reply, I'm not on site now but can confirm that
>> ipconfig
>> /all showed only this server and also the server at the other location
>> as dns servers. The server didn't have those tools installed so I
>> couldn't run them, I'll be back onsite tomorrow with my server CDs to
>> install these. Luckily the main app is sql and this is still running
>> fine.
>> Simon
>> Meinolf Weber [MVP-DS] wrote:
>>
>>> Hello Simon,
>>>
>>> Make sure DNS on all NICs is only configured to use domain internal
>>> DNS servers. Please post an unedited ipconfig /all from the DC/DNS
>>> servers, so we can exclude this.
>>>
>>> Also run the support tools dcdiag /v, netdiag /v to check for errors.
>>>
>>> Best regards
>>>
>>> Meinolf Weber
>>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>>> confers no rights.
>>> ** Please do NOT email, only reply to Newsgroups
>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>>> Hi,
>>>> I have a customer with a small setup between two sites. I got a call
>>>> this morning saying they cannot access any network shares on the
>>>> server
>>>> at one site (both Serer 2003). I was unable to RDP to the server
>>>> either
>>>> as it will not authenticate the administrator user. Onsite today and
>>>> luckily the console isn't locked so I tried to access aduc from
>>>> there
>>>> and get the message:
>>>> naming information cannot be located for the following reason server
>>>> is
>>>> not operational. Looking about the internet points to dns problems
>>>> but
>>>> all look good there, however there are numerous 4000,4007,4015
>>>> entries
>>>> in the event log of dns stating check AD is functioning and reload
>>>> the
>>>> zone.
>>>> The server at the other site seems fine.
>>>> Any ideas how to progress on this, I didn't want to reboot this
>>>> server
>>>> in case I was unable to login after.
>>>> I normally only deal with SBS and have never come across this issue
>>>> before.
>>>> Thanks for any replies.
>>>> Simon
>
>

Hi,

I've been onsite again and got the tools installed, but ran out of time
on the server before consulting time began (yes I know using a server as
a workstation) I checked out the DC at the other location and this has
entries in the forward dns zone but nothing in the problem server ?
I can't get onto the server again until later tonight, although I have
remote access to it now as I installed VNC as rdp won't authenticate.
Thanks
Simon

Simon wrote:
> Hi Meinolf,
>
> Thanks again. This is a customer I inherited and never installed this
> system. Not only is the DC used for sql etc it's also used as a
> workstation by a vet in the practise where it is. I have told them many
> times about this. I wouldn't allow one of my SBS sites to use their
> server for anything but SBS related functions. I'll check out on those
> links when I am onsite in the morning.
> The system has been running for a couple of years as is so I am confused
> why this issue would occur now.
> Regards
> Simon
>
> Meinolf Weber [MVP-DS] wrote:
>> Hello Simon,
>>
>> Running applications like SQL or Exchange on DCs is not recommended.
>> DCs should only do there basic job, AD/DNS/GC and maybe DHCP if no
>> member server exists.
>>
>> Make sure that the DNS servers are not forwarding to themself,
>> forwarders should be configured to the ISPs DNS server. Also if not
>> done create a reverse lookup zone.
>>
>> Additional see:
>> http://www.eventid.net/display.asp?e...ce=DNS&phase=1
>>
>>
>> http://www.eventid.net/display.asp?e...ce=DNS&phase=1
>>
>>
>> http://www.eventid.net/display.asp?e...ce=DNS&phase=1
>>
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>
>>> Hi Meinholf
>>>
>>> Thanks for the reply, I'm not on site now but can confirm that
>>> ipconfig
>>> /all showed only this server and also the server at the other location
>>> as dns servers. The server didn't have those tools installed so I
>>> couldn't run them, I'll be back onsite tomorrow with my server CDs to
>>> install these. Luckily the main app is sql and this is still running
>>> fine.
