Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

DNS / Replication issues Active Directory

Posted on 2011-09-21
9
Medium Priority
?
222 Views
Last Modified: 2012-05-12
A situation has arisen were domain controllers were p2v.  One of the old physical domain controllers has come back on and caused an issue with replication and the DNS forward lookup zones don't show on one of the Domain controllers....i have gone through the steps od dcdaig and netdiag which has not solved the issues
0
Comment
Question by:cmatchett
  • 5
  • 4
9 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36573742
Can you please post dcdiag

The best might be to demote the troubled DC  then repromote the server after a metadata cleanup to make sure you removed any lingering objects behind

http://www.petri.co.il/delete_failed_dcs_from_ad.htm
0
 

Author Comment

by:cmatchett
ID: 36573870
C:\Program Files\Support Tools>dcdiag /v

Domain Controller Diagnosis

Performing initial setup:
   * Verifying that the local machine duncrue1, is a DC.
   * Connecting to directory service on server duncrue1.
   Server duncrue1 resolved to this IP address 192.168.4.2,
   but the address couldn't be reached(pinged), so check the network.
   The error returned was: Error due to lack of resources.
   This error more often means that the targeted server is
   shutdown or disconnected from the network
   * Collecting site info.
   * Identifying all servers.
   * Identifying all NC cross-refs.
   * Found 4 DC(s). Testing 1 of them.
   Done gathering initial info.

Doing initial required tests

   Testing server: DUNCRUE\DUNCRUE1
      Starting test: Connectivity
         * Active Directory LDAP Services Check
         The host f2de88d6-a1a5-4478-87ac-ff8d5afa6ad6._msdcs.domain.local could
 not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name
         (f2de88d6-a1a5-4478-87ac-ff8d5afa6ad6._msdcs.domain.local) couldn't be
         resolved, the server name (duncrue1.domain.local) resolved to the IP
         address (192.168.2.100) and was pingable.  Check that the IP address
         is registered correctly with the DNS server.
         ......................... DUNCRUE1 failed test Connectivity

Doing primary tests

   Testing server: DUNCRUE\DUNCRUE1
      Skipping all tests, because server DUNCRUE1 is
      not responding to directory service requests
      Test omitted by user request: Topology
      Test omitted by user request: CutoffServers
      Test omitted by user request: OutboundSecureChannels
      Test omitted by user request: VerifyReplicas
      Test omitted by user request: VerifyEnterpriseReferences
      Test omitted by user request: CheckSecurityError

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : domain
      Starting test: CrossRefValidation
         ......................... domain passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... domain passed test CheckSDRefDom

   Running enterprise tests on : domain.local
      Starting test: Intersite
         Skipping site DUNCRUE, this site is outside the scope provided by the
         command line arguments provided.
         Skipping site PHILIPRUSSELLS, this site is outside the scope provided
         by the command line arguments provided.
         Skipping site MCCABES, this site is outside the scope provided by the
         command line arguments provided.
         ......................... domain.local passed test Intersite
      Starting test: FsmoCheck
         GC Name: \\duncrue1.domain.local
         Locator Flags: 0xe00001fc
         Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
         A Primary Domain Controller could not be located.
         The server holding the PDC role is down.
         Time Server Name: \\duncrue1.domain.local
         Locator Flags: 0xe00001fc
         Preferred Time Server Name: \\duncrue1.domain.local
         Locator Flags: 0xe00001fc
         KDC Name: \\duncrue1.domain.local
         Locator Flags: 0xe00001fc
         ......................... domain.local failed test FsmoCheck
      Test omitted by user request: DNS
      Test omitted by user request: DNS

C:\Program Files\Support Tools>


the IP Address 192.168.4.2 is the ip address of the old machine,...i have done ip config registerdns to correct this and it does not help
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36573879
Seems like the IP address can't be pinged. Did you turn on a server that has this IP address as well?
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 

Author Comment

by:cmatchett
ID: 36573945
that address is like an intergrated card for the x series servers.....the correct ip address for the server is 192.168.2.xxx

in the forestdnszones there's a record for the wrong ip and the proper ip
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36573958
Remove the wrong IP address
0
 

Author Comment

by:cmatchett
ID: 36574044
i also have an error in the event log 40960 saying there's an authentication error....maybe the old computer account of the old server password has expired...maybe a simple computer password reset is required also?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36575293
You are going to have to demote this server seems like one the other way was turned on this caused a UPN rollback. Easiest way is to demote the run metadata cleanup then repromote
0
 

Accepted Solution

by:
cmatchett earned 0 total points
ID: 36576353
i reset the computer password and it resolved it...thanks for you help all the same
0
 

Author Closing Comment

by:cmatchett
ID: 36597799
doing this action solved it
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

782 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question