cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
304
Views
0
Helpful
2
Replies

negative cache

juma
Level 1
Level 1

I am running Unity 3.1.5. Issused command under dos: ipconfig /displaydns:

_ldap._tcp.default-first-site-name._sites.dc._msdcs.rbcato325lu04dt.devvoip..devfg.rbc.com.

------------------------------------------------------ Negative cache entry for no records

_ldap._tcp.dc._msdcs.rbcato325lu04dt.devvoip.apps.devfg.rbc.com.

------------------------------------------------------ Negative cache entry for no records

Unity using the wrong name to query the SRV record. It should be using:

ldap._tcp.dc._msdcs.devvoip.apps.devfg.rbc.com

Is this a problem?

2 Replies 2

cgulley
Level 1
Level 1

If you are not seeing any other symptoms (failsafe conversation, errors in the event log from Unity, etc), this is not something I would worry about. The primary things that Unity depends on DC/GC servers for are resolving email addresses (via MAPI) and synchronizing directory changes into the Unity database. If the MAPI part was having problems, it would be painfully obvious (errors sending/retrieving messages and errors in the event log). If the directory synchronization was failing, you would see errors in the event log.

I've never noticed the behavior you are describing before, but I just tried the same test on a Unity server here and got the same results. It appears that one potential culprit is the AvDSAD service. If you want to verify that this is what you're seeing and your machine is not a production server (it will potentially generate a lot of network traffic and load on the server), you could try the following test:

-- stop the AvDSAD service

-- run ipconfig /flushdns to remove all of the cached entries

-- set the Registry value HKLM\Software\Active Voice\Directory Connectors\DirSynchAD\1.00\Domains\\LastUSN to 0

-- start the AvDSAD service and see if the negative cache entry is created

On my system, these steps will cause the negative cache entry to be created. However, it does not seem to have any ill effects (the AvDSAD service is running fine). I'll create a low priority defect record to investigate this and try to find out what causes it.

I looked into this a little more and it seems to be something that is happening down in ADSI (the Microsoft API that we use to interact with Active Directory). An example of a place where I saw a negative cache entry get generated is using ADsOpenObject to bind to a string like (I'm using the names from your original post):

LDAP://rbcato325lu04dt.devvoip.devfg.rbc.com:389/

Although this call generates a negative cache entry, it returns a success code and functions as expected (in other words it does bind to the desired container on the desired server).

I can also reproduce the behavior with the Microsoft tool asiedit.msc as follows:

-- run ipconfig /flushdns to clear out the cache

-- start adsiedit.msc

-- right-click on top node and select "Connect to..."

-- Under Connection Point, select Naming Context and Domain NC

-- Under Computer, select "Select or type a domain or server" and type in the name of a domain controller

-- Select OK

At this point, if I run ipconfig /displaydns I see a couple of negative cache entries.

If I had to guess, I would say it is just part of the binding process in ADSI (maybe they assume the first part is a domain unless the lookup fails and then they assume it is a server name). It doesn't appear to be a bug (I haven't noticed any ill effects).

If you want more detail about exactly what is going on under the covers in ADSI, you'll have to check with Microsoft.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: