neophyte - NETLOGON

  • Thread starter Thread starter George Hester
  • Start date Start date
G

George Hester

Hi. I'm really really dumb when it comes to DNS. I have the books DNS & Bind and Drew Heywood's Windows 2000 Network Services. But as I said I'm stupid when it comes to DNS.

I have a Windows 2000 Domain Controller and it runs quite well with virtually no errors in the System Log except oodles of DNS errors. I obtain my IP address from my ISP's DHCP server. I am also obtaining DNS servers automatically in the TCP\IP properties. I am not authoritive for the domain that I receive my IP address from. I'm just a minnow in the grand scheme of things.

Anyway I need the DNS to install Exchange 2000. But I do not want to do that until I can get these DNS errors out of my System Log.

So I went to Microsoft and found this page because the events I am getting are all 5774:

http://support.microsoft.com/default.aspx?scid=kb;en-us;259277

In this page microsoft says,

"Description:
Registration of the DNS record 'corp.computer.com. 600 IN A 192.168.4.1' failed with the following error:
DNS server unable to interpret format."

But what I have is this,

Description:
Registration of the DNS record '_kpasswd._udp.MyDomain.com. 600 IN SRV 0 100 464 MyComputerName.MyDomain.com.' failed with the following error:
DNS server unable to interpret format.

A comparision bwtween thes two shows;

1) Microsoft has corp where I have _kpasswd._udp

2) Microsoft has 192.168.4.1 where I have SRV 0 100 464 MyComputerName.MyDomain.com.

I just cannot figure out why what I have seems so different then what I should have. Is it possible to remove just this one error so that if I do that at least I know I am on the right track to getting these errors out of the System Log? All the errors have this SRV 0 100 xxx MyComputerName.MyDomain.com (well most). I also have this one which looks less intimidating

Description:
Registration of the DNS record 'mydomain.com. 600 IN A xx.xxx.xxx.xxx (myipaddress)' failed with the following error:
DNS server unable to interpret format

Any suggestions other then "you're dumb - give up?"

Thanks.
 
I have a Windows 2000 Domain Controller and it runs quite well with virtually no errors in the System Log except oodles of DNS errors. I obtain my IP address from my ISP's DHCP server. I am also obtaining DNS servers automatically in the TCP\IP properties. I am not authoritive for the domain that I receive my IP address from. I'm just a minnow in the grand scheme of things.

Anyway I need the DNS to install Exchange 2000. But I do not want to do that until I can get these DNS errors out of my System Log.
Click to expand...
Hi George,

what's your scenario? Single Server, or a couple Servers and Clients?

In order to run Windows 2000 Active Directory you are supposed to run a DNS-
Service within your organisation where you are authoritative (allowed to
write). Best Practice is to run the DNS-Server Service on your Active Directory
Domaincontroller(s). Your Clients and Servers are supposed to lookup DNS
against the internal DNS-Server. If you need to resolve external DNS-Entries
(that's most commonly the problem when you don't use a proxy - if you use a
proxy you can select not to resolve external adresses by anyone but the proxy)
you can simply set the forwarding of your internal DNS to your ISPs DNS.

Then lets talk about DHCP: How did you set your static IP on your DC? Did you
provider give you a static IP for that machine? Do you have a range of
adresses? What's really important when it comes to DHCP is that the Clients and
Servers receive your DNS-Servers adress, or that your provider is delegating
your DNS-Domain to yourself. Your clients and servers need to be able to
resolve your dns-server and your zones by using fully qualified domain names.
If that's not the case, either set up your own DHCP (you'll need a range of IPs
from your ISP or change your IPs using private adressing and going over a NAT
to the Internet) or configure your TCP/IP-Properties to use static DNS Adresses
and not from the DHCP of the provider.

HTH at least a bit.

Gruesse - Sincerely,

Ulf B. Simon-Weidner
 
In
Ulf B. Simon-Weidner said:
Hi George,

what's your scenario? Single Server, or a couple Servers and Clients?

