DNS problems on Windows Server 2003 DCs
Discussion
Hi Guys
I'm looking for some assistance with a DNS problem I'm having.
I have two Windows Server 2003 servers, Server1 and Server2, in two sites. Server1 is a domain controller and DNS server for mydomain.local. Yesterday, I ran DCPROMO on Server2 to make it a replica domain controller for mydomain.local.
Before running DCPROMO, I set Server2 to point to Server1 as it's preferred DNS server and checked that I could ping Server1 and Server1.mydomain.local from Server2, which I could. DCPROMO ran through without any errors so I called it quits and went home for the night.
This morning, I added the DNS Server role to Server2 because it will be the DNS server for clients at it's site. I changed Server2 to use itself as preferred DNS server and to use Server1 as alternate DNS server. I added Server2 as alternate DNS server on Server 1.
However, when I run DNS management console of Server2, mydomain.local is not showing under Forward Lookup Zones. If I look in DNS on Server1 I can see SRV records for Server2.
If I run netdiag /test:dns on Server2 I get the following:
DNS test................: Passed
[WARNING] Cannot find a primary authoritative DNS server for the name 'SERVER2.MYDOMAIN.local'. [RCODE_SERVER_FAILURE]
The name 'SERVER2.MYDOMAIN.local' may not be registered in DNS.
[WARNING] The DNS entries for this DC are not registered correctly on DNS server '192.168.0.254'. Please wait for 30 minutes for DNS server replication.
PASS - All the DNS entries for DC are registered on DNS server'10.10.1.10' and other DCs also have some of the names registered.
192.168.0.254 is Server2 and 10.10.1.10 is Server1.
I must confess that I'm new to Server 2003 and I'm out of my depth here. Can anyone give me a clue where I've gone wrong and how to fix this? Should I have installed DNS server on Server2 before running DCPROMO?
Cheers
Phil
I'm looking for some assistance with a DNS problem I'm having.
I have two Windows Server 2003 servers, Server1 and Server2, in two sites. Server1 is a domain controller and DNS server for mydomain.local. Yesterday, I ran DCPROMO on Server2 to make it a replica domain controller for mydomain.local.
Before running DCPROMO, I set Server2 to point to Server1 as it's preferred DNS server and checked that I could ping Server1 and Server1.mydomain.local from Server2, which I could. DCPROMO ran through without any errors so I called it quits and went home for the night.
This morning, I added the DNS Server role to Server2 because it will be the DNS server for clients at it's site. I changed Server2 to use itself as preferred DNS server and to use Server1 as alternate DNS server. I added Server2 as alternate DNS server on Server 1.
However, when I run DNS management console of Server2, mydomain.local is not showing under Forward Lookup Zones. If I look in DNS on Server1 I can see SRV records for Server2.
If I run netdiag /test:dns on Server2 I get the following:
===============================================
DNS test................: Passed
[WARNING] Cannot find a primary authoritative DNS server for the name 'SERVER2.MYDOMAIN.local'. [RCODE_SERVER_FAILURE]
The name 'SERVER2.MYDOMAIN.local' may not be registered in DNS.
[WARNING] The DNS entries for this DC are not registered correctly on DNS server '192.168.0.254'. Please wait for 30 minutes for DNS server replication.
PASS - All the DNS entries for DC are registered on DNS server'10.10.1.10' and other DCs also have some of the names registered.
================================================
192.168.0.254 is Server2 and 10.10.1.10 is Server1.
I must confess that I'm new to Server 2003 and I'm out of my depth here. Can anyone give me a clue where I've gone wrong and how to fix this? Should I have installed DNS server on Server2 before running DCPROMO?
Cheers
Phil
on server2 you can force a dns registration with ipconfig /registerdns
ipconfig /flushdns flushes the local cache then try netdiag again.
Check your sites IPs are setup in AD
grab the support tools (microsoft website or install cd) and get replmon installed so that you can check/force replication between the 2 sites.
make sure the DNS server on server 1 is set to replicate dns to domain controllers and that the zone is AD integrated (in dns management console -> properties on server name)
ipconfig /flushdns flushes the local cache then try netdiag again.
Check your sites IPs are setup in AD
grab the support tools (microsoft website or install cd) and get replmon installed so that you can check/force replication between the 2 sites.
make sure the DNS server on server 1 is set to replicate dns to domain controllers and that the zone is AD integrated (in dns management console -> properties on server name)
Edited by malman on Wednesday 27th February 12:55
It would appear that I'm too impatient. MYDOMAIN.local has just appeared in DNS on Server2.
netdiag /test:dns now shows just one warning when ran on Server2:
[WARNING] The DNS entries for this DC are not registered correctly on DNS server '10.10.1.10'. Please wait for 30 minutes for DNS server replication.
I will wait and see if this warning goes away.
netdiag /test:dns now shows just one warning when ran on Server2:
==============================
[WARNING] The DNS entries for this DC are not registered correctly on DNS server '10.10.1.10'. Please wait for 30 minutes for DNS server replication.
