SBS 2003 Active Directory Naming Info- DC not found- SBS 2003

Where did you change the DNS settings?
You should do this by running the connect to the Internet wizard.

Your clients should be using the SBS server for DNS

Yes, if you changed the NIC to point to the service provider's DNS server you will get this error. The SBS NIC should point ONLY to itself for DNS, and by running the CEICW as demazter stated, it will update the DNS forwarders with the ISP DNS.

PS- If you have a new public IP you also need to update your public DNS host and MX records to point your domain to the new IP.

I basically only changed the entries that contained my old public IP to the new public IP. i beleive this was in the forward and reverse lookup zones.I ran the CEICW with no help. I will attach some screen shots of my DNS MMC, I am not sure if something is missing or not.
dns-ss1.bmp
dns-ss2.bmp

Check the IP configuration of the SBS server, make sure it has an internal IP address and is pointing to itself for DNS in the network card TCP/IP settings.

Check the DHCP settings make sure the scope options are set to use the SBS servers IP address for DNS.

Check the client by running IPCONFIG /ALL make sure they are using the SBS server for DNS.

Try running the following on a client:

IPCONFIG /FLUSHDNS
IPCONFIG /REGISTERDNS

All clients are getting IP addresses, Exchange is working fine, DHCP is good, everything is pointing to the correct IP. I just cant view AD, i am assuming it is a DNS issue, but may not be. Here is the error message-
sbs-error.jpg

Can you run NETDIAG and DCDIAG on the server and post the results please.

It is usually a DNS issue, and it is usually because the SBS NIC has something other than its own IP added under DNS servers. There should be nothing else, even as an alternate. Can you confirm that?

As you can see in this image .14 is assigned to NIC but it is on .15.  i cant repair, get ARP CACHE error.
SBS-TCP.jpg

Does your server have 2 NICs? 192.168.0.15 and 192.168.0.14 ?  Or is 192.168.0.15 a ghost NIC from a previous configuration



@demazter, not disagreeing with your suggestion at all, but for my own information; is there a compatible version of NetDiag for 2008? Great tool for diagnosing but I thought it was no longer available or worked with 2008. The 2003 version will install and run, but when I have tested it, it seems to return numerous errors, I suspected due to IPv6 and new permission. Just curious as I miss having the tool available. DCDiag of course is still available.

Looks like you have adde an aditional IP rather than changed the old one.
If you click advanced what do see?

Did you use the wizard to change the IP address?

I thought it was 2003? No mention of 2008 in the question?

Whoops! Sorry. (Blush)
However, do you know of netdiag 2008 version?

No there isn't.  Aparently it's no longer required in 2008.

Although in saying ghat I still always want to run it :(

Yes it was a great tool.

It has only one NIC- which should be .14. The tech that set up the server did soemthing with .15 when he was having trouble with DHCP or RA or something.

Can you do the following:

Open Server Management under Internet and E-mail click Change Server IP Address. Make sure the correct IP address and subnet mask is entered and click OK.

I would then suggest a restart.

test results
dcdiag-results.doc
netdiag-results.doc

If you go to tcp/ip settings and click advanced do you have 2 IP addresses listed?
Also can you run the wizard I mentioned?

Server is multi-homed (2 IP's for 1 NIC) you need to first fix that as stated by demazter, and ONLY do this using the suggested wizard, I wouldn't "mess" with LAN IP's manually.

it does have 2 IP's listed, i ran the wizard(it was showing IP to be 15) and got the attached error, although it appeared to change the IP to 14.  should i restart?
ip-chang-err.jpg

I would restart. It may also balk at the subnet mask of 255.255.248.0  Normal would be 255.255.255.0 and there is no need with SBS for anything larger. Again if changing use the wizard. Changing the LAN IP on an SBS can create a real mess. The wizard is critical.

Not sure if you saw my previous comment:

"Can you do the following:

Open Server Management under Internet and E-mail click Change Server IP Address. Make sure the correct IP address and subnet mask is entered and click OK.

I would then suggest a restart."

I opened SM and attempted to change Server IP, it was showing 15 instead of 14, I changed to 14 and clicked OK, and recevied the error shown in prev post. Closed error message adn attempted to process again, this time it showed .14 as the server IP. I got tied up on something else and lost my remote connection, and now i cant log back on remotley, error says "the specified domain does not exist or cannot be contacted."  I should still be logged on at the site, i will go there later today and see if i can chnage back to .15 until i get this sorted out. thanks for your help, i need it..

You have probably lost your connection because te firewall/router rule is pointing to the other IP address.

Let us know what happens when you get onsite.

Sorry, didn't realize you were remote. Always very risky making network or RRAS changes remotely.
I often set up a second connection method such as logmein, even if temporary,for this reason. There are no guarantees with logmein either, but it tends to be independent of IP's and firewalls where it is treaded as an outgoing service.

I made the same mistake :(
apologies I guess these days we should be asking this before making these sorts
of recommendations

And we have both probably done it ourselves, more than once :-)

Yep :) and cursed myself afterwards :-/

I am getting to the Admin logon screen on the server remotely, when I enter PW and attempt logon it cant find domain to logon to.  The firewall/router port forwarding has always been pointed to .14, i am pretty confused as to why the original config used two different IP addresses and what that accomplished.

oh, and btw, im only 1 mile from site so no big deal, have to go to Eagle Scout deal for one of my friends kids, will check it out later today.

>>"and what that accomplished"
A DNS mess.

Because of the changes only being partially applied until reboot, it could be firewall or DNS such that authentication against AD cannot take place.

Certainly looks like the wizard wasn't used :(

Ended up having to go to backup to get AD restored. Not sure exactly what happened or how, but it is up and running OK.  thanks guys.

Thanks gjhulett. Glad to hear you were able to resolve.
Cheers!
--Rob