No DNS Zones and DNS says it can't connect to AD but AD seems to be working.

My DNS server is running but there are no zones listed.  I had my local domain of jsldom.local and a couple of other zones so webpages would resolve localling.  None of them are in the list.  Event log says it can't talk to the AD but I can run users and computers and sites and browse through everything.  It looks like the AD is working but the DNS is jacked up.  I looked in the sys32/dns folder and there was no cache.dns file so I copied everything in the backup dir and restarted the service but nada...

Please help...

LVL 1
jasonsloganAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Well, first, it's not a good idea to just go copying things where you think they might want to be.  That folder is usually empty.

How long ago did you install this server?  Because usually the DNS is configured automatically during the installation process.  If this is a recent install and DNS wasn't automatically configured, then you should reinstall because there are most likely other issues that didn't get done right.

If the server has been installed for some time, then you will need to rebuild your DNS Server.

First, open the Server Management Console > Advanced Management > Active Directory Users & Computers > jsldom.local.  Enable the Advanced view by clicking on VIEW > Advanced Features from the console's menu.

Then expand jsldom.local > System > MicrosoftDNS.  Do you have any objects here?  If so, please post back what they are.

Jeff
TechSoEasy
0
jasonsloganAuthor Commented:
The server has been up for 6 months and never had a problem.  This is a sudden thing.  Event logs look great until 3-29 at 11:11am where there was a power failure.  I found out the power company shut the power off for 30 minutes and my battery is only good for 30ish.  My linux box was rebooted but my SBServer was still in Windows.  I've tried uninstalling DNS then reinstalling it but when I go to make a new zone it says "null" where the "jsldom.local" should be.


Here's the MicrosoftDNS Section

Two containers:

0.168.192.in-addr.arpa            dnsZone
RoodDNSServers                     dnsZone
0
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
First, the most important purpose of a battery backup is to shut down your server gracefully... If yours doesn't have software that will do that, then you should get one that does.

Next, uninstalling and reinstalling isn't the right thing either.  You seem to just jump at whatever you think might do the trick before knowing... I'd suggest that if you want to keep your server healthy, that you stop doing things like that.  It's one thing on your PC to just try something... but a server requires stability and longevity in order to be useful.

So, you are going to have to recreate TWO Forward Zones:
jsldom.local and
_msdcs.jsldom.local

Just right click on the SERVERNAME in the DNS Management Console and select New Zone....  do not change any of the defaults, enter jsldom.local on the screen that asks for it and finish out the wizard.

Then do it once more for _msdcs.jsldom.local.

Next, RIGHT CLICK on the new jsldom.local zone and select NEW DELEGATION.  In the second screen of that wizard enter just "_msdcs" (which will create the full _msdcs.jsldom.local below).  On the Name Server screen enter both your FULL SERVER NAME (server.jsldom.local) AND it's IP address -- or you can click "Resolve" to have the IP automatically entered.  Then click ADD and finish out the wizard.

Next... (you're almost there).

Stop the DNSSERVER and NETLOGON services.
Open Windows Explorer and go to C:\WINDOWS\system32\config  -- delete both netlogon.dns and netlogon.dnb files
Restart the DNSSERVER and NETLOGON services
Open a command prompt and enter
"IPCONFIG /FLUSHDNS" <enter>
"IPCONFIG /REGISTERDNS" <enter>

And then you should be good to go!

Good Luck!

Jeff
TechSoEasy


0
Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

jasonsloganAuthor Commented:
I don't just try things to try things.  I was following what the support site at microsoft was recommending.  I try to fix things based on problems that they've already dealt with.  In my case where the dns shows the word "null" in place of the domain that wasn't listed exactly as I see it on my server so here we are.

It won't let me add a zone.  It gets to the end and says:
The zone cannot be replicated to all DNS server in the (null) Active Directory domain because the require application directory partition does not exist.

The DNS event log has two repeating events...  

Warning 4013 - The DNS server was unable to open the Active Directory.  This DNS server is configure to use directory service information and can not operate without access to the directory.

