Hopefully someone will be able to give me some good direction here. I am helping out a company which has Server '03 SP2 installed. I went in today because they had been having several issues with mapped drives constantly losing connection. While the drive connections is not a huge issue right this moment, what I came across in the process of trying to figure out what was wrong I came across the following: 1) DNS is unable to connect to the active directory (Server is a DNS, Active Directory, and File Server setup). 2) Under the list of all services on the computer, there is NO Active Directory service at all!!! Now considering that there are no Active Directory services shown at all, I am going to assume that is the reason the DNS is unable to connect, as it only makes sense. I am also coming to believe that mapped drives are disconnecting as a result of the AD services not being present. I have gone into Directory Services Restore Mode, and have run a repair, and the other common switches to ensure that everything is working, and it seems to be just fine. I was able to back up the AD using the NTBackup, along with the boot and other typical items. My question, is that if I uninstall the AD role, and then reinstall the AD role, and finally restore the AD, should everything be back to normal? Is there anything special I should be aware of or any extra items I should back-up? Sorry if this is a silly question, but I have been searching all morning to find a solution, but have yet to find anything that resembles this issue.

Hello,Before you do that..Please post a complete dcdiag /v from the domain controller. We can use this to help with your diagnosticsBecause if you think the AD is messed up at the moment, a backup and restore from the same AD wouldn't do you any good. Isaac Oben MCITP:EA, MCSE

Here are the complete results from the dcdiag /v. As you can see it is passing everything, except for the Connectivity text... Sorry, but my limited knowledge here kinda hurts me. If there is anything else I can provide, please let me know, and thanks for the help so far. C:\Documents and Settings\Administrator>dcdiag /v Domain Controller Diagnosis Performing initial setup: * Verifying that the local machine WMS1, is a DC. * Connecting to directory service on server WMS1. * Collecting site info. * Identifying all servers. * Identifying all NC cross-refs. * Found 1 DC(s). Testing 1 of them. Done gathering initial info. Doing initial required tests Testing server: Default-First-Site\WMS1 Starting test: Connectivity * Active Directory LDAP Services Check The host 2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local could no t be resolved to an IP address. Check the DNS server, DHCP, server name, etc Although the Guid DNS name (2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local) couldn't be resolved, the server name (WMS1.wms.local) resolved to the IP address (192.168.5.10) and was pingable. Check that the IP address is registered correctly with the DNS server. ......................... WMS1 failed test Connectivity Doing primary tests Testing server: Default-First-Site\WMS1 Skipping all tests, because server WMS1 is not responding to directory service requests Test omitted by user request: Topology Test omitted by user request: CutoffServers Test omitted by user request: OutboundSecureChannels Test omitted by user request: VerifyReplicas Test omitted by user request: VerifyEnterpriseReferences Test omitted by user request: CheckSecurityError Running partition tests on : TAPI3Directory Starting test: CrossRefValidation ......................... TAPI3Directory passed test CrossRefValidation Starting test: CheckSDRefDom ......................... TAPI3Directory passed test CheckSDRefDom Running partition tests on : ForestDnsZones Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Running partition tests on : DomainDnsZones Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Running partition tests on : Schema Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Running partition tests on : Configuration Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Running partition tests on : WMS Starting test: CrossRefValidation ......................... WMS passed test CrossRefValidation Starting test: CheckSDRefDom ......................... WMS passed test CheckSDRefDom Running enterprise tests on : WMS.local Starting test: Intersite Skipping site Default-First-Site, this site is outside the scope provided by the command line arguments provided. ......................... WMS.local passed test Intersite Starting test: FsmoCheck GC Name: \\WMS1.WMS.local Locator Flags: 0xe00003fd PDC Name: \\WMS1.WMS.local Locator Flags: 0xe00003fd Time Server Name: \\WMS1.WMS.local Locator Flags: 0xe00003fd Preferred Time Server Name: \\WMS1.WMS.local Locator Flags: 0xe00003fd KDC Name: \\WMS1.WMS.local Locator Flags: 0xe00003fd ......................... WMS.local passed test FsmoCheck Test omitted by user request: DNS Test omitted by user request: DNS C:\Documents and Settings\Administrator>

hello your test is missing some other critical tests which should have included in this base test..do thisdcdiag /test:netlogonsdcdiag /test:Advertisingdcdiag /test:replicatonsand post results...Isaac Oben MCITP:EA, MCSE

