Missing glue A record - Error details: 9714 (Type: Win32 - Description: DNS name does not exist.)

All replies

• 

  

  0

  Sign in to vote

  Hello,

  "Missing AAAA record at DNS server" belongs to IPv6 on the server. Disabling IPv6 should solve the problem but this is not recommended by Microsoft now.

  To disable IPv6: http://blogs.dirteam.com/blogs/paulbergson/archive/2009/03/19/disabling-ipv6-on-windows-2008.aspx

  Once disabled, run ipconfig /registerdns and restart netlogon on all DCs.

  For co-existence from IPv4 and IPv6 see:  http://technet.microsoft.com/en-us/library/cc738372(WS.10).aspx

   

   

  ---

  This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

  Microsoft Student Partner
  Microsoft Certified Professional
  Microsoft Certified Systems Administrator: Security
  Microsoft Certified Systems Engineer: Security
  Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
  Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration

  Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration

   

  Saturday, May 28, 2011 7:47 AM
• 

  

  0

  Sign in to vote

  OK I think I fixed the IPV6 issue.  (I ran the fix on this site - http://support.microsoft.com/kb/929852)  However, I still have these errors:

  TEST: Delegations (Del)
  Delegation information for the zone: my.domain.name.
  Delegated domain name: _msdcs.my.domain.name.
  Error: DNS server:MDNAD.my.domain.name. IP:<Unavailable> [NOTE: This server no longer exists.]
  [Missing glue A record]
  [Error details: 9714 (Type: Win32 - Description: DNS name does not exist.)]

  The "MDNAD.my.domain.name" server was a server we had created, but removed from our environment. A review of DNS can't find an entry for this server.

   

  Also, this error give the IP of the "Master" AD DC yet references the "Secondary" DC server.

  Warning:
  Missing AAAA record at DNS server XXX.XXX.25.141: [NOTE: This is the wrong IP for the MDNADSecondary.my.domain.name]
                       MDNADSecondary.my.domain.name
  [Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)]
  

  Warning:
  Missing AAAA record at DNS server XXX.XXX.25.142: [NOTE: This is the correct IP for the MDNADSecondary.my.domain.name]
  MDNADSecondary.my.domain.name
  [Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)]

  
  

  ---

  Chris Premo
  

  • Edited by ChrisPremo Saturday, May 28, 2011 9:52 PM

  Saturday, May 28, 2011 8:22 AM
• 

  

  0

  Sign in to vote

  If you have a DC that no longer exists then perform a metadata cleanup.

   

  ---

  This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

  Microsoft Student Partner
  Microsoft Certified Professional
  Microsoft Certified Systems Administrator: Security
  Microsoft Certified Systems Engineer: Security
  Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
  Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration

  Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration

  Saturday, May 28, 2011 8:40 AM
• 

  

  0

  Sign in to vote

  Hello,

  as MDNAD.my.domain.name seems not longer to exist please run metadata cleanup:

  http://msmvps.com/blogs/mweber/archive/2010/05/16/active-directory-metadata-cleanup.aspx

  For Ipv6 some details are mentioned here about recommendation and requirements:

  http://technet.microsoft.com/en-us/magazine/2009.07.cableguy.aspx

  ---

  Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

  Saturday, May 28, 2011 8:55 AM
• 

  

  0

  Sign in to vote

  Seems that you have an entry for MDNAD.my.domain.name designating it as a Name Server for the _msdcs.my.domain.name. zone= (you should be able to verify this by checking the list of name servers authoritative for this zone (Name Servers tab of the zone Properties dialog box). You could potentially remove it from there, but it would be more prudent to peform a thorough metadata cleanup and ensure that all references to that DC are deleted. Use any of the links provided above - my personal favorite is http://msmvps.com/blogs/acefekay/archive/2010/10/05/complete-step-by-step-to-remove-an-orphaned-domain-controller.aspx

  hth
  Marcin

  Saturday, May 28, 2011 11:58 AM
• 

  

  0

  Sign in to vote

  How many DCs do you have? Please post IPCONFIG/ALL for your DC here.  Are you using Active Directory Integrated DNS zone?

  Run metadata cleanup http://technet.microsoft.com/en-us/library/cc736378(WS.10).aspx and go through step till list servers in site.  Verify these DCs names and make sure they are valid.  They don’t exist, perform a metadata cleanup to remove these DC references from AD database.

  ---

  Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX
  
  Blogs - http://blogs.sivarajan.com/
  Articles - http://www.sivarajan.com/publications.html
  Twitter: @santhosh_sivara - http://twitter.com/santhosh_sivara
  This posting is provided AS IS with no warranties,and confers no rights.

