Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.
Solved
DNS Problems After Domain Controller Reformat
Posted on 2004-09-06
I have 2 domain controllers. The one that I had initially set up the domain on I had to format. I transfered all of the FSMO roles over to the other DC, ran dcpromo, and then joined a workgroup to completely disassociate the server from the domain before the reformat. Everything with the reformat went beautifully, and there are absolutely no problems. I transfered all of the FSMO roles back and everything. The DNS is acting a little strange though. It appears like when I set up DNS on the server after the reformat it set up a completely new database (or whatever you call it) rather than using what was already existing on the other server.
I would like to completely erase the DNS info on both servers and from the active directory so that I can start fresh. I think there might even be more than one dns file in the active directory (one for each domain controller for some reason perhaps?). I would just like to wipe out all of that info so I can set up the DNS from scratch. My first question is how to do this. Do I just delete the zones one by one from the DNS servers? I tried that once, but when I went to add them again it seemed to be the exact same as before. My second question is after I delete all the DNS information, what would be the best way to set it all back up again? I want both servers to be able to function without the other, but I want the server that I formated to be the main DNS server and to send dynamic updates to the other. Would I set up a primary zone on that server, and then a secondary zone on the other? Or would they both be primaries? When I set these kinds of things up from scratch I always know what I'm doing, but since I had to reformat this server and rejoin it to the domain, I'm a little thrown off. Thanks for your help.
I would like to completely erase the DNS info on both servers and from the active directory so that I can start fresh. I think there might even be more than one dns file in the active directory (one for each domain controller for some reason perhaps?). I would just like to wipe out all of that info so I can set up the DNS from scratch. My first question is how to do this. Do I just delete the zones one by one from the DNS servers? I tried that once, but when I went to add them again it seemed to be the exact same as before. My second question is after I delete all the DNS information, what would be the best way to set it all back up again? I want both servers to be able to function without the other, but I want the server that I formated to be the main DNS server and to send dynamic updates to the other. Would I set up a primary zone on that server, and then a secondary zone on the other? Or would they both be primaries? When I set these kinds of things up from scratch I always know what I'm doing, but since I had to reformat this server and rejoin it to the domain, I'm a little thrown off. Thanks for your help.
-
6
-
4
10 Comments
Hi,
AD heavily depends on DNS. If you deselect DNS, your AD will get a wipeout... What kind of DNS do you have?? AD Integrated?? If so, you could do a restore of the Active Directory, that might be your best shot (or try deleting the false entries one by one and check to see if they come back).
Try to clean out the cache by going to Admin Tools, then DNS, right click the server name and choose Clear Cache. ALso go to your forward lookup zone, right click it and check properties. After that, click on the Change option behind DNS type. There you can see what kind of DNS server you have. Make sure to check the "store the zone in AD" to store DNS zone info in the AD...
Regarding the setup of your new DNS domain. You cannot have more than one primary DNS server within a domain. If you have one primary and one secondary and the primary fails, DNS also goes down. Only thing you can do is make sure to safe the database of the DNS within AD (which makes the DNS servers AD integrated). Then, DNS replication will be carried out with the AD sync..
AD heavily depends on DNS. If you deselect DNS, your AD will get a wipeout... What kind of DNS do you have?? AD Integrated?? If so, you could do a restore of the Active Directory, that might be your best shot (or try deleting the false entries one by one and check to see if they come back).
Try to clean out the cache by going to Admin Tools, then DNS, right click the server name and choose Clear Cache. ALso go to your forward lookup zone, right click it and check properties. After that, click on the Change option behind DNS type. There you can see what kind of DNS server you have. Make sure to check the "store the zone in AD" to store DNS zone info in the AD...
Regarding the setup of your new DNS domain. You cannot have more than one primary DNS server within a domain. If you have one primary and one secondary and the primary fails, DNS also goes down. Only thing you can do is make sure to safe the database of the DNS within AD (which makes the DNS servers AD integrated). Then, DNS replication will be carried out with the AD sync..
Yes, it is AD integrated. They are both set to store in the AD. What tipped me off to the problem was the server that I formated used to put DNS events in the event log every once and a while saying it 'updated the reverse lookup zone to version #'. I don't get those anymore. Also, is the SOA for all of the zones supposed to be whatever server the DNS is on? For instance, on the server I formated the SOA is set to itself, and on the other server the SOA is also set to itself.
Is there no way to set one server as authoritative over the other? I think that's what I need to do... I would like to get those DNS events again on my main server that say "the dns server has updated zone <Zone name> to version #.." or whatever.