>>> Simon
>>> Meinolf Weber [MVP-DS] wrote:
>>>
>>>> Hello Simon,
>>>>
>>>> Make sure DNS on all NICs is only configured to use domain internal
>>>> DNS servers. Please post an unedited ipconfig /all from the DC/DNS
>>>> servers, so we can exclude this.
>>>>
>>>> Also run the support tools dcdiag /v, netdiag /v to check for errors.
>>>>
>>>> Best regards
>>>>
>>>> Meinolf Weber
>>>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>>>> confers no rights.
>>>> ** Please do NOT email, only reply to Newsgroups
>>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>> Hi,
>>>>> I have a customer with a small setup between two sites. I got a call
>>>>> this morning saying they cannot access any network shares on the
>>>>> server
>>>>> at one site (both Serer 2003). I was unable to RDP to the server
>>>>> either
>>>>> as it will not authenticate the administrator user. Onsite today and
>>>>> luckily the console isn't locked so I tried to access aduc from
>>>>> there
>>>>> and get the message:
>>>>> naming information cannot be located for the following reason server
>>>>> is
>>>>> not operational. Looking about the internet points to dns problems
>>>>> but
>>>>> all look good there, however there are numerous 4000,4007,4015
>>>>> entries
>>>>> in the event log of dns stating check AD is functioning and reload
>>>>> the
>>>>> zone.
>>>>> The server at the other site seems fine.
>>>>> Any ideas how to progress on this, I didn't want to reboot this
>>>>> server
>>>>> in case I was unable to login after.
>>>>> I normally only deal with SBS and have never come across this issue
>>>>> before.
>>>>> Thanks for any replies.
>>>>> Simon
>>
>>

Hello Simon,

What kind of DNS zones are configured on the main site or is that one complete
empty now in forward lookup zone? Which kind of zone is used on the second
DNS server?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hi,
>
> I've been onsite again and got the tools installed, but ran out of
> time
> on the server before consulting time began (yes I know using a server
> as
> a workstation) I checked out the DC at the other location and this has
> entries in the forward dns zone but nothing in the problem server ?
> I can't get onto the server again until later tonight, although I have
> remote access to it now as I installed VNC as rdp won't authenticate.
> Thanks
> Simon
> Simon wrote:
>
>> Hi Meinolf,
>>
>> Thanks again. This is a customer I inherited and never installed this
>> system. Not only is the DC used for sql etc it's also used as a
>> workstation by a vet in the practise where it is. I have told them
>> many
>> times about this. I wouldn't allow one of my SBS sites to use their
>> server for anything but SBS related functions. I'll check out on
>> those
>> links when I am onsite in the morning.
>> The system has been running for a couple of years as is so I am
>> confused
>> why this issue would occur now.
>> Regards
>> Simon
>> Meinolf Weber [MVP-DS] wrote:
>>
>>> Hello Simon,
>>>
>>> Running applications like SQL or Exchange on DCs is not recommended.
>>> DCs should only do there basic job, AD/DNS/GC and maybe DHCP if no
>>> member server exists.
>>>
>>> Make sure that the DNS servers are not forwarding to themself,
>>> forwarders should be configured to the ISPs DNS server. Also if not
>>> done create a reverse lookup zone.
>>>
>>> Additional see:
>>> http://www.eventid.net/display.asp?e...o=296&source=D
>>> NS&phase=1
>>> http://www.eventid.net/display.asp?e...o=4280&source=
>>> DNS&phase=1
>>>
>>> http://www.eventid.net/display.asp?e...o=333&source=D
>>> NS&phase=1
>>>
>>> Best regards
>>>
>>> Meinolf Weber
>>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>>> confers no rights.
>>> ** Please do NOT email, only reply to Newsgroups
>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>>> Hi Meinholf
>>>>
>>>> Thanks for the reply, I'm not on site now but can confirm that
>>>> ipconfig
>>>> /all showed only this server and also the server at the other
>>>> location
>>>> as dns servers. The server didn't have those tools installed so I
>>>> couldn't run them, I'll be back onsite tomorrow with my server CDs
>>>> to
>>>> install these. Luckily the main app is sql and this is still
>>>> running
>>>> fine.
