Solved

DNS errors on new 2008R2 DNS server

Posted on 2011-02-17
21
1,017 Views
Last Modified: 2012-05-11
I have recently added a new 2008 AD server to our Domain.  I've also made this server a DNS server.  The server is not on the same site as the FSMO server.  Everything seems to be working ok but I get 2 errors when I scan the role.

Below are the two error messages:

Issue:
The DNS server 10.10.10.1 on Intel(R) PRO/1000 MT Network Connection did not successfully resolve the name of the address (A/AAAA) record for this computer.

Impact:
Other domain controllers might not be able to resolve this computer’s name. The computer might not be able to connect to network resources.

Resolution:
Click Start, click Network, click Network and Sharing Center, and then click Manage Network Connections to configure DNS servers that are able to resolve names for your enterprise.




Issue:
The DNS server 192.168.0.127 on Intel(R) PRO/1000 MT Network Connection did not successfully resolve the name of the address (A/AAAA) record for this computer.

Impact:
Other domain controllers might not be able to resolve this computer’s name. The computer might not be able to connect to network resources.

Resolution:
Click Start, click Network, click Network and Sharing Center, and then click Manage Network Connections to configure DNS servers that are able to resolve names for your enterprise.


Any ideas?
0
Comment
Question by:wannabecraig
  • 11
  • 6
  • 3
  • +1
21 Comments
 
LVL 3

Expert Comment

by:zipp83
ID: 34915575
open DNS manger - properties of dns server - interface - chack the only the network you use is chacked .
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34915589
Yeah, only the interface I use is there and it's the only one checked.
0
 
LVL 3

Expert Comment

by:zipp83
ID: 34915618
you are use IPV6 ?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 1

Author Comment

by:wannabecraig
ID: 34915643
It was installed, and I think it's an issue because when I ping the loopback I get a response:
Reply from ::1: time<1ms
Reply from ::1: time<1ms
Reply from ::1: time<1ms
Reply from ::1: time<1ms

But I have unchecked IPv6 in the network settings and it's still the same.
0
 
LVL 3

Expert Comment

by:zipp83
ID: 34916055
try to unchack the use of ipv6 from your network adpter
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34916155
I have done that, no difference.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34916226
Try to disable IPv6 in registry using MS article (set 0x20 or 0x10)
http://support.microsoft.com/kb/929852

Regards,
Krzysztof
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34916412
I have performed the steps in the article and it is not responding as an IP4 address.
However the error messages are still in the DNS analyzer.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34918222
Go into your Network Connections make sure IPv4 is listed first in binding order

http://thebackroomtech.com/2009/01/15/howto-edit-network-card-bindings-in-windows-server-2008/

Reboot
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34924565
The IP4 protocol is first on both bindings lists.
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34924578
3 things that may be important.

I renamed the computer while it was a DC.
It's a VMware server.
There used to be other computers on the network with the same address as this computer
but have been deleted few months ago.  however until I removed them they were still in the DNS>
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34925896
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34926864
^^
That is the method I used.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34927311
Post dcdiag /test:dns
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34927397
C:\>dcdiag /Test:dns

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = win2008r2-dc-h365
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Site\WIN2008R2-DC-H3
      Starting test: Connectivity
         ......................... WIN2008R2-DC-H3 passed test Connectivity

Doing primary tests

   Testing server: Site\WIN2008R2-DC-H3

      Starting test: DNS

         DNS Tests are running and not hung. Please wait a few minutes...
         ......................... WIN2008R2-DC-H3 passed test DNS

   Running partition tests on : DomainDnsZones

   Running partition tests on : ForestDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : domain

   Running enterprise tests on : domain.ie
      Starting test: DNS
         Test results for domain controllers:

            DC: win2008r2-dc-h365.domain.ie
            Domain: domain.ie


               TEST: Forwarders/Root hints (Forw)
                  Error: Both root hints and forwarders are not configured or
                  broken. Please make sure at least one of them works.

         Summary of test results for DNS servers used by the above domain
         controllers:

            DNS server: 128.63.2.53 (h.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 128.63.2.53
            DNS server: 128.8.10.90 (d.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 128.8.10.90
            DNS server: 192.112.36.4 (g.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.112.36.4
            DNS server: 192.203.230.10 (e.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.203.230.10
            DNS server: 192.228.79.201 (b.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.228.79.201
            DNS server: 192.33.4.12 (c.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.33.4.12
            DNS server: 192.36.148.17 (i.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.36.148.17
            DNS server: 192.5.5.241 (f.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.5.5.241
            DNS server: 192.58.128.30 (j.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.58.128.30
            DNS server: 193.0.14.129 (k.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 193.0.14.129
            DNS server: 198.32.64.12 (l.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 198.32.64.12
            DNS server: 198.41.0.4 (a.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 198.41.0.4
            DNS server: 202.12.27.33 (m.root-servers.net.)
               1 test failure on this DNS server
               PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 202.12.27.33
         Summary of DNS test results:

                                            Auth Basc Forw Del  Dyn  RReg Ext
            _________________________________________________________________
            Domain: domain.ie
               win2008r2-dc-h365            PASS PASS FAIL PASS PASS PASS n/a

         ......................... domain.ie failed test DNS

C:\>
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 500 total points
ID: 34927429
Everything looks good except you need to add DNS Forwarders

http://technet.microsoft.com/en-us/library/cc773370(WS.10).aspx
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34927698
Might it be an issue with the firewall?  Which post does DNS use?
When I open all traffic from that server it work, when I just have port 53 (TCP & UDP) and 80 open it fails.

I dont really want to open all TCP or UDP traffic
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34927790
DNS uses 53 TCP and UDP

http://support.microsoft.com/kb/323380
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34927856
Hi, I had it locked down to source port 53 too, which it doesn't broadcast from.
Have any source port open the locked down to destination port 53 and it's fine.
However the original issue above with the server scan reporting problems is still there.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 34928025
What server scan?
0
 
LVL 1

Author Comment

by:wannabecraig
ID: 34941732
In Server 2008, in the role section, the DNS modlue gives an option to perform a scan of the DNS role. This i where I get the error.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
DNS.exe on Azure 2 25
NSLOOKUP Question 7 20
Separate DNS forwarding 2 21
Urgent Help dns, clock issues nightmare 71 28
Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question