  Saturday, May 28, 2011 1:09 PM
• 

  

  0

  Sign in to vote

  OK, I ran the Metadata Cleanup process:

  1. Tyoe ntdsutil, and then press ENTER.
  2. Type metadata cleanup and then press ENTER.
  3. Type connections and press ENTER.
  4. Type connect to server servername and then press ENTER.
  5. Type quit and then press ENTER.

  The Metadata Cleanup menu appears.
  6. Type select operation target and press ENTER.
  7. Type list domains and press ENTER.
  8. Type select domain number and press ENTER.
  9. Type list sites and press ENTER.
  10. Type select site number and press ENTER.
  11. Type list servers in site and press ENTER.

  A list of servers in the site, each with an associated number, is displayed.

  Unfortunately, the server "MDNAD.my.domain.name" is not listed in the "List of Servers".  So no further action can be taken.

  12. Type select server number . . . . .

  ---

  Chris Premo

  Saturday, May 28, 2011 9:32 PM
• 

  

  0

  Sign in to vote

  I checked the properties of the "_msdcs.My.Domain.Name" object in DNS Manager and reviewd the "Name Servers" tab.  There are two entries listed.  Both are my current AD servers: "MDNADMaster" and "MDNADSecondary" both showing the correct IP addresses for each server. (Note: We do have 12 Distict Office RODC servers in our remote District offices, but only the two DCs at our HQ location.  However, all 14 have DNS services runnig.)  Also, the only entries in the "_msdcs.My.Domain.Name" container are the two DCs, the 12 RODCs, one Start of Authroity (SOA) object which lists the Master DC server and hostmaster, and two Name Server (NS) entries listing the two DCs.

  ---

  Chris Premo

  Saturday, May 28, 2011 9:42 PM
• 

  

  0

  Sign in to vote

  Here is the data after running the IPV6 fix (and rebooting the two DCs).

  C:\Users\Administrator.MBC>ipconfig /all

  Windows IP Configuration

     Host Name . . . . . . . . . . . . : MDNADMaster
     Primary Dns Suffix  . . . . . . . : my.domain.name
     Node Type . . . . . . . . . . . . : Hybrid
     IP Routing Enabled. . . . . . . . : No
     WINS Proxy Enabled. . . . . . . . : No
     DNS Suffix Search List. . . . . . : my.domain.name

  Ethernet adapter Local Area Connection:

     Connection-specific DNS Suffix  . :
     Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
     Physical Address. . . . . . . . . : XX-XX-XX-85-13-5F
     DHCP Enabled. . . . . . . . . . . : No
     Autoconfiguration Enabled . . . . : Yes
     IPv4 Address. . . . . . . . . . . : XXX.XXX.25.141(Preferred)
     Subnet Mask . . . . . . . . . . . : 255.255.254.0
     Default Gateway . . . . . . . . . : XXX.XXX.24.62
     DNS Servers . . . . . . . . . . . : XXX.XXX.25.142
                                         XXX.XXX.25.141
                                         127.0.0.1
     NetBIOS over Tcpip. . . . . . . . : Enabled

  
  C:\Users\Administrator.MBC>ipconfig /all

  Windows IP Configuration

     Host Name . . . . . . . . . . . . : MDNADSecondary
     Primary Dns Suffix  . . . . . . . : my.domain.name
     Node Type . . . . . . . . . . . . : Hybrid
     IP Routing Enabled. . . . . . . . : No
     WINS Proxy Enabled. . . . . . . . : No
     DNS Suffix Search List. . . . . . : my.domain.name

  Ethernet adapter Local Area Connection:

     Connection-specific DNS Suffix  . : my.domain.name
     Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connecti
     Physical Address. . . . . . . . . : XX-XX-XX-85-74-99
     DHCP Enabled. . . . . . . . . . . : No
     Autoconfiguration Enabled . . . . : Yes
     IPv4 Address. . . . . . . . . . . : XXX.XXX.25.142(Preferred)
     Subnet Mask . . . . . . . . . . . : 255.255.254.0
     Default Gateway . . . . . . . . . : XXX.XXX.24.62
     DNS Servers . . . . . . . . . . . : XXX.XXX.25.141
                                         XXX.XXX.25.142
     NetBIOS over Tcpip. . . . . . . . : Enabled

  ******************************************************

   

  This error is still being found running the batch file below.