>>>> Simon
>>>> Meinolf Weber [MVP-DS] wrote:
>>>>> Hello Simon,
>>>>>
>>>>> Make sure DNS on all NICs is only configured to use domain
>>>>> internal DNS servers. Please post an unedited ipconfig /all from
>>>>> the DC/DNS servers, so we can exclude this.
>>>>>
>>>>> Also run the support tools dcdiag /v, netdiag /v to check for
>>>>> errors.
>>>>>
>>>>> Best regards
>>>>>
>>>>> Meinolf Weber
>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>>> and
>>>>> confers no rights.
>>>>> ** Please do NOT email, only reply to Newsgroups
>>>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>>> Hi,
>>>>>> I have a customer with a small setup between two sites. I got a
>>>>>> call
>>>>>> this morning saying they cannot access any network shares on the
>>>>>> server
>>>>>> at one site (both Serer 2003). I was unable to RDP to the server
>>>>>> either
>>>>>> as it will not authenticate the administrator user. Onsite today
>>>>>> and
>>>>>> luckily the console isn't locked so I tried to access aduc from
>>>>>> there
>>>>>> and get the message:
>>>>>> naming information cannot be located for the following reason
>>>>>> server
>>>>>> is
>>>>>> not operational. Looking about the internet points to dns
>>>>>> problems
>>>>>> but
>>>>>> all look good there, however there are numerous 4000,4007,4015
>>>>>> entries
>>>>>> in the event log of dns stating check AD is functioning and
>>>>>> reload
>>>>>> the
>>>>>> zone.
>>>>>> The server at the other site seems fine.
>>>>>> Any ideas how to progress on this, I didn't want to reboot this
>>>>>> server
>>>>>> in case I was unable to login after.
>>>>>> I normally only deal with SBS and have never come across this
>>>>>> issue
>>>>>> before.
>>>>>> Thanks for any replies.
>>>>>> Simon

Hi The site working has 2 forward zones:

_msdcs.internal.castlevetsltd.co.uk
and
internal.castlevetsltd.co.uk

Whereas the failing site has no entries at all.

Thanks Simon
Meinolf Weber [MVP-DS] wrote:
> Hello Simon,
>
> What kind of DNS zones are configured on the main site or is that one
> complete empty now in forward lookup zone? Which kind of zone is used on
> the second DNS server?
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>> Hi,
>>
>> I've been onsite again and got the tools installed, but ran out of
>> time
>> on the server before consulting time began (yes I know using a server
>> as
>> a workstation) I checked out the DC at the other location and this has
>> entries in the forward dns zone but nothing in the problem server ?
>> I can't get onto the server again until later tonight, although I have
>> remote access to it now as I installed VNC as rdp won't authenticate.
>> Thanks
>> Simon
>> Simon wrote:
>>
>>> Hi Meinolf,
>>>
>>> Thanks again. This is a customer I inherited and never installed this
>>> system. Not only is the DC used for sql etc it's also used as a
>>> workstation by a vet in the practise where it is. I have told them
>>> many
>>> times about this. I wouldn't allow one of my SBS sites to use their
>>> server for anything but SBS related functions. I'll check out on
>>> those
>>> links when I am onsite in the morning.
>>> The system has been running for a couple of years as is so I am
>>> confused
>>> why this issue would occur now.
>>> Regards
>>> Simon
>>> Meinolf Weber [MVP-DS] wrote:
>>>
>>>> Hello Simon,
>>>>
>>>> Running applications like SQL or Exchange on DCs is not recommended.
>>>> DCs should only do there basic job, AD/DNS/GC and maybe DHCP if no
>>>> member server exists.
