In my experience the behavior noted in the KB was fairly inconsistent.  Some DC's would be fine, but then miss records on the next reboot.  The records in question would also vary.
 
As for the workaround, it's probably less than ideal since you're right, simply restarting the Netlogon service doesn't always rebuild the netlogon.dns/dnb files.  However, it does sometimes, so it's not completely wrong, either.
 
I would at least rule out the known issue if you can by installing the hotfix on a test system(s) that's experiencing the issue.  Or, depending on the files in question, it's possible your DC's already have the updated files via other hotfixes.


From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ulf B. Simon-Weidner
Sent: Tuesday, November 08, 2005 5:35 PM 
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Netlogon.dns (2)

Thanks ~eric and David,
 
It wasn't as consistent as I would assume the behaviour of that hotfix.
 
Additionally the KB has an error - the Workaround won't work since netlogon.dns is not being rebuild if it exists when you restart netlogon. The Workaround should read as 1. rename netlogon.dns to netlogon.bak, 2. restart the netlogon-service.
 
Debugging may be possible, however I fixed the issue couple weeks ago since they are going to consolidate a domain into the one with the issues, and they had major performance issues and some kindergarden-errors in the design. I had to fix it asap to increase performance and to enable them to carry on with the domain consolidation.
 
It's not that they need to get it fixed now - I'm mainly curious why it happened.
 
Ulf


From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric Fleischman
Sent: Wednesday, November 09, 2005 12:03 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Netlogon.dns (2)

I would have SWORN there was an issue in this code path, but the details escaped me.

So I pinged Steve offline who remembered the details…..basically, it’s this: http://support.microsoft.com/default.aspx?scid=KB;EN-US;841395

 

So that could be what you’re hitting.

 

With some more details, we might be able to diagnose it if it is something else. But we might need to debug it to know for sure.

 

~Eric

 

 


From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick
Sent: Tuesday, November 08, 2005 2:43 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Netlogon.dns (2)

 

Were the entries dropped off the end of the file, or were they missing from the middle? Any pattern to the entries that were missing?

 

-gil

 


From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ulf B. Simon-Weidner
Sent: Tuesday, November 08, 2005 3:36 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Netlogon.dns (2)

Instead of hijacking another thread I'm going to start my own ;)

What I've seen recently and was pretty surprised: A customer of mine had incomplete netlogon.dns-files, they had some of the records which were supposed to be there but not all. On some DCs about 50% of the netlogon.dns was missing.

Really bad about this is that the tools like dcdiag only test the content of the netlogon.dns against the DNS-Service, and that the netlogon-process does not check the content of the netlogon.dns without any changes unless the file is missing. So the customer had missing DNS-Informations for ages and never noticed it - not everyone is digging around in DNS and knows what's supposed to be there ;)

DCs were W2k SP4.

Anyone seen this before? OK - I've already fixed it by renaming netlogon.dns and restarting netlogon, but I'm curious if anyone has ideas where this might come from and if anyone has seen it before.

Gruesse - Sincerely,

Ulf B. Simon-Weidner

  MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
  Weblog: http://msmvps.org/UlfBSimonWeidner
  Website: http://www.windowsserverfaq.org

 

Reply via email to