?
Solved

Can't add 2008 R2 server to exisitng domain

Posted on 2011-09-20
15
Medium Priority
?
710 Views
Last Modified: 2012-05-12
The network has three sites. Two domain controllers (Windows 2003 Server)in site #1 (HQ), two domain controllers in site #2 (Windows 2008 R2) and one domain controller in site #3 (Windows Server 2008 R2).

The domain controller in site #3 had a sudden boot drive failure. We used NTDSUTIL to remove the remians from AD, as well as, using AD U&C and AD S&S to remove the server where it was listed. We also removed the DNS entries from the forward lookup zone and the mcds.

Now when just trying to join the domain we receive the:

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "stonehenge.corp":

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.stonehenge.corp

Common causes of this error include the following:

- The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:

10.x.xx.220
10.x.xx.221

- One or more of the following zones do not include delegation to its child zone:

companydns.corp
corp
. (the root zone)


One of the other tasks that was done during the troubleshooting was to rename the server which resulted in the same error.


If any of you gurus could please assist, it would be greatly appreciated.
0
Comment
Question by:bulldogsdad
  • 9
  • 3
  • 2
  • +1
15 Comments
 
LVL 19

Expert Comment

by:Miguel Angel Perez Muñoz
ID: 36567566
This failed DC has FSMO roles?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36567575
When it had that sudden boot failure you did the right steps but what about on that local machine, did you you reinstall the OS?  How did you remove AD from it locally?

I'm assuming there are no network issues accessing the current DNS servers

Thanks

Mike
0
 

Author Comment

by:bulldogsdad
ID: 36567617
The failed DC did have FSMO roles....

The OS was completely re-installed fresh.

Here is an update:

We just tried to join the domain once more and received the "Welcome to the Domain" dialogue box, but then also received the below:

Changing the Primary DNS name of this computer to "" failed. The name will remain "ComanyDNS.corp"

The error was:

The sepcified server cannot perform the requested operation.

The DNS server for the NIC settings on this server is the DNS server in HQ.

Thanks again for you gusy jumping in sol quickly.
0
Get quick recovery of individual SharePoint items

Free tool – Veeam Explorer for Microsoft SharePoint, enables fast, easy restores of SharePoint sites, documents, libraries and lists — all with no agents to manage and no additional licenses to buy.

 
LVL 57

Expert Comment

by:Mike Kline
ID: 36567633
ok you will have to seize the roles that were on that box http://www.petri.co.il/seizing_fsmo_roles.htm

So are you now seeing the server in the domain?
0
 

Author Comment

by:bulldogsdad
ID: 36567641
I have rebooted the server after joining the domain and can login using the domain admin.

The computer name "RitzPlazaDC1" also shows up in the DNS of the server in HQ.

0
 

Author Comment

by:bulldogsdad
ID: 36567703
MKLINE71 - just so i am completely sure that this server did have the FSMO....is there a way to verify?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36567784
you can run

netdom query fsmo to see your current fsmo role holders.

0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36567786
use this command

netdom query /fsmo
0
 

Author Comment

by:bulldogsdad
ID: 36567907
Okay...glad i checked as the FSMO roles are all hosted by my main DC in HQ.....thanks for the command.

I also tried to run DCPROMO and it went as far as the "Additional Domain Controllers Options" screen and hit next and then recevied the following: (see screencast)

Not sure on whether to answer yes or no at this point.

Your thoughts or suggestions.

 bulldogsdad-501743.flv
0
 

Author Comment

by:bulldogsdad
ID: 36567952
Is that message being displayed just in case we are setting up a sub-domain or is there a DNS error?


0
 
LVL 19

Expert Comment

by:Miguel Angel Perez Muñoz
ID: 36567962
Wow, how many answers...

Please, check on other DC´s that:

DNS is running fine (service start, resolves, etc).
Active directory zone is integrated zone.
DNS on TCP/IP config is correct.
0
 

Author Comment

by:bulldogsdad
ID: 36567988
DNS is running fine
The entire network other than this server is running fine
AD is integrated
DNS for this server is as follows:
        Primary DNS is the DNS server at HQ which is also the FSMO
        Secondary DNS is the the 2nd DNS at HQ

I originally had this troubled server as the primary and the secondary DNS was set to the DNS at HQ, but that failed.

Should i change the DNS settings for the NIC? If so, what do you recommend?

Thanks again for sticking with this!!
0
 

Author Comment

by:bulldogsdad
ID: 36568041
i just manually entered the FQDN of this server into the Name Servers of the DNS Server in HQ that is the Primary DNS for this servers NIC and it resolved to the IP address without any issue.
0
 

Accepted Solution

by:
bulldogsdad earned 0 total points
ID: 36568969
Rebooted existing DNS server at HQ and then all things were good.
0
 

Author Closing Comment

by:bulldogsdad
ID: 36594704
No other experts commented by the time the issue was resolved.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question