  *****************************************************************************
                 TEST: Forwarders/Root hints (Forw)
                    Recursion is enabled
                    Forwarders Information:
                       134.186.254.252 (<name unavailable>) [Valid]
                       205.225.130.209 (<name unavailable>) [Valid]
                       205.225.182.1 (<name unavailable>) [Invalid]
                   
                 TEST: Delegations (Del)
                    Delegation information for the zone: mbc.ca.gov.
                       Delegated domain name: _msdcs.mbc.ca.gov.
                          Error: DNS server: mbcad.mbc.ca.gov. IP:<Unavailable>

                          [Missing glue A record]

                          [Error details: 9714 (Type: Win32 - Description: DNS name does not exist.)]

  *****************************************************************************

   

  BATCH FILE

  ***********************************

  echo Running dcdiag /v.....
  dcdiag /v >> "c:\AD Health Check\ad_diag.txt"
  echo Running dcdiag /test:DNS /DNSALL (may take a few moments, be patient).....
  dcdiag /test:DNS /DNSALL /e /v >> "c:\AD Health Check\ad_diag.txt"
  echo Running dcdiag /test:DcPromo /e /v.....
  dcdiag /test:DcPromo /e /v >> "c:\AD Health Check\ad_diag.txt"
  echo Running dcdiag /test:RegisterInDNS.....
  dcdiag /test:RegisterInDNS >> "c:\AD Health Check\ad_diag.txt"
  echo Running netdiag.exe /v.....
  netdiag.exe /v >> "c:\AD Health Check\ad_diag.txt"
  echo Running netsh dhcp show server.....
  netsh dhcp show server >> "c:\AD Health Check\ad_diag.txt"
  echo Running repadmin /showreps.....
  repadmin /showreps >> "c:\AD Health Check\ad_diag.txt"
  echo Running repadmin /replsum /errorsonly.....
  repadmin /replsum /errorsonly >> "c:\AD Health Check\ad_diag.txt"
  echo ........................................
  echo Diagnostic Completed Successfully...
  echo view results in "c:\AD Health Check\ad_diag.txt"
  pause
  echo ........................................
  echo ........................................
  echo ........................................
  echo General Health Ratio (FAILS/PASSES) echo THis is very general, be sure to check "c:\AD Health Check\ad_diag.txt"!
  echo ........................................
  echo NUMBER OF FAILS
  find /c /i "fail" "c:\AD Health Check\ad_diag.txt"
  echo ........................................
  echo NUMBER OF PASSES
  find /c /i "pass" "c:\AD Health Check\ad_diag.txt"

  *******************************************

  ---

  Chris Premo

  Saturday, May 28, 2011 10:34 PM
• 

  

  0

  Sign in to vote

  Chris,

  can you post the output of:

  nslookup
  set type=NS
  _msdcs.mbc.ca.gov.

  hth
  Marcin

  
  

  Saturday, May 28, 2011 11:53 PM
• 

  

  0

  Sign in to vote

  Default Server:  mbcadsecondary.mbc.ca.gov
  Address:  XXX.XXX.25.142

  > set type=NS
  > _msdcs.mbc.ca.gov
  Server:  mbcadsecondary.mbc.ca.gov
  Address:  XXX.XXX.25.142

  _msdcs.mbc.ca.gov       nameserver = mbcadmaster.mbc.ca.gov
  _msdcs.mbc.ca.gov       nameserver = mbcadsecondary.mbc.ca.gov
  mbcadmaster.mbc.ca.gov  internet address = XXX.XXX.25.141
  mbcadsecondary.mbc.ca.gov       internet address = XXX.XXX.25.142

  ---

  Chris Premo

  Sunday, May 29, 2011 1:10 AM
• 

  

  0

  Sign in to vote

  Have you confirmed that the error you are listing above is actually generated by the same DC that you are querying via nslookup?

  hth
  Marcin

  Sunday, May 29, 2011 1:38 AM
• 

  

  0

  Sign in to vote

  I ran the check and the NSLOOKUP on the other DC and got the exact same results.

  This error is still being found running the batch file below.

  *****************************************************************************
  TEST: Forwarders/Root hints (Forw)
  Recursion is enabled
  Forwarders Information:
  134.186.254.252 (<name unavailable>) [Valid]
  205.225.130.209 (<name unavailable>) [Valid]
  205.225.182.1 (<name unavailable>) [Invalid]
  
  TEST: Delegations (Del)
  Delegation information for the zone: mbc.ca.gov.
  Delegated domain name: _msdcs.mbc.ca.gov.
  Error: DNS server: mbcad.mbc.ca.gov. IP:<Unavailable>

  [Missing glue A record]

  [Error details: 9714 (Type: Win32 - Description: DNS name does not exist.)]

