Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

How to correct these DNS errors?

0 views
Skip to first unread message

Jaime Stuardo

unread,
Apr 21, 2005, 10:39:02 PM4/21/05
to
Hi all...

I'm getting these DNS errors in event log. What do they mean and how can I
fix them?

Warning (this is the domain server and obviously is joined in the domain):
The DNS server machine currently has no DNS domain name. Its DNS name is a
single label hostname with no domain (example: "host" rather than
"host.microsoft.com").

You might have forgotten to configure a primary DNS domain for the server
computer. For more information, see either "DNS server log reference" or "To
configure the primary DNS suffix for a client computer" in the online Help.

While the DNS server has only a single label name, all zones created will
have default records (SOA and NS) created using only this single label name
for the server's hostname. This can lead to incorrect and failed referrals
when clients and other DNS servers use these records to locate this server by
name.

To correct this problem:
1) open Control Panel
2) open System applet
3) select Computer Name tab
4) click the "Change" button and join the computer to a domain or
workgroup; this name will be used as your DNS domain name
5) reboot to initialize with new domain name

After reboot, the DNS server will attempt to fix up default records,
substituting new DNS name of this server, for old single label name.
However, you should review to make sure zone's SOA and NS records now
properly use correct domain name of this server.

For more information, see Help and Support Center at


Information:
The DNS server did not detect any zones of either primary or secondary type
during initialization. It will not be authoritative for any zones, and it
will run as a caching-only server until a zone is loaded manually or by
Active Directory replication. For more information, see the online Help.

Error (Active directory works since I can log to the domain from a client
computer in the LAN):
The DNS server has encountered a critical error from the Active Directory.
Check that the Active Directory is functioning properly. The extended error
debug information (which may be empty) is "". The event data contains the
error.

Error:
The DNS server was unable to complete directory service enumeration of zone
.. This DNS server is configured to use information obtained from Active
Directory for this zone and is unable to load the zone without it. Check
that the Active Directory is functioning properly and repeat enumeration of
the zone. The extended error debug information (which may be empty) is "".
The event data contains the error.

Error:
The DNS server was unable to complete directory service enumeration of zone
_msdcs.DESYTEC.North. This DNS server is configured to use information
obtained from Active Directory for this zone and is unable to load the zone
without it. Check that the Active Directory is functioning properly and
repeat enumeration of the zone. The extended error debug information (which
may be empty) is "". The event data contains the error.

Error:
The DNS server was unable to add or write an update of domain name srv-dev
in zone DESYTEC.North to the Active Directory. Check that the Active
Directory is functioning properly and add or update this domain name using
the DNS console. The extended error debug information (which may be empty) is
"". The event data contains the error.


Any help will be greatly appreciated,

Thanks a lot in advance
Jaime

Todd J Heron

unread,
Apr 22, 2005, 6:53:19 AM4/22/05
to
This error can occur because of a common DNS misconfiguration. We need more
details on your setup. Can you please provide the following information:

1) Domain name from Active Directory Users & Computers MMC
2) List of all Forward Lookup Zones in the DNS MMC
3) Output of ipconfig /all from the problem machine(s) (an unedited
version - please do not make any changes)

--
Todd J Heron, MCSE
Windows Server 2003/2000/NT; CCA
----------------------------------------------------------------------------
This posting is provided "as is" with no warranties and confers no rights

Kevin D. Goodknecht Sr. [MVP]

unread,
Apr 22, 2005, 1:32:40 PM4/22/05
to
Jaime Stuardo wrote:
> Hi all...
>
> I'm getting these DNS errors in event log. What do they mean and how
> can I fix them?
>
> Warning (this is the domain server and obviously is joined in the
> domain): The DNS server machine currently has no DNS domain name.
> Its DNS name is a single label hostname with no domain (example:
> "host" rather than "host.microsoft.com").

