Announcement

Collapse
No announcement yet.

Cannot create DNS partition in AD (null) value

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cannot create DNS partition in AD (null) value

    I am having an active directory problem that it seems no one else in the world has encountered yet because I cannot find anything about it via google, microsoft, or any site that I have found and searched. Been at it for a week now. Its 10:50pm friday night and I am still messing with it .

    I am building a new LAN site (domainname.local type) from the ground up. Installed Windows 2003 SP1. Made it the first server of new forest, new domain, global catalog server, all 5 fsmos, etc. Installed AD-integrated DNS and spent 1 week building user groups, configuring and "lab testing" (two laptop XP clients). Put it into production and all was well. Last week, I added a new win2k3 sp1 to the domain, made it a domain member and put exchange 2k3 sp2 on it. That worked well for 4 days but then I was told there was no money for the second domain controller I was expecting to come in. This is a budget messed up situation. I am in the Philippines and money comes in spurts.

    Anyway, I had a BSOD on the 1st server. Caused by the questionable nvidia mx400 in the box (messed up budget, remember). When the machine came up from the BSOD, I had all these DNS 4015 error event IDs and some 3000 and 4000 warnings (I will copy and paste these errors at the bottom of this post). In the DNS manager my DNS was no longer AD integrated for some reason. When I checked the box, I get a "The data is invalid" error. And something to do with that there was already a domain of that name in AD. Sorry, don't remember exactly. I couldn't create (or maybe recreate) a DNS zone partition in AD and was getting the same error. I tried uninstalling and reinstalling DNS but kep getting te same problems. I spent a couple days on it and gave up. I decided I need to remove DNS and AD and reinstall it. BTW, DNS was resolving fine even with these errors and I replaced the video card.

    Before I could do that though I wanted to get another PDC up to replicate. Without the server I was planning on, all I had was the Exchange server. So I did a complete uninstall of Exchange promo'd the box and installed DNS on it. Its working great everything replicated. Its working great even right now. So now I had the secondary PDC. I transfered all 5 fsmos to the new PDC, mad eit the global catalog, etc then uninstalled dns and demoted the 1st PDC. That went well. Then I ran dcpromo on it. That went well. Replication went fine (left it for the weekend) and it was promoted. Monday, I installed DNS on it, that did not go well. The forward lookup zone wouldn't create and I was getting the same 4015 DNS errors and 3000 and 4000 warnings. When I try to create the new zone in DNS manager i get:

    "The Zone cannot be replicated to all DNS servers in the (null) active directiry domain because the required application directory partition dosen't exist."

    And theres more stuff on there like I need to be enterprise admin (which I am). What the heck is a "(null) active directory domain"?! Anyway, so I try and create the partition and I get:

    "The partition to replicate zone data to all DNS servers in the active directory domain was not created. The data is invalid."

    So basically, demoting the server didn't fix my initial problem caused by the BSOD and things ar enow worse. Ok, I had had it. I formated the dumb thing and reinstalled windows 2k3. Can you believe I have the same problem again on a fresh win 2k3 install? Any advice would be most welcome. Thank you!

    Source: DNS
    Type: Error
    Event ID: 4015

    The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.

    I got that one hundreads of times. Its so bad that event viewer thows me:

    Source: DNS
    Type: Error
    Event ID: 3000

    The DNS server has encountered numerous run-time events. To determine the initial cause of these run-time events, examine the DNS server event log entries that precede this event. To prevent the DNS server from filling the event log too quickly, subsequent events with Event IDs higher than 3000 will be suppressed until events are no longer being generated at a high rate.

    Once in awhile:

    Source: DNS
    Type: Error
    Event ID: 4000
    The DNS server was unable to open Active Directory. This DNS server is configured to obtain and use information from the directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and reload the zone. The event data is the error code.

  • #2
    Re: Cannot create DNS partition in AD (null) value

    Kumosta. Install the support tools and run DCDIAG nad NETDIAG and post the results back here. Pipe them to a text file. Makes it easier to post and read.
    1 1 was a racehorse.
    2 2 was 1 2.
    1 1 1 1 race 1 day,
    2 2 1 1 2

    Comment


    • #3
      Re: Cannot create DNS partition in AD (null) value

      Originally posted by silkshadow
      "The Zone cannot be replicated to all DNS servers in the (null) active directiry domain because the required application directory partition dosen't exist."
      Well it may not be googleable but I had this and it turned out to be a bad disk - yep that's right a bad disk! The NTFRS was trying to write its logs on a disk that was having problems. I moved those FRS edb.log files to another partition (on another physical disk), reinstalled the DNS as AD integrated and everything started humming.

