AD/DNS Update Oddity

Robert Lindholm

unread,

May 15, 2008, 4:38:06 PM5/15/08

to

Hello:

I have an AD testbed setup that was/is using AD-Integrated DNS and based on
unanticipated [naming] complications, I ended up having to use a different
domain name for the AD.

I "demoted" the two DC/DNS servers and then promoted them again using a
different domain name.

Apparently there was some residual DNS data leftover from that process,
because I started getting System event errors [below].

---

Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5775
Date: 5/15/2008
Time: 1:08:24 PM
User: N/A
Computer: ALPHA
Description:
The dynamic deletion of the DNS record
'_ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones.adtest.seas.rochester.edu.
600 IN SRV 0 100 389 alpha.adtest.seas.rochester.edu.' failed on the
following DNS server:

DNS server IP address: 128.151.162.1
Returned Response Code (RCODE): 5
Returned Status Code: 9017

USER ACTION
To prevent remote computers from connecting unnecessarily to the domain
controller, delete the record manually or troubleshoot the failure to
dynamically delete the record. To learn more about debugging DNS, see Help
and Support Center.

ADDITIONAL DATA
Error Value: DNS bad key.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 05 00 ..

---

The "old" SRV records are still in netlogon.dns along with the "new" SRV
records, but teh "old" records had been commented out [by the system] and
after manually removing them, they were somehow regenerated [below].

---

---

I "poked around" the Registry, but didn't find anything useful and have run
dcdiag and nltest.exe /dsregdns per online help for the event, but returned
negative [NPF] results [below].

---

Domain Controller Diagnosis

Performing initial setup:
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\ALPHA
Starting test: Connectivity
......................... ALPHA passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\ALPHA
Starting test: Replications
......................... ALPHA passed test Replications
Starting test: NCSecDesc
......................... ALPHA passed test NCSecDesc
Starting test: NetLogons
......................... ALPHA passed test NetLogons
Starting test: Advertising
......................... ALPHA passed test Advertising
Starting test: KnowsOfRoleHolders
......................... ALPHA passed test KnowsOfRoleHolders
Starting test: RidManager
......................... ALPHA passed test RidManager
Starting test: MachineAccount
......................... ALPHA passed test MachineAccount
Starting test: Services
......................... ALPHA passed test Services
Starting test: ObjectsReplicated
......................... ALPHA passed test ObjectsReplicated
Starting test: frssysvol
......................... ALPHA passed test frssysvol
Starting test: frsevent
......................... ALPHA passed test frsevent
Starting test: kccevent
......................... ALPHA passed test kccevent
Starting test: systemlog
......................... ALPHA passed test systemlog
Starting test: VerifyReferences
......................... ALPHA passed test VerifyReferences

Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom

Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom

Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom

Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom

Running partition tests on : ad
Starting test: CrossRefValidation
......................... ad passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ad passed test CheckSDRefDom

Running enterprise tests on : ad.test.seas.rochester.edu
Starting test: Intersite
......................... ad.test.seas.rochester.edu passed test
Intersite
Starting test: FsmoCheck
......................... ad.test.seas.rochester.edu passed test
FsmoCheck

---

Flags: 0
Connection Status = 0 0x0 NERR_Success
The command completed successfully

---

I also tried clearing the [DNS] cache and rebooting the servers, but that
didn't resolve the problem either.

I guess I'm looking for the "source" of the "old" DNS data and/or the
mechanism that keeps regenerating this data, so I can eliminate it and
resolve the problem.

Any suggestions would be greatly appreciated.

Thanks,

Bob
--
Robert Lindholm
University of Rochester

Kevin D. Goodknecht Sr. [MVP]

unread,

May 16, 2008, 12:58:08 AM5/16/08

to

Read inline please.

In news:C4BFFA09-9FB2-4FA5...@microsoft.com,

Delete the %systemroot%\system32\config\netlogon.dns and netlogon.dnb files,
then restart the Netlogon service.

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps

===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

Robert Lindholm

unread,

May 16, 2008, 7:49:01 AM5/16/08

to

Kevin:

Thank you for your reply, I appreciate it.

I had considered doing that, but wasn't sure if the files would regenerate
properly.

I have just a few more questions to make sure I do this correctly:

1) Do I stop the netlogon service before deleting the files?

2) Since I have AD-Integrated DNS setup with two DCs / DNS servers, do I
need to delete the files on both systems or just the "primary" DNS server?

Note: The netlogon.dns and netlogon.dnb files on the "secondary" DNS server
don't have any of the residual SRV records that the "primary" does.

Thanks again for your assistance.

Bob
--
Robert Lindholm
University of Rochester

Kevin D. Goodknecht Sr. [MVP]

unread,

May 16, 2008, 8:47:55 AM5/16/08

to

Read inline please.

In news:D56A4C37-8D0C-4439...@microsoft.com,

Robert Lindholm <RobertL...@discussions.microsoft.com> wrote:
> Kevin:
>
> Thank you for your reply, I appreciate it.
>
> I had considered doing that, but wasn't sure if the files would
> regenerate
> properly.

If they don't you have other problems, if you want, you can move the files
to another location so you can compare them with the new files.

>
> I have just a few more questions to make sure I do this correctly:
>
> 1) Do I stop the netlogon service before deleting the files?

Not necessary,

>
> 2) Since I have AD-Integrated DNS setup with two DCs / DNS servers,
> do I
> need to delete the files on both systems or just the "primary" DNS
> server?
>
> Note: The netlogon.dns and netlogon.dnb files on the "secondary" DNS
> server
> don't have any of the residual SRV records that the "primary" does.
>

These files are generated by the netlogon service and are not replicated,
each DC will have its own set of files for the records it will register.
Since you are using ADI zones, it is a misnomer to refer to one as "Primary"
and one as "Secondary", the fact is, both are Primary Master zones.

Robert Lindholm

unread,

May 16, 2008, 9:22:01 AM5/16/08

to

Kevin:

That seems to have resolved this issue... thanks for you help :-)

Bob
--
Robert Lindholm
University of Rochester