+ Reply to Thread
Page 1 of 2 1 2 Last
Results 1 to 25 of 46

Thread: DNS question

  1. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #1

    Default DNS question

    Cant figure this one out guys, need help.

    I had a DC (Server01) and a member server (Server02) for my 290 exam that I have carried over for the 291. So I promoted the member server to the role of DC. It is an additional DC in the same domain contoso.com. I added the role of DNS to Server01 without any problems. All settings are good, A, NS, SOA and SRV records are all there.

    But when I add the DNS role to the other DC i.e. Server02 whether I use the Manage your Server wizard or through Add/Remove Windows Components, it tries to add the role but ends up at saying "Cannot complete the wizard". I looked in the Event Viewer on both servers if there were any DNS related errors, but found none. When I open dnsmgmt on Server02, it doesnt have itself in the box, only Server01 is there. Even when I click Connect to DNS Server and try to connect to itself, it says that the server is not available. Similar thing on the other server as well, click the Connect to DNS Server wizard and enter in server02.contoso.com, it says the server is not a Windows Server 2003/2000 Computer.

    Settings for the two servers:

    Server01

    IP Address : 192.168.0.101
    Mask: 255.255.255.0
    Preferred DNS Server : 192.168.0.101

    Server02

    IP Address : 192.168.2.128
    Mask: 255.255.255.0
    Preferred DNS Server : 192.168.0.101

    The IP address of Server02 was automatically assigned by the VMWare network adapters. I just made the same address static. Both servers can ping each other by name and by IP address. Launching an NS lookup on Server01 to find Server02.contoso.com is successful too.

    So, why cant I add the DNS role to Server02?

    Please let me know if you need more information to troubleshoot my problem.
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  2. SS -->
  3. Drops by now and again astorrs's Avatar
    Join Date
    May 2008
    Location
    Vancouver, Canada
    Posts
    3,141

    Certifications
    I have numerous certs from VMware, Citrix, Microsoft, EMC, Nimble Storage, Palo Alto Networks and more...
    #2
    Are there any error/warning events in the event log (look in both Application and System)
    Reply With Quote Quote  

  4. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #3
    Just looked up the logs on server02, Andrew. Large number of warnings and a few errors...

    Warnings and errors are on the lines of " The DNS server could not load the Active Directory" and "The DNS server could not find the primary or secondary zones for this domain". There are other errors saying that the computer could not get AD replication from any other DC's. Also there was one saying there were no AD-integrated peers located. Ok, another one saying something about some FSMO errors. Heaps of errors Doesnt look good, does it?

    I have tried removing the DNS roles from both computers and adding again, hasnt made a difference. Something very wrong going on.
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  5. Drops by now and again astorrs's Avatar
    Join Date
    May 2008
    Location
    Vancouver, Canada
    Posts
    3,141

    Certifications
    I have numerous certs from VMware, Citrix, Microsoft, EMC, Nimble Storage, Palo Alto Networks and more...
    #4
    Quote Originally Posted by MobilOne
    I have tried removing the DNS roles from both computers and adding again, hasnt made a difference. Something very wrong going on.
    Oh dear, did you remove them at the same time?

    Can you perform the following command against both DCs (where <dc#> is the name of the DC)?

    "net view \\<dc#>"

    and tell me if you see the NETLOGON and SYSVOL shares?
    Reply With Quote Quote  

  6. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #5
    Quote Originally Posted by astorrs
    Quote Originally Posted by MobilOne
    I have tried removing the DNS roles from both computers and adding again, hasnt made a difference. Something very wrong going on.
    Oh dear, did you remove them at the same time?

    Can you perform the following command against both DCs (where <dc#> is the name of the DC)?

    "net view \\<dc#>"

    and tell me if you see the NETLOGON and SYSVOL shares?
    Sorry, I'll rephrase that. I did NOT remove the DNS role from server01, only removed it from server02.
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  7. Drops by now and again astorrs's Avatar
    Join Date
    May 2008
    Location
    Vancouver, Canada
    Posts
    3,141

    Certifications
    I have numerous certs from VMware, Citrix, Microsoft, EMC, Nimble Storage, Palo Alto Networks and more...
    #6
    Okay, much better.

