One fine day you come to work and your users are complaining that they can resolve any name...
You very calmly say, alrighty i'll look into the issue right away.
You walk over to the server room.
Login and then open the DNS Management Console (dnsmgmt.msc) and your jaw just drops.
You grab your head and tug on your hair, thinking to yourself "Last Night when i left for home, i had 4 zones, now i have none. What the #!@% is happening!!"
You follow the basic steps. Restart DNS, Check Event Viewer, Google the error. Then you think lets just recreate the zones.
You try to create your zone only to realize that u cant!! "NOW What!!"
Well I'd Say just "Relax brother!!, its just a small command to fix the issue."
The Event IDs generated are :
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 4000
Date: 3/8/2009
Time: 12:50:56 AM
User: N/A
Computer: dc2-pnq-2k3
Description:
The DNS server was unable to open Active Directory. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2d 23 00 00 -#..
Event Type: Warning
Event Source: DNS
Event Category: None
Event ID: 4013
Date: 3/8/2009
Time: 12:50:56 AM
User: N/A
Computer: dc2-pnq-2k3
Description:
The DNS server is waiting for Active Directory Domain Services (AD DS) to signal that the initial synchronization of the directory has been completed. The DNS server service cannot start until the initial synchronization is complete because critical DNS data might not yet be replicated onto this domain controller. If events in the AD DS event log indicate that there is a problem with DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet Protocol properties of this computer. This event will be logged every two minutes until AD DS has signaled that the initial synchronization has successfully completed.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2d 23 00 00 -#..
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 4004
Date: 3/6/2009
Time: 4:25:39 AM
User: N/A
Computer: dc2-pnq-2k3
Description:
The DNS server was unable to complete directory service enumeration of zone .. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 2a 23 00 00 *#..
Event Type: Error
Event Source: DNS
Event Category: None
Event ID: 4015
Date: 3/6/2009
Time: 4:25:39 AM
User: N/A
Computer: dc2-pnq-2k3
Description:
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 51 00 00 00 Q...
Download Support Tools from http://download.microsoft.com/ for your version of Windows Server (X86 or x64)
After installing, open command prompt and run netdiag. In the output you should see the following error or close to it.
Trust relationship test. . . . . . : Failed
[FATAL] Secure channel to domain 'psytrix.local' is broken. [ERROR_NO_TRUST_SAM_ACCOUNT]
Where psytrix.local is your domain name.
This error message indicates that the Secure Channel between that machine and the Domain is broken.
To fix this just run the below command
netdom resetpwd /server:dc1-pnq-2k3 /userd:psytrix\Administrator /passwordd:*
NOTE: dc1-pnq-2k3 is the PDC, you could also use the IP Address.
at the prompt below enter the password for the Administrator user account.
NOTE: you cannot see what is being typed. So just enter the password and hit enter.
Type the password associated with the domain user:
The output should be:
The machine account password for the local machine has been successfully reset.
The command completed successfully.
Then restart the DNS Server Service (net stop dns & net start dns)
Refresh or Re-Open the DNS Management Console (dnsmgmt.msc) and you will see the difference.
Subscribe to:
Post Comments (Atom)
Posts
No comments:
Post a Comment