==============================
I will wait and see if this warning goes away.
malman said:
on server2 you can force a dns registration with ipconfig /registerdns
ipconfig /flushdns flushes the local cache then try netdiag again.
Check your sites IPs are setup in AD
grab the support tools (microsoft website or install cd) and get replmon installed so that you can check/force replication between the 2 sites.
make sure the DNS server on server 1 is set to replicate dns to domain controllers and that the zone is AD integrated (in dns management console -> properties on server name)
Hi malmanipconfig /flushdns flushes the local cache then try netdiag again.
Check your sites IPs are setup in AD
grab the support tools (microsoft website or install cd) and get replmon installed so that you can check/force replication between the 2 sites.
make sure the DNS server on server 1 is set to replicate dns to domain controllers and that the zone is AD integrated (in dns management console -> properties on server name)
Edited by malman on Wednesday 27th February 12:55
I'd already tried the ipconfig /registerdns, but I must confess I didn't do a /flushdns before rerunning netdiag.
Sites and subnets are setup in AD. In fact when I ran DCPROMO on Server2 it was added to the correct site automatically.
Server1 is setup for AD Integreated DNS, and to replicate to all DNS servers in the domain.
I'm running 64-bit Server 2003 so I can't use replmon. I'm starting to wish I'd gone for 32-bit. Do you know if there is an alternative to replmon that will run on 64-bit?
Cheers
Phil
pcwilson said:
It would appear that I'm too impatient. MYDOMAIN.local has just appeared in DNS on Server2.
netdiag /test:dns now shows just one warning when ran on Server2:
[WARNING] The DNS entries for this DC are not registered correctly on DNS server '10.10.1.10'. Please wait for 30 minutes for DNS server replication.
I will wait and see if this warning goes away.
Thats why its handy to be able to force a replicate. I usually don't want to wait around while AD makes up its own sweet mind when it wants to chat to the other servers netdiag /test:dns now shows just one warning when ran on Server2:
==============================
[WARNING] The DNS entries for this DC are not registered correctly on DNS server '10.10.1.10'. Please wait for 30 minutes for DNS server replication.
==============================
I will wait and see if this warning goes away.
pcwilson said:
It would appear that I'm too impatient. MYDOMAIN.local has just appeared in DNS on Server2.
netdiag /test:dns now shows just one warning when ran on Server2:
[WARNING] The DNS entries for this DC are not registered correctly on DNS server '10.10.1.10'. Please wait for 30 minutes for DNS server replication.
I will wait and see if this warning goes away.
ipconfig /registerdns only registers the DNS A and PTR records for the host.netdiag /test:dns now shows just one warning when ran on Server2:
==============================
[WARNING] The DNS entries for this DC are not registered correctly on DNS server '10.10.1.10'. Please wait for 30 minutes for DNS server replication.
==============================
I will wait and see if this warning goes away.
Try restarting the Netlogon service on the DC to re-register the service locator (SVR) records which AD needs.
Also what functional modes are the domain / forest running in?
Edited by theboss on Wednesday 27th February 14:25
theboss said:
pcwilson said:
It would appear that I'm too impatient. MYDOMAIN.local has just appeared in DNS on Server2.
netdiag /test:dns now shows just one warning when ran on Server2:
[WARNING] The DNS entries for this DC are not registered correctly on DNS server '10.10.1.10'. Please wait for 30 minutes for DNS server replication.
I will wait and see if this warning goes away.
ipconfig /registerdns only registers the DNS A and PTR records for the host.netdiag /test:dns now shows just one warning when ran on Server2:
==============================
[WARNING] The DNS entries for this DC are not registered correctly on DNS server '10.10.1.10'. Please wait for 30 minutes for DNS server replication.
==============================
I will wait and see if this warning goes away.
Try restarting the Netlogon service on the DC to re-register the service locator (SVR) records which AD needs.
Also what functional modes are the domain / forest running in?
Edited by theboss on Wednesday 27th February 14:25
Domain and forest both at Windows Server 2003 functional level.
All would appear to be well now. I just didn't give it long enough to replicate. Lesson learned.
pcwilson said:
malman said:
yep replmon uses rpc to talk to the servers. If you were running it on the server it still uses network to talk locally and needs to talk to the remote dc over the network anyway.
Excellent. I'm downloading now from Microsoft. Thanks again. Which is odd as it used to work on that laptophttp://support.microsoft.com/kb/306681
Edited by malman on Wednesday 27th February 14:54
malman said:
pcwilson said:
malman said:
yep replmon uses rpc to talk to the servers. If you were running it on the server it still uses network to talk locally and needs to talk to the remote dc over the network anyway.
Excellent. I'm downloading now from Microsoft. Thanks again. Which is odd as it used to work on that laptophttp://support.microsoft.com/kb/306681
Edited by malman on Wednesday 27th February 14:54
ETA: Sorted! Thanks again.
Edited by pcwilson on Wednesday 27th February 15:20
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff