• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 768
  • Last Modified:

server 2008 dns

I have a server 2008, domaIN name "ups.local"
Server is called "ups-srv-01"
When I try to join a windows 7 professional machine to the domain I get the following:
-----------------------
An active directory domain controller (AD DC) for the domain "ups.local" could not be reached
ensure that the domain name is typed correctly
if the name is correct , click details (Below):
details:
Note: This information is intended for a network administrator.  If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt.

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "ups.local":

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.ups.local

Common causes of this error include the following:

- The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:

192.168.254.3

- One or more of the following zones do not include delegation to its child zone:

ups.local
local
. (the root zone)
-------------------
Please can someone tell me what the default dns settings should be for the server 2008 dns setup and how to resolve this issue

0
doctorbill
Asked:
doctorbill
  • 17
  • 10
  • 7
  • +1
20 Solutions
 
Rodney BarnhardtServer AdministratorCommented:
The first thing to do on your DC is to test DNS. On the DC, in a command line, run the following command:  dcdiag /test:dns

Look for errors in this report. That will be the first place to start to ensure that DNS is even working correctly.
0
 
Rodney BarnhardtServer AdministratorCommented:
Another option is if you have more than one DNS server, run ipconfig /registerDNS on each of those other servers. Also, try running netdiag /fix to verify SVR records and check the following:
- DC or other DNS server have static IP
- DNS zone is configured for dynamic updates.
0
 
ADProblem2012Commented:
Ensure that 192.168.254.3 is the IP of the 2008 DNS Server.

Do you have trouble assigning other machines to the domain or just this one?

Is DNS setup on the server at all?    Ensure that the DNS server assigned on the workstation is that of a domain controller and that the name of the machine can be resolved to an IP.

 
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
doctorbillTechAuthor Commented:
I have run the diag test and I have attached the report - there is one dns error:
I would greatly appreciate some more input as we are appearing to make headway with this
diag.txt
0
 
ADProblem2012Commented:
What DNS server is assigned to the network card of the server? make sure it is assigned to use it's own IP as its DNS server.  And then make sure forwarding is setup so it can resolve outside addresses.  
0
 
doctorbillTechAuthor Commented:
please can you give me details as to how to see this?
0
 
doctorbillTechAuthor Commented:
here are the details:
IP: 192.168.254.3
MASK: 255.255.255.0
gateway: 192.168.254.254 (adsl router)

DNS: 192.168.254.3
0
 
Darius GhassemCommented:
Post ipconfig /all from the Domain Controller

Make sure the domain controller IP configuration in DNS server listed is the IP address of the Domain Controller
0
 
Darius GhassemCommented:
Go to DNS on Domain Controller. Do you have DNS zone called your domain name?
0
 
ADProblem2012Commented:
Control Panel/Network and Sharing Center/Manage Network Connections/Local Area Connection/Properties/IPV4/Properties.

Or just view the status of the connection.  Sounds DNS is definitley not setup correctly on this domain controller.  If another domain controller is available I would remove the dns role and re-add it copying it from a working domain controller.
0
 
doctorbillTechAuthor Commented:
here are the details:
IP: 192.168.254.3
MASK: 255.255.255.0
gateway: 192.168.254.254 (adsl router)

DNS: 192.168.254.3

Can you suggest where the problem is ?
0
 
Rodney BarnhardtServer AdministratorCommented:
Another question, is this DC physical or virtual? There can be some DNS issues if it is virtual and there is a problem with the host nic. MS recommendation is generally not to virtualize your DC, per my AD troubleshooting class at Microsoft a few weeks ago. In particularly, the PDC emulator role. Also, could there be a firewall in between or running on the DC. You could use portquery to see if port 53 is open or blocked.
0
 
doctorbillTechAuthor Commented:
it is physical
can you give me details of how to use port query ?
0
 
Rodney BarnhardtServer AdministratorCommented:
portqry -n <servername> -p <protocol> -e <portnumber>

The link below list some of the pertinent ports for troubleshooting AD, as well as a download link for the port query utility.

http://support.microsoft.com/kb/816103

DNS = port 53  
LDAP= port 389
0
 
doctorbillTechAuthor Commented:
query tells me that tcp and udp port 53 is listening
also, the ip address (127.0.0.1) is resolved to ups-srv-01.ups.local
0
 
Rodney BarnhardtServer AdministratorCommented:
Verify the net logon server is running. Then, click on the Windows icon and type CMD when you see the execution icon, right click and select to "run as administrator". In that window, issue the following commands:

net stop netlogon
net start netlogon
ipconfig /registerDNS

Then, rerun the dcdiag /test:dns and post the output.
0
 
Darius GhassemCommented:
Dcdiag /fix

Again go to DNS do you see your DNS Zone?
0
 
doctorbillTechAuthor Commented:
I get exactly the same output from the dcdiag /test:dns
0
 
Rodney BarnhardtServer AdministratorCommented:
Are there any error in the event viewer, under the Application and Services - DNS logs, or in the System logs?
0
 
Rodney BarnhardtServer AdministratorCommented:
Also, did you try dcdiag /fix as posted above by dariusg?
0
 
doctorbillTechAuthor Commented:
yes - no joy there
The only error I am getting is as follows:

the user accounts cannot be added into grouppolicy "allsbsusers". Please varify the groupPolicy "allsbsusers" exists.

It does exist
0
 
doctorbillTechAuthor Commented:
if i do a nslookup "ups.local", i get:

server: unknown
address: 192.168.254.3

Name: ups.local
0
 
doctorbillTechAuthor Commented:
could someone PLEASE give me screen shots of what the default entries should look like in the DNS server for server 2008 - I am thinking that I have lost some important settings somehow
0
 
Rodney BarnhardtServer AdministratorCommented:
0
 
doctorbillTechAuthor Commented:
this is what I have - looks like my dns settings are completely trashed. How can I rebuild them ? myimages.doc
0
 
Rodney BarnhardtServer AdministratorCommented:
So, from looking at your image, you are missing the _msdcs correct? It hasn't by chance moved to a different subfolder or somewhere else in the tree is it?
0
 
doctorbillTechAuthor Commented:
here are jpgs 1 1 2 3
0
 
doctorbillTechAuthor Commented:
I cannot locate the _msdcs folder
0
 
Darius GhassemCommented:
Your zone is not correct.

Delete the zone create the zone so it will look exactly as your Domain does in AD DS
0
 
doctorbillTechAuthor Commented:
where should I be looking for the AD DS
0
 
Darius GhassemCommented:
Sorry Active Directory Domain Services or Active Directory Users and Computers
0
 
doctorbillTechAuthor Commented:
but what am I looking for - what settings ?
0
 
Darius GhassemCommented:
You are looking for what the domain is called in Active Directory. You should see it at the top
0
 
doctorbillTechAuthor Commented:
it is called ups.local. How do I recreate the _msdcs from this ?
0
 
Rodney BarnhardtServer AdministratorCommented:
In DNS, browse to the forward lookup zones. Right-click and select new primary zone. Check the box to make it AD integrated. Then name it _msdcs.ups.local once this is done, then stop and restart the netlogon service. This should re-register the SVR records.
0
 
Darius GhassemCommented:
You are missing other folders as well. Best solution delete your current ups.local zone recreate this zone
0
 
doctorbillTechAuthor Commented:
Extremely fast response and everyone involved took the trouble to see the problem through - very impressed !!!!!!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Windows 7 Basic

This introductory course to Windows 7 environment will teach you about working with the Windows operating system. You will learn about basic functions including start menu; the desktop; managing files, folders, and libraries.

  • 17
  • 10
  • 7
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now