Announcement

Collapse
No announcement yet.

Errors 4004, 4015 and 4521 after installing SMTP, NNTP Pre Exchange

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Errors 4004, 4015 and 4521 after installing SMTP, NNTP Pre Exchange

    Hello

    I was building a small Server 2003, done the Add Role AD DC to the bare updated server without a hitch which had of course added the DNS Server as an integrated AD Server and had everything running smoothly without any errors.
    The DNS events were clean.
    The process had removed the first Network DNS reference, which was the servers IP, and replaced it with the 127.0.0.1.
    The automatic process had built two forward zones.
    One like Daniels example for 2003 AD and DNS installation (based on the DNS Domain Name) and the other based on _msdcs.
    _msdcs was also present in the Domain Zone.
    The Domain was fully accessible, I tested a login with a new user account.

    As a preliminary for Exchange I installed IIS with no errors restarted the Server checked for errors and all was OK.

    Finally I added SMTP and NNTP with no error. Everything seemed OK.
    Restarted the DC to check if all was functioning and immediately found the above mentioned errors.
    Also some of the Root Servers were signed as invalid. Before they were all valid.
    I updated the list by using one of the B Root Server IPs and it returned to all valid.

    The Internet connection was fully functional.
    Why is this happening ?

    Trying NSLookup gave the
    *** Can't find server name : Non-existent domain
    Default Server: UnKnown

    I tried adding the Reverse Lookup Domain for this tool since it usually needs this zone but the errors remain.

    I tried changing the 127 address in the Network DNS conf to the IP of the Server but this did not help.
    I tried the netdiag /fix but did not seem to help even with the usual Netlogon switch.

    Could anybody help here suggesting what might be the best course of action ?

    Having a Server with no errors, follow the standard procedure for adding roles, do so without errors and find that this 1. demolishes the error free state of the Server, 2. upsets the accessibility to the Server and 3. prevents the consequent installation of Exchange is rather frustrating.
    What could have gone wrong, did I miss something ?

    Thank you for any comments or suggestions.

  • #2
    Re: Errors 4004, 4015 and 4521 after installing SMTP, NNTP Pre Exchange

    Hi,

    can you post the events with complete description in order?
    Thanks & Regards
    v-2nas

    MCTS 2008, MCTIP, MCSE 2003, MCSA+Messaging E2K3, MCP, E2K7
    Sr. Wintel Eng. (Investment Bank)
    Independent IT Consultant and Architect
    Blog: http://www.exchadtech.blogspot.com

    Show your appreciation for my help by giving reputation points

    Comment


    • #3
      Re: Errors 4004, 4015 and 4521 after installing SMTP, NNTP Pre Exchange

      Just a quick warning that Exchange on a DC is not recommended. It will work but if you demote the server you will break Exchange badly. For testing, fine but in production its a big no-no
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: Errors 4004, 4015 and 4521 after installing SMTP, NNTP Pre Exchange

        Hello

        Thank you both for commenting, sorry for the delay I was away for a couple of hours from the PC for a job.

        v-2nas:
        > events with complete description in order?
        Sorry for the lacking detail of the last one.

        4015 Error
        The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "%1". The event data contains the error.

        4004 Error
        The DNS server was unable to complete directory service enumeration of zone %1. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "%2". The event data contains the error.

        4521 Error
        Regarding this error I am currently not at the workplace and have only a brief note here about the Server and Zone error.

        I have read about various methods of correcting this type of problem but since it was running error free only a few minutes before was wondering if there is not a simple correction to be made, rather than something drastic such as uninstalling etc.

        For Ossian:
        I was in fact well aware of this however this setup is for a small firm with little traffic and they are not prepared to cash out for a second server etc.

        Thank you the help.

        PS : In case this could offer any clue.
        After the reboot when these errors were apparent there were also two others
        Before the boot I had setup the time service without a hitch but this was upset in some way
        Also had a COM+ 5379 and above all the MSDTC 53258 error.
        I have read a little from MS on this and ignoring the 53258 or removing the warning.
        However it did not explain why it might occur.

        Thank you
        Last edited by jplat; 6th January 2011, 20:04. Reason: Left out details

        Comment


        • #5
          Re: Errors 4004, 4015 and 4521 after installing SMTP, NNTP Pre Exchange

          makw sure that in your network configuration, the DNS server is pointing to it's proper IP address, not it's loopback.