Here are the results for those tests that you asked for... Sorry, as I said, my lack of complete knowledge with servers is a shame in my opinion lol, but at least i know enough not to screw anything up. Again, the connectivity tests all failed and its not responding to directory service requests. C:\Documents and Settings\Administrator>dcdiag /test:netlogons Domain Controller Diagnosis Performing initial setup: Done gathering initial info. Doing initial required tests Testing server: Default-First-Site\WMS1 Starting test: Connectivity The host 2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc Although the Guid DNS name (2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local) couldn't be resolved, the server name (WMS1.wms.local) resolved to the IP address (192.168.5.10) and was pingable. Check that the IP address is registered correctly with the DNS server. ......................... WMS1 failed test Connectivity Doing primary tests Testing server: Default-First-Site\WMS1 Running partition tests on : TAPI3Directory Running partition tests on : ForestDnsZones Running partition tests on : DomainDnsZones Running partition tests on : Schema Running partition tests on : Configuration Running partition tests on : WMS Running enterprise tests on : WMS.local C:\Documents and Settings\Administrator>dcdiag /test:advertising Domain Controller Diagnosis Performing initial setup: Done gathering initial info. Doing initial required tests Testing server: Default-First-Site\WMS1 Starting test: Connectivity The host 2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc Although the Guid DNS name (2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local) couldn't be resolved, the server name (WMS1.wms.local) resolved to the IP address (192.168.5.10) and was pingable. Check that the IP address is registered correctly with the DNS server. ......................... WMS1 failed test Connectivity Doing primary tests Testing server: Default-First-Site\WMS1 Running partition tests on : TAPI3Directory Running partition tests on : ForestDnsZones Running partition tests on : DomainDnsZones Running partition tests on : Schema Running partition tests on : Configuration Running partition tests on : WMS Running enterprise tests on : WMS.local C:\Documents and Settings\Administrator>dcdiag /test:replications Domain Controller Diagnosis Performing initial setup: Done gathering initial info. Doing initial required tests Testing server: Default-First-Site\WMS1 Starting test: Connectivity The host 2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local could no t be resolved to an IP address. Check the DNS server, DHCP, server name, etc Although the Guid DNS name (2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local) couldn't be resolved, the server name (WMS1.wms.local) resolved to the IP address (192.168.5.10) and was pingable. Check that the IP address is registered correctly with the DNS server. ......................... WMS1 failed test Connectivity Doing primary tests Testing server: Default-First-Site\WMS1 Skipping all tests, because server WMS1 is not responding to directory service requests Running partition tests on : TAPI3Directory Running partition tests on : ForestDnsZones Running partition tests on : DomainDnsZones Running partition tests on : Schema Running partition tests on : Configuration Running partition tests on : WMS Running enterprise tests on : WMS.local C:\Documents and Settings\Administrator>

After taking a look at these, shouldn't there be more info from running the tests or is this normal?

Hello,Yes, there should be more info from thise test.It seems that you are having DNS related issues.. So we are going to try some troubleshooting..1- check your IP configuration and make sure that the server is pointing to itself for Primary DNS..Please post and ipconfig /all2- at command prompt run: netdiag /fixpost resultsAfter the results we will continue from there..Also I see you have TAPI3Directory. Are you using some kind of telephony service? Isaac Oben MCITP:EA, MCSE

Hi Eckostar, Thank you for posting in Windows Server Forum. According to your questions, I understand that your Windows 2003 Active Directory got some issues with DNS and mapped drives. I agree with Isaac's suggestion, To narrow down the root cause, please confirm the following information. 1. Did you see "SYSVOL" and "NETLOGON" folder when you type "net share" command on the DC? 2. Check whether the Netlogon service is started on the DC. 3. Can you open Active Directory users and computers properly on the problematic DC? 4. Run "dcdiag /fix" and "Netdiag /fix" on the problematic Domain controller and paste the result here. In addition, please also run a MPS report on your Windows 2003 domain controller and upload the report file to me. To run a MPS report, you can refer to the following link: http://blogs.technet.com/askperf/archive/2009/05/01/two-minute-drill-the-new-mps-reports.aspx For your convenience, I have created a workspace for you. You can upload the information files to the following link. (Please choose "Send Files to Microsoft") Workspace URL: (https://sftasia.one.microsoft.com/choosetransfer.aspx?key=dcca671b-d15b-4bcf-a33b-9253a503e6d5 ) Password: !j0V5FK46^4 For the second question, actually there is no Active Directory service in services console in Windows Server 2003. Best Regards, Wilson JiaThis posting is provided "AS IS" with no warranties, and confers no rights.