      HTH
      TIA

      Steven Teiger [SBS-MVP(2003-2009)]
      http://www.wintra.co.il/
      sigpic
      Iím honoured to have been selected for the SMB 150 list for 2013. This is the third time in succession (no logo available for 2011) that I have been honoured with this award.

      We donít stop playing because we grow old, we grow old because we stop playing.

      Comment


      • #4
        Re: Cannot create DNS partition in AD (null) value

        Salamat (thank you) guys! I will try and move my AD files to a different drive. That sounds like a very real possiblity as some of these drives were taken from other computers and put in here. However the AD files have been moved to different places, but on the same drive, when I demoted and again when I reinstalled (I moved the AD location to different partitons everytime, there are 4 partitions on this disk 1 primary and 3 extended/logical). Here is the dcdiag and netdiag on the malfunctioning box:

        DCDIAG:


        Domain Controller Diagnosis

        Performing initial setup:
        Done gathering initial info.

        Doing initial required tests

        Testing server: Default-First-Site-Name\KFL1
        Starting test: Connectivity
        ......................... KFL1 passed test Connectivity

        Doing primary tests

        Testing server: Default-First-Site-Name\KFL1
        Starting test: Replications
        ......................... KFL1 passed test Replications
        Starting test: NCSecDesc
        ......................... KFL1 passed test NCSecDesc
        Starting test: NetLogons
        ......................... KFL1 passed test NetLogons
        Starting test: Advertising
        ......................... KFL1 passed test Advertising
        Starting test: KnowsOfRoleHolders
        ......................... KFL1 passed test KnowsOfRoleHolders
        Starting test: RidManager
        ......................... KFL1 passed test RidManager
        Starting test: MachineAccount
        ......................... KFL1 passed test MachineAccount
        Starting test: Services
        ......................... KFL1 passed test Services
        Starting test: ObjectsReplicated
        ......................... KFL1 passed test ObjectsReplicated
        Starting test: frssysvol
        ......................... KFL1 passed test frssysvol
        Starting test: frsevent
        ......................... KFL1 passed test frsevent
        Starting test: kccevent
        ......................... KFL1 passed test kccevent
        Starting test: systemlog
        An Error Event occured. EventID: 0xC0001B6E
        Time Generated: 08/05/2006 14:31:50
        (Event String could not be retrieved)
        An Error Event occured. EventID: 0xC0001F60
        Time Generated: 08/05/2006 14:43:51
        Event String: The browser service has failed to retrieve the ......................... KFL1 failed test systemlog
        Starting test: VerifyReferences
        ......................... KFL1 passed test VerifyReferences

        Running partition tests on : Schema
        Starting test: CrossRefValidation
        ......................... Schema passed test CrossRefValidation
        Starting test: CheckSDRefDom
        ......................... Schema passed test CheckSDRefDom

        Running partition tests on : Configuration
        Starting test: CrossRefValidation
        ......................... Configuration passed test CrossRefValidation
        Starting test: CheckSDRefDom
        ......................... Configuration passed test CheckSDRefDom

        Running partition tests on : kaling
        Starting test: CrossRefValidation
        ......................... kaling passed test CrossRefValidation
        Starting test: CheckSDRefDom
        ......................... kaling passed test CheckSDRefDom

        Running enterprise tests on : kaling.local
        Starting test: Intersite
        ......................... kaling.local passed test Intersite
        Starting test: FsmoCheck
        ......................... kaling.local passed test FsmoCheck


        NETDIAG:




        Computer Name: KFL1
        DNS Host Name: kfl1.kaling.local
        System info : Microsoft Windows Server 2003 (Build 3790)
        Processor : x86 Family 15 Model 7 Stepping 10, AuthenticAMD
        List of installed hotfixes :
        KB890046
        KB893756
        KB896358
        KB896424
        KB896428
        KB898715
        KB899587
        KB899588
        KB899589
        KB899591
        KB900725
        KB901017
        KB901190
        KB901214
        KB902400
        KB904706
        KB905414
        KB908519
        KB908531
        KB910437
        KB911280
        KB911562
        KB911567
        KB911927
        KB912919
        KB914388
        KB914389
        KB916281
        KB917159
        KB917344
        KB917734
        KB917953
        KB918439
        Q147222


        Netcard queries test . . . . . . . : Passed



        Per interface results:

        Adapter : Local Area Connection 2

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : kfl1
        IP Address . . . . . . . . : 192.168.1.100
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.1.1
        Dns Servers. . . . . . . . : 192.168.1.50


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.