          Then reboot, and see how it goes.
          Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

          Comment


          • #6
            Re: Errors 4004, 4015 and 4521 after installing SMTP, NNTP Pre Exchange

            Hi,

            Run netdiag /fix, dcdiag /fix then upload the results of only netdiag and dcdiag for further investigation
            Thanks & Regards
            v-2nas

            MCTS 2008, MCTIP, MCSE 2003, MCSA+Messaging E2K3, MCP, E2K7
            Sr. Wintel Eng. (Investment Bank)
            Independent IT Consultant and Architect
            Blog: http://www.exchadtech.blogspot.com

            Show your appreciation for my help by giving reputation points

            Comment


            • #7
              Re: Errors 4004, 4015 and 4521 after installing SMTP, NNTP Pre Exchange

              Hello,

              Thank you both for the follow up.

              tehcamel: I had considered this loopback question in the beginning and I believe that this is no longer the cause.

              v-2nas: I hope that you find the attached files appropriate


              On my arrival this morning at the clients HQ I immediately checked the Server Events and had a moderately pleasant surprise when I found that there were no more 'apparent' errors.
              The problem seemed to have been resolved in part overnight by the Server.
              However I decided to repeat the DNS checks by running a few tests.
              [NB:
              1. The Server seems to be accessible from the internal Network and accesses the Internet without error
              2. DNS is with the standard setup, no forwarders except root hints]

              The first was nslookup which ran correctly this time, no message 'server not found'.
              The second was netdiag /v, this also ran smoothly without any apparent errors.
              The third was dcdiag /v this ran perfectly until the forwarders section.

              This produced what seems to be quite a common error, that of receiving a report indicating that each root server was invalid as a DNS Server and could not forward thus the test failed to pass 100%.
              According to a note found in a forum left by Kevin D. Goodknecht Sr. [MVP] this will always occur unless :
              > The Servers listed on the Root Hints tab must have a Root Zone, which most DNS servers do not. It doesn't mean you must use only the default 13 Root servers on the Root Hints tab, this means that whatever server are on the Root Hints tab, they must have a Root Zone that has been delegated with all TLDs.

              > the dcdiag error is caused be your DNS server trying to find the parent domain in the root hint servers.
              If you will create a conditional forwarder for W3Ds.net, with your parent server's IP. Then check the box "Do not use recursion for this domain" the dcdiag DNS test will pass because your DNS will not go to the root hints for W3Ds.net.

              Later on …
              > This error cannot be corrected because the root servers are not configured to resolve 1.0.0.127.in-addr.arpa.

              In another note from Paul Bergson MVP he suggests even ‘removing all root hints from internal dns server and forward all unknown requests to your ISP's dns server.’

              The DNS tree seems to be correctly populated however in the ipconfig file it listed two names which were not recognized/found but were not mentioned in the other tests

              Since access to the server seemed functional and adding some user accounts gave no evident error I was obliged by the firm to install Exchange.
              This installed without error, I then added the first service pack and checked the events.
              Apart from a mention of WinMgmt and counters in the events the server itself was error free.

              However I am not very happy with the current situation and I would like some advice on how to solve the forwarders/DNS problem and also if you have any other suggestions on how to test the server in such a way that it can be considered ready for use. The client wants to start using it on Monday.

              Thank you again for the help.
              [I will be able to access the server only late tomorrow morning.]
              Attached Files

              Comment


              • #8
                Re: Errors 4004, 4015 and 4521 after installing SMTP, NNTP Pre Exchange

                Hi ,

                regarding forwarder as per the logs. You don't have forwarder set this is basically the isp dns servers on your dns forwarders which are meant to resolve all the queries which are not resolved by local dns for example internet url google.com msn.com etc.

                You can set that in the forwarders tab and then test again

                DNS server: 128.63.2.53 (h.root-servers.net.)
                1 test failure on this DNS server
                This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.63.2.53

                What does this means

                when you run dcdiag a dns test is run which sends reverse lookup query 1.0.0.127.in-addr.arpa. this record is present of all dns server you can view this by selecting advance management console this test will be true if you hold your own root zones and using them instead of forwarders. Since default root hints are there. They wouldn't get resolved on local network and you will get that error message.

                You can safely ignore that as your netdiag report is clean. moreover once you have your forwarders set appropriately you shudn't be getting those errors anymore.
                Thanks & Regards
                v-2nas

                MCTS 2008, MCTIP, MCSE 2003, MCSA+Messaging E2K3, MCP, E2K7
                Sr. Wintel Eng. (Investment Bank)
                Independent IT Consultant and Architect
                Blog: http://www.exchadtech.blogspot.com

                Show your appreciation for my help by giving reputation points

                Comment


                • #9
                  Re: Errors 4004, 4015 and 4521 after installing SMTP, NNTP Pre Exchange

                  Hello,

                  Thank you for replying.

                  > You don't have forwarder set ...

                  In fact that was the original intention, not to base the server only on the limit of the Providers DNS.

                  > test will be true "if you hold your own root zones" and using them instead of forwarders ...

                  Yes thank you for the explanation. Stated like that appears more reasonable.
                  [I had of course done the test using only the Providers DNS and there were no errors in DCDiag, using Root Hints and Non Provider DNS Forwarders gave errors (tried OpenDNS for example)

                  However although in some ways this is comforting considering the fact the this argument seems to have been discussed for a long time (Exchange 2K+) all over the Net leads me to think that it does not exonerate the MS Wizard nor the documentation regarding the installing of a DNS zone.
                  The DNS wizard itself, or the integrated wizard for AD and DNS, seem to promote the root hints setup with no forwarders, but their own prize diagnostic tool fails in this context giving no explanation and leaving many to waste much time wondering what went wrong with their setup.