Error - The DNS server was unable to open Active Directory.  This DNS server is configured to obtain and use information form the directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and reload the zone.

I can make changes to the AD.  I can add and remove users so I don't know if there's something else wrong with the AD as to why the DNS can't see it.

0
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Then you need to reinstall NETWORKING through the SBS Integrated Setup.
 

Log in under the Builtin Administrator Account
Delete your DNS Server from the Server Management Console
Add/Remove Programs > Windows Small Business Server 2003
On the Component Selection Screen, change "Server Tools" to "Maintenance" and "Networking" to "Uninstall"
Finish out the wizard.  Reboot if it asks you to, and then go back into the Integrated Setup to INSTALL Networking.

Run The Internet Connection Wizard which SHOULD restore your DNS properly.  Sometimes it doesn't at which point you would have to go through the steps I've outlined above... but instead of adding a zone you select "configure the server" and also create a reverse zone.


Jeff
TechSoEasy
0
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Before doing all that...

Try just right clicking on the DNS Servername and selecting "Create Default Application Directory Partitions..." to see if that fixes the problem.

Jeff
TechSoEasy
0
jasonsloganAuthor Commented:
After doing everything you mentioned it still doesn't work.  However, now when I attempt to configure the dns server it says "domain" and "forest" instead of "null" as it goes through the wizard.

I tried to add a zone that never existed "something.com".  It failed with the application directory partitions does not exist error.  I think that's where our focus needs to go.

Is there a way I can check the AD to see if things are ok there?  I know I can make changes to user's information and it stays but there still may be some problems somewhere.

Would it be helpful for you to see any of the results from a netdiag or dcdiag or anything like that?
0
jasonsloganAuthor Commented:
I forgot to mention that when I ran the inernet connection wizard the network configuration and firewall configuration failed but the secure web site config and email config went through fine.
0
jasonsloganAuthor Commented:
Results from dcdiag /q

         The host c66149cd-45f9-4269-99ce-fb1833975236._msdcs.JSLDOM.LOCAL could not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name

         (c66149cd-45f9-4269-99ce-fb1833975236._msdcs.JSLDOM.LOCAL) couldn't be

         resolved, the server name (dc.JSLDOM.LOCAL) resolved to the IP address

         (192.168.0.5) and was pingable.  Check that the IP address is

         registered correctly with the DNS server.
         ......................... DC failed test Connectivity
         Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
         A Time Server could not be located.
         The server holding the PDC role is down.
         Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1355
         A Good Time Server could not be located.
         Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
         A KDC could not be located - All the KDCs are down.
         ......................... JSLDOM.LOCAL failed test FsmoCheck

netdiag /q results:

Global results:


DNS test . . . . . . . . . . . . . : Failed
          [WARNING] Cannot find a primary authoritative DNS server for the name
            'dc.JSLDOM.LOCAL.'. [RCODE_SERVER_FAILURE]
            The name 'dc.JSLDOM.LOCAL.' may not be registered in DNS.
          [WARNING] Cannot find a primary authoritative DNS server for the name
            'dc.JSLDOM.LOCAL.'. [ERROR_TIMEOUT]
            The name 'dc.JSLDOM.LOCAL.' may not be registered in DNS.
    [WARNING] The DNS entries for this DC are not registered correctly on DNS server '192.168.0.5'. Please wait for 30 minutes for DNS server replication.
    [FATAL] No DNS servers have the DNS records for this DC registered.


LDAP test. . . . . . . . . . . . . : Failed
    [FATAL] Cannot do Negotiate authenticated ldap_bind to 'dc.JSLDOM.LOCAL': Local Error.
    [FATAL] No LDAP servers work in the domain 'JSLDOM'.

IP Security test . . . . . . . . . : Skipped


The command completed successfully
0
jasonsloganAuthor Commented:
I am going to post another question...  There's something wrong with the active directory.  I can't run adsiedit.msc it says the snap in failed to initialize name: <unknown> then the CLSID for the adsiedit is shown.
0
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Sounds like its time for a complete reinstallation.

Jeff
TechSoEasy
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SBS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.