>>>>
>>>> Make sure that the DNS servers are not forwarding to themself,
>>>> forwarders should be configured to the ISPs DNS server. Also if not
>>>> done create a reverse lookup zone.
>>>>
>>>> Additional see:
>>>> http://www.eventid.net/display.asp?e...o=296&source=D
>>>> NS&phase=1
>>>> http://www.eventid.net/display.asp?e...o=4280&source=
>>>> DNS&phase=1
>>>>
>>>> http://www.eventid.net/display.asp?e...o=333&source=D
>>>> NS&phase=1
>>>>
>>>> Best regards
>>>>
>>>> Meinolf Weber
>>>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>>>> confers no rights.
>>>> ** Please do NOT email, only reply to Newsgroups
>>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>> Hi Meinholf
>>>>>
>>>>> Thanks for the reply, I'm not on site now but can confirm that
>>>>> ipconfig
>>>>> /all showed only this server and also the server at the other
>>>>> location
>>>>> as dns servers. The server didn't have those tools installed so I
>>>>> couldn't run them, I'll be back onsite tomorrow with my server CDs
>>>>> to
>>>>> install these. Luckily the main app is sql and this is still
>>>>> running
>>>>> fine.
>>>>> Simon
>>>>> Meinolf Weber [MVP-DS] wrote:
>>>>>> Hello Simon,
>>>>>>
>>>>>> Make sure DNS on all NICs is only configured to use domain
>>>>>> internal DNS servers. Please post an unedited ipconfig /all from
>>>>>> the DC/DNS servers, so we can exclude this.
>>>>>>
>>>>>> Also run the support tools dcdiag /v, netdiag /v to check for
>>>>>> errors.
>>>>>>
>>>>>> Best regards
>>>>>>
>>>>>> Meinolf Weber
>>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>>>> and
>>>>>> confers no rights.
>>>>>> ** Please do NOT email, only reply to Newsgroups
>>>>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>>>> Hi,
>>>>>>> I have a customer with a small setup between two sites. I got a
>>>>>>> call
>>>>>>> this morning saying they cannot access any network shares on the
>>>>>>> server
>>>>>>> at one site (both Serer 2003). I was unable to RDP to the server
>>>>>>> either
>>>>>>> as it will not authenticate the administrator user. Onsite today
>>>>>>> and
>>>>>>> luckily the console isn't locked so I tried to access aduc from
>>>>>>> there
>>>>>>> and get the message:
>>>>>>> naming information cannot be located for the following reason
>>>>>>> server
>>>>>>> is
>>>>>>> not operational. Looking about the internet points to dns
>>>>>>> problems
>>>>>>> but
>>>>>>> all look good there, however there are numerous 4000,4007,4015
>>>>>>> entries
>>>>>>> in the event log of dns stating check AD is functioning and
>>>>>>> reload
>>>>>>> the
>>>>>>> zone.
>>>>>>> The server at the other site seems fine.
>>>>>>> Any ideas how to progress on this, I didn't want to reboot this
>>>>>>> server
>>>>>>> in case I was unable to login after.
>>>>>>> I normally only deal with SBS and have never come across this
>>>>>>> issue
>>>>>>> before.
>>>>>>> Thanks for any replies.
>>>>>>> Simon
>
>

Hello Simon,

Please post an unedited ipconfig /all form both machines. Also run repadmin
/showrepl and post the output here. Do you use AD integrated zones?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hi The site working has 2 forward zones:
>
> _msdcs.internal.castlevetsltd.co.uk
> and
> internal.castlevetsltd.co.uk
> Whereas the failing site has no entries at all.
>
> Thanks Simon
> Meinolf Weber [MVP-DS] wrote:
>> Hello Simon,
>>
>> What kind of DNS zones are configured on the main site or is that one
>> complete empty now in forward lookup zone? Which kind of zone is used
>> on the second DNS server?
>>
>> Best regards
>>
>> Meinolf Weber
>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>> confers no rights.
