Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

DNS errors on new 2008R2 DNS server

Posted on 2011-02-17
21
Medium Priority
?
1,025 Views
Last Modified: 2012-05-11
I have recently added a new 2008 AD server to our Domain.  I've also made this server a DNS server.  The server is not on the same site as the FSMO server.  Everything seems to be working ok but I get 2 errors when I scan the role.

Below are the two error messages:

Issue:
The DNS server 10.10.10.1 on Intel(R) PRO/1000 MT Network Connection did not successfully resolve the name of the address (A/AAAA) record for this computer.

Impact:
Other domain controllers might not be able to resolve this computer’s name. The computer might not be able to connect to network resources.

Resolution:
Click Start, click Network, click Network and Sharing Center, and then click Manage Network Connections to configure DNS servers that are able to resolve names for your enterprise.




Issue:
The DNS server 192.168.0.127 on Intel(R) PRO/1000 MT Network Connection did not successfully resolve the name of the address (A/AAAA) record for this computer.

Impact:
Other domain controllers might not be able to resolve this computer’s name. The computer might not be able to connect to network resources.

Resolution:
Click Start, click Network, click Network and Sharing Center, and then click Manage Network Connections to configure DNS servers that are able to resolve names for your enterprise.


Any ideas?
0
Comment
Question by:wannabecraig
  • 11
  • 6
  • 3
  • +1
21 Comments
 
LVL 3

Expert Comment

by:zipp83
ID: 34915575
open DNS manger - properties of dns server - interface - chack the only the network you use is chacked .
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34915589
Yeah, only the interface I use is there and it's the only one checked.
0
 
LVL 3

Expert Comment

by:zipp83
ID: 34915618
you are use IPV6 ?
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 1

Author Comment

by:wannabecraig
ID: 34915643
It was installed, and I think it's an issue because when I ping the loopback I get a response:
Reply from ::1: time<1ms
Reply from ::1: time<1ms
Reply from ::1: time<1ms
Reply from ::1: time<1ms

But I have unchecked IPv6 in the network settings and it's still the same.
0
 
LVL 3

Expert Comment

by:zipp83
ID: 34916055
try to unchack the use of ipv6 from your network adpter
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34916155
I have done that, no difference.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34916226
Try to disable IPv6 in registry using MS article (set 0x20 or 0x10)
http://support.microsoft.com/kb/929852

Regards,
Krzysztof
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34916412
I have performed the steps in the article and it is not responding as an IP4 address.
However the error messages are still in the DNS analyzer.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34918222
Go into your Network Connections make sure IPv4 is listed first in binding order

http://thebackroomtech.com/2009/01/15/howto-edit-network-card-bindings-in-windows-server-2008/

Reboot
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34924565
The IP4 protocol is first on both bindings lists.
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34924578
3 things that may be important.

I renamed the computer while it was a DC.
It's a VMware server.
There used to be other computers on the network with the same address as this computer
but have been deleted few months ago.  however until I removed them they were still in the DNS>
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34925896
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34926864
^^
That is the method I used.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34927311
Post dcdiag /test:dns
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34927397
C:\>dcdiag /Test:dns

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = win2008r2-dc-h365
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Site\WIN2008R2-DC-H3
      Starting test: Connectivity
         ......................... WIN2008R2-DC-H3 passed test Connectivity

Doing primary tests

   Testing server: Site\WIN2008R2-DC-H3

      Starting test: DNS

         DNS Tests are running and not hung. Please wait a few minutes...
         ......................... WIN2008R2-DC-H3 passed test DNS

   Running partition tests on : DomainDnsZones

   Running partition tests on : ForestDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : domain

   Running enterprise tests on : domain.ie
      Starting test: DNS
         Test results for domain controllers:

            DC: win2008r2-dc-h365.domain.ie
            Domain: domain.ie


               TEST: Forwarders/Root hints (Forw)
                  Error: Both root hints and forwarders are not configured or
                  broken. Please make sure at least one of them works.

         Summary of test results for DNS servers used by the above domain
         controllers:

            DNS server: 128.63.2.53 (h.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 128.63.2.53
            DNS server: 128.8.10.90 (d.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 128.8.10.90
            DNS server: 192.112.36.4 (g.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.112.36.4
            DNS server: 192.203.230.10 (e.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.203.230.10
            DNS server: 192.228.79.201 (b.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.228.79.201
            DNS server: 192.33.4.12 (c.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.33.4.12
            DNS server: 192.36.148.17 (i.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.36.148.17
            DNS server: 192.5.5.241 (f.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.5.5.241
            DNS server: 192.58.128.30 (j.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.58.128.30
            DNS server: 193.0.14.129 (k.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 193.0.14.129
            DNS server: 198.32.64.12 (l.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 198.32.64.12
            DNS server: 198.41.0.4 (a.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 198.41.0.4
            DNS server: 202.12.27.33 (m.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 202.12.27.33
         Summary of DNS test results:

                                            Auth Basc Forw Del  Dyn  RReg Ext
            _________________________________________________________________
            Domain: domain.ie
               win2008r2-dc-h365            PASS PASS FAIL PASS PASS PASS n/a

         ......................... domain.ie failed test DNS

C:\>
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 2000 total points
ID: 34927429
Everything looks good except you need to add DNS Forwarders

http://technet.microsoft.com/en-us/library/cc773370(WS.10).aspx
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34927698
Might it be an issue with the firewall?  Which post does DNS use?
When I open all traffic from that server it work, when I just have port 53 (TCP & UDP) and 80 open it fails.

I dont really want to open all TCP or UDP traffic
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34927790
DNS uses 53 TCP and UDP

http://support.microsoft.com/kb/323380
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34927856
Hi, I had it locked down to source port 53 too, which it doesn't broadcast from.
Have any source port open the locked down to destination port 53 and it's fine.
However the original issue above with the server scan reporting problems is still there.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34928025
What server scan?
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34941732
In Server 2008, in the role section, the DNS modlue gives an option to perform a scan of the DNS role. This i where I get the error.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
Resolve DNS query failed errors for Exchange
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question