  *****************************************************************************

   C:\Users\Administrator.MBC>nslookup
  Default Server:  mbcadmaster.mbc.ca.gov
  Address:  165.235.25.141

  > set type=NS
  > _msdcs.mbc.ca.gov
  Server:  mbcadmaster.mbc.ca.gov
  Address:  165.235.25.141

  _msdcs.mbc.ca.gov       nameserver = mbcadsecondary.mbc.ca.gov
  _msdcs.mbc.ca.gov       nameserver = mbcadmaster.mbc.ca.gov
  mbcadsecondary.mbc.ca.gov       internet address = XXX.XXX.25.142
  mbcadmaster.mbc.ca.gov  internet address = XXX.XXX.25.141

  ---

  Chris Premo

  Sunday, May 29, 2011 8:13 AM
• 

  

  0

  Sign in to vote

  Chris - which specific DC is returning this error?

  hth
  Marcin

  Sunday, May 29, 2011 10:41 AM
• 

  

  0

  Sign in to vote

  I ran the NSLOOKUP command on both DC and both reported the same results.  Each of the DCs report the other as Master.

  ---

  Chris Premo

  Sunday, May 29, 2011 5:27 PM
• 

  

  0

  Sign in to vote

  Chris,

  this doesn't answer my question. I'm referring to the error displayed by your batch file. Which DC generated this error?

  hth
  Marcin

  Sunday, May 29, 2011 9:14 PM
• 

  

  0

  Sign in to vote

     Running enterprise tests on : mbc.ca.gov

        Starting test: DNS

           Test results for domain controllers:

              DC: MBCADMaster.mbc.ca.gov

              Domain: mbc.ca.gov              
                 TEST: Authentication (Auth)
                    Authentication test: Successfully completed
                   
                 TEST: Basic (Basc)
                    The OS

                    Microsoft Windows Server 2008 R2 Enterprise  (Service Pack level: 1.0) is supported.

                    NETLOGON service is running

                    kdc service is running

                    DNSCACHE service is running

                    DNS service is running

                    DC is a DNS server

                    Network adapters information:

                    Adapter [00000007] Intel(R) PRO/1000 MT Network Connection:

                       MAC address is XX:XX:56:85:13:5F
                       IP Address is static
                       IP address: XXX.XXX.25.141
                       DNS servers:

                          XXX.XXX.25.142 (MBCADSECONDARY) [Valid]
                          XXX.XXX.25.141 (MBCADMASTER) [Valid]
                          127.0.0.1 (MBCADMASTER) [Valid]
                    The A host record(s) for this DC was found
                    The SOA record for the Active Directory zone was found
                    The Active Directory zone on this DC/DNS server was found primary
                    Root zone on this DC/DNS server was not found
                   
                 TEST: Forwarders/Root hints (Forw)
                    Recursion is enabled
                    Forwarders Information:
                       134.186.254.252 (<name unavailable>) [Valid]
                       205.225.130.209 (<name unavailable>) [Valid]
                       205.225.182.1 (<name unavailable>) [Invalid]
                   
                 TEST: Delegations (Del)
                    Delegation information for the zone: mbc.ca.gov.
                       Delegated domain name: _msdcs.mbc.ca.gov.
                          Error: DNS server: mbcad.mbc.ca.gov. IP:<Unavailable>

                          [Missing glue A record]

                          [Error details: 9714 (Type: Win32 - Description: DNS name does not exist.)]

  ---

  Chris Premo
  

  Monday, May 30, 2011 12:19 AM
• 

  

  1

  Sign in to vote

  Chris,

  this behavior is identical to what you'd experience if you had an incorrect name server entry for the _msdcs delegation. In the DNS Manager, are you actually looking at the delegation node (i.e. the grayed-out node labeled _msdcs under mbc.ca.gov)?

  Note that this is different than the content of _msdcs.mbc.ca.gov - which would contain only the "valid" records

  hth
  Marcin

  • Marked as answer by ChrisPremo Monday, May 30, 2011 7:04 AM

  Monday, May 30, 2011 12:56 AM
• 

  

  0

  Sign in to vote

  Doh, I finally found the entry.  Removed it and a DNS error on DIST19FileSvr and all errors are now gone.  Thanks for you patience!

  ---

  Chris Premo

  Monday, May 30, 2011 7:04 AM