?
Solved

Pinging a non-existent server

Posted on 2009-04-23
18
Medium Priority
?
278 Views
Last Modified: 2012-05-06
We have just installed a new domain controller with the DNS role and removed the old server.  The old server is powered off and not even plugged into the network, but we are still able to ping the old server by its host name (which resolves to the new server).  The new and old domain controller do share the same IP address, but not the same host name.  If we try to RDP to the old host name, it actually takes us to the new host.  We would like to remove this, but cannot find the record in DNS anywhere.  The controller has been completely removed/demoted out of AD.
0
Comment
Question by:bflannery
  • 7
  • 5
  • 2
  • +3
18 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 24219439
Check to make sure there isn't a "A" record listed in DNS. Do a ipconfig /flushdns. Make sure you demote the old server before you put it's IP address in for the new DC. You will cause mutiple problems.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 24219442
Also, run a ipconfig /registerdns and dcdiag /fix on the server.
0
 
LVL 1

Expert Comment

by:puterhead
ID: 24219472
have you run an IPCONFIG /FLUSHDNS on the client that is testing the ping?
When you ping the old name does it return the whole DNS suffix? if not it may be Netbios/WINS that is resolving this which you could attempt to locate and delete. Also, you don't have anything in the host file correct?
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 10

Expert Comment

by:Tyler Laczko
ID: 24219479
you may need to

ipconfig /dnsflush
  -- or --
ipconfig /flushdns


(i forget which way)
0
 

Author Comment

by:bflannery
ID: 24219622
For sure there is no record of the server in DNS.  Unfortunately, the server was not demoted before the server was given the same IP, and it is at a remote site.  Also, ipconfig /flushdns does not fix the issue.  When you ping the server, you receive only the host name and not the whole dns suffix.  How would I go about locating and deleting the Netbios/WINS?  There is nothing in the host file also.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24219654
You may need to do a metadata cleanup
http://technet.microsoft.com/en-us/library/cc736378.aspx 
0
 
LVL 1

Expert Comment

by:puterhead
ID: 24219770
If you have WINS running here is how you delete the entry http://support.microsoft.com/kb/177140 or http://technet.microsoft.com/en-us/library/cc759148.aspx
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 24219882
If you aren't going to demote the old server then you need to run metadata cleanup.

http://www.petri.co.il/delete_failed_dcs_from_ad.htm
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24219901
Dariusg ???
0
 

Author Comment

by:bflannery
ID: 24220054
Running metadata cleanup did not fix the issue either.  The server that is powered off was not mentioned anywhere during this process.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 24220090
Run nbtstat -RR.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 24220103
@dstewartjr

Sorry about that I didn't see you post but I like use the one I posted because it gives better instructions.
0
 

Author Comment

by:bflannery
ID: 24220130
What exactly am I looking for when running that?  I have run that on a client that can ping the "ghost" server a domain controller with dns running, but do not have any reference to the "ghost" server.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 24220161
That clears any Wins or Netbios caches.
0
 

Author Comment

by:bflannery
ID: 24220192
I have run the nbtstat -RR command and can still ping the "ghost" server.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 24220225
You are sure you don't have a entry in DNS for this IP address that points to the Ghost server? Do a ipconfig /all then post for a client and the server.
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 2000 total points
ID: 24222793

First...

Metadata Cleanup should be run if you did not properly demote the DC. This has no impact on name resolution but is a very important step to keep your domain operational. You've done that now?

If you are resolving a name and it shows up without a suffix then you have two potential sources:

1. A response to a NetBIOS Broadcast for the name
2. A response from WINS

WINS should be easy to check. Open up the WINS console from the server running it. It should be easy enough to find, ipconfig /all on a client will show you the WINS servers it's using. Head to that server and pop open the WINS console.

Using the nbtstat commands above only clears the clients cache (memorised responses), doesn't help if a WINS server is still replying with the answer as it will reappear.

If the clients aren't using a WINS server directly, check DNS again to see if it's been configured to Forward to WINS. You find that by opening the DNS Console, then open the Properties for your Forward Lookup Zone and select the WINS tab.

Chris
0
 

Author Closing Comment

by:bflannery
ID: 31573985
The "ghost" server" issue has been resolved.  I went into WINS, went to Active Registrations and went to Action - Find by Name.  Searched for the server and there were 2 records.  Deleted them both, forced replication, and the issue is resolved!
0

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question