>> ** Please do NOT email, only reply to Newsgroups
>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>> Hi,
>>>
>>> I've been onsite again and got the tools installed, but ran out of
>>> time
>>> on the server before consulting time began (yes I know using a
>>> server
>>> as
>>> a workstation) I checked out the DC at the other location and this
>>> has
>>> entries in the forward dns zone but nothing in the problem server ?
>>> I can't get onto the server again until later tonight, although I
>>> have
>>> remote access to it now as I installed VNC as rdp won't
>>> authenticate.
>>> Thanks
>>> Simon
>>> Simon wrote:
>>>> Hi Meinolf,
>>>>
>>>> Thanks again. This is a customer I inherited and never installed
>>>> this
>>>> system. Not only is the DC used for sql etc it's also used as a
>>>> workstation by a vet in the practise where it is. I have told them
>>>> many
>>>> times about this. I wouldn't allow one of my SBS sites to use their
>>>> server for anything but SBS related functions. I'll check out on
>>>> those
>>>> links when I am onsite in the morning.
>>>> The system has been running for a couple of years as is so I am
>>>> confused
>>>> why this issue would occur now.
>>>> Regards
>>>> Simon
>>>> Meinolf Weber [MVP-DS] wrote:
>>>>> Hello Simon,
>>>>>
>>>>> Running applications like SQL or Exchange on DCs is not
>>>>> recommended. DCs should only do there basic job, AD/DNS/GC and
>>>>> maybe DHCP if no member server exists.
>>>>>
>>>>> Make sure that the DNS servers are not forwarding to themself,
>>>>> forwarders should be configured to the ISPs DNS server. Also if
>>>>> not done create a reverse lookup zone.
>>>>>
>>>>> Additional see:
>>>>> http://www.eventid.net/display.asp?e...tno=296&source
>>>>> =D NS&phase=1
>>>>> http://www.eventid.net/display.asp?e...tno=4280&sourc
>>>>> e= DNS&phase=1
>>>>>
>>>>> http://www.eventid.net/display.asp?e...tno=333&source
>>>>> =D NS&phase=1
>>>>>
>>>>> Best regards
>>>>>
>>>>> Meinolf Weber
>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>>> and
>>>>> confers no rights.
>>>>> ** Please do NOT email, only reply to Newsgroups
>>>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>>> Hi Meinholf
>>>>>>
>>>>>> Thanks for the reply, I'm not on site now but can confirm that
>>>>>> ipconfig
>>>>>> /all showed only this server and also the server at the other
>>>>>> location
>>>>>> as dns servers. The server didn't have those tools installed so I
>>>>>> couldn't run them, I'll be back onsite tomorrow with my server
>>>>>> CDs
>>>>>> to
>>>>>> install these. Luckily the main app is sql and this is still
>>>>>> running
>>>>>> fine.
>>>>>> Simon
>>>>>> Meinolf Weber [MVP-DS] wrote:
>>>>>>> Hello Simon,
>>>>>>>
>>>>>>> Make sure DNS on all NICs is only configured to use domain
>>>>>>> internal DNS servers. Please post an unedited ipconfig /all from
>>>>>>> the DC/DNS servers, so we can exclude this.
>>>>>>>
>>>>>>> Also run the support tools dcdiag /v, netdiag /v to check for
>>>>>>> errors.
>>>>>>>
>>>>>>> Best regards
>>>>>>>
>>>>>>> Meinolf Weber
>>>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>>>>> and
>>>>>>> confers no rights.
>>>>>>> ** Please do NOT email, only reply to Newsgroups
>>>>>>> ** HELP us help YOU!!!
