Sign in
 
HomeWindows Server 2012Windows Server 2008 R2Windows Server 2003LibraryForums
Windows Server TechCenter >
DNS Appending Space to DC Names

คำตอบ DNS Appending Space to DC Names

  • Thursday, November 22, 2012 9:07 AM
     
     
    Sign In to Vote
    0

    The client I am currently working at has asked me to take a look at one of their many Active Directory forests. They are saying their Admins are reporting the fact that they cannot do any amendments to groups etc. in AD. Initital analysis showed that replication was working OK however, when I took a close look at the underlying DNS I notived that the DNS appears to be adding a space to end of the NS (the NS are the domain controllers).

    If I run a netdiag /test:dns the following error is displayed:

    DNS test . . . . . . . . . . . . . : Failed
        [FATAL] The DNS host name 'SERVERNAME.DOMAIN.DOMAIN.DC.DC ' is not valid. [DNS_ERROR_INVALID_NAME_CHAR]
              [WARNING] Cannot find a primary authoritative DNS server for the name
                'SERVERNAME.DOMAIN.DOMAIN.DC.DC .'. [RCODE_SERVER_FAILURE]
                'SERVERNAME.DOMAIN.DOMAIN.DC.DC .' may not be registered in DNS.
        [WARNING] The DNS entries for this DC are not registered correctly on DNS server 'IP.IP.IP.IP'. Please wait for 30 minutes for DNS server replication.
        [WARNING] The DNS entries for this DC are not registered correctly on DNS server 'IP.IP.IP.IP'. Please wait for 30 minutes for DNS server replication.
        [FATAL] No DNS servers have the DNS records for this DC registered.

    NOTE: I've changed the client server/domain/ip addresses to remove any reference that can identify the client.

    Those with an eagle eye will note the " " at the end of the dns record, hence the DNS_ERROR_INVALID_NAME_CHAR message. This is the same on both the domain controllers in the domain. Has anyone come across this before? If so did they manage to fix this without doing a complete forest rebuild?

    I've gone through every config file, setting etc. looking to see where this rogue " " is coming from but cannot find it. The DNS would appear to be FUBAR'd and my gut feeling is due to the fact the client does not have a backup of the AD from before this error that this is "un-fixable" and the client is in a very uncomfortable place.

    Before I go back and write up my report suggesting a complete rebuild from scratch (as no restore option is available) I thought I'd throw this out to my peers. Has anyone come across this before, do they have any tips/procedures for re-creating the DNS in the whole forest (Windows 2003 R2), any other suggestions that I can try etc.

    I've done the dcdiag /fix, netdiag /fix, etc. etc. but the error (space appended to end of NS record is still present). 

     

All Replies

  • Thursday, November 22, 2012 9:43 PM
     
     Answered
    Sign In to Vote
    0

    DnsValidateName returns DNS_ERROR_INVALID_NAME_CHAR if the DNS name:
    *Contains a space.
    *Contains any of the following invalid characters: { | } ~ [ \ ] ^ ' : ; < = > ? & @ ! " # $ % ^ ` ( ) + / ,
    *Contains an asterisk (*), unless the asterisk is the first label in the multi-labeled name, submitted with Format set to DnsNameWildcard.

    Reference link:
    http://msdn.microsoft.com/en-us/library/windows/desktop/ms682032(v=vs.85).aspx
    http://msdn.microsoft.com/en-us/library/windows/desktop/aa370660(v=vs.85).aspx

    It seems you need to rebuild the domain however I would recommend to wait for sometime if MS moderators or anyone else have faced the similar issue then contact MS Paid support.

     

    Best Regards,

    Sandesh Dubey.

    MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

     
  • Friday, November 23, 2012 8:46 AM
     
     
    Sign In to Vote
    0

    Thanks, I am aware that a space " " is an invalid character for DNS and that this is the cause of their issues and you've just confirmed what I've suspected...without the ability to restore the forest is fubar'd. I have no idea how they've managed to get it in such a state however, on the plus side they are in the process of consolidating the many legacy Windows 2003R2 forests they have so this one can now be 'bumped up' the list of forests for consolidation..!

    Would be great to hear if any of the MS mods can offer any other comments/advice etc.

    Rgds

    FMcFF