ITidiots open forum > Domain problems
Hmm, a tough one to troubleshoot from the description but I suspect it is a DNS issue, with old DC SRV records mucking up replication etc.
One way to solve this would be to work on DNS. Maybe not the best way but I would consider:
Getting one DC up and running and verifying DNS is correct, remove any old records, boot up each DC in turn but set the DNS client to point to the one working server. This way all DCs will be set to use one DNS server, bypassing any DNS replication issues.
If this works you could remove and re-create the zone on the other DCs one by one, whilst changing the DNS client settings.
Just an idea...
Nicky
One way to solve this would be to work on DNS. Maybe not the best way but I would consider:
Getting one DC up and running and verifying DNS is correct, remove any old records, boot up each DC in turn but set the DNS client to point to the one working server. This way all DCs will be set to use one DNS server, bypassing any DNS replication issues.
If this works you could remove and re-create the zone on the other DCs one by one, whilst changing the DNS client settings.
Just an idea...
Nicky
August 26, 2010 |
Nicky Curtis
Nicky Curtis
Thanks. Had a look, appears DNS is buggered on both DC1 and DC2.
So, how do you recover DNS from that state?
I've tried deleting the zone and recreating it, made no difference. I can go back to a backup, but believe that DNS is broke on that too. But if deleting the zone ain't a good idea I can go back to that VM.
So, how do you recover DNS from that state?
I've tried deleting the zone and recreating it, made no difference. I can go back to a backup, but believe that DNS is broke on that too. But if deleting the zone ain't a good idea I can go back to that VM.
August 30, 2010 |
joey pesci
joey pesci
The most logical step would be to use nslookup to query the DNS records from a clients perspective to see if the DNS server is giving out the correct information and the right server if the old ones still active.
Is DHCP giving out the right IPsfor DNS?
Also are new computers been DNS registered when you add them to the domain?
Is DHCP giving out the right IPsfor DNS?
Also are new computers been DNS registered when you add them to the domain?
August 30, 2010 |
Supernova
Supernova
Tried nslookup. If I try it do I lookup an IP of a machine on the network to see what it returns?
DHCP is off. Only a small network so I've set each IP manually.
Will need to check new machines.
DHCP is off. Only a small network so I've set each IP manually.
Will need to check new machines.
August 30, 2010 |
joey pesci
joey pesci
by default each computers name, and name with its domain suffix is registered with the DNS as a part of AD. However, if DNS fails your client may try to use netbios over TCP IP so disable it on the client to make sure only DNS is in use.
September 2, 2010 |
Supernova
Supernova
Hmmm, just added a new XP vm to the domain and it connected fine. I can see it in DNS. It can also login with the DC1 on. However, I can't see it's name in AD. I've had that happen at work sometimes and just remove and then readd it. But done that and it still ain't appearing in AD.
September 5, 2010 |
joey pesci
joey pesci
Tried same on the upgraded DCs, the ones that now run Server 2008 RC2 and it's doing the same. PC is appearing in DNS but not in AD.
September 5, 2010 |
joey pesci
joey pesci
Well solved the issue of it not appearing in AD. Was another VM with same name in AD :)
Anyway. So appears if I add new machines they work fine, can login and everything. It's just machines that were already on the domain. So what could course that? I've cleared out DNS on those machine with IPCONFIG/flushdns
Anyway. So appears if I add new machines they work fine, can login and everything. It's just machines that were already on the domain. So what could course that? I've cleared out DNS on those machine with IPCONFIG/flushdns
September 5, 2010 |
joey pesci
joey pesci
Hmm, don't know what has happened. Had old DC1 on and trying to fix stuff. Didn't do anything bar test a XP VM could connect to it. It could. Shut DC1 off and started up DC3 to test that. That is working too and now machines can login with it on.
So appears fixed, but don't know how. Odd. Maybe the machines DNS' were in a mess and leaving the DCs off for about a week maybe fixed it?
Odd.
So appears fixed, but don't know how. Odd. Maybe the machines DNS' were in a mess and leaving the DCs off for about a week maybe fixed it?
Odd.
September 5, 2010 |
joey pesci
joey pesci
Further issue was noticed one of the domain's couldn't access the net for updates. Checked ipconfig to find the first default gateway was 0.0.0.0 and the next the correct one but didn't work.
Fixed this using the following tip on this site
http://srstrong.blogspot.com/2008/07/default-gateway-of-0000-in-vista.html
netsh interface ipv4 delete address “Local Area Connection”
addr=a.b.c.d gateway=0.0.0.0
where a.b.c.d is your local IP address.
Fixed this using the following tip on this site
http://srstrong.blogspot.com/2008/07/default-gateway-of-0000-in-vista.html
netsh interface ipv4 delete address “Local Area Connection”
addr=a.b.c.d gateway=0.0.0.0
where a.b.c.d is your local IP address.
September 19, 2010 |
joey pesci
joey pesci
Anyway. I posted this elsewhere so just cutting and pasting. Relating to my recent post about 2008 to 2008 R2.
Right take a seat, this is long, confusing and complicated :)
Mainly as I'm no pro so the way around things may be wrong but anyway.
I have a spare PC, it has VMware Workstation 7 on. It runs all my VMs I play with.
I created two domain controllers. One the main DC, the other the replication DC.
DC1 and DC2
Both running Server 2008.
PCs on the network joined to them fine and could login fine but all use local profiles.
Finally got a chip capable of running 64bit VMs so went to upgrade the DCs to 2008 R2. Upon booting from my technet image half way through the upgrading loading up but not actually starting, the VM's would crash.
So thought sod it, I'll just create a new VM for each DC then move the roles over (as the crashes I think related to the CPU change and Workstation which I couldn't be bothered to work out.
So we have
DC1 10.0.0.100
DC2 10.0.0.101
DC3 10.0.0.102
DC4 10.0.0.103
It's getting complicated now.
I moved the rolls from DC1 to DC3 following guides etc. Same with DC2 to DC4. Then demoted DC1 and removed it from the domain. Then changed the IP of DC3 to 10.0.0.100, check DNS pointers and updated them (think I did that right).
Now I think DNS is broken though. No PC can RDP to DC3 now. I've cleared out their DNS with /flushdns
So not sure what's wrong there.
Shut the VMs down and restores from the backups.
So
DC1
DC2
again.
Then by mistake had DC3 on while DC1 was on.
Shut down DC3. But now, where as DC1 and DC2 worked fine before. Now if DC1 is switched on, no machine on the domain can login. If I shut down DC1, all machines pause for a bit at log in but then login fine using a local profile.
I'm not sure what's happened or where to start.
I'd ideally like the DC3 and DC4 to work properly but not sure how to fix, what I think is, a DNS issue.