                  BTW could you comment on why certain working (test error free) setups as described have only one level = domain name tree present in the forward lookup zone (with the _msdc _tcp etc sub branches beneath it present) whereas other setups (working as in the case shown) have a second branch at the domain name level, called _msdc, similar to the domain sub branch. (Hope that is understandable)

                  Thank you

                  Comment


                  • #10
                    Re: Errors 4004, 4015 and 4521 after installing SMTP, NNTP Pre Exchange

                    Hi,

                    Is there multiple domain in those env like parent-child?

                    BTW could you comment on why certain working (test error free) setups as described have only one level = domain name tree present in the forward lookup zone (with the _msdc _tcp etc sub branches beneath it present) whereas other setups (working as in the case shown) have a second branch at the domain name level, called _msdc, similar to the domain sub branch. (Hope that is understandable)
                    Thanks & Regards
                    v-2nas

                    MCTS 2008, MCTIP, MCSE 2003, MCSA+Messaging E2K3, MCP, E2K7
                    Sr. Wintel Eng. (Investment Bank)
                    Independent IT Consultant and Architect
                    Blog: http://www.exchadtech.blogspot.com

                    Show your appreciation for my help by giving reputation points

                    Comment


                    • #11
                      Re: Errors 4004, 4015 and 4521 after installing SMTP, NNTP Pre Exchange

                      Hi,

                      Frankly I did not think so. In the notes I left you did you see any?
                      I did note : technet.microsoft.com/en-us/library/aa995742(EXCHG.65).aspx
                      which seems to refer this concept.

                      Was wondering if this could this be due to the idea of a Delegated Domain Name:
                      It is this only reference I found in the dcdiag report and there is mention of delegation.

                      Ideas ?

                      Thanks again

                      Comment


                      • #12
                        Re: Errors 4004, 4015 and 4521 after installing SMTP, NNTP Pre Exchange

                        Hi,

                        Yes this what have seen as well if you create a child domain then you will see such kind of arrangements
                        Thanks & Regards
                        v-2nas

                        MCTS 2008, MCTIP, MCSE 2003, MCSA+Messaging E2K3, MCP, E2K7
                        Sr. Wintel Eng. (Investment Bank)
                        Independent IT Consultant and Architect
                        Blog: http://www.exchadtech.blogspot.com

                        Show your appreciation for my help by giving reputation points

                        Comment


                        • #13
                          Re: Errors 4004, 4015 and 4521 after installing SMTP, NNTP Pre Exchange

                          Hello v-2nas,

                          Tried to reflect on this and inform myself on it.
                          There are a couple of interesting and pertinent links, among the many others, at J Savills Site and of course at MS:

                          _msdcs subdomain ... DNS SRV records ... Microsoft-based services
                          http://www.windowsitpro.com/article/...used-for-.aspx

                          Mention of _msdcs SubDomain
                          http://support.microsoft.com/kb/817470/en-us

                          However it was not not really clear to me at least why this zone is created correctly in some setups and not created in others, be that on a DC with a Active Directory-Integrated DNS Server or a secondary DNS server without AD.

                          The note on this proprietary zone [MS] is interesting in that this zone will not necessarily exist on other DNS Servers.

                          There does not seem to be a simple way to build/recreate/repair this zone manually.

                          Could you comment ?

                          Thanks and best wishes

                          Comment


                          • #14
                            Re: Errors 4004, 4015 and 4521 after installing SMTP, NNTP Pre Exchange

                            Hi,

                            The process does work. I can recall when i was working for microsoft and collobrating with other teams. We see such issues like dns zones not populating, then creating manually msdcs zone at times the same method works and other times it may not work so we would scrap the dns and recreate it.
                            At times dns issues could be due to replication/mis configuration/ third party apps. But if you try with new setup and follow the recommendation there is high probability that you will not end up in errors. It will work as it suppose to be.
                            Thanks & Regards
                            v-2nas

                            MCTS 2008, MCTIP, MCSE 2003, MCSA+Messaging E2K3, MCP, E2K7
                            Sr. Wintel Eng. (Investment Bank)
                            Independent IT Consultant and Architect
                            Blog: http://www.exchadtech.blogspot.com

                            Show your appreciation for my help by giving reputation points

                            Comment


                            • #15
                              Re: Errors 4004, 4015 and 4521 after installing SMTP, NNTP Pre Exchange

                              Hello,

                              Thanks for the follow up.
                              Interesting to note that even you have encountered the problems I mentioned.
                              I have noticed that rebuilding the server does in fact often resolve this.
                              This still leaves perhaps a certain uneasiness about the whole business.
                              It does not really offer a fool proof method to avoid many of the common upsets users which seem to experience since at least the times of WinNT.

                              Anyway thanks again for the help.

                              Comment

                              Working...
                              X