>>>>>>> http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>>>>> Hi,
>>>>>>>> I have a customer with a small setup between two sites. I got a
>>>>>>>> call
>>>>>>>> this morning saying they cannot access any network shares on
>>>>>>>> the
>>>>>>>> server
>>>>>>>> at one site (both Serer 2003). I was unable to RDP to the
>>>>>>>> server
>>>>>>>> either
>>>>>>>> as it will not authenticate the administrator user. Onsite
>>>>>>>> today
>>>>>>>> and
>>>>>>>> luckily the console isn't locked so I tried to access aduc from
>>>>>>>> there
>>>>>>>> and get the message:
>>>>>>>> naming information cannot be located for the following reason
>>>>>>>> server
>>>>>>>> is
>>>>>>>> not operational. Looking about the internet points to dns
>>>>>>>> problems
>>>>>>>> but
>>>>>>>> all look good there, however there are numerous 4000,4007,4015
>>>>>>>> entries
>>>>>>>> in the event log of dns stating check AD is functioning and
>>>>>>>> reload
>>>>>>>> the
>>>>>>>> zone.
>>>>>>>> The server at the other site seems fine.
>>>>>>>> Any ideas how to progress on this, I didn't want to reboot this
>>>>>>>> server
>>>>>>>> in case I was unable to login after.
>>>>>>>> I normally only deal with SBS and have never come across this
>>>>>>>> issue
>>>>>>>> before.
>>>>>>>> Thanks for any replies.
>>>>>>>> Simon

Hi,
I hae another problem now, the serer screen is locked and not accepting
logins. What are my options now ? I will be onsite tomorrow morning.
Thanks
Simon
Meinolf Weber [MVP-DS] wrote:
> Hello Simon,
>
> Please post an unedited ipconfig /all form both machines. Also run
> repadmin /showrepl and post the output here. Do you use AD integrated
> zones?
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
>> Hi The site working has 2 forward zones:
>>
>> _msdcs.internal.castlevetsltd.co.uk
>> and
>> internal.castlevetsltd.co.uk
>> Whereas the failing site has no entries at all.
>>
>> Thanks Simon
>> Meinolf Weber [MVP-DS] wrote:
>>> Hello Simon,
>>>
>>> What kind of DNS zones are configured on the main site or is that one
>>> complete empty now in forward lookup zone? Which kind of zone is used
>>> on the second DNS server?
>>>
>>> Best regards
>>>
>>> Meinolf Weber
>>> Disclaimer: This posting is provided "AS IS" with no warranties, and
>>> confers no rights.
>>> ** Please do NOT email, only reply to Newsgroups
>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>>> Hi,
>>>>
>>>> I've been onsite again and got the tools installed, but ran out of
>>>> time
>>>> on the server before consulting time began (yes I know using a
>>>> server
>>>> as
>>>> a workstation) I checked out the DC at the other location and this
>>>> has
>>>> entries in the forward dns zone but nothing in the problem server ?
>>>> I can't get onto the server again until later tonight, although I
>>>> have
>>>> remote access to it now as I installed VNC as rdp won't
>>>> authenticate.
>>>> Thanks
>>>> Simon
>>>> Simon wrote:
>>>>> Hi Meinolf,
>>>>>
>>>>> Thanks again. This is a customer I inherited and never installed
>>>>> this
>>>>> system. Not only is the DC used for sql etc it's also used as a
>>>>> workstation by a vet in the practise where it is. I have told them
>>>>> many
>>>>> times about this. I wouldn't allow one of my SBS sites to use their
>>>>> server for anything but SBS related functions. I'll check out on
>>>>> those
>>>>> links when I am onsite in the morning.
>>>>> The system has been running for a couple of years as is so I am
>>>>> confused
>>>>> why this issue would occur now.
>>>>> Regards
>>>>> Simon
>>>>> Meinolf Weber [MVP-DS] wrote:
>>>>>> Hello Simon,
>>>>>>
>>>>>> Running applications like SQL or Exchange on DCs is not
>>>>>> recommended. DCs should only do there basic job, AD/DNS/GC and
>>>>>> maybe DHCP if no member server exists.