Ok, I will start with my response to Isaac, and thanks for your help so far by the way. Here are the results for the IP address, and everything there is normal from what I am used to seeing, but maybe I am wrong? Now I removed a second IP from the DNS servers, as I know for a fact that it is only the DNS address that the company's internet provider requires, and without it, there is NO internet access, so I kept it all to the local info for the DNS's. Plus I removed all of the extra CR's. Windows IP Configuration Host Name . . . . . . . . . . . . : WMS1 Primary Dns Suffix . . . . . . . : wms.local Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : wms.local Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) PRO/1000 XT Network Connection Physical Address. . . . . . . . . : 00-0B-DB-A9-32-05 DHCP Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 192.168.5.10 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.5.1 DNS Servers . . . . . . . . . . . : 192.168.5.10 And the results for netdiag /fix: Computer Name: WMS1 DNS Host Name: WMS1.wms.local System info : Microsoft Windows Server 2003 (Build 3790) Processor : x86 Family 15 Model 2 Stepping 7, GenuineIntel List of installed hotfixes : KB911564 KB921503 KB923561 KB925398_WMP64 KB925876 KB925902 KB926122 KB927891 KB929123 KB930178 KB931768 KB931784 KB931836 KB932168 KB933360 KB933566 KB933729 KB933854 KB935839 KB935840 KB935966 KB936021 KB936357 KB936782 KB937143 KB938127 KB938464-v2 KB941569 KB942830 KB942831 KB943055 KB943460 KB943729 KB944338-v2 KB944653 KB945553 KB946026 KB948496 KB949014 KB950760 KB950762 KB950974 KB951066 KB951748 KB952004 KB952069 KB952954 KB953298 KB954155 KB954550-v5 KB954600 KB955069 KB955759 KB955839 KB956572 KB956802 KB956844 KB957097 KB958469 KB958644 KB958687 KB958690 KB958869 KB959426 KB960225 KB960803 KB960859 KB961063 KB961118 KB961373 KB961501 KB963027 KB967715 KB967723 KB968389 KB968816 KB969059 KB969947 KB970238 KB970483 KB971032 KB971486 KB971513 KB971557 KB971633 KB971657 KB971737 KB971961 KB971961-IE8 KB972270 KB973037 KB973354 KB973507 KB973525 KB973540 KB973687 KB973815 KB973869 KB973904 KB973917 KB974112 KB974318 KB974392 KB974571 KB975025 KB975467 KB976098-v2 KB976325 KB978207-IE8 Q147222 Netcard queries test . . . . . . . : Passed Per interface results: Adapter : Local Area Connection Netcard queries test . . . : Passed Host Name. . . . . . . . . : WMS1 IP Address . . . . . . . . : 192.168.5.10 Subnet Mask. . . . . . . . : 255.255.255.0 Default Gateway. . . . . . : 192.168.5.1 Dns Servers. . . . . . . . : 192.168.5.10 AutoConfiguration results. . . . . . : Passed Default gateway test . . . : Passed NetBT name test. . . . . . : Passed No remote names have been found. WINS service test. . . . . : Skipped There are no WINS servers configured for this interface. Global results: Domain membership test . . . . . . : Passed NetBT transports test. . . . . . . : Passed List of NetBt transports currently configured: NetBT_Tcpip_{DDE2EBCD-3A97-40FC-9E10-7919A92E86B3} 1 NetBt transport currently configured. Autonet address test . . . . . . . : Passed IP loopback ping test. . . . . . . : Passed Default gateway test . . . . . . . : Passed NetBT name test. . . . . . . . . . : Passed Winsock test . . . . . . . . . . . : Passed DNS test . . . . . . . . . . . . . : Failed [WARNING] Cannot find a primary authoritative DNS server for the name 'WMS1.wms.local.'. [RCODE_SERVER_FAILURE] The name 'WMS1.wms.local.' may not be registered in DNS. [WARNING] The DNS entries for this DC cannot be verified right now on DNS server 192.168.5.10, ERROR_TIMEOUT. [FATAL] No DNS servers have the DNS records for this DC registered. Redir and Browser test . . . . . . : Passed List of NetBt transports currently bound to the Redir NetBT_Tcpip_{DDE2EBCD-3A97-40FC-9E10-7919A92E86B3} The redir is bound to 1 NetBt transport. List of NetBt transports currently bound to the browser NetBT_Tcpip_{DDE2EBCD-3A97-40FC-9E10-7919A92E86B3} The browser is bound to 1 NetBt transport. DC discovery test. . . . . . . . . : Passed DC list test . . . . . . . . . . . : Passed Trust relationship test. . . . . . : Skipped Kerberos test. . . . . . . . . . . : Passed LDAP test. . . . . . . . . . . . . : Passed Bindings test. . . . . . . . . . . : Passed WAN configuration test . . . . . . : Skipped No active remote access connections. Modem diagnostics test . . . . . . : Passed IP Security test . . . . . . . . . : Skipped Note: run "netsh ipsec dynamic show /?" for more detailed information The command completed successfully Now for you Wilson, please give me a bit to upload the MPS as I am installing the PowerShell now. It will be there momentarily: 1. Did you see "SYSVOL" and "NETLOGON" folder when you type "net share" command on the DC? Yes, both the SYSVOL and NETLOGON shares are visible and are in the default C:\Windows\sysvol\sysvol (NETLOGON: C:\WINDOWS\sysvol\sysvol\WMS.local\SCRIPTS) 2. Check whether the Netlogon service is started on the DC. Yes, the Net Logon services is started and set to auto. 3. Can you open Active Directory users and computers properly on the problematic DC? Yes, I can open the ADUC properly, and yes I can edit them as I would normally be able to. So this I take it means we have narrowed it to a DNS issue? So there is no AD Service in the service console huh? Wow, I could have sworn that there was... All well, at least I am not AS worried now, just 90% now :). 4. Run "dcdiag /fix" and "Netdiag /fix" on the problematic Domain controller and paste the result here. See below: Domain Controller Diagnosis Performing initial setup: Done gathering initial info. Doing initial required tests Testing server: Default-First-Site\WMS1 Starting test: Connectivity The host 2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc Although the Guid DNS name (2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local) couldn't be resolved, the server name (WMS1.wms.local) resolved to the IP address (192.168.5.10) and was pingable. Check that the IP address is registered correctly with the DNS server. ......................... WMS1 failed test Connectivity Doing primary tests Testing server: Default-First-Site\WMS1 Skipping all tests, because server WMS1 is not responding to directory service requests Running partition tests on : TAPI3Directory Starting test: CrossRefValidation ......................... TAPI3Directory passed test CrossRefValidation Starting test: CheckSDRefDom ......................... TAPI3Directory passed test CheckSDRefDom Running partition tests on : ForestDnsZones Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Running partition tests on : DomainDnsZones Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Running partition tests on : Schema Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Running partition tests on : Configuration Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Running partition tests on : WMS Starting test: CrossRefValidation ......................... WMS passed test CrossRefValidation Starting test: CheckSDRefDom ......................... WMS passed test CheckSDRefDom Running enterprise tests on : WMS.local Starting test: Intersite ......................... WMS.local passed test Intersite Starting test: FsmoCheck ......................... WMS.local passed test FsmoCheck

Wilson - When II try to upload the CAB with the MPS report, I continuously get the following error: Error Page An error occurred on the page. To go back to the page that had the error, click on the Back button.

