2nd Domain in a 2 domain forest cannot be contacted

Discussion in 'DNS Server' started by David Alge, Jan 9, 2010.


  1. As stated in my blog, the one that starts with "CNF..." is a conflicting
    zone and has to be deleted.

    Delete the non-existent server entries and reference the existing servers.
    This can be done in the DNS console, Name servers tab, which is easier than
    doing it in ADSI Edit.

    As far as the referral error, did you create the ForestDnsZones partition?

    Ace
     
    Ace Fekay [MVP-DS, MCT], Jan 17, 2010
    #21
    1. Advertisements

  2. David Alge

    David Alge Guest

    I went through ADSIEdit and tried to edit the DC values as QPISRV1 is
    not a DC, it might have been at some time prior to my employment with
    the company, but would not allow me to do so. It said the object was
    owned by the system. I tried both the enterprise admin and my account
    (member of qualitest domain admins and dnsadmins groups). I could not
    see anything referencing QPISRV1 or the other servers still listed in
    ADSIEdit under the name servers tab in properties of the reverse dns
    zone. I went throught the name servers tab this morning and removed
    some invalid entries and added any missing DC's.
    No I didn't prior to my post. I did attempt after receiving your
    message and it would not allow me, saying the partition already
    exists. Googling the error, I found something on Experts Exchange that
    looked similar. I see the following when using ADSIEdit under
    configuration:

    CN=06e7e5a9-133a-4834-bd98-9a40d00e905b
    DC=DomainDNSZones,DC=Vintagerx, DC=com

    CN=97847cfe-7e13-464f-a1d1-94bb60f36bfc
    DC=ForestDNSZones,Qualitestrx,DC=com

    CN=b05cc0ee-ab89-488b-aa3f-b4e3ecbacf1f
    DC=DomainDNSZones,DC=Qualitestrx,DC=com

    The link at Experts Exchange also points to eventid.com
    (http://www.eventid.net/display.asp?eventid=1801&eventno=5096&source=NTDS KCC&phase=1),
    and says the partition is corrupted and must be deleted through
    NTDSUtil. Before I did that, I wanted to ask if that would be my next
    option. I don't like deleting anything unless I am sure of what I'm
    deleting.

    David
     
    David Alge, Jan 17, 2010
    #22
    1. Advertisements


  3. I agree with the post in Experts Exchange. Yes, it apparently is corrupted
    based on the Event ID. Which reminds me that I *should* have asked if there
    were any Event log errors. Any others?

    When you ran the Metadata Cleanup procedure, did you remove references for
    the defunct QPISRV1 DC? Does it exist in Sites and Services, Server objects?
    If so, delete it from there, too.

    Getting closer... :)

    Ace
     
    Ace Fekay [MVP-DS, MCT], Jan 18, 2010
    #23
  4. David Alge

    David Alge Guest

    I'm going through the events, I am going to post the ones that seem to
    happen quite frequently.

    Event Type: Warning
    Event Source: DNS
    Event Category: None
    Event ID: 4521
    Date: 1/17/2010
    Time: 11:20:25 PM
    User: N/A
    Computer: QPIDC03
    Description:
    The DNS server encountered error 9002 attempting to load zone . from
    Active Directory. The DNS server will attempt to load this zone again
    on the next timeout cycle. This can be caused by high Active Directory
    load and may be a transient condition.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    Event Type: Warning
    Event Source: DNS
    Event Category: None
    Event ID: 3000
    Date: 1/17/2010
    Time: 10:26:24 PM
    User: N/A
    Computer: QPIDC03
    Description:
    The DNS server has encountered numerous run-time events. To determine
    the initial cause of these run-time events, examine the DNS server
    event log entries that precede this event. To prevent the DNS server
    from filling the event log too quickly, subsequent events with Event
    IDs higher than 3000 will be suppressed until events are no longer
    being generated at a high rate.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    Event Type: Error
    Event Source: DNS
    Event Category: None
    Event ID: 4010
    Date: 1/17/2010
    Time: 5:58:03 PM
    User: N/A
    Computer: QPIDC03
    Description:
    The DNS server was unable to create a resource record for
    _ldap._tcp.gc._msdcs.qualitestrx.com. in zone qualitestrx.com. The
    Active Directory definition of this resource record is corrupt or
    contains an invalid DNS name. The event data contains the error.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 7b 00 00 00 {...

