AD/DNS Issues with server

I have a server in our Maryland regional office that is having issues. It's slow to logon and services that point to it such as network scanning are extremely slow. I did a set L and it is pointing to our Corporate office server in Virginia to log onto. This server is a domain controller and should log onto itself. The DNS is set up to look to the locally first so I don't know where else to look. I think the server should look locally to logon since it's a DC, DNS, and DHCP server. Any help is appreciated.
mhmservicesAsked:
Who is Participating?
 
ryansotoConnect With a Mentor Commented:
1.  To rebuild the sysvol directory on the server having the issues
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B315457

2.  For nslookup to work you need to have a reverse lookup zone in DNS.  Do you have this created?
If so then there is no harm deleting it and rebuilding it.
Once done then from your workstation run an ipconfig /registerdns

Then try an nslookup for that workstation - it should work fine
0
 
Andrej PirmanCommented:
Maybe you have public DNS entered under properties of TCP/IP protocol on your NIC adapter? This would slow it down dramatically!
Enter it's own IP there, and make sure that local DNS uses proper forwarders.
0
 
mhmservicesAuthor Commented:
I checked the dns settings under the NIC and sure enough the nic was pointed to VA and not local. This has been changed. I;'m not quite sure what you mean about dns forwarders. Can you elaborate?
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
ryansotoCommented:
Here is how to configure forwarders
http://support.microsoft.com/kb/323380
Basically forwarders do this -
Your clients look to the dns server for name resolution your dns server should talk to another dns server for lookups this second dns server best set to your ISP DNS.  This is called forwarders.

Now what I would also set up to solve one of the issues you stated -
Client should be authenticating against the local domain controller not the home office DC.
To do this you need to set up active directory sites and services.
http://www.petri.co.il/how_to_install_active_directory_on_windows_2003.htm

Look down for ADSS
0
 
mhmservicesAuthor Commented:
I'm looking through the file replication events and i found this below. I've also noticed that the c:\windows\sysvol directory doesn't exist. Shouldn't a DC have this directory? One more thing, I can perform an nslookup of our main DC using the host name but not the IP address.


The File Replication Service is having trouble enabling replication from MHMDC1 to MDDC1 for c:\windows\sysvol\domain using the DNS name mhmdc1.mhmnet.mhm-services.local. FRS will keep retrying.
 Following are some of the reasons you would see this warning.
 
 [1] FRS can not correctly resolve the DNS name mhmdc1.mhmnet.mhm-services.local from this computer.
 [2] FRS is not running on mhmdc1.mhmnet.mhm-services.local.
 [3] The topology information in the Active Directory for this replica has not yet replicated to all the Domain Controllers.
 
 This event log message will appear once per connection, After the problem is fixed you will see another event log message indicating that the connection has been established.
0
 
mhmservicesAuthor Commented:
1. Does this really need to be done? I have 15 DC's across many states and to turn off frs on all will be a pain. Also, I notice that there is a note that once frs is off they will stop authenticating does this mean I won't be able to rdp? If so, that's a big problem. Would running dcpromo on the server be any help?


2. Looks like no reverse lookup zone is configured as when i click on it it gives me the "add new zone" message.
0
 
ryansotoCommented:
Its a last resort -

You can always dcpromo the machine and then repromote it and see if it will come back online
0
 
mhmservicesAuthor Commented:
Ok, so it's a last resort. I'll keep that in mind. If I need to perform that function will I be able to rdp my remote domain controllers after frs turned off? The article mentions that authentication will not start until frs is turned back on.
0
 
mhmservicesAuthor Commented:
Also, since there is no reverse lookup zone how do I go about making one?
0
 
ryansotoCommented:
Right click a server in the dns console and click new zone.  CHoose primary and ad integrated then choose reverse lookup zone.
The rest should be self explanitory - let me know if not
0
 
mhmservicesAuthor Commented:
ok, got the reverse lookup zone created. How do I populate it with ptr records that match the host A records from the forward lookup zone?
0
 
ryansotoCommented:
easy....either wait and it will happen automatically (via dhcp dns registrations) or if you want proof of concept from your workstation go to a command prompt and run an ipconfig /release then ipconfig /renew
Your dns record should then populate in the reverse lookup zone
0
 
mhmservicesAuthor Commented:
So that's why I still can't resolve the servers ip using nslookup? I just need to be patient?
0
 
ryansotoCommented:
from the server you will need to eiter manually create the records or run an ipconfig /registerdns

This should create the record in the reverse lookup zone
0
 
mhmservicesAuthor Commented:
Let me ask you this. When I run set l at a cmd prompt it still says mhmdc1 which is our corporate server. It this good or bad? Should it log into itself or through an upstream?
0
 
ryansotoCommented:
Dunno I dont run that command to set options.....
0
 
mhmservicesAuthor Commented:
How do you set options?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.