Hi Eckostar,Please zip the MPS report CAB file and upload again.Thank you for your cooperation.Regards,Wilson JiaThis posting is provided "AS IS" with no warranties, and confers no rights.

Wilson - Just tried to upload the ZIP file, and still the same error. Any other way to upload it?

HelloWhile waiting for Wilson to look at the MPS report. Go to your DNS console, forward lookup zones, Domain name, _msdcs, look for the CNAME "2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local" and make sure it corresponds to the DC name under FQDN for target host.check if it is Active DIrectory Integrated: on the forward lookup zones, right click on domain name, properties, general tab, what do you see under Type and what is the status?do a net stop DNS & net start DNSdo a net stop netlogons & net start netlogonsrun dcdiag /v and post againIsaac Oben MCITP:EA, MCSE

Ok, sorry I missed this last night, but to the best of my knowledge the phone services (TAPI) are actually not being used at this point in time. I will have to check more into that, but I think that it was intended to be used, but never was from the limited background I have on their server. I will check more into that though as I said. So, I went to the DNS console, and there to my surprise, a big red X on the WMS1 tree node server under DNS. On the right side it shows the following: The specified DNS server cannot be contacted. Some possible reasons include: the DNS server may not be running, there may be network problems, or the computer associated with the specified name or IP address could not be found. To retry the connection, either press F5, or... So there is a no go on me trying to get in to look at the FLZ. I did launch the NSLOOKUP though, and this is what came of that: DNS request timed out. timeout was 2 seconds. *** Can't find server name for address 192.168.5.10: Timed out Default Server: UnKnown Address: 192.168.5.10 I did do a net stop/start DNS and a net stop/start netlogon (NOT NETLOGONS? Is that an issue?) but I am still unable to get the DNS console to get rid of the X. Here is the dcdiag /v results again, still the same. Domain Controller Diagnosis Performing initial setup: * Verifying that the local machine WMS1, is a DC. * Connecting to directory service on server WMS1. * Collecting site info. * Identifying all servers. * Identifying all NC cross-refs. * Found 1 DC(s). Testing 1 of them. Done gathering initial info. Doing initial required tests Testing server: Default-First-Site\WMS1 Starting test: Connectivity * Active Directory LDAP Services Check The host 2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc Although the Guid DNS name (2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local) couldn't be resolved, the server name (WMS1.wms.local) resolved to the IP address (192.168.5.10) and was pingable. Check that the IP address is registered correctly with the DNS server. ......................... WMS1 failed test Connectivity Doing primary tests Testing server: Default-First-Site\WMS1 Skipping all tests, because server WMS1 is not responding to directory service requests Test omitted by user request: Topology Test omitted by user request: CutoffServers Test omitted by user request: OutboundSecureChannels Test omitted by user request: VerifyReplicas Test omitted by user request: VerifyEnterpriseReferences Test omitted by user request: CheckSecurityError Running partition tests on : TAPI3Directory Starting test: CrossRefValidation ......................... TAPI3Directory passed test CrossRefValidation Starting test: CheckSDRefDom ......................... TAPI3Directory passed test CheckSDRefDom Running partition tests on : ForestDnsZones Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Running partition tests on : DomainDnsZones Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Running partition tests on : Schema Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Running partition tests on : Configuration Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Running partition tests on : WMS Starting test: CrossRefValidation ......................... WMS passed test CrossRefValidation Starting test: CheckSDRefDom ......................... WMS passed test CheckSDRefDom Running enterprise tests on : WMS.local Starting test: Intersite Skipping site Default-First-Site, this site is outside the scope provided by the command line arguments provided. ......................... WMS.local passed test Intersite Starting test: FsmoCheck GC Name: \\WMS1.WMS.local Locator Flags: 0xe00003fd PDC Name: \\WMS1.WMS.local Locator Flags: 0xe00003fd Time Server Name: \\WMS1.WMS.local Locator Flags: 0xe00003fd Preferred Time Server Name: \\WMS1.WMS.local Locator Flags: 0xe00003fd KDC Name: \\WMS1.WMS.local Locator Flags: 0xe00003fd ......................... WMS.local passed test FsmoCheck Test omitted by user request: DNS Test omitted by user request: DNS Any other ideas?

When I right click on WMS1 in the DNS console and go to properties, the only tab there is is for Monitoring so I just performed the Simple Query, and it failed. I also tried to add another DNS server, but instead of using the WMS1 name, I used the actual IP, but still no go. The weird part is that there were no issues along these lines over the last few weeks from what I am told, but instead it only started recently....

