[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

AD/DNS Issues with server

Posted on 2008-11-04
17
Medium Priority
?
239 Views
Last Modified: 2012-05-05
I have a server in our Maryland regional office that is having issues. It's slow to logon and services that point to it such as network scanning are extremely slow. I did a set L and it is pointing to our Corporate office server in Virginia to log onto. This server is a domain controller and should log onto itself. The DNS is set up to look to the locally first so I don't know where else to look. I think the server should look locally to logon since it's a DC, DNS, and DHCP server. Any help is appreciated.
0
Comment
Question by:mhmservices
  • 9
  • 7
17 Comments
 
LVL 18

Expert Comment

by:Andrej Pirman
ID: 22877190
Maybe you have public DNS entered under properties of TCP/IP protocol on your NIC adapter? This would slow it down dramatically!
Enter it's own IP there, and make sure that local DNS uses proper forwarders.
0
 

Author Comment

by:mhmservices
ID: 22877262
I checked the dns settings under the NIC and sure enough the nic was pointed to VA and not local. This has been changed. I;'m not quite sure what you mean about dns forwarders. Can you elaborate?
0
 
LVL 24

Expert Comment

by:ryansoto
ID: 22877652
Here is how to configure forwarders
http://support.microsoft.com/kb/323380
Basically forwarders do this -
Your clients look to the dns server for name resolution your dns server should talk to another dns server for lookups this second dns server best set to your ISP DNS.  This is called forwarders.

Now what I would also set up to solve one of the issues you stated -
Client should be authenticating against the local domain controller not the home office DC.
To do this you need to set up active directory sites and services.
http://www.petri.co.il/how_to_install_active_directory_on_windows_2003.htm

Look down for ADSS
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:mhmservices
ID: 22877838
I'm looking through the file replication events and i found this below. I've also noticed that the c:\windows\sysvol directory doesn't exist. Shouldn't a DC have this directory? One more thing, I can perform an nslookup of our main DC using the host name but not the IP address.


The File Replication Service is having trouble enabling replication from MHMDC1 to MDDC1 for c:\windows\sysvol\domain using the DNS name mhmdc1.mhmnet.mhm-services.local. FRS will keep retrying.
 Following are some of the reasons you would see this warning.
 
 [1] FRS can not correctly resolve the DNS name mhmdc1.mhmnet.mhm-services.local from this computer.
 [2] FRS is not running on mhmdc1.mhmnet.mhm-services.local.
 [3] The topology information in the Active Directory for this replica has not yet replicated to all the Domain Controllers.
 
 This event log message will appear once per connection, After the problem is fixed you will see another event log message indicating that the connection has been established.
0
 
LVL 24

Accepted Solution

by:
ryansoto earned 2000 total points
ID: 22877872
1.  To rebuild the sysvol directory on the server having the issues
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B315457

2.  For nslookup to work you need to have a reverse lookup zone in DNS.  Do you have this created?
If so then there is no harm deleting it and rebuilding it.
Once done then from your workstation run an ipconfig /registerdns

Then try an nslookup for that workstation - it should work fine
0
 

Author Comment

by:mhmservices
ID: 22878043
1. Does this really need to be done? I have 15 DC's across many states and to turn off frs on all will be a pain. Also, I notice that there is a note that once frs is off they will stop authenticating does this mean I won't be able to rdp? If so, that's a big problem. Would running dcpromo on the server be any help?


2. Looks like no reverse lookup zone is configured as when i click on it it gives me the "add new zone" message.
0
 
LVL 24

Expert Comment

by:ryansoto
ID: 22878097
Its a last resort -

You can always dcpromo the machine and then repromote it and see if it will come back online
0
 

Author Comment

by:mhmservices
ID: 22878194
Ok, so it's a last resort. I'll keep that in mind. If I need to perform that function will I be able to rdp my remote domain controllers after frs turned off? The article mentions that authentication will not start until frs is turned back on.
0
 

Author Comment

by:mhmservices
ID: 22878200
Also, since there is no reverse lookup zone how do I go about making one?
0
 
LVL 24

Expert Comment

by:ryansoto
ID: 22878235
Right click a server in the dns console and click new zone.  CHoose primary and ad integrated then choose reverse lookup zone.
The rest should be self explanitory - let me know if not
0
 

Author Comment

by:mhmservices
ID: 22878308
ok, got the reverse lookup zone created. How do I populate it with ptr records that match the host A records from the forward lookup zone?
0
 
LVL 24

Expert Comment

by:ryansoto
ID: 22878370
easy....either wait and it will happen automatically (via dhcp dns registrations) or if you want proof of concept from your workstation go to a command prompt and run an ipconfig /release then ipconfig /renew
Your dns record should then populate in the reverse lookup zone
0
 

Author Comment

by:mhmservices
ID: 22878403
So that's why I still can't resolve the servers ip using nslookup? I just need to be patient?
0
 
LVL 24

Expert Comment

by:ryansoto
ID: 22878440
from the server you will need to eiter manually create the records or run an ipconfig /registerdns

This should create the record in the reverse lookup zone
0
 

Author Comment

by:mhmservices
ID: 22878741
Let me ask you this. When I run set l at a cmd prompt it still says mhmdc1 which is our corporate server. It this good or bad? Should it log into itself or through an upstream?
0
 
LVL 24

Expert Comment

by:ryansoto
ID: 22878985
Dunno I dont run that command to set options.....
0
 

Author Comment

by:mhmservices
ID: 22879002
How do you set options?
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question