DNS Issues

Posted on 2011-03-25
Medium Priority
Last Modified: 2012-05-11
I have an old 2000 Server acting as the DC.  I have two additional servers 2000 and 2003 also running active directory.  I have introduced a 2008 server which will be replacing both the 2000 servers.  I have done all the adprep work, ran dcpromo created the DNS role as directed when running the dcpromo, (did not add a forwarding zone because not quite clear what that does) and did all the role transfers.  The 2000 server has DNS running and the 2008 has DNS running.

All the workstations have static ip's and they where first pointing to the old server now they are directed to the new server. I have no login issues or login script issues and everyone can access data on the new server without issues.

Once I finished making the changes to the static DNS on the workstations, I turned off the DNS service on the old server and have been running fine for the last week.  Today I introduced a new computer I assigned it a static IP with the DNS pointing to the new server and when I tried to join the domain, I keep getting messages that the DNS cannot resolve the domain name.  I can ping both the ip address and the server name without problems.  When I started the old DNS service and changed the DNS ip to reflect the old DC server it popped in just fine.

I am confused.  Any suggestions.

Question by:imajava
  • 2
  • 2
LVL 44

Accepted Solution

Adam Brown earned 2000 total points
ID: 35219575
What FSMO roles do you have assigned to the Windows 2000 server?

Author Comment

ID: 35219941
I transferred the 4 roles from the 2000 server using the ntdcutil.exe.  Should I use the snap-in tools and check to see if the roles where transferred?
LVL 44

Assisted Solution

by:Adam Brown
Adam Brown earned 2000 total points
ID: 35219943
Yes. Make sure that it has none of the 5. You'll also want to check Active Directory Sites and Services to make sure that the Windows 2000 server is not listed as the primary server for your site.

Author Comment

ID: 35219944
The 2000 server was the very first so I am assuming all roles where present on the server

Expert Comment

ID: 35220035
All FSMO´s were still on your old DC, The primary- ad integrated DNS Forward zone is required for active directory. I recommend using DHCP for your client PCs, so they can securely and dynamically register in the DNS zone.
Because the rid-master role was still on your old DC, a new computer account could not be created, so it could not join the domain.
You could remove Active directory from the old dc by running dcpromo.exe on it, all FSMO´s will automatically be moved to the new DC in your network.

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

597 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question