Helloclick on WMS1, then click on forward lookup zones below it, then click on domainname.com to expan it, then right click properties and look for info above..If no forward lookup zone exists, then we may have to add it..to add it, just right click on DNS console add forward look up zone and follow the promptIsaac Oben MCITP:EA, MCSE

No Forward Lookup Zones exist, or are not being shown at the very least. I have expanded everything and I have: DNS - WMS1 -- Event Viewer --- DNS Events When I right click on WMS1 to add the FLZ the following items are grayed out: Cofigure a DNS Server New Zone Set Aging/Scavenging for All Zones Scavenge Stale Resource Records Update Server Data Files Clear Cache The only other options available are: Launch nslookup All Tasks (All options were grayed out here too with the exception of being able to launch nslookup, stop, pause and restart the service) Kinda giving me a feeling that the DNS may need to be recreated?

Yes you correct. you will have to reinstall and reconfigure dns..1- Go to %systemroot%\system32\dns folder and rename every file\folder in there to something like _old2- Go server manager, add roles, remove dns role reboot3 follow this instruction to reinstall DNShttp://support.microsoft.com/kb/814591Note the DNS zonename should reflect your network such as WMS.localafter installation run the netdiag /fix and dcdiag /fix and post resultafter that we will need to add your ISP required IP as a forwarder just incase you need internet accessIsaac Oben MCITP:EA, MCSE

Hi eckostar, Please try Isaac's suggestion, reinstall your DNS according to KB 814591. Then configure DNS for internet access, you can refer to: How to configure DNS for Internet access in Windows Server 2003 http://support.microsoft.com/default.aspx/kb/323380 How to troubleshoot DNS name resolution on the Internet in Windows Server 2003 http://support.microsoft.com/kb/816567/ In addition, you can use Windows Live SkyDrive (http://www.skydrive.live.com/) to upload the file and then give us the download address. Sincerely, Wilson Jia This posting is provided "AS IS" with no warranties, and confers no rights.

Sorry for the late delay, but I was unable to get into their office until Sunday, and I actually ran into something quite unexpected. I uninstalled the DNS Server Role after renaming all of the files under the dns folder that Isaac had pointed out. Removed the role, rebooted, and then reinstalled the role. While doing so, I realized that it was not taking me to the summary and area to allow me to edit the DNS settings. So I went to the DNS console, and tried to re-add the server, but still saying that the DNS service is not responding. I restarted the DNS service and all associated services, but to no avail. Does this imply I may need to reinstall the server OS?

Hello,First, please umark this thread as not answered so we know it is still open..Did you install following the guide here:http://support.microsoft.com/kb/814591 because you may need to install manually and not through server roles. I am thinking the service not started means DNS is not installed.Also look into the DNS events log what do you see?Isaac Oben MCITP:EA, MCSE

Hi eckostar,I just want to say hi, did you get any chance to go though Isaac's suggestion if there are any updates on the service request.Thanks.Sincerely,Wilson JiaThis posting is provided "AS IS" with no warranties, and confers no rights.

Hello Isaac / Wilson - Sorry for the late reply, but I just had my desktop crash on me so I have been without a computer to say the least. I am going to try and reinstall the DNS server again tomorrow morning via the Add/Remove Components window and I will be sure to let you know of the outcome..I tried to mark the thread as unanswered, but it keeps throwing up unknown/unexpected errors. I will any and all tests that you have asked for previously, along with the DNS errors in event viewer, as the errors are consistently the same every 10-15 minutes.

Ok guys, first off Thank you both again I just got into the office with the server in question. I have yet to go through the process of uninstalling the DNS, but that is next on my plate. Now, Just to give you some further background, Iam including errors from the DNS Log as it stands currently with all of the issues. Event Type: ErrorEvent Source: DNSEvent Category: NoneEvent ID: 4015Date: 2/14/2010Time: 10:12:56 AMUser: N/AComputer: WMS1Description:The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error. Event Type: ErrorEvent Source: DNSEvent Category: NoneEvent ID: 4000Date: 2/14/2010Time: 10:12:28 AMUser: N/AComputer: WMS1Description:The DNS server was unable to open Active Directory. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code. Event Type: WarningEvent Source: DNSEvent Category: NoneEvent ID: 4013Date: 2/14/2010Time: 10:12:28 AMUser: N/AComputer: WMS1Description:The DNS server was unable to open the Active Directory. This DNS server is configured to use directory service information and can not operate without access to the directory. The DNS server will wait for the directory to start. If the DNS server is started but the appropriate event has not been logged, then the DNS server is still waiting for the directory to start. Event Type: ErrorEvent Source: DNSEvent Category: NoneEvent ID: 408Date: 2/14/2010Time: 10:11:47 AMUser: N/AComputer: WMS1Description:The DNS server could not open socket for address 0.0.0.0. Verify that this is a valid IP address for the server computer. If it is NOT valid use the Interfaces dialog under Server Properties in the DNS Manager to remove it from the list of IP interfaces. Then stop and restart the DNS server. (If this was the only IP interface on this machine and the DNS server may not have started as a result of this error. In that case remove the DNS\Parmeters\ ListenAddress value in the services section of the registry and restart.) If this is a valid IP address for this machine, make sure that no other application (e.g. another DNS server) is running that would attempt to use the DNS port. Event Type: ErrorEvent Source: DNSEvent Category: NoneEvent ID: 405Date: 2/14/2010Time: 10:11:47 AMUser: N/AComputer: WMS1Description:The DNS server could not listen on Transmission Control Protocol (TCP) socket for address 0.0.0.0. The event data is the error code. An IP address of 0.0.0.0 can indicate a valid "any address" configuration in which all configured IP addresses on the computer are available for use. Restart the DNS server or reboot the computer. So again, those are the errors that are currently visibile in the event viewer. I am going to reinstall the DNS server now, and let you guys know what is going on with that.

