RE: [ActiveDir] DNS Replication

[Roger Seielstad]

Title: Message

Sounds like your DNS topology is incorrect.   How is DNS configured as a whole, and what are the specific settings for each DC? I'm guessing you've managed to orphan at least on DC.   Roger -------------------------------------------------------------- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -----Original Message----- From: Wright, T. MR NSSB [mailto:[EMAIL PROTECTED] Sent: Friday, June 20, 2003 11:19 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] DNS Replication I am setting up a new AD domain and I am seeing a slew of errors which I believe are DNS related, reading this thread has confused me somewhat...   Here's my situation..  Empty forest root domain with 4 DC's with the Roles spread across them, all running AD integrated DNS.  I then have a child domain with another 5 DC's which are also all running AD Integrated DNS.  In the DNS settings I have set all servers to do Zone transfers only with servers listed on the name servers tab, and on the name servers tab I have listed all 9 DC's no matter if they were in the parent or child domain.  Am I taking the wrong approach?   The error that I keep getting is this: Event ID: 1265 Source: NTDS KCC Type: Warning Category: Knowledge Consistency The attempt to establish a replication link with parameters Partition: DC=yourinfo,DC=yourinfo,DC=yourinfo,DC=com Source DSA DN: CN=NTDS Settings,CN=NT5-PCI-20,CN=Servers,CN=GSCIntranet,CN=Sites,CN=Configuration,DC=child,DC=yourdomain,DC=com Source DSA Address: YourDomainController. YourDomain.com Inter-site Transport (if any): failed with the following status: The DSA operation is unable to proceed because of a DNS lookup failure. The record data is the status code. This operation will be retried.    I have read MS KB article 319202 and tried what they suggested to no avail.  When I run DCdiag I also get the same errors when it gets to the kccevent check.  The errors appear on most but not all of the DC's.  They are physically located in 4 different buildings on the same campus, and I seem to have no problem pinging one another.     Thanks,   -Tim      From: Roger Seielstad [mailto:[EMAIL PROTECTED] Sent: Thursday, June 19, 2003 4:22 PM To: '[EMAIL PROTECTED]' It is correct that they will not replicate as part of AD replication, but there is no reason you can't do normal DNS zone transfers to accomplish a similar end point.   Roger -------------------------------------------------------------- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -----Original Message----- From: Victor Hugo Naranjo [mailto:[EMAIL PROTECTED] Sent: Thursday, June 19, 2003 1:31 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] DNS Replication Hi,   DNS Zones configured as AD Integrated could not replicate between Parent and Child Domain, is it correct?   Sincerely,     Víctor Naranjo MCSE, MCSA