    Event Type: Error
    Event Source: DNS
    Event Category: None
    Event ID: 4010
    Date: 1/17/2010
    Time: 5:58:03 PM
    User: N/A
    Computer: QPIDC03
    Description:
    The DNS server was unable to create a resource record for
    b5a7759f-be48-4fb2-865f-3bdbf628f081._msdcs.qualitestrx.com. in zone
    qualitestrx.com. The Active Directory definition of this resource
    record is corrupt or contains an invalid DNS name. The event data
    contains the error.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 7b 00 00 00 {...

    Event Type: Error
    Event Source: Userenv
    Event Category: None
    Event ID: 1006
    Date: 1/17/2010
    Time: 11:22:53 PM
    User: NT AUTHORITY\SYSTEM
    Computer: QPIDC03
    Description:
    Windows cannot bind to vintagerx.com domain. (Local Error). Group
    Policy processing aborted.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    Event Type: Error
    Event Source: Userenv
    Event Category: None
    Event ID: 1030
    Date: 1/17/2010
    Time: 11:02:47 PM
    User: NT AUTHORITY\SYSTEM
    Computer: QPIDC03
    Description:
    Windows cannot query for the list of Group Policy objects. Check the
    event log for possible messages previously logged by the policy engine
    that describes the reason for this.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    Event Type: Warning
    Event Source: NTDS KCC
    Event Category: Knowledge Consistency Checker
    Event ID: 1308
    Date: 1/17/2010
    Time: 2:02:33 AM
    User: NT AUTHORITY\ANONYMOUS LOGON
    Computer: QPIDC03
    Description:
    The Knowledge Consistency Checker (KCC) has detected that successive
    attempts to replicate with the following domain controller has
    consistently failed.

    Attempts:
    10
    Domain controller:
    CN=NTDS
    Settings,CN=VPIDC03,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=qualitestrx,DC=com
    Period of time (minutes):
    133

    The Connection object for this domain controller will be ignored, and
    a new temporary connection will be established to ensure that
    replication continues. Once replication with this domain controller
    resumes, the temporary connection will be removed.

    Additional Data
    Error value:
    1256 The remote system is not available. For information about network
    troubleshooting, see Windows Help.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    Event Type: Error
    Event Source: NTDS General
    Event Category: Global Catalog
    Event ID: 1126
    Date: 1/15/2010
    Time: 5:57:32 PM
    User: NT AUTHORITY\SYSTEM
    Computer: QPIDC03
    Description:
    Active Directory was unable to establish a connection with the global
    catalog.

    Additional Data
    Error value:
    1792 An attempt was made to logon, but the network logon service was
    not started.
    Internal ID:
    3200cf3

    User Action:
    Make sure a global catalog is available in the forest, and is
    reachable from this domain controller. You may use the nltest utility
    to diagnose this problem.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    Event Type: Warning
    Event Source: NTDS KCC
    Event Category: Knowledge Consistency Checker
    Event ID: 1801
    Date: 1/14/2010
    Time: 4:40:41 PM
    User: NT AUTHORITY\ANONYMOUS LOGON
    Computer: QPIDC03
    Description:
    The partition DC=DomainDnsZones,DC=qualitestrx,DC=com should be hosted
    at site
    CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=qualitestrx,DC=com,
    but has not been instantiated yet. However, the KCC could not find any
    hosts from which to replicate this partition.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.

    Event Type: Warning
    Event Source: NTDS KCC
    Event Category: Knowledge Consistency Checker
    Event ID: 1801
    Date: 1/14/2010
    Time: 4:40:41 PM
    User: NT AUTHORITY\ANONYMOUS LOGON
    Computer: QPIDC03
    Description:
    The partition DC=ForestDnsZones,DC=qualitestrx,DC=com should be hosted
    at site
    CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=qualitestrx,DC=com,
    but has not been instantiated yet. However, the KCC could not find any
    hosts from which to replicate this partition.