Wilson -Here is a link to the MPS CAB file, sorry for the delay. If you have any questions, or need more, please let me know. I will leave the files for about a week.http://cid-7694a0f0675f2501.skydrive.live.com/self.aspx/.Public/WMS1^_MpsReports.cabOk, I also just finished reinstalling the DNS, or at least, what the process was supposed to do... Ok, I went through Add/Remove Programs, then Add/Remove Windows Components. Removed the DNS Server option under Networking Services and rebooted the server (This is after I had renamed all of the files in the DNS folder.). After finally rebooting, I went to Administrative Tools to verify that the DNS console was gone, and I also verified that the component was unselected from the list of installed Windows components. Everything worked as far as I can tell for this part from what Windows is telling me, but that is not truly the case. So I pulled up the KB814591 as Isaac pointed out, and followed the article to a 'T', but no matter what I do, after reinstalling the DNS server, I am back to the DNS console, and unable to add a FLZ or do anything just as before. The Domain name automatically adds itself, and still shows the big red x.I am going to reboot and take a look into some other issues that another computer in the same office is having, so for now, I will have to put this on pause to hear back from one of you.

HelloLook at theis KB to try and resolve the 408 errorhttp://technet.microsoft.com/en-us/library/cc735852(WS.10).aspxIsaac Oben MCITP:EA, MCSE

Thanks for the link, but that was for Server 2008, and therefore won't work for me. I did findhttp://technet.microsoft.com/en-us/library/cc755402(WS.10).aspxThere it shows the 408 erro for server 2003, and as it state: DNS server could not open socket for address [IP address of server].The DNS server could not open a socket with the current TCP/IP and DNS service configurations.Verify that this is a valid IP address on this machine. If the IP is not valid: Use the Interfaces dialog under Server Properties in the DNS Manager to remove it from the list of IP interfaces. Stop and restart the DNS server. (If this was the only IP interface on this machine, the DNS server may not have started as a result of this error. In that case, remove the DNS\Parameters\ListenAddress value in the services section of the registry and restart.) If the IP is valid: Verify that no other application (for example, another DNS server) is running that would attempt to use the DNS port.So, there isn't much else I to help with that right now...I did stop and restart the service, but no go. Any ways to check to see if there is another program or dns server that is causing this issue? Any further ideas?

Hello I suggest you just proceed t do a complete manual install of DNS and we go from thereIsaac Oben MCITP:EA, MCSE

Are you suggesting a full reinstall of Server '03? Or is there a seperate way of manually installing the DNS Server? I've been searching online for a little bit, and all of the DNS tutorials I have seen either reference using the Add/Remove Compnents or via the Manage You Server console, both of which I have tried so far. Is there something I am missing here? Or is there a method that I could use via command prompt or DC?

Hi Eckostar,Thank you for your uploading.According to the event logs, there are lots of Event ID 4015 errors.To resolve it, you can install the hotfix according to the following KBs.909249 The DNS service does not load all its zones on a DNS server that is running Windows Server 2003http://support.microsoft.com/default.aspx?scid=kb;EN-US;909249In addition, I have included the following KBs which might be helpful for you.Problems with Many Domain Controllers with Active Directory Integrated: http://support.microsoft.com/?id=267855 How to Optimize the Location of a Domain Controller or Global Catalog - http://support.microsoft.com/?id=306602A DNS Server Does Not Return More Than 16 KB of Data to the Client - http://support.microsoft.com/?id=812688Regards,Wilson Jia This posting is provided "AS IS" with no warranties, and confers no rights.

Wilson -I just tried the first link that you gave me, but it tells me that the version on the server is newer than that of the hotfix, and therefore will not allow me to install the hotfix. I wonder if all of these issues started when the company installed SP2?... Do you two think it would be a safe or good move to remove SP2, and work my way back?

Hi Eckostar,You may remove the SP2 and install the above hotfix to see if the issue continues. I hope the issue will be resolved soon.Regards,Wilson JiaThis posting is provided "AS IS" with no warranties, and confers no rights.

