Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


DNS on 2003 Server Mucked Up?

Posted on 2006-05-18
Medium Priority
Last Modified: 2010-04-18
First off.. I am not a computer wiz.  We are so far in the boondocks that we must depend places like this to help.  So thanks to all upfront.

Problem.. 2003 Server.. Most PC's throughout the day and night loose their connection to their shares on the server.  Trying to rectify this.  Learned a lot about how important DNS is for AD.  So I ran an NSLOOKUP and found something that may or may not be the problem.  On the NIC settings.. the DNS servers are set as follows:
XXX.XXX.XXX.15 - Primary
XXX.XXX.XXX.16 - Alternate

Both of these IP's belong to our ISP.  So when I do an NSLOOKUP.. this is what I see..
Default Server: dns.myisp.com
Address : XXX.XXX.XXX.15

Should this not be showing my AD server which is also my DC?

I would like to alse note this and apologize if it is too wordy.  We originally had a W2K server in place that was dying.  We wanted to replace it with a 2003 Server and also change the domain name to ourserver.local instead of ourserver.com (which is our actualy FQDN) Inhouse users would try to go to our website and would be routed back to our inhouse server.  Anyway, we could not use the new name and migrate accounts over from the old server to the new one. We ended up keeping the domain name as it was.
Question by:wtrdog
  • 4
  • 3
LVL 19

Expert Comment

ID: 16709517
> "Should this not be showing my AD server which is also my DC?"
Yes. I don't know how you would be able to log on to your domain with the DNS set only to your ISP's servers

I'm not sure if that last paragraph is a question about DNS, about migration or just a plaintive cry from the heart.

Author Comment

ID: 16710450
I think at this point is all a cry from the heart!
What I have learned is this since I posted.  I went to the DNS settings on the NIC properties.  I clicked on the DNS tab and noticed that servers IP was listed 3rd, but I could not see it on the main screen until I went into advanced.  I moved the order up, rebooted the PC's and now when you run NSLOOKUP they show
Which is the IP of the 2003 server.  

Could this be the problem that was making the PCs loose their shares?
LVL 19

Accepted Solution

feptias earned 2000 total points
ID: 16710817
It should certainly work much better with the internal DNS server as the Preferred. It is quite common to have internal DNS servers as the *only* ones in the list on your workstations and i'm sure some experts would say that it is essential.

You should also check the Preferred and Alternate DNS settings on the Server itself - what are they set to?

The usual arrangement is to have DNS server installed on the Domain Controller PC, to have its Preferred DNS set to point to itself and to only have alternate DNS servers that are essentially replicas its own one - i.e. only other internal DNS servers (if there are any).  Workstations would have Preferred set as the IP of the nearest DC/DNS server and alternate as some other internal DNS server that replicates with the local one. The use of external ISP DNS server addresses in the list of alternates on your workstations is not recommended but you'll probably get away with it and it would provide a means for the workstations to browse the web just supposing they cannot contact any internal DNS servers (I expect I'll get some contradictory comments on that one).
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.


Author Comment

ID: 16710886
What you are saying makes sense.  I have another box that we purchased on the recomendation of someone, just be an alternate DNS box, or at least a backup.

OK.. so I read about DCDIAG and I ran it.. Not pretty.. This server should have been a PDC.. at least that was my understanding of what was to occur when the tech was onsite out here for three days..

C:\Program Files\Support Tools>dcdiag

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\MYSERVER
      Starting test: Connectivity
         MYSERVER's server GUID DNS name could not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name
         (1dc968f2-09c6-4d53-b1f9-fxxxxxxxb3f._msdcs.MYDOMAIN.com) couldn't
         be resolved, the server name (MYserver.MYDOMAIN.com) resolved to the
         IP address ( and was pingable.  Check that the IP address
         is registered correctly with the DNS server.
         .........................MYSERVER failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\MYSERVER
      Skipping all tests, because server MYSERVER is
      not responding to directory service requests

   Running enterprise tests on : MYDOMAIN.com
      Starting test: Intersite
         ......................... MYDOMAIN.com passed test Intersite
      Starting test: FsmoCheck
         Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
         A Global Catalog Server could not be located - All GC's are down.
         Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
         A Primary Domain Controller could not be located.
         The server holding the PDC role is down.
         Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
         A Time Server could not be located.
         The server holding the PDC role is down.
         Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1355

         A Good Time Server could not be located.
         ......................... MYDOMAIN.com failed test FsmoCheck
LVL 19

Expert Comment

ID: 16711650
Sorry, I'm struggling to get a clear picture of what you've got now and where you're trying to go. Also, migration from 2000 to 2003 is getting outside the realms that I would be comfortable to offer expertise - DNS is definitely in the confort zone which is why I initially picked up on your question.

Do you still have the Win 2000 server or has it died?  How many (relevant) servers do you have, what O/S is on them and what services (DNS, DHCP etc) and which are acting as domain controllers. Please give each a notional name like DC1 or Server2 so we can communicate without misunderstanding. Some reference to the subnet addressing scheme would also help communication - e.g. DC1 is on Please confirm if your description is what you have now or what you plan to have as an upgrade.

I assume the DCDiag output is for the new Win 2003 server, but where are you in the migration process from the old server to the new? Migration is quite a big job and I doubt that many experts would volunteer to walk you through the whole process in detail within this forum.

Author Comment

ID: 16712662
Did not mean to bog anyone else down with me in this mess.  Been reading all day and trying to learn as much as possible.

The W2k Server is still in existence... one bad drive, put the primary with the OS is still good.  I can put it back on the network if I need to.  There are a total of two servers.. w2k and the new w2k3. So it looks like this..

Old Server W2K - unplugged from the network but still usable.
New Server W2K3 - Running currentley and the server putting out all the errors from the DCDIAG.

What was supposed to happen was this.. (at least what we paid for) The W2K server which is a PDC running AD was to be taken down after installing new W2K3 server, migrating all roles, etc, then make it the PDC.  Most of the errors I am getting are due to the fact that the job was only half way done.
LVL 19

Expert Comment

ID: 16712931
Yes, I think that in the circumstances - i.e. you paid someone to do the job for you and provide the expertise - the least you could expect is that they hand over to you a working system that does not report a whole bunch of errors when you run dcdiag. It looks like the new server is very unhappy, either because it is still dependent on the old one for some crucial roles or because the DNS is not right (or both).

Good luck.

Featured Post

Get quick recovery of individual SharePoint items

Free tool – Veeam Explorer for Microsoft SharePoint, enables fast, easy restores of SharePoint sites, documents, libraries and lists — all with no agents to manage and no additional licenses to buy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question