In order to run Windows 2000 Active Directory you are supposed to run
a DNS-
Service within your organisation where you are authoritative (allowed
to
write). Best Practice is to run the DNS-Server Service on your Active
Directory
Domaincontroller(s). Your Clients and Servers are supposed to lookup
DNS
against the internal DNS-Server. If you need to resolve external
DNS-Entries (that's most commonly the problem when you don't use a
proxy - if you use a
proxy you can select not to resolve external adresses by anyone but
the proxy)
you can simply set the forwarding of your internal DNS to your ISPs
DNS.

Then lets talk about DHCP: How did you set your static IP on your DC?
Did you
provider give you a static IP for that machine? Do you have a range of
adresses? What's really important when it comes to DHCP is that the
Clients and
Servers receive your DNS-Servers adress, or that your provider is
delegating
your DNS-Domain to yourself. Your clients and servers need to be able
to
resolve your dns-server and your zones by using fully qualified
domain names.
If that's not the case, either set up your own DHCP (you'll need a
range of IPs
from your ISP or change your IPs using private adressing and going
over a NAT
to the Internet) or configure your TCP/IP-Properties to use static
DNS Adresses
and not from the DHCP of the provider.

HTH at least a bit.

Gruesse - Sincerely,

Ulf B. Simon-Weidner
Click to expand...

Hi Ulf,

Just to add, those 5774's are *usually* from using an ISP's or some other
outside DNS server (maybe the router too?) in the machines' IP properties
other than the required ONLY to use the internal DNS on all machines (DCs
and clients).

Apparently the 5774's are saying it's trying to update the zone but it's not
being allowed at the ISP. Only use the internal DNS and suggested to use a
forwarder for outside resolution.

Another issue is a possible single label AD DNS domain name, but that would
also generate 5781's.

:-)


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
Neophyte, the other guys are just being gentle on you. Allow me to be a bit
harsh.
<span> Don't do that!. Don't run your network based on dynamic IPs you
obtained from external sources. Don't use your ISP's DHCP or DNS server for
your INTERNAL network. For your INTERNAL network, forget that your ISP
exists. Before you dabble into Exchange, get your INTERNAL network
reorganized. </spank>

I know you will have more questions after this. So, instead of trying to
read your mind, I'll let wait for you to post back with some specific
question for any part you don't understand. right now, don't focus on DNS.

--
Sincerely,

Dèjì Akómöláfé, MCSE MCSA MCP+I
www.akomolafe.com
www.iyaburo.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
Hi. I'm really really dumb when it comes to DNS. I have the books DNS &
Bind and Drew Heywood's Windows 2000 Network Services. But as I said I'm
stupid when it comes to DNS.

I have a Windows 2000 Domain Controller and it runs quite well with
virtually no errors in the System Log except oodles of DNS errors. I obtain
my IP address from my ISP's DHCP server. I am also obtaining DNS servers
automatically in the TCP\IP properties. I am not authoritive for the domain
that I receive my IP address from. I'm just a minnow in the grand scheme of
things.

Anyway I need the DNS to install Exchange 2000. But I do not want to do
that until I can get these DNS errors out of my System Log.

So I went to Microsoft and found this page because the events I am getting
are all 5774:

http://support.microsoft.com/default.aspx?scid=kb;en-us;259277

In this page microsoft says,

"Description:
Registration of the DNS record 'corp.computer.com. 600 IN A 192.168.4.1'
failed with the following error:
DNS server unable to interpret format."

But what I have is this,

Description:
Registration of the DNS record '_kpasswd._udp.MyDomain.com. 600 IN SRV 0 100
464 MyComputerName.MyDomain.com.' failed with the following error:
DNS server unable to interpret format.

A comparision bwtween thes two shows;

1) Microsoft has corp where I have _kpasswd._udp

2) Microsoft has 192.168.4.1 where I have SRV 0 100 464
MyComputerName.MyDomain.com.

I just cannot figure out why what I have seems so different then what I
should have. Is it possible to remove just this one error so that if I do
that at least I know I am on the right track to getting these errors out of
the System Log? All the errors have this SRV 0 100 xxx
MyComputerName.MyDomain.com (well most). I also have this one which looks
less intimidating

Description:
Registration of the DNS record 'mydomain.com. 600 IN A xx.xxx.xxx.xxx
(myipaddress)' failed with the following error:
DNS server unable to interpret format

Any suggestions other then "you're dumb - give up?"

Thanks.
 
Back
Top