Learn how to a build a cloud-first strategyRegister Now


Cannot create Child Domain, DNS server not working correctly

Posted on 2006-05-10
Medium Priority
Last Modified: 2008-01-09
Hello. I have just recently made a Windows 2000 stand-alone server into a Domain Controller. Along with adding active directory I had to implement DNS with it. Everything looks fine and is able to send and receive files across the network, however...  I am trying to create a network map that is very clean and tidy by dividing the plants across the state into seperate Domains. The first Domain I need to make will be based in the same LAN that the Primary DC is located on a separate file server. My problem is when I try to run dcpromo and make the File Server into a Child Domain I get an error when I try to establish the DNS server I created as the primary DNS server for the Child Domain.
ERROR: "An Active Directory domain controller for the domain suncoast.local could not be contacted."
"Ensure that the DNS domain name is typed correctly."
Part of the details say, "The DNS SRV records required to locate a domain controller on the domain are not registered with the DNS server."

Additionally, when we ran dcdiag to see what happened, this is what came up.
"SUNCOAST1's server GUID DNS name could not be resolved to an IP address. Although the GUID DNS name 667a6853-984a-46ee-b0c3-f73b70a33e36._msdcs_.suncoast.local couldn't be resolved, the server name suncoast1.suncoast.local resolved to IP address *.*.*.* and was pingable.

Now our server's computer name is suncoast1. Our DC's domain name is suncoast1.suncoast.local.

Any help with this issue would be greatly appreciated. Thanks.
Question by:coilbraze
  • 4
  • 3
LVL 48

Accepted Solution

Jay_Jay70 earned 2000 total points
ID: 16653602
Hi coilbraze,

first of all, change the server name to something other than that of the same name of the domain,

second make sure you can ping the root DC by name and IP, how have you configured DNS on the soon to be child DC? did you add the root DC as a forwarder and then let it run that way?

Author Comment

ID: 16659237
I can ping the DC by name and IP. DNS is not yet set up on the soon to be child DC. But I have found part of the solution. To get DNS to work correctly on the root DC I had to set itself as it's primary DNS, then all the workstations with the DC as the DNS finally responded correctly in nslookup. What it ended up being I believe was that I had to cycle netlogon service for my SRV records to show up. You see, before I cycled netlogon, I had no _msdcs folder in DNS, or any automatically generated DNS folders for that matter. Once I got that working I renamed the server as you said, but then the child domain had problems with the RPC server. In which case I had to turn on trust delegations between the two for them to work appropriately. THEN, I went to make it a child domain, and it told me I need to run adprep utility to prepare the Windows 2000 server forest and the Windows 2003 server domain before I can make the server a domain. Had to learn a lot of stuff to figure this all out and I still feel like it was luck hehe. Thank you Jay_Jay70, changing the server name seems to have gotten it and us less confused.
LVL 48

Expert Comment

ID: 16663157
well done my friend
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 16669408
GAH. When I ran DCPROMO and tried to add the child domain to our windows 2000 DC, it told me I needed to run adprep utlility to prepare the Forest and the Domain. In doing this it caused the 2003 server to disjoin from the domain, in lieu of which we decided to change the name of the server in order to be compatable with the infrastructure we were planning on. Once the server restarted I have come across yet more errors.

I have since configured and reconfigured DNS about 16 times, it is working correctly as far as I know, but now I am receiving the error:
"the wizard cannot gain access to the list of domains in the forest."
"The condition may be caused by a DNS lookup problem."
The error is: RPC server unavailable.

Now last time I got this error I was able to bypass it by adding a trust delegation between the soon to be child domain and the windows 2000 DC. This seemed to fix it, until I rebooted, tried to add the same trust delegation, and now the error won't go away. Any help? thanks.
LVL 48

Expert Comment

ID: 16673254

Author Comment

ID: 16684954
Ok, so I resolved the problem stated earlier, not sure how, it was last week, sorry. NOW, the problem I am having is this. We have successfully run adprep, and added the 2003 server as a child domain. However, the 2003 child domain is not showing up to the windows 2000 DC. We made the 2003 server a DC in AD, but the child domain isn't showing up in the network browser, and anytime we try to connect to the child domain, it says it can't find it. Does the 2003 child domain need to have some kind of security policy added? or be a member of some group like Domain Admins or something? There are so many possible user policy restrictions, that I don't know where to look, or if even that's what the problem is. Any help is appreciated again, thanks.
LVL 48

Expert Comment

ID: 16686595
does the the child domains DC turn up under AD sites and Services?

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question