Solved

DNS and DHCP errors

Posted on 2008-10-09
11
405 Views
Last Modified: 2012-08-13
I have 2 problems that may be related. I recently had my main DC go down. So I seized all the roles. Printing and file shareing work just fine.

I am logged in as an administrator.

DHCP:
I setup dhcp on my secondary DC that is now my main DC. Setup scope and server options. When I go to authorize the server the red arrow never goes away and it continues to say "A DHCP server must be authorized" If I go into  manage authorized servers I see the DC with the new DHCP is the only thing in the list.

DNS:
The DC is set to use itself for dns.
When I try and create a primary zone that "Stores the zone in Active Directory" After a few minutes I get an error that says " The zone cannot be creates The data is invalid.
If I uncheck the Active Directory box I don't get an error.

I have been searching this problem for hours and can't solve it.
0
Comment
Question by:Biofilminc
  • 6
  • 5
11 Comments
 
LVL 70

Expert Comment

by:Chris Dent
ID: 22681495

Hey,

For the zone you're trying to create, is that set to replicate to "All Domain Controllers in the AD Domain" or one of the other options?

You might want to run DCDiag and NetDiag to see what it thinks is wrong, that you can't authorise DHCP either does point to a deeper problem.

Chris
0
 

Author Comment

by:Biofilminc
ID: 22681916
I am setting it to replicate between domain controllers, but it is also currently the only DC.
When I get the screen to select the forest or Domain controllers the domain doesn't show, instead it says NULL

I will run DCdiag and netdiag when I get back in the office, in an hour or so.
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 22681934

Hmm okay, then we'll need the diagnostics, there's something beneath the bits we have above that's causing the error.

Chris
0
 

Author Comment

by:Biofilminc
ID: 22682670
Here is my DCdiag:

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\DC1
      Starting test: Connectivity
         The host 39aba4bb-465d-4a54-9799-adaadbb98b00._msdcs.BioFilmInc.local c
ould not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name
         (39aba4bb-465d-4a54-9799-adaadbb98b00._msdcs.BioFilmInc.local)
         couldn't be resolved, the server name (dc1.BioFilmInc.local) resolved
         to the IP address (192.168.1.12) and was pingable.  Check that the IP
         address is registered correctly with the DNS server.
         ......................... DC1 failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\DC1
      Skipping all tests, because server DC1 is
      not responding to directory service requests

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : BioFilmInc
      Starting test: CrossRefValidation
         ......................... BioFilmInc passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... BioFilmInc passed test CheckSDRefDom

   Running enterprise tests on : BioFilmInc.local
      Starting test: Intersite
         ......................... BioFilmInc.local passed test Intersite
      Starting test: FsmoCheck
         ......................... BioFilmInc.local passed test FsmoCheck
------------------------------------------------------------------------------------------------------------------------



And here is my netDiag:

.......................................

    Computer Name: DC1
    DNS Host Name: dc1.BioFilmInc.local
    System info : Windows 2000 Server (Build 3790)
    Processor : x86 Family 15 Model 2 Stepping 9, GenuineIntel
    List of installed hotfixes :
        KB924667-v2
        KB925398_WMP64
        KB925876
        KB925902
        KB926122
        KB927891
        KB929123
        KB930178
        KB931784
        KB932168
        KB933729
        KB933854
        KB935839
        KB935840
        KB936021
        KB936357
        KB936782
        KB938127
        KB938127-IE7
        KB938464
        KB941202
        KB941569
        KB941644
        KB941693
        KB942763
        KB943055
        KB943460
        KB943485
        KB943729
        KB944338
        KB944653
        KB945553
        KB946026
        KB948496
        KB948590
        KB949014
        KB950759
        KB950759-IE7
        KB950760
        KB950762
        KB950974
        KB951066
        KB951698
        KB951746
        KB951748
        KB952954
        KB953838-IE7
        Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : LAN Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : dc1
        IP Address . . . . . . . . : 192.168.1.12
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.1.1
        Primary WINS Server. . . . : 192.168.1.11
        Dns Servers. . . . . . . . : 192.168.1.12

        IpConfig results . . . . . : Failed
            Pinging the Primary WINS server 192.168.1.11 - not reachable

        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed

        WINS service test. . . . . : Failed
            The test failed.  We were unable to query the WINS servers.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{0E43727B-188D-4741-96E4-F91D6B657618}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '192.168.1.12'. Please wait for 30 minutes for DNS server replication.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{0E43727B-188D-4741-96E4-F91D6B657618}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{0E43727B-188D-4741-96E4-F91D6B657618}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Failed
        [FATAL] Kerberos does not have a ticket for host/dc1.BioFilmInc.local.


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully











Thanks so much for any help. I really appreciate it.
0
 

Author Comment

by:Biofilminc
ID: 22682802
Also on my ISA server when I try and add a group or user to the vpn it shows that I can search the AD and shows my domain name but It never actually searches AD it just says its not found. If I click advanced it says the server is not oprtational.

Dont know if any of this helps
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 70

Expert Comment

by:Chris Dent
ID: 22682804

Okay, go with the standard primary zone, set it to permit non-secure updates. Then restart the NetLogon service and run "ipconfig /registerdns".

Once done, run DCDiag and NetDiag again?

Chris
0
 

Author Comment

by:Biofilminc
ID: 22682888
Same error on dns "The zone cannot be created. The Data is invalid". I can still add it without AD support.
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 22685381

The standard primary zone is the version without AD support :)

I'd just like to get a DNS service up and running, even without AD integration, so we can hopefully see what the rest of the server is up to.

Chris
0
 

Author Comment

by:Biofilminc
ID: 22686462
DNS is up and running without AD support.
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 22686964

Great, make sure you restart NetLogon and run "ipconfig /registerdns", the make sure it creates an _msdcs folder in the DNS console (under the new forward lookup zone), then it's time to run DCDiag and NetDiag again.

Chris
0
 

Accepted Solution

by:
Biofilminc earned 0 total points
ID: 22786469
Had to restore from an image
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Server Login Issue 4 49
Bizarre hard disk problem 15 105
shadow copies 7 69
DHCP Server 14 62
A Cisco router can be configured as a DHCP Server. There are advantages and disadvantages in making your Cisco router work as DHCP Server. Almost all the features for windows DHCP can be configured on Cisco-based DHCP server. Some of the features me…
Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.
A short film showing how OnPage and Connectwise integration works.

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now