Announcement

Collapse
No announcement yet.

continuing RPC errors - EMERGENCY

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • continuing RPC errors - EMERGENCY

    RPC Server not found...


    I suspect I might still have a DNS issue, ....I'm trying to create a trust between forests and I get RPC errors. When creating dns for this scenario do i perform the following;

    forest 1:
    - dynamic dns as primary zone
    - secondary dns zone for dc in alternate forest (with zone transfer enabled to this server)

    log file from netdiag (test:dns)


    FOREST:

    - dynamic dns as primary zone
    - secondary dns zone for dc in alternate forest (with zone transfer enabled to this server)

    LOG FROM NETDIAG (test:dns)

  • #2
    Can you get to the domain in question??

    Is port 135 open on both firewalls for RPC traffic??

    Comment


    • #3
      Yes i can communicate throught the firewall between dc's (all services are open both ways - pix515 ver 7.)

      Comment


      • #4
        Can you create the trust from your side OK??

        Comment


        • #5
          I'm attempting to setup 3 forests, 1 outside the firewall, 1 on the dmz and one inside the firewall. I have a working 2way trust between the 2 forests dmz and inside, ...the failing trust is on the outside to the dmz. I get "rpc server unavailable" when attempting to create trust on the outside dc, although creating one side of the trust from the dmz works (?)

          ...also my dns log on my outside dc is clean, my two other dc's are logging errors (see below), ...I noted that all my secondary zones are transferring to other dc's (even over the firewall) except for the dmz zone from the dmz dc to the outside dc (secondary dmz zone)...

          Hope you can follow all that!

          Event Type: Error
          Event Source: DNS
          Event Category: None
          Event ID: 4011
          Date: 8/5/2005
          Time: 8:34:08 AM
          User: N/A
          Computer: IO-DCDMZ
          Description:
          The DNS server was unable to add or write an update of domain name _ldap in zone dmzdomain to the Active Directory. Check that the Active Directory is functioning properly and add or update this domain name using the DNS console. The event data contains the error.
          Data:
          0000: 2a 23 00 00 *#..


          Event Type: Error
          Event Source: DNS
          Event Category: None
          Event ID: 4011
          Date: 8/5/2005
          Time: 8:34:08 AM
          User: N/A
          Computer: IO-DCDMZ
          Description:
          The DNS server was unable to add or write an update of domain name _gc in zone dmzdomain to the Active Directory. Check that the Active Directory is functioning properly and add or update this domain name using the DNS console. The event data contains the error.
          Data:
          0000: 2a 23 00 00 *#..


          Event Type: Error
          Event Source: DNS
          Event Category: None
          Event ID: 4010
          Date: 8/5/2005
          Time: 8:36:53 AM
          User: N/A
          Computer: IO-DCDMZ
          Description:
          The DNS server was unable to load a resource record (RR) from the directory at 3.1.168.192.in-addr.arpa. in zone .. Use the DNS console to recreate this RR or check that the Active Directory is functioning properly and reload the zone. The event data contains the error.
          Data:
          0000: 7b 00 00 00 {...

          Comment


          • #6
            I removed the wins server (on the outside dc) that was suggested i put in place to sold earlier logon server not found errors, ...I'm now getting dmzdomain not found errors when creating the trust, ...looks like this is a lookup problem (?)

            Comment


            • #7
              question from a dns newbie,...

              how do i create a new zone for the dmz domain on the outside domain dns which talk through nat, ...when i setup a secondary zone it copies the records from the dmz inside nat ip, ...i need to refer to the outside ip. Or do I need to manually enter domain data in the primary outside dns zone.

              Comment

              Working...
              X