[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 228
  • Last Modified:

DNS issue (we think) in Windows 2000 Active Directory

We are in the process of setting up an active directory domain, on Windows 200 server(s). Managed to setup the first one successfully, but now when adding an additional domain controller, its saying ' the domain cannot be contacted, it maybe that the domain is not yet listed in DNS...' (or words to that effect).
We appear to have DNS running ok. the services are started etc What troubleshooting tips can we run through? really urgent... please help!
0
Roy Sidebottom
Asked:
Roy Sidebottom
  • 5
  • 5
1 Solution
 
oBdACommented:
Check these articles, as well as netdiag.exe and dcdiag.exe from the Support Tools:
Windows 2000 SP4 Support Tools
http://www.microsoft.com/windows2000/downloads/servicepacks/SP4/supporttools.asp

10 DNS Errors That Will Kill Your Network
http://mcpmag.com/features/article.asp?EditorialsID=413

Troubleshooting Active Directory DNS Errors in Windows 2000
http://www.microsoft.com/windows2000/dns/tshoot/dns_tshoot2A.asp

Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382

Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003
http://support.microsoft.com/?kbid=825036

Windows 2000 DNS and Active Directory Information and Technical Resources
http://support.microsoft.com/?kbid=298448

HOW TO: Troubleshoot DNS Name Resolution on the Internet in Windows 2000
http://support.microsoft.com/?kbid=316341

HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/?kbid=300202

Setting Up the Domain Name System for Active Directory
http://support.microsoft.com/?kbid=237675

Troubleshooting Common Active Directory Setup Issues in Windows 2000
http://support.microsoft.com/?kbid=260371

How to Verify the Creation of SRV Records for a Domain Controller
http://support.microsoft.com/?kbid=241515

SRV Resource Records May Not Be Created on Domain Controller
http://support.microsoft.com/?kbid=239897

How Domain Controllers Are Located in Windows
http://support.microsoft.com/?kbid=247811

How Domain Controllers Are Located in Windows XP
http://support.microsoft.com/?kbid=314861

HOW TO: Use the Network Diagnostics Tool (Netdiag.exe) in Windows 2000
http://support.microsoft.com/?kbid=321708

DCDiag and NetDiag in Windows 2000 Facilitate Domain Join and DC Creation
http://support.microsoft.com/?kbid=265706

Not only valid for SBS:
The Domain Name System name recommendations for Small Business Server 2000 and Windows Small Business Server 2003
http://support.microsoft.com/?kbid=296250
0
 
jax79sgCommented:
You might be right on the DNS issue. Try the following.
On the machine which you are adding the domain controller, make sure the following is done.

Add your DNS server's IP address in your tcp/ip configuration (where you set your computer's IP address)
Perform ipconfig /flushdns
Make sure you can ping your domain controller and DNS server (both by IP and host name).
0
 
Roy SidebottomIT TechnicianAuthor Commented:
cheers guys, to be honest, after 15 minutes, the addtional DC worked and connected to the AD domain as a DC. Problem at the mo, is, we have external DNS servers, how do we configure our forward lookup table to point our DC to these? or do we have to bother? ( I have setup AD in mixed mode and have Exchange 5.5 on a W2K server).
0
 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

 
oBdACommented:
You can configure your external DNS servers in the Forwarders tab (open the properties of the DNS server in the DNS MMC).
Or you can leave the forwarders empty, in which case the root servers will be queried (takes a bit longer for a response).
0
 
Roy SidebottomIT TechnicianAuthor Commented:
it wont let us configure anything in the forwarders tab, because we have root server setup. Does that mean we dont need to configure anything? Also, e-mail seems to be working here with no further setup, do we need to configure the ADC on exchange for W2K (exchange 5.5), or are we ok as we are? cheers
0
 
oBdACommented:
Then you need to delete the root zone in DNS (the single dot, "."). A DNS root server will, by definition, never query another DNS server, so you won't be able to do external lookups.
0
 
Roy SidebottomIT TechnicianAuthor Commented:
i'll take a look at that, it seems strange, how come we can all get on the internet and see e-mail etc if the DC is setup as a root server DNS, with the DNS setting as its own IP? We must be all 'bypassing' it somehow?
0
 
oBdACommented:
You actually shouldn't be able to do that; make sure you do NOT have your ISP's (or broadband router's/gateway's) DNS server *anywhere* in the TCP/IP settings on any machine; non-AD DNS servers may only appear as forwarders in an AD domain.
0
 
Roy SidebottomIT TechnicianAuthor Commented:
I understand, many thanks, but why does it matter, if you get my drift? i.e. we stup the external DNS on all machines years ago, and never had issues. I will set this up though. Just cant get my head round why it actually needs to be done..
0
 
oBdACommented:
That's described in the links above, especially in this one:
How Domain Controllers Are Located in Windows
http://support.microsoft.com/?kbid=247811
In an AD, the domain members will get the vital information from DNS. If the machine uses a DNS server that has no knowledge of your AD, you'll experience, among otherthings, long logon times or the error from your initial question.
0
 
Roy SidebottomIT TechnicianAuthor Commented:
many thanks pal, i'l gladly award you the points, very helpful.
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 5
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now