>>>>>>
>>>>>> Make sure that the DNS servers are not forwarding to themself,
>>>>>> forwarders should be configured to the ISPs DNS server. Also if
>>>>>> not done create a reverse lookup zone.
>>>>>>
>>>>>> Additional see:
>>>>>> http://www.eventid.net/display.asp?e...tno=296&source
>>>>>> =D NS&phase=1
>>>>>> http://www.eventid.net/display.asp?e...tno=4280&sourc
>>>>>> e= DNS&phase=1
>>>>>>
>>>>>> http://www.eventid.net/display.asp?e...tno=333&source
>>>>>> =D NS&phase=1
>>>>>>
>>>>>> Best regards
>>>>>>
>>>>>> Meinolf Weber
>>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>>>> and
>>>>>> confers no rights.
>>>>>> ** Please do NOT email, only reply to Newsgroups
>>>>>> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>>>> Hi Meinholf
>>>>>>>
>>>>>>> Thanks for the reply, I'm not on site now but can confirm that
>>>>>>> ipconfig
>>>>>>> /all showed only this server and also the server at the other
>>>>>>> location
>>>>>>> as dns servers. The server didn't have those tools installed so I
>>>>>>> couldn't run them, I'll be back onsite tomorrow with my server
>>>>>>> CDs
>>>>>>> to
>>>>>>> install these. Luckily the main app is sql and this is still
>>>>>>> running
>>>>>>> fine.
>>>>>>> Simon
>>>>>>> Meinolf Weber [MVP-DS] wrote:
>>>>>>>> Hello Simon,
>>>>>>>>
>>>>>>>> Make sure DNS on all NICs is only configured to use domain
>>>>>>>> internal DNS servers. Please post an unedited ipconfig /all from
>>>>>>>> the DC/DNS servers, so we can exclude this.
>>>>>>>>
>>>>>>>> Also run the support tools dcdiag /v, netdiag /v to check for
>>>>>>>> errors.
>>>>>>>>
>>>>>>>> Best regards
>>>>>>>>
>>>>>>>> Meinolf Weber
>>>>>>>> Disclaimer: This posting is provided "AS IS" with no warranties,
>>>>>>>> and
>>>>>>>> confers no rights.
>>>>>>>> ** Please do NOT email, only reply to Newsgroups
>>>>>>>> ** HELP us help YOU!!!
>>>>>>>> http://www.blakjak.demon.co.uk/mul_crss.htm
>>>>>>>>> Hi,
>>>>>>>>> I have a customer with a small setup between two sites. I got a
>>>>>>>>> call
>>>>>>>>> this morning saying they cannot access any network shares on
>>>>>>>>> the
>>>>>>>>> server
>>>>>>>>> at one site (both Serer 2003). I was unable to RDP to the
>>>>>>>>> server
>>>>>>>>> either
>>>>>>>>> as it will not authenticate the administrator user. Onsite
>>>>>>>>> today
>>>>>>>>> and
>>>>>>>>> luckily the console isn't locked so I tried to access aduc from
>>>>>>>>> there
>>>>>>>>> and get the message:
>>>>>>>>> naming information cannot be located for the following reason
>>>>>>>>> server
>>>>>>>>> is
>>>>>>>>> not operational. Looking about the internet points to dns
>>>>>>>>> problems
>>>>>>>>> but
>>>>>>>>> all look good there, however there are numerous 4000,4007,4015
>>>>>>>>> entries
>>>>>>>>> in the event log of dns stating check AD is functioning and
>>>>>>>>> reload
>>>>>>>>> the
>>>>>>>>> zone.
>>>>>>>>> The server at the other site seems fine.
>>>>>>>>> Any ideas how to progress on this, I didn't want to reboot this
>>>>>>>>> server
>>>>>>>>> in case I was unable to login after.
>>>>>>>>> I normally only deal with SBS and have never come across this
>>>>>>>>> issue
>>>>>>>>> before.
>>>>>>>>> Thanks for any replies.
>>>>>>>>> Simon
>
>