Well, I just unistalled SP2... Seems as though this may have caused more problems than it has fixed! :( After rebooting from the unistall, I went to the DNS console, but came to find out that the program was missing or my rights were insufficient, but being that I am using the admin account, I kinda doubt that the rights were an issue. I browsed to the system32 directory as to where the DNS management MSC file is located, and it is there... I tried to run it as several different users on the domain, and local accounts on the server, but no go, and also, I have NO access to any other of the MMC Snapin's including active directory, it all gives me the same erro, but I can access MMC via the run command, and can also use the MMC to manually add any snapins, and they seem to be working just fine, but DNS snapin still is unavailable, with the same red x again... Any idea on how to fix this now? Second, there were a few new updates that needed to be installed as a result of removing SP2, so I have installed those. Then I went to logon to Technet, and it is telling me that the requested lookup key was not found in any activation context. So, I tried google, and several others, but can not go to any websites what so ever when I type in an address or anything, but IE's homepage of MSN is working just fine, and clicking any links on MSN work fine.I also ran back through all of the suggestions here so far... Below you will find all of the tests and results:DCDIAG /V and TestsDomain Controller Diagnosis Performing initial setup: * Verifying that the local machine WMS1, is a DC. * Connecting to directory service on server WMS1. * Collecting site info. * Identifying all servers. * Identifying all NC cross-refs. * Found 1 DC(s). Testing 1 of them. Done gathering initial info. Doing initial required tests Testing server: Default-First-Site\WMS1 Starting test: Connectivity * Active Directory LDAP Services Check The host 2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc Although the Guid DNS name (2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local) couldn't be resolved, the server name (WMS1.wms.local) resolved to the IP address (192.168.5.10) and was pingable. Check that the IP address is registered correctly with the DNS server. ......................... WMS1 failed test Connectivity Doing primary tests Testing server: Default-First-Site\WMS1 Skipping all tests, because server WMS1 is not responding to directory service requests Test omitted by user request: Topology Test omitted by user request: CutoffServers Test omitted by user request: OutboundSecureChannels Test omitted by user request: VerifyReplicas Test omitted by user request: VerifyEnterpriseReferences Test omitted by user request: CheckSecurityError Running partition tests on : TAPI3Directory Starting test: CrossRefValidation ......................... TAPI3Directory passed test CrossRefValidation Starting test: CheckSDRefDom ......................... TAPI3Directory passed test CheckSDRefDom Running partition tests on : ForestDnsZones Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Running partition tests on : DomainDnsZones Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Running partition tests on : Schema Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Running partition tests on : Configuration Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Running partition tests on : WMS Starting test: CrossRefValidation ......................... WMS passed test CrossRefValidation Starting test: CheckSDRefDom ......................... WMS passed test CheckSDRefDom Running enterprise tests on : WMS.local Starting test: Intersite Skipping site Default-First-Site, this site is outside the scope provided by the command line arguments provided. ......................... WMS.local passed test Intersite Starting test: FsmoCheck GC Name: \\WMS1.WMS.local Locator Flags: 0xe00003fd PDC Name: \\WMS1.WMS.local Locator Flags: 0xe00003fd Time Server Name: \\WMS1.WMS.local Locator Flags: 0xe00003fd Preferred Time Server Name: \\WMS1.WMS.local Locator Flags: 0xe00003fd KDC Name: \\WMS1.WMS.local Locator Flags: 0xe00003fd ......................... WMS.local passed test FsmoCheck Test omitted by user request: DNS Test omitted by user request: DNS dcdiag /test:netlogons Domain Controller Diagnosis Performing initial setup: Done gathering initial info. Doing initial required tests Testing server: Default-First-Site\WMS1 Starting test: Connectivity The host 2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc Although the Guid DNS name (2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local) couldn't be resolved, the server name (WMS1.wms.local) resolved to the IP address (192.168.5.10) and was pingable. Check that the IP address is registered correctly with the DNS server. ......................... WMS1 failed test Connectivity Doing primary tests Testing server: Default-First-Site\WMS1 Running partition tests on : TAPI3Directory Running partition tests on : ForestDnsZones Running partition tests on : DomainDnsZones Running partition tests on : Schema Running partition tests on : Configuration Running partition tests on : WMS Running enterprise tests on : WMS.local dcdiag /test:Advertising Domain Controller Diagnosis Performing initial setup: Done gathering initial info. Doing initial required tests Testing server: Default-First-Site\WMS1 Starting test: Connectivity The host 2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc Although the Guid DNS name (2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local) couldn't be resolved, the server name (WMS1.wms.local) resolved to the IP address (192.168.5.10) and was pingable. Check that the IP address is registered correctly with the DNS server. ......................... WMS1 failed test Connectivity Doing primary tests Testing server: Default-First-Site\WMS1 Running partition tests on : TAPI3Directory Running partition tests on : ForestDnsZones Running partition tests on : DomainDnsZones Running partition tests on : Schema Running partition tests on : Configuration Running partition tests on : WMS Running enterprise tests on : WMS.local dcdiag /test:replications Domain Controller Diagnosis Performing initial setup: Done gathering initial info. Doing initial required tests Testing server: Default-First-Site\WMS1 Starting test: Connectivity The host 2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc Although the Guid DNS name (2184697a-c41f-4ba5-9929-880f55f7ec49._msdcs.WMS.local) couldn't be resolved, the server name (WMS1.wms.local) resolved to the IP address (192.168.5.10) and was pingable. Check that the IP address is registered correctly with the DNS server. ......................... WMS1 failed test Connectivity Doing primary tests Testing server: Default-First-Site\WMS1 Skipping all tests, because server WMS1 is not responding to directory service requests Running partition tests on : TAPI3Directory Running partition tests on : ForestDnsZones Running partition tests on : DomainDnsZones Running partition tests on : Schema Running partition tests on : Configuration Running partition tests on : WMS Running enterprise tests on : WMS.localAs you can see, or at least from what I am seeing, the same results are occuring as before. I am going to reinstall the DNS server yet again to see if there will be any further development, but so far nothing seems to be working. I would love to do a complete reinstall, but not having all of the information as to what any previous IT managers the company has had perform or setup, I am at a loss here I think. I will post any updates after the DNS install. Any other ideas at least? What about hte manual installation of the DNS server that Isaac was talking about? Is there a different route that I am unaware of that may be beneficial?

