DNS Problem in Active Directory

aoidan

Im getting the following error in my 2003 Active Directory.

The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "000020E3: SvcErr: DSID-031B063D, problem 5002 (UNAVAILABLE), data 0". The event data contains the error.

whats happening now is that i cant add new machines to the domain.

rmacm

Probaby more appropriate for here. Moved from Nets & Comms.

Martyr

did you try running DCDIAG or NETDIAG to see if any errors appear there?
you'll probably need to give some more details too like how many machines you have on the domain, dns..

check out these examples here

http://technet.microsoft.com/en-us/library/cc758753.aspx

try some of the diagnostic tests, then post up any potential errors.

cance

more information on your environment please?

small business server or standard/enterprise?
multiple domain controllers or one?
2003 native or mixed?
active directory integrated zones?

aoidan

Hi all,

i did run DCDIAG and the only test that failed was :

Starting test: KnowsOfRoleHolders
Warning: CN=NTDS Settings\0ADEL:9f589b8e-ba20-4896-971d-e038e1f71a44,CN=TOYSSERVER7\0ADEL:9dc45704-3ade-4fcf-a88e-6e46ffe91efa,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=skerrys,DC=ie is the Schema Owner, but is deleted.
Warning: CN=NTDS Settings\0ADEL:9f589b8e-ba20-4896-971d-e038e1f71a44,CN=TOYSSERVER7\0ADEL:9dc45704-3ade-4fcf-a88e-6e46ffe91efa,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=skerrys,DC=ie is the Domain Owner, but is deleted.
......................... TOYSSERVER failed test KnowsOfRoleHolders

the system is windows 2003 standard server, just the one domain controller, there used to be two, im thinking maybe that is where my problem started from.( i did run dcpromo at the time by the way)
All other DCDIAG tests passed.

axer

aoidan wrote: »

Hi all,

i did run DCDIAG and the only test that failed was :

Starting test: KnowsOfRoleHolders
Warning: CN=NTDS Settings\0ADEL:9f589b8e-ba20-4896-971d-e038e1f71a44,CN=TOYSSERVER7\0ADEL:9dc45704-3ade-4fcf-a88e-6e46ffe91efa,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=skerrys,DC=ie is the Schema Owner, but is deleted.
Warning: CN=NTDS Settings\0ADEL:9f589b8e-ba20-4896-971d-e038e1f71a44,CN=TOYSSERVER7\0ADEL:9dc45704-3ade-4fcf-a88e-6e46ffe91efa,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=skerrys,DC=ie is the Domain Owner, but is deleted.
......................... TOYSSERVER failed test KnowsOfRoleHolders

the system is windows 2003 standard server, just the one domain controller, there used to be two, im thinking maybe that is where my problem is.
All other DCDIAG tests passed.

http://support.microsoft.com/kb/255504

aoidan

by the way my DNS is AD integrated
does it look likely that i will have to reinstall AD again.

Martyr

i did run dcpromo at the time by the way

you ran this, then the problems started?

have you tried: netdiag /fix

other than that, i don't know, sorry.

axer

Did you try this - Seize FSMO roles?

aoidan

yes to the 2 previous posts, ill keep looking around.

aoidan

In the end i wiped the box and reinstalled, everything is fine now. thanks to you all for your help.

rugtert

This is an old post but I am putting this here for anyone looking for a solution to this problem.

The forestdnszones and domaindnszones property's called fSMORoleOwner does not get changed properly and keeps pointing to the old role owner after seizing the fsmo roles from an offline DC. To fix this you have to manually change the setting to the current role owner.

For more information on how to do this see this post:
http://www.more2know.nl/tag/fsmoroleowner/