    What about the shares?
    Reply With Quote Quote  

  8. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #7
    Sorry Andrew, I'll have a look at this tomorrow morning now. Weekend's here and friends want me to join them for a bbq. Will reply tomorrow.
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  9. Drops by now and again astorrs's Avatar
    Join Date
    May 2008
    Location
    Vancouver, Canada
    Posts
    3,141

    Certifications
    I have numerous certs from VMware, Citrix, Microsoft, EMC, Nimble Storage, Palo Alto Networks and more...
    #8
    Quote Originally Posted by MobilOne
    Sorry Andrew, I'll have a look at this tomorrow morning now. Weekend's here and friends want me to join them for a bbq. Will reply tomorrow.
    Oh definately, have a for me...
    Reply With Quote Quote  

  10. INTJ wedge1988's Avatar
    Join Date
    Jan 2007
    Location
    UK
    Posts
    435
    #9
    Server01

    IP Address : 192.168.0.101
    Mask: 255.255.255.0
    Preferred DNS Server : 192.168.0.101

    Server02

    IP Address : 192.168.2.128
    Mask: 255.255.255.0
    Preferred DNS Server : 192.168.0.101
    Im not 100% on this, but does it matter that your second server is using the first servers DNS address while you try to install DNS? I would assume you should be using a 127.0.0.1 address for loopback? If you wanted to use the first server as a DNS server you should set up a secondry DNS zone not a fresh DNS install???

    im sorts of right lol, 291 in a few months for me!
    Reply With Quote Quote  

  11. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #10
    Ok, back after a much needed sleep-in. Had a long night

    Did a net view\\ against both DC's. Server01 had both netlogon and sysvol among other shares show up. But Server02 did not have either netlogon or sysvol come up(showed other shared folders that I have).

    Saw an error on Server01 in the Application event log saying that "MS DTC coud not correctly process the DC Promotion/Demotion event and that it would continue to use the current settings". Another saying that it could not connect to the local SAM server.

    Seems Server02 was not correctly promoted to the role of DC.
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  12. Drops by now and again astorrs's Avatar
    Join Date
    May 2008
    Location
    Vancouver, Canada
    Posts
    3,141

    Certifications
    I have numerous certs from VMware, Citrix, Microsoft, EMC, Nimble Storage, Palo Alto Networks and more...
    #11
    Correct. DNS won't load the zones because they don't exist (since they are AD integrated and the DC services are not functioning).

    Demote the server again and rerun dcpromo. Let me know if you encounter an error trying to demote it (there is a manual way, it's well documented, but is much more complex )
    Reply With Quote Quote  

  13. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #12
    Tried to demote server02 using the dcpromo wizard gives me the following error:

    Operation failed because AD could not transfer the remaining data in directory partition
    CN=Schema, CN=Configuration,DC=contoso,DC=com to Domain Controller server01.contoso.com
    The RPC server is unavailable.

    Now, I started the RPC service on server01 (it was turned off), tried to run dcpromo again, same error.
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  14. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #13
    Could this above error be because this DC is pointing to server01 for name resolution?

    I tried to point server02 to itself but when I run dcpromo again, it gives me a rather ominous message saying that " Since no other DC's could be contacted, all AD changes for this domain contoso.com will be lost" Thought I'd better ask before I went ahead.
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  15. Drops by now and again astorrs's Avatar
    Join Date
    May 2008
    Location
    Vancouver, Canada
    Posts
    3,141

    Certifications
    I have numerous certs from VMware, Citrix, Microsoft, EMC, Nimble Storage, Palo Alto Networks and more...
    #14
    Are you really attached to server2? Or can you just rebuild the machine (its just a basic install right)?

    If you're okay with starting over go ahead and start the rebuild, while its running follow the steps here on server1 to cleanup the mess server2 probably left behind: http://support.microsoft.com/kb/216498
    Reply With Quote Quote  

  16. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #15
    What would you mean by "directly attached"? It's a virtual machine, if that helps.

    And that's a pretty long instruction for removing stuff left behind by the unsuccessful demotion (not that I would mind doing it, if it's the only way out)
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  17. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #16
    I just tried to force a replication between the two DC's (while sitting at server01). Gave me a similar error that the RPC server is unavailable. Also said "This operation will not continue. This condition may be caused by a DNS lookup problem"

    My server02 seems very sick to me.
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  18. Drops by now and again astorrs's Avatar
    Join Date
    May 2008
    Location
    Vancouver, Canada
    Posts
    3,141

    Certifications
    I have numerous certs from VMware, Citrix, Microsoft, EMC, Nimble Storage, Palo Alto Networks and more...
    #17
    Yup deathly ill.

