Solved

DNS errors on new 2008R2 DNS server

Posted on 2011-02-17
21
1,015 Views
Last Modified: 2012-05-11
I have recently added a new 2008 AD server to our Domain.  I've also made this server a DNS server.  The server is not on the same site as the FSMO server.  Everything seems to be working ok but I get 2 errors when I scan the role.

Below are the two error messages:

Issue:
The DNS server 10.10.10.1 on Intel(R) PRO/1000 MT Network Connection did not successfully resolve the name of the address (A/AAAA) record for this computer.

Impact:
Other domain controllers might not be able to resolve this computer’s name. The computer might not be able to connect to network resources.

Resolution:
Click Start, click Network, click Network and Sharing Center, and then click Manage Network Connections to configure DNS servers that are able to resolve names for your enterprise.




Issue:
The DNS server 192.168.0.127 on Intel(R) PRO/1000 MT Network Connection did not successfully resolve the name of the address (A/AAAA) record for this computer.

Impact:
Other domain controllers might not be able to resolve this computer’s name. The computer might not be able to connect to network resources.

Resolution:
Click Start, click Network, click Network and Sharing Center, and then click Manage Network Connections to configure DNS servers that are able to resolve names for your enterprise.


Any ideas?
0
Comment
Question by:wannabecraig
  • 11
  • 6
  • 3
  • +1
21 Comments
 
LVL 3

Expert Comment

by:zipp83
ID: 34915575
open DNS manger - properties of dns server - interface - chack the only the network you use is chacked .
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34915589
Yeah, only the interface I use is there and it's the only one checked.
0
 
LVL 3

Expert Comment

by:zipp83
ID: 34915618
you are use IPV6 ?
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34915643
It was installed, and I think it's an issue because when I ping the loopback I get a response:
Reply from ::1: time<1ms
Reply from ::1: time<1ms
Reply from ::1: time<1ms
Reply from ::1: time<1ms

But I have unchecked IPv6 in the network settings and it's still the same.
0
 
LVL 3

Expert Comment

by:zipp83
ID: 34916055
try to unchack the use of ipv6 from your network adpter
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34916155
I have done that, no difference.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34916226
Try to disable IPv6 in registry using MS article (set 0x20 or 0x10)
http://support.microsoft.com/kb/929852

Regards,
Krzysztof
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34916412
I have performed the steps in the article and it is not responding as an IP4 address.
However the error messages are still in the DNS analyzer.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34918222
Go into your Network Connections make sure IPv4 is listed first in binding order

http://thebackroomtech.com/2009/01/15/howto-edit-network-card-bindings-in-windows-server-2008/

Reboot
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34924565
The IP4 protocol is first on both bindings lists.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 1

Author Comment

by:wannabecraig
ID: 34924578
3 things that may be important.

I renamed the computer while it was a DC.
It's a VMware server.
There used to be other computers on the network with the same address as this computer
but have been deleted few months ago.  however until I removed them they were still in the DNS>
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34925896
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34926864
^^
That is the method I used.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34927311
Post dcdiag /test:dns
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34927397
C:\>dcdiag /Test:dns

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = win2008r2-dc-h365
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Site\WIN2008R2-DC-H3
      Starting test: Connectivity
         ......................... WIN2008R2-DC-H3 passed test Connectivity

Doing primary tests

   Testing server: Site\WIN2008R2-DC-H3

      Starting test: DNS

         DNS Tests are running and not hung. Please wait a few minutes...
         ......................... WIN2008R2-DC-H3 passed test DNS

   Running partition tests on : DomainDnsZones

   Running partition tests on : ForestDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : domain

   Running enterprise tests on : domain.ie
      Starting test: DNS
         Test results for domain controllers:

            DC: win2008r2-dc-h365.domain.ie
            Domain: domain.ie


               TEST: Forwarders/Root hints (Forw)
                  Error: Both root hints and forwarders are not configured or
                  broken. Please make sure at least one of them works.

         Summary of test results for DNS servers used by the above domain
         controllers:

            DNS server: 128.63.2.53 (h.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 128.63.2.53
            DNS server: 128.8.10.90 (d.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 128.8.10.90
            DNS server: 192.112.36.4 (g.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.112.36.4
            DNS server: 192.203.230.10 (e.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.203.230.10
            DNS server: 192.228.79.201 (b.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.228.79.201
            DNS server: 192.33.4.12 (c.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.33.4.12
            DNS server: 192.36.148.17 (i.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.36.148.17
            DNS server: 192.5.5.241 (f.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.5.5.241
            DNS server: 192.58.128.30 (j.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.58.128.30
            DNS server: 193.0.14.129 (k.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 193.0.14.129
            DNS server: 198.32.64.12 (l.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 198.32.64.12
            DNS server: 198.41.0.4 (a.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 198.41.0.4
            DNS server: 202.12.27.33 (m.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 202.12.27.33
         Summary of DNS test results:

                                            Auth Basc Forw Del  Dyn  RReg Ext
            _________________________________________________________________
            Domain: domain.ie
               win2008r2-dc-h365            PASS PASS FAIL PASS PASS PASS n/a

         ......................... domain.ie failed test DNS

C:\>
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 500 total points
ID: 34927429
Everything looks good except you need to add DNS Forwarders

http://technet.microsoft.com/en-us/library/cc773370(WS.10).aspx
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34927698
Might it be an issue with the firewall?  Which post does DNS use?
When I open all traffic from that server it work, when I just have port 53 (TCP & UDP) and 80 open it fails.

I dont really want to open all TCP or UDP traffic
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34927790
DNS uses 53 TCP and UDP

http://support.microsoft.com/kb/323380
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34927856
Hi, I had it locked down to source port 53 too, which it doesn't broadcast from.
Have any source port open the locked down to destination port 53 and it's fine.
However the original issue above with the server scan reporting problems is still there.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34928025
What server scan?
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34941732
In Server 2008, in the role section, the DNS modlue gives an option to perform a scan of the DNS role. This i where I get the error.
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

26 Experts available now in Live!

Get 1:1 Help Now