Hi,Thank you for your reply.Please follow KB 814591 to reinstall DNS on the DC as Isaac suggested. http://support.microsoft.com/kb/814591In addition, you may also install the hotfix below:909249 The DNS service does not load all its zones on a DNS server that is running Windows Server 2003http://support.microsoft.com/default.aspx?scid=kb;EN-US;909249Regards,Wilson JiaThis posting is provided "AS IS" with no warranties, and confers no rights.

eckostar, sounds like you have a lot going on here and i'll say, jumping in at this point it is hard to follow all of what's gone on but Wilson and Isaac have definitely been giving you some great advice. it looks like this may be getting past troubleshooting via newsgroup. if you would like some free hands on assistance, feel free to ping me at InitialAssist@cbfive.com. thx. /richhttp://cbfive.com/blog

Wilson -Reinstalling the DNS server yet again did NOT resolve any issues. Neither did installing the hotfix you had sent.Thanks

Hello,Go to a workstation in this network and post and ipcongfig /allI am trying to see if this network is using a DNS other than the one from the affected DCIsaac Oben MCITP:EA, MCSE

Isaac -You were somewhat correct about your assumption with the DNS on one of the workstations:Microsoft Windows XP [Version 5.1.2600](C) Copyright 1985-2001 Microsoft Corp. C:\Documents and Settings\administrator.WMS>ipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . . : 192-WMS Primary Dns Suffix . . . . . . . : WMS.local Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : shg-inc.local Ethernet adapter Local Area Connection 4: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection Physical Address. . . . . . . . . : 00-13-20-38-65-98 Dhcp Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 192.168.5.192 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.5.1 DNS Servers . . . . . . . . . . . : 192.168.5.10 208.57.0.11 I do know that the shg-inc.local DNS suffix search list item that is shown belongs to another business. This other business is like 5 doors down, and the offices are supposed to be connected for file sharing on a shared drive, but the DNS info should not be there... It appears that the admin who set all of this up was trying to save time or something. What should I do in order to fix this?

HelloI think that was probably configured using GPO.. check your gpo settingsBut what is this 208.57.0.11 for? is this another DNS server in the domain?Isaac Oben MCITP:EA, MCSE

I am away from their office at this time, so it will be a little while until I can check the GPO to verify everything.The 208.57.0.11 is actually one of the ISP domain servers. From what I have been able to tell, the past IT manager set this up in order to provide internet access to the machines.Also, to fill you in a bit more, after the long ordeal with the server, the company I am helping has decided to finally get a new server with Server 2008. The main reason for this, is with the amount of time I have spent help resolve this issue and others, it panned out to be a much easier move for them to just get a new server and to return the old one to it's previous owner.Now with that said, what KB articles would you be able to direct me to in order to easily recreate their needs? Obviously the DNS server is easy, then you were talking about the Foward Lookup Zone to provide internet access (more feasible in my opinion than adding the 208.57.0.11 DNS server), and finally there would be the Active Directory and a File Server setup all incorporated into the new server once it arrives in mid-March.I just want to be prepared to perform all the tasks needed so that I do not perform any "no-no" or "oops" procedures. I am thinking that with the Active Directory, it will be easiest for me just to re-create it from scratch as opposed to exporting and re-importing the directory just in case there are any errors, as there should only be 20 or 30 accounts to create at the very maximum. After that I will close the question, even though we have yet to come to a true solution, but it has been a learning experience to say the least. I appreciate all of you help Isaac and Wilson, looks like I owe you guys a few beers.

HelloGood to know you will be purchasing a new W2K8 hardware. Yes, I suggest it will be a good idea to just build your new domain from scratch because you only have 20-30 users and we are not that sure how healthy or good is the current structure.Well on your new server apart from installing Active Directory you will need to install DNS during the process of dcpromo and also you mioght need DHCP if you prefer to use your server rather than the router for this.You will need to add the ISP address as forwarders so clients can access the internet via the domain controllers DNS. To do this, after DNS installation is complete, go to the DNS console, expand the server, Forward lookup zones, right click properties, under forwarders tab, add the isp IP address and this will take care of internet access on yourlocal networkRemember to unjoin all machines from the domain before you throw away the old server..because you will need to rejoin them to the new domainIsaac Oben MCITP:EA, MCSE

Now do you recommend that I uninstall the DNS role from the old server, change the IP to something different, then basically recreate the exact same DNS on the new W2K8 server or should I change the DNS name completely? If i basically recreate the same domain/dns again will I really have to unjoin all of the computers from the old domain (never dealt with this)?I have already used my Technet subscription to download W2K8 and have already been able to create my own domain and active directory minus the forward lookup zones for practice, so everything should be a piece of cake...knock on wood.