        WINS service test. . . . . : Skipped
        There are no WINS servers configured for this interface.


        Global results:


        Domain membership test . . . . . . : Passed


        NetBT transports test. . . . . . . : Passed
        List of NetBt transports currently configured:
        NetBT_Tcpip_{B5522333-1CD3-4DC7-ADD1-04E7ACDB142D}
        1 NetBt transport currently configured.


        Autonet address test . . . . . . . : Passed


        IP loopback ping test. . . . . . . : Passed


        Default gateway test . . . . . . . : Passed


        NetBT name test. . . . . . . . . . : Passed
        [WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.


        Winsock test . . . . . . . . . . . : Passed


        DNS test . . . . . . . . . . . . . : Passed
        PASS - All the DNS entries for DC are registered on DNS server '192.168.1.50' and other DCs also have some of the names registered.


        Redir and Browser test . . . . . . : Passed
        List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{B5522333-1CD3-4DC7-ADD1-04E7ACDB142D}
        The redir is bound to 1 NetBt transport.

        List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{B5522333-1CD3-4DC7-ADD1-04E7ACDB142D}
        The browser is bound to 1 NetBt transport.


        DC discovery test. . . . . . . . . : Passed


        DC list test . . . . . . . . . . . : Passed


        Trust relationship test. . . . . . : Passed
        Secure channel for domain 'KALING' is to '\\kfl2.kaling.local'.


        Kerberos test. . . . . . . . . . . : Passed


        LDAP test. . . . . . . . . . . . . : Passed


        Bindings test. . . . . . . . . . . : Passed


        WAN configuration test . . . . . . : Skipped
        No active remote access connections.


        Modem diagnostics test . . . . . . : Passed

        IP Security test . . . . . . . . . : Skipped

        Note: run "netsh ipsec dynamic show /?" for more detailed information


        The command completed successfully

        Just a quick note, I removed for this box to use itself for DNS when I demoted it and when the forward lookup zone wouldn't create, I didn't put it back. I did run both of these test after the BSOD and they came up clean. BTW, I've got a couple errors in my system log which is why, I think, it failed the system log test. Theres a W32time and a browser error which I am pretty sure are actually related based on things I found over at eventID. The W32 error is from a misconfigured NTP config I have to fix. Basically its using a time local source that is unreliable.

        Edit: I went in today to pick up my golf shoes (left them there and going to play 32 tomorrow). While there I uninstalled DNS and demoted the erring server so, basically, I could move all the AD files to another disk. Did that but still having the same problem. I actually opened the machine to determine which of the drives were new and put AD on one of the new drives (a Seagate sata2). I was soooo hoping that would work too. Decided I had spent enough time on that dumb win2k3 box for a saturday and came home .
        Last edited by silkshadow; 5th August 2006, 12:36.

        Comment


        • #5
          Re: Cannot create DNS partition in AD (null) value

          Ok, as per the rules here, let me update this problem. I fixed it myself, yay! Though it is probably the cause of my new problem I posted about. What I am pretty sure finally fixed this was demoting the problematic DC and leaving the domain. I then deleted all references to the ailing DC using adsiedit. Now I am not 100% certian this is what did it. I also did alot of other things yesterday and its possible one of those fixed it or a combination of things fixed it but this was the last thing I did last night and didn't test (install DNS to see if problem was still there). Anyway, today I (re)installed DNS. Problem gone!

          Please, though, I could really use some help on the new problem which I will update with this info here: http://forums.petri.com/showthread.php?t=9232.
          Last edited by silkshadow; 8th August 2006, 08:18.

          Comment


          • #6
            Re: Cannot create DNS partition in AD (null) value

            Thanks Silkshadow for posting back with your solution. It is appreciated.
            1 1 was a racehorse.
            2 2 was 1 2.
            1 1 1 1 race 1 day,
            2 2 1 1 2

            Comment

            Working...
            X