Question : No DNS resolution to Exchange server but everyone can ping.No client gets/can send mail.

My client has 2 servers: The primary DC is running SBS2003 and is the Exchange as well as doubling as the Web Server. The 2nd DC is running Server 2000. All clients (25) are either Win2000 or XP pro with office 2003 installed. There is a dedicated print server running Oce' and another media server. They are a design firm using CAD and other large apps.

This morning it was found that the Primary DC was down (Exchange/Web) and BSOD. The office manager rebooted the system and it hung on the Windows splash screen for over 2 hours- then they called me.

When I arrived I was able to boot the Exchange/Web server into Active Directory Restore Mode.

Then I ran NTDSUTIL - FILE MAINTENANCE - INTEGRITY

then I ran NTDSUTIL - Semantic Database Analysis - GO

This showed that there was in fact database corruption. So I ran the GO FIXUP and it appeared to have corrected all of the errors as running the utilities again resulted in no warning/prompt of bad files or corruption.

I rebooted and the Exchange/Web server came up fine with the exception that a pop-up warned me that one or more services had not been able to start and to check the Event Viewer. -Great!!! At least they hadn't lost the server.

But when I checked the logs against what I thought was a good boot this is what I found:

From Directory Service Event Viewer:

Event Type:      Error
Event Source:      NTDS ISAM
Event Category:      Database Corruption
Event ID:      467
Date:            5/13/2005
Time:            4:12:29 PM
User:            N/A
Computer:      MAIL
Description:
NTDS (528) NTDSA: Index DRA_USN_index of table datatable is corrupted (0).

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

                  "---and---"

Index_00020078 of the table database is corrupted.

(This second appears every time I boot many times)

From DNS ServerEvent Viewer:

Event Type:      Error
Event Source:      DNS
Event Category:      None
Event ID:      4015
Date:            5/13/2005
Time:            4:12:13 PM
User:            N/A
Computer:      MAIL
Description:
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "000020EF: SvcErr: DSID-02080495, problem 5012 (DIR_ERROR), data -1414". The event data contains the error.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 01 00 00 00 ....

From File Replication Event Viewer:

Event Type:      Warning
Event Source:      NtFrs
Event Category:      None
Event ID:      13508
Date:            5/13/2005
Time:            3:08:46 PM
User:            N/A
Computer:      MAIL
Description:
The File Replication Service is having trouble enabling replication from DCServer#2 to MAIL for c:\windows\sysvol\domain using the DNS name
DCServer#2.Domain.com. FRS will keep retrying. Following are some of the reasons you would see this warning.

[1] FRS can not correctly resolve the DNS name DCServer#2.Domain.com from this computer.
[2] FRS is not running on DCServer#2.Domain.com.
[3] The topology information in the Active Directory for this replica has not yet replicated to all the Domain Controllers.

This event log message will appear once per connection, After the problem is fixed you will see another event log message indicating that the connection has been established.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

From System Event Viewer:

Event Type:      Error
Event Source:      NETLOGON
Event Category:      None
Event ID:      5774
Date:            5/13/2005
Time:            3:42:09 PM
User:            N/A
Computer:      MAIL
Description:
The dynamic registration of the DNS record '_ldap._tcp.XXXXXXXX.com. 600 IN SRV 0 100 389 mail.Domain.com.' failed on the following DNS server:

DNS server IP address: "xxx.xx.xx.xxx"
Returned Response Code (RCODE): 5
Returned Status Code: 9017

For computers and users to locate this domain controller, this record must be registered in DNS.

USER ACTION
Determine what might have caused this failure, resolve the problem, and initiate registration of the DNS records by the domain controller. To determine what might have caused this failure, run DCDiag.exe. You can find this program on the Windows Server 2003 installation CD in Support\Tools\support.cab. To learn more about DCDiag.exe, see Help and Support Center. To initiate registration of the DNS records by this domain controller, run 'nltest.exe /dsregdns' from the command prompt on the domain controller or restart Net Logon service. Nltest.exe is available in the Microsoft Windows Server Resource Kit CD. Or, you can manually add this record to DNS, but it is not recommended.

ADDITIONAL DATA
Error Value: DNS bad key.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 05 00 ..

As per USER ACTION above, I tried to run the DCDiag.exe off of the SBS2003 instalation CD but the .cab file wont open (they are 4 OEM reinstall discs rather than an original from MS).

Now there is a DNS resolution problem between the network and the mail server. I can ping it from anywhere- the 2nd DC, any client but cannot get to it through the mapped drives, My Network Places (shows Server "not connected to network") or windows explorer, etc...

When I added an entry for it to the Hosts file on the 2nd DC there was no problem with name resolution. Also, I can brows to the Wed-site fine from outside of the network.

Did the database corrupt the DNS service in the DCs?

The big problem: No one is getting any mail, in or out, through the Exchange Server.

Anyone Anyone

I worked this for 7 hours today.

Answer : No DNS resolution to Exchange server but everyone can ping.No client gets/can send mail.

If you're still trying to fix this it would be helpful to to see the output of the dcdiag command on the domain controller. (see 2003 reskit if it's not already on your server).

I think I was referring to whether your DNS Server configuration included valid records for your Active Directory Servers (in your DNS management tool). You should have the following record types in DNS:
_msdcs
_sites
_tcp
_udp

also relating to the 5774 error, '_ldap._tcp.XXXXXXXX.com. 600 IN SRV 0 100 389 mail.Domain.com.' was it trying to register the record in the right place? (is XXXXXXX.com the same as Domain.com?) It's possible this errors coming up because your internal DNS server isn't resolving to itself for DNS requests (i.e. it's IP address or 127.0.0.1 set as it's primary DNS Server in TCP/IP properties).

There's 2 possible solutions here if there's stuff missing. One to get the AD records into DNS if they're not there, one to fix the primary DNS server address (see my last paragraph) on the DNS servers themselves so they are checking themselves before sending DNS requests elsewhere.: http://www.netpro.com/forum/messageview.cfm?catid=15&threadid=254

Random Solutions

Need to allow Internet Exploer (and Firefox) to enter server for e-commerce.

Windows CANNOT find a domain controller for the domain? verify that a DC is available..

Checkpoint Smart Dashboard for Linux

testing a signal strength or ping of death?

punch down tool

can you have two wireless routers hooked up to eachother?

How do you find out the extension for a nortel port via the nortel phone?

How to configure 3com 3300 (3C16980) without Null Modem

Quartz Scheduler to invoke EJB Method

Adding horizontal & vertical feet onto a latitude/longitude waypoint?