Unsolved
This post is more than 5 years old
51 Posts
0
1032
February 26th, 2008 08:00
Celerra DDNS Update Problem
Hi,
This is my first time here. I've been working and researching on this problem that got my head hurt. Hopefully you guys can assist me.
We periodically have CIFS servers that start having problem update its "A" record to DNS server using DDNS. I've verified that DNS server is allowing update and also allowing secure update. I've also verified the CIFS server has secure update. This happened to the CIFS servers that had been working just fine and all the sudden started having problem. They were properly joined. This also happen on 1 out of 4 CIFS that on the same physical data movers. I tried to unjoin and rejoin and still getting this error message every 20 minutes.
Update of "A" record failed during update: Operation refused for policy or security reasons
I've worked AD people and Windows people and checked everything that we could check and found nothing. Have any of you guys experience this type of problems?
Sorry I didn't know so I posted this same message to the Simulator forum
Thanks in advance for your help.
HT
This is my first time here. I've been working and researching on this problem that got my head hurt. Hopefully you guys can assist me.
We periodically have CIFS servers that start having problem update its "A" record to DNS server using DDNS. I've verified that DNS server is allowing update and also allowing secure update. I've also verified the CIFS server has secure update. This happened to the CIFS servers that had been working just fine and all the sudden started having problem. They were properly joined. This also happen on 1 out of 4 CIFS that on the same physical data movers. I tried to unjoin and rejoin and still getting this error message every 20 minutes.
Update of "A" record failed during update: Operation refused for policy or security reasons
I've worked AD people and Windows people and checked everything that we could check and found nothing. Have any of you guys experience this type of problems?
Sorry I didn't know so I posted this same message to the Simulator forum
Thanks in advance for your help.
HT
No Events found!
Rainer_EMC
6 Operator
•
8.6K Posts
0
February 26th, 2008 09:00
Problem
After joining a CIFS server to a domain, the following error appears in the
server_cifs output, indicating the system cannot update the DNS record:
FQDN=dm4-a140-ana0.c1t1.pt1.c3lab.nsgprod.e
mc.com (Update of "A" record failed during update:
Operation refused for policy or security reasons)
Description
The DNS server¿s zone may include the same FQDN (fully-qualified
domain name) for another computer account.
Corrective action
Verify the DNS server¿s zone does not have the
same FQDN with a different IP address for another computer account.
nandas
6 Operator
•
1.5K Posts
0
February 26th, 2008 10:00
You may run a TCP Trace on the network filtering the CIFS server IP address, which will provide some details what's going on.
My take will be to engage EMC Support, if not already done., - they can check the box and run/examine the debugs/logs etc.
Thanks,
Sandip
HT2
51 Posts
0
February 26th, 2008 10:00
HT2
51 Posts
0
February 26th, 2008 11:00
If we're unable to determine the problem, and decide to turn off DDNS. Is there ANY potential problems that you can think of by disabling DDNS from Celerra side? This should NOT have anything to do with Kerberos password aging, should it? Since everything is now in DNS server and we're not planning to update anything from the networking point of view, do you see any potential problems with disable DDNS?
Thanks
HT
Rainer_EMC
6 Operator
•
8.6K Posts
0
February 26th, 2008 14:00
The only thing I can think of is if you are using Celerra Replicator and do a VDM failover.
Then the destination VDM gets loaded and the CIFS servers would try to get a new IP adress for the failed over CIFS server names.
Without DDNS you would have to resolve that manually.