Solved

NTDS Settings Properties has wrong DNS Alias

Posted on 2009-05-04
4
1,903 Views
Last Modified: 2012-05-06
I have a DC that will not replicate from the PDC and found that the DNS Alias in the NTDS Settings Properties under AD Sites and Services is incorrect.  This box is greyed out so I can not change it.  I assume there is some way to refresh this value or remove and re-enter the correct one.  

This happened when the original PDC failed and had to be reloaded.

Thanks in advance for you help!
Craig
0
Comment
Question by:computerconcepts
  • 3
4 Comments
 
LVL 22

Accepted Solution

by:
Paka earned 500 total points
ID: 24301651
There are a couple candidates for the root cause of this one:  DNS island, Kerberos ticket, or improperly promoted DC.

To resolve a DNS island issue:  
Delete the old CNAME from DNS
Point all of your DNS servers to use a common DNS server as their preferred DNS server (I'd recommend the PDC); point the PDC at one of the other DNS servers
Run "ipconfig /registerdns"
Stop and restart the netlogon service.

Here's a very good article on how diagnose and to fix the other two:
http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/a14187e2-a769-4fb4-8c39-e21654451577
0
 

Author Comment

by:computerconcepts
ID: 24306057
Thanks for the response.  I read through the link you gave me and I am pretty sure I will have to demote the DC (which will fail) then use metadata cleanup to remove any reference of the PDC from it, remove it from the domain and then rejoin the domain and attempt another dcpromo.  Does this sound right?

I do have a question about using metadata cleanup - Am I supposed to run this on the DC AND the PDC or just one of them.  I assume the DC but I can't seem to wrap my mind around that.
0
 

Author Comment

by:computerconcepts
ID: 24365776
Anyone?
0
 

Author Comment

by:computerconcepts
ID: 24412935
I ended up reloading the OS and starting over.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
In-place Upgrading Dirsync to Azure AD Connect
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question