I have a Win2K Server that has been running for almost 2 years. Recently started having problems after introducing Win2K Pro clients. Think it has to do with DNS since I get a lot of DNS Event Viewer Errors. Tried to create Reverse Lookup zone, and got an error message, "The zone cannot be created. Access was denied." I am an administrator. Do I need to have more permissions set?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Can't create new Reverse Lookup zone
- Thread starter sonjag
- Start date
GlenJohnson
MIS
What does the event log show? Glen A. Johnson
Johnson Computer Consulting
MCP W2K
glen@johnsoncomputers.us
Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884
"If I have made any valuable discoveries, it has been owing more to patient attention than to any other talent."
Sir Isaac Newton (1642-1727)
Johnson Computer Consulting
MCP W2K
glen@johnsoncomputers.us
Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884
"If I have made any valuable discoveries, it has been owing more to patient attention than to any other talent."
Sir Isaac Newton (1642-1727)
- Thread starter
- #3
If you meant an Event log from trying to create the reverse lookup zone, I don't see one. However, I had tried to explain the extent of my DNS problems to someone else, before I knew I couldn't make a reverse lookup. Here's the whole scenario.
Our problem is that the Internet is very slow at times... probably about 50% of the time. Sometimes it works at its normal speed. So I started to troubleshoot, and found odd entries in our Event Viewer:
System log [event ID 5781]: Dynamic registration of one or more DNS records filed because no DNS servers are available.
System log [event ID 5513]: The computer 02-GW-34 tried to connect to the server \\TIGGER using the trust relationship established by the EES domain. However, the computer lost the correct security identifier (SID) when the domain was reconfigured. Reestablish the trust relationship.
--- This error message comes up for 2 machines, oddly enough both are W2K Pro devices, of which we have 4. One I set up, and 3 another person set up. The two with these errors were not set up by me, and the one with the DNS snap in entry (info to follow) was not either.
System log [event ID 64]: Because of repeated network problems, the time service has not been able to find a domain controller to synchronize iwth for a long time. To reduce network traffic, the time service will wait 960 minutes before trying again. No synchronization will take place .... blah blah blah
DNS log [event 5504]: The DS server encountered an invalid domain name in a packet from 192.168.168.43. The packet is rejected.
---- getting jillions of these, until event ID 9999 and 3000 tells me that they'll be suppressed because of the volume of them.
In my DNS snap in, I get 2 host entries besides the server itself. One of them is the W2K Pro machine and the other is an OSX Server. The OSX Server entry I put in there, the W2K Pro one seems to have been automatically generated.
Our problem is that the Internet is very slow at times... probably about 50% of the time. Sometimes it works at its normal speed. So I started to troubleshoot, and found odd entries in our Event Viewer:
System log [event ID 5781]: Dynamic registration of one or more DNS records filed because no DNS servers are available.
System log [event ID 5513]: The computer 02-GW-34 tried to connect to the server \\TIGGER using the trust relationship established by the EES domain. However, the computer lost the correct security identifier (SID) when the domain was reconfigured. Reestablish the trust relationship.
--- This error message comes up for 2 machines, oddly enough both are W2K Pro devices, of which we have 4. One I set up, and 3 another person set up. The two with these errors were not set up by me, and the one with the DNS snap in entry (info to follow) was not either.
System log [event ID 64]: Because of repeated network problems, the time service has not been able to find a domain controller to synchronize iwth for a long time. To reduce network traffic, the time service will wait 960 minutes before trying again. No synchronization will take place .... blah blah blah
DNS log [event 5504]: The DS server encountered an invalid domain name in a packet from 192.168.168.43. The packet is rejected.
---- getting jillions of these, until event ID 9999 and 3000 tells me that they'll be suppressed because of the volume of them.
In my DNS snap in, I get 2 host entries besides the server itself. One of them is the W2K Pro machine and the other is an OSX Server. The OSX Server entry I put in there, the W2K Pro one seems to have been automatically generated.
GlenJohnson
MIS
Check this out and see if it helps. Glen A. Johnson
Johnson Computer Consulting
MCP W2K
glen@johnsoncomputers.us
Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884
"If I have made any valuable discoveries, it has been owing more to patient attention than to any other talent."
Sir Isaac Newton (1642-1727)
- Thread starter
- #5
Glen,
No luck there. I followed the thread. They had problems with outside IPs (not seen here) and possible outside users causing DNS problems. Either one might be happening, but I don't see any evidence for it. One person suggested packet sniffing. I don't know how to do that. Does it sound to you like my answer may lie there?
Sonja
No luck there. I followed the thread. They had problems with outside IPs (not seen here) and possible outside users causing DNS problems. Either one might be happening, but I don't see any evidence for it. One person suggested packet sniffing. I don't know how to do that. Does it sound to you like my answer may lie there?
Sonja
GlenJohnson
MIS
I've never done that either. You might want to post this in the W2K server forum. Lot of really good people. I'll keep looking around, though. Good luck. (Just for jollies, on the w2k pro machines, go into services and make sure computer browsing is disabled. Don't know why it causes problems, but when I converted server to W2K and set up the domain, this caused all kinds of grief because the pro machines thought they were the master browser. Know it sounds strange, but w2k can be fickle.) Glen A. Johnson
Johnson Computer Consulting
MCP W2K
glen@johnsoncomputers.us
Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884
"If I have made any valuable discoveries, it has been owing more to patient attention than to any other talent."
Sir Isaac Newton (1642-1727)
Johnson Computer Consulting
MCP W2K
glen@johnsoncomputers.us
Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884
"If I have made any valuable discoveries, it has been owing more to patient attention than to any other talent."
Sir Isaac Newton (1642-1727)
- Status
Similar threads
- Locked
- Question