There is a script in this KB, follow the instructions to change the Primary
DNS suffix to the AD DNS Domain name as seen in ADU&C.
257623 Domain Controller's Domain Name System Suffix Does Not Match Domain
Name
http://support.microsoft.com/?id=257623

--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================


Jaime Stuardo

unread,
Apr 22, 2005, 8:29:11 PM4/22/05
to
Hi Todd and thanks for answering. This is what you requested:

1) Domain name from Active Directory Users & Computers MMC

DESYTEC.North

2) List of all Forward Lookup Zones in the DNS MMC

_msdcs.DESYTEC.North
DESYTEC.North

3) Output of ipconfig /all from the problem machine(s)

The server has the problem, so, here is the IPCONFIG information:


Windows IP Configuration

Host Name . . . . . . . . . . . . : srv-dev
Primary Dns Suffix . . . . . . . : DESYTEC.North
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : DESYTEC.North

PPP adapter RAS Server (Dial In) Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 0.0.0.0
Subnet Mask . . . . . . . . . . . : 0.0.0.0
Default Gateway . . . . . . . . . :

Ethernet adapter Internet:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-11-43-2F-69-26
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.1
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 127.0.0.1

Ethernet adapter LAN:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : D-Link DFE-530TX PCI Fast Ethernet
Adapte
r (rev.C)
Physical Address. . . . . . . . . : 00-0D-88-CA-8F-CC
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 127.0.0.1

PPP adapter Manquehue:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 200.74.187.200
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 200.74.160.103
200.74.160.104
NetBIOS over Tcpip. . . . . . . . : Disabled


Thanks
Jaime

Jaime Stuardo

unread,
Apr 22, 2005, 8:30:57 PM4/22/05
to
Hi Kevin,

I have gone to that site and it says:

"If the DNS name has a single label, and your computer is running Windows
2000 with Service Pack 4 (SP4), Windows XP, or Windows Server 2003, use the
AllowSingleLabelDnsDomain registry entry to resolve the problem. For example,
if the domain name is "contoso" and is not "contoso.com," the DNS name has a
single label. For more information, click the following article number to
view the article in the Microsoft Knowledge Base: "

And my domain isn't single label. It is DESYTEC.North, and as I saw, there
isn't a disjoint namespace, so I don't know if I really need to run that
script or not.

Jaime

Kevin D. Goodknecht Sr. [MVP]

unread,
Apr 22, 2005, 9:16:37 PM4/22/05
to
Jaime Stuardo wrote:
> Hi Kevin,
>
> I have gone to that site and it says:
>
> "If the DNS name has a single label, and your computer is running
> Windows 2000 with Service Pack 4 (SP4), Windows XP, or Windows Server
> 2003, use the AllowSingleLabelDnsDomain registry entry to resolve the
> problem. For example, if the domain name is "contoso" and is not
> "contoso.com," the DNS name has a single label. For more information,
> click the following article number to view the article in the
> Microsoft Knowledge Base: "
>
> And my domain isn't single label. It is DESYTEC.North, and as I saw,
> there isn't a disjoint namespace, so I don't know if I really need to
> run that script or not.
>

From the error you posted in your original post it sounded like you had a
disjointed namespace.
<snip>


You might have forgotten to configure a primary DNS domain for the server
computer. For more information, see either "DNS server log reference" or "To
configure the primary DNS suffix for a client computer" in the online Help.

While the DNS server has only a single label name, all zones created will
have default records (SOA and NS) created using only this single label name
for the server's hostname. This can lead to incorrect and failed referrals
when clients and other DNS servers use these records to locate this server
by
name.

<snip>

After you posted your ipconfig /all it was obvious you do have the correct
primary DNS suffix.

That said, multihomed domain controllers are problematic and you should
never use an external DNS on any interface in any position, this includes
dial up interfaces. Manually assign the private IP address of this DC in the
dial up interface for DNS.
It also appears this article applies to this DC, you will need to add the
registry entries and manually add the records from this KB.
292822 - Name resolution and connectivity issues on a Routing and Remote
Access Server that also runs DNS or WINS:
http://support.microsoft.com/default.aspx?scid=kb;en-us;292822

You should also check your binding order, that the internal interface is at
the top of the binding order:
Change the binding order of the network adapters so that the adapter that is
listed at the top of the Connections list has File and Printer Sharing bound
to it: 1. Click Start, point to Settings, click Control Panel, and then
double click Network and Dial-up Connections.
2. On the Advanced menu, click Advanced Settings.
3. In the Connections box, click the network adapter with File and
Printer Sharing bound to it.
4. Click the arrow buttons on the right side to move the adapter to
the top of the list.
5. Click OK.

0 new messages