G
Gross, Michael
Hi,
at the moment I'm confronted with some very strange events in an Active
Directory forest.
The affected forest contains only one domain - the forest root domain.
It's the domain for one site with approx. 20 users with Windows XP SP1
Clients. Forest and domain are working in Windows 2003 native mode.
The problem is strange: Within the local network no workstation is able
to connect to the domain via its DNS-Name. However, resolving the domain
via its NetBIOS name works correctly.
Example: While using Microsoft's tool nltest to test connectivity to the
domain via it's DNS Name I'll get the following result:
DsGetDcName failed: Status = 1355 0x54b ERROR_NO_SUCH_DOMAIN
But using nltest /dsgetdc with the domain's NetBios name works still
accurate.
Due to these facts, I'm not able to take a workstaton in the domain via
it's DNS-Name. Further on, everytime a workstation that's member of the
domain starts, event id 15 from AutoEnrollment is logged. This message
says that Active Directory can't be reached.
Meanwhile I've done a lot of debugging to get rid of this problem:
- of course, all workstations are using the local DNS Server
- all SRV entries in DNS are correct
- the DC also is registred with the correct IP-address in the DNS server
(forward and reverese!)
- I'm able to ping the domain's DNS-Name and resolve it with nslookup
- already deleted the zone and created it new, even I've re-installed
the DNS-Server
- there are _no_ errors in the DC's event log
- cleared DNS-Cache on the server and the clients.
By the way, there is another strange problem: All workstatons in the
domain are registered as Windows NT 4.0 workstations in the properties
of the computer account on the domain controller. All workstations
should be Windows XP SP1.
I've _no_ idea what to do anymore. Withal, eventid.net has no real
resolution for the AutoEnrollment problem.
Any ideas?
Thanks,
Michael
at the moment I'm confronted with some very strange events in an Active
Directory forest.
The affected forest contains only one domain - the forest root domain.
It's the domain for one site with approx. 20 users with Windows XP SP1
Clients. Forest and domain are working in Windows 2003 native mode.
The problem is strange: Within the local network no workstation is able
to connect to the domain via its DNS-Name. However, resolving the domain
via its NetBIOS name works correctly.
Example: While using Microsoft's tool nltest to test connectivity to the
domain via it's DNS Name I'll get the following result:
DsGetDcName failed: Status = 1355 0x54b ERROR_NO_SUCH_DOMAIN
But using nltest /dsgetdc with the domain's NetBios name works still
accurate.
Due to these facts, I'm not able to take a workstaton in the domain via
it's DNS-Name. Further on, everytime a workstation that's member of the
domain starts, event id 15 from AutoEnrollment is logged. This message
says that Active Directory can't be reached.
Meanwhile I've done a lot of debugging to get rid of this problem:
- of course, all workstations are using the local DNS Server
- all SRV entries in DNS are correct
- the DC also is registred with the correct IP-address in the DNS server
(forward and reverese!)
- I'm able to ping the domain's DNS-Name and resolve it with nslookup
- already deleted the zone and created it new, even I've re-installed
the DNS-Server
- there are _no_ errors in the DC's event log
- cleared DNS-Cache on the server and the clients.
By the way, there is another strange problem: All workstatons in the
domain are registered as Windows NT 4.0 workstations in the properties
of the computer account on the domain controller. All workstations
should be Windows XP SP1.
I've _no_ idea what to do anymore. Withal, eventid.net has no real
resolution for the AutoEnrollment problem.
Any ideas?
Thanks,
Michael