    Follow the instructions in the KB article, it's good experience (I've probably done it 20 times in the past).
    Reply With Quote Quote  

  19. Sie
    Sie is offline
    Running on caffine
    Join Date
    Dec 2005
    Location
    England, UK
    Posts
    1,207

    Certifications
    ADITP (Advanced Diploma for IT Practitioners) & MCSA (70-270, 70-290, 70-291, 70-299) | Currently working towards C|EH
    #18
    good link Astorrs, popped in to see if I could help but seems like you've got another one nailed.

    Would definetly recommend the rebuild, sometimes its easier to start again than to find a needle in the haystack.

    If its a VMWare virtual machine dont forget you have snapshots incase this happens!
    Reply With Quote Quote  

  20. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #19
    Just a question with the VMWare snapshots (server02 is a virtual machine), Sie. What are these things? Some kind of restore points?

    Jeez, sometimes I wish I was a plumber or something, these computers get to me man

    But, I aint one to fall back, I'll rebuild this sick server of mine and get it up and running. Any other suggestions before I get started.
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  21. Sie
    Sie is offline
    Running on caffine
    Join Date
    Dec 2005
    Location
    England, UK
    Posts
    1,207

    Certifications
    ADITP (Advanced Diploma for IT Practitioners) & MCSA (70-270, 70-290, 70-291, 70-299) | Currently working towards C|EH
    #20
    Quote Originally Posted by MobilOne
    Just a question with the VMWare snapshots (server02 is a virtual machine), Sie. What are these things? Some kind of restore points?

    Jeez, sometimes I wish I was a plumber or something, these computers get to me man

    But, I aint one to fall back, I'll rebuild this sick server of mine and get it up and running. Any other suggestions before I get started.
    Yes snapshot are basically restore points and are available within VMWare, I dont think theres anything similar in Virtual PC thou unfortunatly.

    I tend to create one once I have setup the Vanilla Server then others when 'large' things are configured then if things go wrong or I want to start again I can just revert to the first snapshot.

    Which you using?

    Remove the second server and follow Astorrs link on the first DC, shouldnt be too long setting up a new one if its just a DNS server.
    Reply With Quote Quote  

  22. Senior Member
    Join Date
    Mar 2007
    Posts
    12,308
    #21
    Snapshots contain the state of a VM at a specific point in time. Let's say you create a snapshot and then delete some files. You can revert back to the snapshot, and the files will remain, just like they were when you created the snapshot. This works for software installations, configuration changes, etc.

    VMWare Server can only take one snapshot. VMWare Workstation is much more flexible.
    Reply With Quote Quote  

  23. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #22
    Yeah, I'm using the free VMWare Server. I'll give it a shot as soon as I can.
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  24. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #23
    I followed that KB article to the word, everything goes smoothly till the point where I type in "Remove selected server" in the metadata cleanup menu. When I hit enter, it gives me an error " The connected server will not remove its own metadata ".

    I was running the ntdsutil from the healthy server (server01). Does the above error mean that I will have to remove the metadata manually??

    I googled the above error, nothing much came up. Please help.
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

  25. Sie
    Sie is offline
    Running on caffine
    Join Date
    Dec 2005
    Location
    England, UK
    Posts
    1,207

    Certifications
    ADITP (Advanced Diploma for IT Practitioners) & MCSA (70-270, 70-290, 70-291, 70-299) | Currently working towards C|EH
    #24
    did you ever run the dcpromo /forceremoval option?

    Theres also another good guide on this at

    http://www.petri.co.il/delete_failed_dcs_from_ad.htm
    Reply With Quote Quote  

  26. VCDX in 2017 Essendon's Avatar
    Join Date
    Sep 2007
    Location
    Melbourne
    Posts
    4,489

    Certifications
    VCIX-NV, VCAP5-DCD/DTA/DCA, VCP-5/DT, MCSA: 2008, MCITP: EA, MCTS x5, ITIL v3, MCSA: M, MS in Telecom Engg
    #25
    did you ever run the dcpromo /forceremoval option?
    When I attempted this, it said this action would remove AD from this DC without updating forest metadata. Unless this is the last DC in the forest, you will need to manually configure AD forest metadata.

    Now, this sick DC is NOT the last DC in the forest. So if I clicked next, I would have to manually configure AD metadata? And then, reinstall the OS?

    Also, that link that you posted Sie, is pretty good in its own right, but exactly the same as the one Astorrs posted. Thanks anyways!
    VCDX: DCV - Round 2 rescheduled (by VMware) for December 2017.

    Blog >> http://virtual10.com
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 2 1 2 Last

Social Networking & Bookmarks