Is there no way to set one server as authoritative over the other? I think that's what I need to do... I would like to get those DNS events again on my main server that say "the dns server has updated zone <Zone name> to version #.." or whatever.
Hi,
Normally you should be using the FSMO roles for that (making one authorative). Also, there should be only 1 SOA, the first DNS server that is installed within the domain. I would say, try do downgrade the DC and then, add it to the new domain and do a DCpromo. Looks like something went wrong when you installed the new server... Did you make sure to totally wipe out the HD??
Normally you should be using the FSMO roles for that (making one authorative). Also, there should be only 1 SOA, the first DNS server that is installed within the domain. I would say, try do downgrade the DC and then, add it to the new domain and do a DCpromo. Looks like something went wrong when you installed the new server... Did you make sure to totally wipe out the HD??
Yes, I did a full format on the system partition. I have another partition labelled "Maintenance" that I keep installation programs stored in for when I set up a new computer or push out an installation to the clients. No system files are on it though. So you think that I should demote the server that I didn't format to a member server, and then promote it back to a domain controller?
Oh, wait... I take that back. I formated the entire hard drive. Maintenance partition and everything. I had copied the programs off of that partition temporarily to the other server while I formatted.
Ok, I took the initative and ran dcpromo to remove AD from the server I didn't format, and then ran dcpromo again to put AD back on it. I have the main server set up with primary zones. The other server has secondary zones. Everything appears to be working correctly. It's giving the events in the log that I want and everything that says "updated zone <zonename> to version #" or whatever. My only question is will dns completely fail if the server with the primary zones goes down? If so, how can I make the zones on the other server primary zones as well? I know how, but when I tried that befor it changed the SOA on that server from the other server's FQDN to itself which it shouldn't be I don't think. Should I just leave them as secondary zones on that server?
Hi,
Sorry for the late reply, but i was eating... ;)
If the primary server fails, the secondary would only have the "caching" settings. So new DNS entries wouldn't be made. I would suggest deïnstalling DNS from the seconds server, than upgrade the zone to AD integrated and install DNS again on the secondary zone server. If the server is allready AD integrated, then you don't have a porimary and secondary zone, you have an AD integrated zone. If this is the case, it will have a fallback..
Sorry for the late reply, but i was eating... ;)
If the primary server fails, the secondary would only have the "caching" settings. So new DNS entries wouldn't be made. I would suggest deïnstalling DNS from the seconds server, than upgrade the zone to AD integrated and install DNS again on the secondary zone server. If the server is allready AD integrated, then you don't have a porimary and secondary zone, you have an AD integrated zone. If this is the case, it will have a fallback..
This is REALLY starting to piss me off. Every time I think I have it, the god damn SOA record changes to point to itself when it should be pointing at the other server. It's like both servers are acting independently from one another. I really am at a loss. I've tried just about everything I can think of, and none of it seems to work. I deleted every single zone I had, uninstalled DNS on both servers, reinstalled it on the main server, made the primary zones, got it working as best I could, integrated them w/ the AD, and installed DNS back onto the other server. I'm about to rip this ****ing server off the rack....
After 6 hours of messing with this, I am in the exact same position I started in. I simply cannot get the SOA records on this server to STAY HOW I PUT THEM. I can even go in and manually change them to the correct FQDN, and a minute later they have changed themselves back. What do I do?
Hi,
Sorry, my error. If you have an AD integrated, all DNS servers will see themselves as the SOA (this isn't the case in primary secondary DNS setting). So if all records in the DNS database are correct, i still would assume you would be good to go. Though, make sure that the DNS server settings in TCP/IP config is pointing to itself, then you should be good to go..
Sorry, my error. If you have an AD integrated, all DNS servers will see themselves as the SOA (this isn't the case in primary secondary DNS setting). So if all records in the DNS database are correct, i still would assume you would be good to go. Though, make sure that the DNS server settings in TCP/IP config is pointing to itself, then you should be good to go..
Featured Post
The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Join & Write a Comment Already a member? Login.
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Watch the video to know how one can repair corrupt Exchange OST file effortlessly and convert OST emails to MS Outlook PST file format by using Kernel for OST to PST converter tool. It can convert OST to MSG, MBOX, EML to access them. It can migrate…
In the video, one can understand the process of resizing images in single or bulk. Kernel Bulk Image Resizer is an easy to use tool for resizing large number of images. One can add and resize multiple images with this tool in single go. The video sh…
Suggested Courses
Course of the Month7 days, 12 hours left to enroll
584 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.