?
Solved

Problems with DNS and AD

Posted on 2003-03-25
9
Medium Priority
?
206 Views
Last Modified: 2010-03-19
I have set up two win2000 servers.  

192.168.0.1 server1 - Master DC
192.168.0.2 server2 - DC

I installed AD on both and DNS on both.  When both servers are running together, Active Directory tools take an extremely long time to initialise on Server1, and any operations take an equally long time to run. eg. double clicking on user to view properties.  Server2 AD tools seem fine.  When I run server1 only, AD tools are fine.  If I run both and then shut down server2 then AD tools take a long time to initialise but once initialised work fine until you stop using them for about a minute or so and then it takes a minute or two to come back online.

I thought this might be a problem with DNS.  I created the reverse lookup zones on both DNS servers.  This made no difference.

I would appreciate any help.

Regards

Andrew
0
Comment
Question by:a_j_halpin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 

Expert Comment

by:XPeriment
ID: 8202365
How did you set up FSMO roles? By saying that server1 is Master DC you mean that it is the PDC Emulator? Any of them is a GC(Global Catalog)? From where is the DNS zone loaded: Active Directory and registry, registry or file?

As a suggestion: try seizing the FSMO role "Infrastructure Master" to server2.
0
 
LVL 1

Expert Comment

by:Baddog
ID: 8202367
What network cards (NIC) are you using? Are you using a Hub or a Switch to connect the two servers?
Are both servers members of te same domain? Remember, in AD, all servers are equal and the AD database is replicated to the fellow DCs. If you installed the second DC properly, any changes made to DC1 will be replicated to DC2 including the DNS. Sounds like you may have improperly configured DC2.



BDog
0
 
LVL 1

Author Comment

by:a_j_halpin
ID: 8203777
both servers are in the same domain. lets call it domain.local for now. server1 was installed as the first DC so I presume it has all the FSMO roles.  the GC is on server1.  DNS is directory integrated. NICs are HP Netserver NIC's.  Nothing wrong with any network operations other than AD tools and performing operations on AD from server1.  Servers are replicating AD data correctly.

regards,

Andrew
0
WatchGuard's M Series Appliances - Miecom Approved

WatchGuard's newest M series appliances were put to the test by Miercom.  We had great results and outperformed all of our competitors in both stateless and stateful traffic throghput scenarios! Ready to see how your UTM appliance stacked up? Download the Miercom Report!

 

Expert Comment

by:XPeriment
ID: 8203864
Microsot recommendes that if more than 2 DC's are in a domain, the Infrastructure Master should not be on the GC(http://support.microsoft.com/default.aspx?scid=kb;EN-US;223346); therefore my initial suggestion remains. Beside that, you could run dcdiag.exe and netdiag.exe against your servers and see if they give you any clues regarding misconfiguration.
0
 

Expert Comment

by:dePoPo
ID: 8212181
if you installed dns server on both, remove one of them, and point the second server to the dns of the first.

having two dns servers as primary for the same zone is not possible.
0
 
LVL 1

Author Comment

by:a_j_halpin
ID: 8217901
dePoPo,

i removed the DNS server from server2.  still no joy.  

xperiment, microsoft does not recommend you move the IM role from the GC server if you are in a single domain environment. see article Q223346 on technet.

I notice that when i ping an FQDN from server1 it takes ages to resolve, but if I ping a netbios name its fine.  This only enforces my belief that it is definitly a DNS problem.  I removed the DNS forward lookup zone and recreated it.  still no good.

Anyone any other ideas?

Regards

andrew
0
 

Expert Comment

by:CleanupPing
ID: 9152909
a_j_halpin:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
 
LVL 5

Expert Comment

by:juliancrawford
ID: 10088626
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:

PAQ with points refunded

Please leave any comments here within the next seven days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

Julian Crawford
EE Cleanup Volunteer
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 10140749
PAQed, with points refunded (495)

Computer101
E-E Admin
0

Featured Post

WatchGuard's M Series Appliances - Miecom Approved

WatchGuard's newest M series appliances were put to the test by Miercom.  We had great results and outperformed all of our competitors in both stateless and stateful traffic throghput scenarios! Ready to see how your UTM appliance stacked up? Download the Miercom Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This program is used to assist in finding and resolving common problems with wireless connections.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question