Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Problems with DNS and AD

Posted on 2003-03-25
9
Medium Priority
?
209 Views
Last Modified: 2010-03-19
I have set up two win2000 servers.  

192.168.0.1 server1 - Master DC
192.168.0.2 server2 - DC

I installed AD on both and DNS on both.  When both servers are running together, Active Directory tools take an extremely long time to initialise on Server1, and any operations take an equally long time to run. eg. double clicking on user to view properties.  Server2 AD tools seem fine.  When I run server1 only, AD tools are fine.  If I run both and then shut down server2 then AD tools take a long time to initialise but once initialised work fine until you stop using them for about a minute or so and then it takes a minute or two to come back online.

I thought this might be a problem with DNS.  I created the reverse lookup zones on both DNS servers.  This made no difference.

I would appreciate any help.

Regards

Andrew
0
Comment
Question by:a_j_halpin
9 Comments
 

Expert Comment

by:XPeriment
ID: 8202365
How did you set up FSMO roles? By saying that server1 is Master DC you mean that it is the PDC Emulator? Any of them is a GC(Global Catalog)? From where is the DNS zone loaded: Active Directory and registry, registry or file?

As a suggestion: try seizing the FSMO role "Infrastructure Master" to server2.
0
 
LVL 1

Expert Comment

by:Baddog
ID: 8202367
What network cards (NIC) are you using? Are you using a Hub or a Switch to connect the two servers?
Are both servers members of te same domain? Remember, in AD, all servers are equal and the AD database is replicated to the fellow DCs. If you installed the second DC properly, any changes made to DC1 will be replicated to DC2 including the DNS. Sounds like you may have improperly configured DC2.



BDog
0
 
LVL 1

Author Comment

by:a_j_halpin
ID: 8203777
both servers are in the same domain. lets call it domain.local for now. server1 was installed as the first DC so I presume it has all the FSMO roles.  the GC is on server1.  DNS is directory integrated. NICs are HP Netserver NIC's.  Nothing wrong with any network operations other than AD tools and performing operations on AD from server1.  Servers are replicating AD data correctly.

regards,

Andrew
0
Granular recovery for Microsoft Exchange

With Veeam Explorer for Microsoft Exchange you can choose the Exchange Servers and restore points you’re interested in, and Veeam Explorer will present the contents of those mailbox stores for browsing, searching and exporting.

 

Expert Comment

by:XPeriment
ID: 8203864
Microsot recommendes that if more than 2 DC's are in a domain, the Infrastructure Master should not be on the GC(http://support.microsoft.com/default.aspx?scid=kb;EN-US;223346); therefore my initial suggestion remains. Beside that, you could run dcdiag.exe and netdiag.exe against your servers and see if they give you any clues regarding misconfiguration.
0
 

Expert Comment

by:dePoPo
ID: 8212181
if you installed dns server on both, remove one of them, and point the second server to the dns of the first.

having two dns servers as primary for the same zone is not possible.
0
 
LVL 1

Author Comment

by:a_j_halpin
ID: 8217901
dePoPo,

i removed the DNS server from server2.  still no joy.  

xperiment, microsoft does not recommend you move the IM role from the GC server if you are in a single domain environment. see article Q223346 on technet.

I notice that when i ping an FQDN from server1 it takes ages to resolve, but if I ping a netbios name its fine.  This only enforces my belief that it is definitly a DNS problem.  I removed the DNS forward lookup zone and recreated it.  still no good.

Anyone any other ideas?

Regards

andrew
0
 

Expert Comment

by:CleanupPing
ID: 9152909
a_j_halpin:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
 
LVL 5

Expert Comment

by:juliancrawford
ID: 10088626
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:

PAQ with points refunded

Please leave any comments here within the next seven days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

Julian Crawford
EE Cleanup Volunteer
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 10140749
PAQed, with points refunded (495)

Computer101
E-E Admin
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
In this article I will be showing you how to subnet the easiest way possible for IPv4 (Internet Protocol version 4). This article does not cover IPv6. Keep in mind that subnetting requires lots of practice and time.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question