    For more information, see Help and Support Center at
    http://go.microsoft.com/fwlink/events.asp.
    I never saw QPISRV1 in the metadata cleanup. When I started with the
    company(5/07), QPISRV1 was our exchange server, secondary DNS, SQL and
    the target for our file replication software Doubletake. Around 12/07
    or so, Exchange was removed as we installed a dedicated server for
    Exchange. At no time during my employment with the company was this
    server a DC. I will check with one of the others at the company and
    find out more about this.
     
    David Alge, Jan 18, 2010
    #24
  5. David Alge

    David Alge Guest

    One more question, as I am making these changes, are any of such a
    nature that I should wait until after hours to make? We have
    approximately 500-600 AD users and would hate to make these changes if
    it would cause problems with our users. So far, none has really
    complained.

    Thanks!
     
    David Alge, Jan 18, 2010
    #25

  6. I would do it after hours.

    Ace
     
    Ace Fekay [MVP-DS, MCT], Jan 18, 2010
    #26

  7. EventID 1308 indicates it's still referencing a defunct DC.
    http://www.eventid.net/display.asp?eventid=1308&eventno=445&source=NTDS
    KCC&phase=1

    Regarding EventID 1801, it could be pointing to a bad application partition.
    Run the following on all DCs in this order. It can be run during production:
    netdiag /v /fix
    dcdiag /v /fix


    Was the Exchange ADC installed on QPISRV1? Check Sites and Services. Check
    Add/Remove Programs.

    And curious, how was Exchange removed from that server? Was it simply
    uninstalled, or did you follow a KB article properly moving hidden, system
    and other folder/objects to the new Exchange server?

    Ace
     
    Ace Fekay [MVP-DS, MCT], Jan 18, 2010
    #27
  8. David Alge

    David Alge Guest

    This might have been during the time our DC for Vintagerx.com was having
    some issues and was not responding. It has been corrected now.
    This was run last night.
    I'm not sure. Exchange was running on this server in 5/07 when I started. It
    does not show up in Add/Remove programs. I'm not sure where you wanted me to
    check under sites, but I checked everything I could think of and saw no
    references to QPISRV1.
    After all the mailboxes were removed, I was asked to uninstall Exchange. I
    first attempted to run add/remove programs but there was some problems if I
    recall. I remember doing a lot of research and found something, most likely
    something from Microsoft and went by the directions and it was removed.
     
    David Alge, Jan 19, 2010
    #28

  9. Something is obviously referencing QPISRV1. If that was the former Exchange
    server, and it was not a DC, my feeling is the ADC was possibly installed.
    If you look in Sites and Services, do you see any references for the ADC
    (Active Directory Connector)?

    What version of Exchange did you have problems removing? Do you remember
    using ADSI Edit to remove it? To know what problems you had removing
    Exchange would be helpful, as well as what instructions you followed to fix
    it (was it a KB article?).

    Maybe the problems with removing Exchange pointed to the System and Hidden
    public folders that weren't moved to the new Exchange server, or it could be
    the ADC?

    After running netdiag and dcdiag with the /v and /fix switches, did any
    errors show up? Please post the errors.

    Current Event log errors?

    Ace
     
    Ace Fekay [MVP-DS, MCT], Jan 19, 2010
    #29
  10. David Alge

    David Alge Guest

    We had some additional DNS issues yesterday and due to time contraints
    we have (planning Exchange 2010 upgrade, etc), it was decided to use
    one of our Microsoft incidents to correct DNS. From observation with
    the Microsoft engineers, it was very serious. He was able to delete
    and recreate the partitions, but still having problems binding
    vintagerx.com. It has been escalated twice to upper levels of
    support.He commented that he had never seen problems like this. It is
    getting better, but still not there yet. He has the Qualitestrx.com
    zone replicating to the forest, but vintagerx.com is still at the
    domain level.

    I want to thank you for all your advice and helpful suggestions.
     
    David Alge, Jan 21, 2010
    #30

  11. My next post was intended to suggest to call Microsoft PSS for assistance.
    I'm truly glad you did that. Apparently something got fubard along the way.
    Curious to hear what the cause was, and what was performed. Please do take
    notes.

    Thanks!

    Ace
     
    Ace Fekay [MVP-DS, MCT], Jan 21, 2010
    #31
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.