File replication and DNS problems between 2 domain controllers

Tags:
DataCenter
Network management software
Network monitoring
Network testing
Networking
Performance management
Remote management
Windows Server 2003
I am running 2 Windows 2003 domain controllers, the primary one running SP1. I am receiving numerous errors on a daily basis in a couple of different event logs. System log: Netlogon error ID 5774: ForestDNSZones.domain.com 600 IN A [PDC IP address] failed on [BDC IP]. Returned response code 5, returned status code 9017. DNS bad key. Directory service log: NTDS Replication DS RPC client event ID 2088: A.D. couldn't use DNS to resolve IP address of source DC. Successfully replicated using NetBIOS. Error value 11004 requested name is valid, but no data of the requested type is found. File Replication Service log: NtFrs event ID 13508: File replication service having trouble enabling replication from BDC to PDC using DNS name [BDC]. I have ensured that FRS is running on BDC, although I can not see it from PDC using net view BDC. I also receive an error on the PDC in DNS manager if I attempt to view the DNS records for the BDC; it tells me access to that server is denied. I have verified the security settings in DNS on the BDC and I should have access to it through the PDC. Any ideas?
ASKED: June 8, 2005  12:24 PM
UPDATED: June 8, 2005  2:12 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

check out this KB article http://www.microsoft.com/technet/support/ee/result.aspx?EvtSrc=NetLogon&EvtID=5774&ProdName=Windows+Operating+System&LCID=1033&ProdVer=5.2 hopefully it will help

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • PaulieEddie
    Clearly there is a DNS issue here. I would suggest starting setting the following up: ServerA (PDC) IP configuration: - Single IP address (remove any multi-homed for now) - Primary DNS IP address (IP of ServerA) - Secondary DNS IP address (IP of ServerB-BDC) ServerB (BDC) IP configuration: - Single IP address (remove any multi-homed for now) - Primary DNS IP address (IP of ServerA) - Secondary DNS IP address (IP of ServerB-BDC) What this does is makes both domain controllers perform their original DNS registrations against ServerA. That way we know we have a clean DNS reg. Once the configuration has been changed I would run IPCONFIG/REGISTERDNS on both servers. Then check the DNS zone on ServerA and see if ServerB's A-record shows up. Also, check under the SRV record locations ( you know those _tcp._msdcs....) for the ServerB's records. DC's actually locate one another via the SRV records first NOT the A-records. So simply being able to ping is an insufficient test. If any of the records are missing, you should end up with errors in the events logs indicating what the problem was (unable to register or locate). If the registration failed, there may be a problem with: 1) The ServerA's FQDN may not match the domain name. (ipconfig /all shows the full qualified domain name or you right click on My Computer and Hit Properties and click the Computer Tab to see the 'Full computer name'). This often happens when people have upgraded from NT 4.0 to Windows 2000/2003. The problem is the server has a name like ServerA.company.com and the Active Directory has a name like MyCompany.com. Since they don't match, the system is impossible to locate via SRV records and you get a lot of wierd logon and replication issues. Here is an article that better describes the issue: http://support.microsoft.com/default.aspx?scid=kb;en-us;257623 In Windows 2003 you can use the netdom command. The Windows 2003 domain must be at the Windows 2003 native mode to do it. Open the Help and Support on the domain and search for "rename domain controller" and you will see a step-by-step. 2) DNS configuration issues. Now that we have the DC's pointing at the same machine we can run DCDIAG /test:dns and see what details pop up. Run the utility from each machine. You may have a corrupt machine account for the BDC if you continue to get Access Denied errors.
    0 pointsBadges:
    report
  • Astronomer
    Is DNS working on your BDC? I don't know how to solve your issue but I would start here. Use nslookup in interactive mode and set it to use the BDC as its DNS server then see if you can resolve names into addresses. Given that netbios is working but DNS is having problems I would want to verify that DNS is working on both servers.
    15 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following