Solved

MS AD and DNS Error

Posted on 2009-07-16
14
601 Views
Last Modified: 2012-05-07
I have an iSCSI SAN connected to a domain controller using the 2nd NIC in the server. The IP is 192.168.99.5/24 with no gateway or DNS servers configured. I unchecked the box to "Register this connection's addresses in DNS" but when I save the config, it tells me "The DNS Server List is empty. The local IP address will be configured as the primary DNS server because Microsoft DNS server is installed on this machine."

I think this is causing an issue because it is creating an A record with that IP as well as the LAN connected adapter (172.18.0.110). When I run DCDIAG /s:DC1-DC1 /test:DNS I get the following:
Starting test: DNS
         Test results for domain controllers:
            DC: dc1-dc1.domain.com
            Domain: domain.com
               TEST: Delegations (Del)
                  Error: DNS server: dc1-dc1.domain.com. IP:192.168.99.5 [Broken delegated domain _msdcs.domain.com.]
                 
               TEST: Records registration (RReg)
                  Network Adapter [00000002] HP NC7782 Gigabit Server Adapter:
                     Error: Missing A record at DNS server 172.18.0.110 :
                     dc1-dc1.domain.com
                     
                     Error: Missing CNAME record at DNS server 172.18.0.110 :
                     0971d538-cc9f-47f0-a344-957c08917905._msdcs.domain.com
                     
                     Error: Missing DC SRV record at DNS server 172.18.0.110 :
                     _ldap._tcp.dc._msdcs.domain.com
                     
                     Error: Missing GC SRV record at DNS server 172.18.0.110 :
                     _ldap._tcp.gc._msdcs.domain.com
                     
                     Error: Missing PDC SRV record at DNS server 172.18.0.110 :
                     _ldap._tcp.pdc._msdcs.domain.com
                     
               Error: Record registrations cannot be found for all the network adapters
         
         Summary of test results for DNS servers used by the above domain controllers:

            DNS server: 192.168.99.5 (dc1-dc1.domain.com.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.168.99.5
               Delegation is broken for the domain _msdcs.domain.com. on the DNS server 192.168.99.5
               
         Summary of DNS test results:
         
                                            Auth Basc Forw Del  Dyn  RReg Ext  
               ________________________________________________________________
            Domain: domain.com
               dc1-dc1                      PASS PASS PASS FAIL PASS FAIL n/a  
         
         ......................... domain.com failed test DNS

What is the best practice for the configuration of the iSCSI NIC?
0
Comment
Question by:centricC
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
  • 2
14 Comments
 
LVL 30

Expert Comment

by:Britt Thompson
ID: 24870347
In the DNS management console > right click on the server > properties > Interfaces tab > select only the interface that you want to be registered in DNS

see if that does it for you.
0
 
LVL 3

Expert Comment

by:ZuluGr
ID: 24870764
If that will  not help, try the registry settings in this article :
http://support.microsoft.com/kb/289735
0
 

Author Comment

by:centricC
ID: 24871108
I removed the other interface on both DC's. This cleared the delegation error, however the RReg errors are still present.
 TEST: Records registration (RReg)
                  Network Adapter [00000002] HP NC7782 Gigabit Server Adapter:
                     Error: Missing A record at DNS server 172.18.0.110 :
                     dc1-dc1.domain.com
                     
                     Error: Missing CNAME record at DNS server 172.18.0.110 :
                     0971d538-cc9f-47f0-a344-957c08917905._msdcs.domain.com
                     
                     Error: Missing DC SRV record at DNS server 172.18.0.110 :
                     _ldap._tcp.dc._msdcs.domain.com
                     
                     Error: Missing GC SRV record at DNS server 172.18.0.110 :
                     _ldap._tcp.gc._msdcs.domain.com
                     
                     Error: Missing PDC SRV record at DNS server 172.18.0.110 :
                     _ldap._tcp.pdc._msdcs.domain.com
                     
               Error: Record registrations cannot be found for all the network adapters
 
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 30

Expert Comment

by:Britt Thompson
ID: 24871151
you may need to manually remove the existing records in DNS...they'll eventually replicate out but you can do it manually. Also, make sure you run a DNS flush

ipconfig /flushdns
0
 

Author Comment

by:centricC
ID: 24871287
So can I delete the _msdcs.domain.com zone? Will it recreate itself? All of the records that is says are missing are currently there...
0
 
LVL 30

Expert Comment

by:Britt Thompson
ID: 24871340
nono...just the records that point to 172.18.0.110
0
 
LVL 3

Expert Comment

by:ZuluGr
ID: 24871823
You can also try a netdiag /fix
0
 

Author Comment

by:centricC
ID: 24871868
What should my DNS setting be for the interface on each server? I currently have the primary as 127.0.0.1 and the secondary as the other DC on both boxes.
0
 
LVL 30

Accepted Solution

by:
Britt Thompson earned 500 total points
ID: 24872003
The server should only point to itself for DNS...127.0.0.1 only.
0
 

Author Comment

by:centricC
ID: 24873437
I tried a few more things without success. Next, I used the IP address of each server for its primary DNS rather than 127.0.0.1. I reran the dcdiag and everything passes with flying colors.
0
 
LVL 30

Expert Comment

by:Britt Thompson
ID: 24873509
The DNS on the local server should be identical to the DNS on the other server. You may be having replication issues between the two.

Some stuff to try would be:

Clear the cache within DNS management
Restart DNS services
restart the server
Force DNS replication
0
 

Author Comment

by:centricC
ID: 24873583
Everything is good now. Changing the value of the DNS server to its IP address fixed all the problems.
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question