Multiple DNS errors following NT4.0 to W2K Upgrade

[Rick]

I upgraded my PDC to W2K DC. After it was done and I
checked the DNS server I found serveral errors.
These are the errors.

Event ID: 4011

The DNS server was unable to add or write an update of
domain name _ldap in zone DomainA to the Active
Directory. Check that the Active Directory is functioning
properly and add or update this domain name using the DNS
console. The event data contains the error.

Event ID: 3000

The DNS server is logging numerous run-time events. For
information about these events, see previous DNS Server
event log entries. To prevent the DNS Server from
clogging server logs, further logging of this event and
other events with higher Event IDs will now be suppressed

Event ID: 5509

The DNS server encountered an invalid DNS update message
from 150.150.1.2. The packet was rejected.

In addition it does not seem to be updating/adding the
workstations on the network.
Also, I am not able to add a forwarder DNS address because
the check box is grayed. As a result W/S's cannot open
Webpages from the internet.

Any ideas on how to fix this or work around it?

Thanks,
Rick Siciliano

 

[Ace Fekay [MVP]]

In

I upgraded my PDC to W2K DC. After it was done and I
checked the DNS server I found serveral errors.
These are the errors.

Event ID: 4011

The DNS server was unable to add or write an update of
domain name _ldap in zone DomainA to the Active
Directory. Check that the Active Directory is functioning
properly and add or update this domain name using the DNS
console. The event data contains the error.

Event ID: 3000

The DNS server is logging numerous run-time events. For
information about these events, see previous DNS Server
event log entries. To prevent the DNS Server from
clogging server logs, further logging of this event and
other events with higher Event IDs will now be suppressed

Event ID: 5509

The DNS server encountered an invalid DNS update message
from 150.150.1.2. The packet was rejected.

In addition it does not seem to be updating/adding the
workstations on the network.
Also, I am not able to add a forwarder DNS address because
the check box is grayed. As a result W/S's cannot open
Webpages from the internet.

Any ideas on how to fix this or work around it?

Thanks,
Rick Siciliano

Not sure if you did your homework prior to this, but a few things or a
combination of things can be going on:

1. Apparently your domain name is a single label name. Not good for AD. DId
you bring up a BDC and promoted that to a PDC to upgrade it to your current
W2k AD? If so, trash the current one. Rebuild it as a BDC once again, then
promote it to a PDC and then choose a proper AD DNS domain name, such as
"domain.com" and not just "DOMAIN".

2. You may still have your ISP's DNS IP addresses in your IP properties.
They MUST be removed and ONLy use your internal DNS server(s) so AD will
funtion properly.

3. You may not have set the domain name of your planned AD DNS domain name
in TCP/IP properties/DNS tab on the NT4 machine prior to upgrading it. THat
gets translated into the required Primary DNS Suffix in a W2k machine.

Post back with more info.


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Rick Siciliano]

-----Original Message-----
In Rick <[email protected]> posted their thoughts, then I offered mine

Not sure if you did your homework prior to this, but a few things or a
combination of things can be going on:

1. Apparently your domain name is a single label name. Not good for AD. DId
you bring up a BDC and promoted that to a PDC to upgrade it to your current
W2k AD? If so, trash the current one. Rebuild it as a BDC once again, then
promote it to a PDC and then choose a proper AD DNS domain name, such as
"domain.com" and not just "DOMAIN".

2. You may still have your ISP's DNS IP addresses in your IP properties.
They MUST be removed and ONLy use your internal DNS server (s) so AD will
funtion properly.

3. You may not have set the domain name of your planned AD DNS domain name
in TCP/IP properties/DNS tab on the NT4 machine prior to upgrading it. THat
gets translated into the required Primary DNS Suffix in a W2k machine.

Post back with more info.


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
--
=================================


.

I upgraded the PDC. I do have an offline BDC. The domain
name was a single name and the original NT 4.0 domain
name. I did not see anything when preparing for this that
said I should change the domain name during the upgrade.
The Primary DNS entry in the IP properties is the AD DNS
srv, this box and the planned domain name was set prior to
the upgrade.

I can promote the BDC and rebuild the box, but would like
to avoid that if the DNS can be repaired.
Is it feasable to try and tranfer the DNS function to
another system?

 

[Ace Fekay [MVP]]

In

I upgraded the PDC. I do have an offline BDC. The domain
name was a single name and the original NT 4.0 domain
name. I did not see anything when preparing for this that
said I should change the domain name during the upgrade.
The Primary DNS entry in the IP properties is the AD DNS
srv, this box and the planned domain name was set prior to
the upgrade.

I can promote the BDC and rebuild the box, but would like
to avoid that if the DNS can be repaired.
Is it feasable to try and tranfer the DNS function to
another system?

DNS isn't the problem. The single label name is. That's why I asked if you
kept a BDC on the network. DCPROMO doesn;t mention needing a proper naming
format that follows the DNS RFCs since it's "understood" that one would be
aware of it in the planning/research stages, since after all, it's a DNS
name and not the NetBIOS name. DNS follows a hierarchal structure, where
NetBIOS names are based on a flat namespace. That's why a name of
"domain.com" format is required and not just "DOMAIN". This allows for child
domains such as "child.domain.com", etc. A search for a name in DNS follows
from the root (the period) and then down the tree, so it would lookup the
".", then the TLD, such as "com", then the name, such as "domain", in that
order. A single name doesn't follow that.

See this about renaming it:
292541 - How to Rename the DNS name of a Windows 2000 Domain [As long as the
domain is in mixed mode]:
http://support.microsoft.com/?id=292541

You can "bandaid" the single label name and FORCE DNS to allow the updates
of a single label name by viewing this article:
http://support.microsoft.com/?id=300684
But, XP clients will have problems with querying DNS for a single label name
domain and GPOs and may have problems logging on due to this, among other
domain functionality.

Sorry for the bad news.


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory