In news:2C579F4C-D47A-48AA-B01E-(E-Mail Removed),
SteveP <(E-Mail Removed)> stated, which I commented on below:
> My anti-virus server is showing two problems in the event viewer that
> I have not been able to resolve. It's running 2003 standard server
> and hosts Trend anti-virus.
>
> I've been unable to resolve these two errors and need to ask for help.
>
> #1
> NTDS Intersite Messaging
> Catagory (19)
> Event ID: 1812
>
> The description for Event ID ( 1812 ) in Source ( NTDS Inter-site
> Messaging ) cannot be found. The local computer may not have the
> necessary registry information or message DLL files to display
> messages from a remote computer. You may be able to use the
> /AUXSOURCE= flag to retrieve this description; see Help and Support
> for details. The following information is part of the event: [],
> 4294967295.
>
> How do I fix it?
>
> #2
> DNSAPI
> Event ID: 11166
> Failed to Register Host A Records
>
> The system failed to register host (A) resource records (RRs) for
> network adapter
> with settings:
>
> Adapter Name : {8BAD9F09-D7BB-48F8-BCA3-AC985BD1DFxx}
> Host Name : av
> Primary Domain Suffix : bxxx.local
> DNS server list :
> 172.20.0.1, 172.20.0.2
> Sent update to server : 172.20.0.1
> IP Address(es) :
> 172.20.0.7
>
> The reason the system could not register these RRs was because of a
> security related problem. The cause of this could be (a) your
> computer does not have permissions to register and update the
> specific DNS domain name set for this adapter, or (b) there might
> have been a problem negotiating valid credentials with the DNS server
> during the processing of the update request.
>
> You can manually retry DNS registration of the network adapter and its
> settings by typing "ipconfig /registerdns" at the command prompt. If
> problems still persist, contact your DNS server or network systems
> administrator. For specific error code, see the record data displayed
> below.
>
> How do I fix it?
As for the DNSAPI errors, see if this helps:
http://www.eventid.net/display.asp?e...DnsApi&phase=1
I also remember with this error, if you do not have a reverse zone created
and it is trying to register into it, then that will be a problem.
For the NTDS 1812 errors:
http://www.eventid.net/display.asp?e...saging&phase=1
For the NTDS errors, there are a number of reasons why NTDS replication
errors, as well as registration errors can occur, which are USUALLY all DNS
based. Check out this list and see which applies to YOUR scenario:
=============================
DNS Dynamic Registration Problems:
1) External DNS servers are configured under TCP/IP properties. Only use
internal DNS servers when part of an Active Directory domain. AD Domain
machines must ever be pointed at an external (ISP) DNS server or even use an
ISP DNS server as an "Alternate DNS server".
2) AD/DNS zone not configured to allow dynamic updates.
3) 'Register this connection's address" in DNS is not enabled under TCP/IP
properties.
4) Not authenticated to the domain (due to DNS misconfiguration or DNS
server problem)
5) Missing or incorrect "Primary DNS suffix" or "Connection-specific DNS
suffix" of the domain to which the machine belongs. With a
missing/incorrect DNS suffix a machine cannot find the correct zone to
register in. If missing or incorrect, it is called a Disjoined Domain Name.
6) A Group Policy is forcing secure updates and the machine isn't a member
of the domain.
7) DHCP client service not running. This is a requirement for DNS
registration and DNS resolution even if the client is not actually using
DHCP. See the below articles.
8) Reg entry stopping it:
246804 - How to Enable-Disable Windows 2000 Dynamic DNS Registrations (per
NIC too):
http://support.microsoft.com/?id=246804
9). It's got some sort of malware or virus altering network services
preventing it from registering.
10) Some sort of firewall in place, whether the Windows firewall disabling
File and Print Services, or a 3rd party firewall, which many AV programs
(including Trend) now have built in and must be adjusted to allow this sort
of traffic and exclude the NTDS and SYSVOL folders .
11) AD DNS domain name is a SIngle Lable Name, such as "DOMAIN" instead of
'domain.local', domain.com, etc (this is a real nasty one and difficult to
fix).
No DNS Name Resolution If DHCP Client Service Is Not Running
http://support.microsoft.com/default...b;en-us;268674
Dynamic DNS Updates Do Not Work if the DHCP Client Service Stops
http://support.microsoft.com/default...b;en-us;264539
Note: DHCP can register the client in DNS, provided the DHCP server machine
itself has the proper DNS servers set in it's TCP/IP properties.
===================
There's more to this, but this should give you a good starting point. If you
like, please provide an unedited ipconfig /all of your DCs and of a sample
client, and elaborately describe your Site topology including IP subnet
objects assigned to each site, as well as an elaborate description of your
AD topology, including DNS servers in each location.
--
Ace
Innovative IT Concepts, Inc (IITCI)
Willow Grove, PA
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer
Having difficulty reading or finding responses to your post?
Instead of the website you're using, I suggest to use OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. This is a direct link to the Microsoft Public
Newsgroups. It is FREE and requires NO ISP's Usenet account. OEx allows you
to easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject.
It's easy:
How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164
Infinite Diversities in Infinite Combinations
Assimilation Imminent. Resistance is Futile
"Very funny Scotty. Now, beam down my clothes."
The only constant in life is change...
Similar Threads
Linear Mode
