Solved

Bare metal restore of 2008r2 AD and DNS broke

Posted on 2011-09-12
4
970 Views
Last Modified: 2012-05-12
I had a server crash and I did a bare metal restore of the VM.  It was my primary DC and DNS.  Now it keeps failing with error

2092 "This server is the owner of the following FSMO role, but does not consider it valid."

error 2087 "Active Directory could not resolve the following DNS host name of the source domain controller to an IP address. This error prevents additions, deletions and changes in Active Directory from replicating between one or more domain controllers in the forest. Security groups, group policy, users and computers and their passwords will be inconsistent between domain controllers until this error is resolved, potentially affecting logon authentication and access to network resources.
"


How do I fix the AD and DNS from messing up again?  How do I make it think its ok?
0
Comment
Question by:Mark_c
  • 2
4 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 36526649
Did you have other DCs?   How did you do a bare metal restore on the VM?

If you have other DCs you can seize the roles to that one, cleanup the dead DC and then promote another one.

Thanks

Mike
0
 
LVL 1

Author Comment

by:Mark_c
ID: 36526882
The other DC running would keep killing it, I turned it off when the restore become live.  I used a Veeam backup of the DC.
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 36527477
Checked the DNS setting on the Server it should point to itself.If the public ip address is added in the NIC DNS setting remove the same and add to DNS forwarders if required.If 127.0.0.1 is entered as dns remove the same and add ip address.

Chech NIC binding the Nic which is online and has ip details should be in first order.If multiple NIC are present then disabled the unrequired NIC.

Disabled the firewall, update the NIC driver if it is not updated,many time the NIC driver is outdated if you perform BMR with third party solution.

Make sure the system time on both DC are sync.Check AD sites and services, make sure no dead or non-exsiting DC.

I have also seen many cases if you perform the BMR by third party soultion the server goes in USN rollback state.Check the event log in Directory service for event id 2095 if has occured then you need to demote and promote the DC followed by metadata cleanup.Also if the server is FSMO role holder you need to seize the role on other server.

Please post the dcdiag /q and repadmin /replsum log to analyse further of both DC.
0
 
LVL 1

Author Closing Comment

by:Mark_c
ID: 37028770
I just rebult them
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Blocking Microsoft Edge From Running? 14 59
DNS forwarders "unable to resolve" 1 69
DCOM was unable to communicate with the computer 8 34
need assistance with a VBscript 3 42
This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question