DNS keeps failing to start

  • Thread starter Thread starter Mark Dymond
  • Start date Start date
M

Mark Dymond

Hi

My network comprises a single AD domain
(domain_name.local). The domain comprises one file server
(Win2k Server (SP4) with SBS 2K - minus Exchange Server)
and 24 clients running Win 3.11 (1 machine-this does not
have a computer account), Win98SE, Win2k Pro and WinXP
Pro. Recently, we have been getting many DNS errors. These
become manifest when trying to change security settings on
shared folders (both on the server and the clients), and
the error message displayed is 'The network path was not
found'. The server only has one application installed:
Arcserve 2000 backup utility.

The Server's DNS event log contains (after rebooting) the
following error events in this order: 408, 407, 408, 407,
and on and on. According to the event log description it
is recommended that the DNS service is restarted and/or
the computer is rebooted. When I restart the service a
message states the DNS service could not be started
because- 'Error 6: The handle is invalid'. Rebooting the
server results in the same events being logged.

Also, the Application Event log contains repetitions of
the following: Event 1000 Source Userenv: Windows cannot
connect to domainname.local with (0x0) follwed by the same
event but with the description 'Windows cannot query for
the list of Group Policy objects . A message that
describes the reason for this was previously logged by
this policy engine.' The application log also contains
numerous errors: SimpTcp event ID 11 (lots of these);
Event ID 7225 CheyDiscovery - Failed to bind to socket.
(EC=10042); ID 1008 Winlogon The enterprise root
certificate store could not be updated. (0x80070057) The
parameter is incorrect. and ID 1009 The NT Smartcard
authentication certificate store could not be updated.
(0x80070057) The parameter is incorrect. and ID 1013 The
automatic certificate enrollment subsystem could not
access network resources needed for enrollment.
Enrollment will not be performed. (0x80070057) The
parameter is incorrect.

I have tried deleting the listenaddress value as
recommended in one of the entries but this has *never*
worked. In the past, I have solved this issue by
uninstalling, then reinstalling the DNS server (twice).
This has resulted in an error free event log and the
domain has funtioned perfectly. However, this time this
procedure has not worked. The only thing that has changed
is that about a month ago I ran Windows update and
installed all the critical updates. However, the server
funtioned fine after this had been done.

Does anyone have any suggestions that I might try?
 
In
Mark Dymond said:
Hi

My network comprises a single AD domain
(domain_name.local). The domain comprises one file server
(Win2k Server (SP4) with SBS 2K - minus Exchange Server)
and 24 clients running Win 3.11 (1 machine-this does not
have a computer account), Win98SE, Win2k Pro and WinXP
Pro. Recently, we have been getting many DNS errors. These
become manifest when trying to change security settings on
shared folders (both on the server and the clients), and
the error message displayed is 'The network path was not
found'. The server only has one application installed:
Arcserve 2000 backup utility.

The Server's DNS event log contains (after rebooting) the
following error events in this order: 408, 407, 408, 407,
and on and on. According to the event log description it
is recommended that the DNS service is restarted and/or
the computer is rebooted. When I restart the service a
message states the DNS service could not be started
because- 'Error 6: The handle is invalid'. Rebooting the
server results in the same events being logged.

Also, the Application Event log contains repetitions of
the following: Event 1000 Source Userenv: Windows cannot
connect to domainname.local with (0x0) follwed by the same
event but with the description 'Windows cannot query for
the list of Group Policy objects . A message that
describes the reason for this was previously logged by
this policy engine.' The application log also contains
numerous errors: SimpTcp event ID 11 (lots of these);
Event ID 7225 CheyDiscovery - Failed to bind to socket.
(EC=10042); ID 1008 Winlogon The enterprise root
certificate store could not be updated. (0x80070057) The
parameter is incorrect. and ID 1009 The NT Smartcard
authentication certificate store could not be updated.
(0x80070057) The parameter is incorrect. and ID 1013 The
automatic certificate enrollment subsystem could not
access network resources needed for enrollment.
Enrollment will not be performed. (0x80070057) The
parameter is incorrect.

I have tried deleting the listenaddress value as
recommended in one of the entries but this has *never*
worked. In the past, I have solved this issue by
uninstalling, then reinstalling the DNS server (twice).
This has resulted in an error free event log and the
domain has funtioned perfectly. However, this time this
procedure has not worked. The only thing that has changed
is that about a month ago I ran Windows update and
installed all the critical updates. However, the server
funtioned fine after this had been done.

Does anyone have any suggestions that I might try?
Click to expand...

Are you using the DNS proxy in NAT or ICS on this machine?
Events 407 and 408 Are Reported in the DNS Server Event Log
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q279678
 
Something is taking the port that DNS needs. Make sure the DNS service is stopped and run "netstat -an" from the command
prompt. Look for a UDP and TCP port 53. If something is already listening on this port, you need to find out what this service is.
Go to www.sysinternals.com and download the TCPView utility. This will allow you to see what apps are using what ports. Find
the app that is taking either UDP 53 or TCP 53 and stop it or uninstall it.

Thank you,
Mike Johnston
Microsoft Network Support
--

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the
terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from
which they originated.
 
Hi Kevin, thanks for answering. This problem has now been
solved. I had installed Wingate 5.01 client software onto
the file server, and had added a second DNS address -
where the Wingate server DNS is setup at the gateway
(failure to do this results in the wingate client
directing http requests to the file server instead of the
gateway - even though the gateway address is added).
Removing the Wingate client software and removing the
second DNS server address (the same as the gateway), then
rebooting resulted in a perfectly functioning DNS domain
server.

I had installed the Wingate client software so that I
could run Windows Update. I had done this because although
the file server could connect to the internet when
directly connected (I could ping www addresses from a
command prompt), it could not display any pages.
 
Hi Michael, thanks for answering. This problem has now
been solved. I had installed Wingate 5.01 client software
onto the file server, and had added a second DNS address -
where the Wingate server DNS is setup at the gateway
(failure to do this results in the wingate client
directing http requests to the file server instead of the
gateway - even though the gateway address is added).
Removing the Wingate client software and removing the
second DNS server address (the same as the gateway), then
rebooting resulted in a perfectly functioning DNS domain
server.

I had installed the Wingate client software so that I
could run Windows Update. I had done this because although
the file server could connect to the internet when
directly connected (I could ping www addresses from a
command prompt), it could not display any pages.
 
In
Mark Dymond said:
Hi Kevin, thanks for answering. This problem has now been
solved. I had installed Wingate 5.01 client software onto
the file server, and had added a second DNS address -
where the Wingate server DNS is setup at the gateway
(failure to do this results in the wingate client
directing http requests to the file server instead of the
gateway - even though the gateway address is added).
Removing the Wingate client software and removing the
second DNS server address (the same as the gateway), then
rebooting resulted in a perfectly functioning DNS domain
server.

I had installed the Wingate client software so that I
could run Windows Update. I had done this because although
the file server could connect to the internet when
directly connected (I could ping www addresses from a
command prompt), it could not display any pages.
Click to expand...

Ah so, Wingate, that will do it. I use Wingate myself for the Data stream AV
feature only, I have Wingate DNS disabled and don't use the Wingate client,
it caused to many problems for me. I just use NAT in RRAS, the Wingate NAT
would always crash at startup.
I'm glad you worked it out.
 
Back
Top