• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 225
  • Last Modified:

DNS / Replication issues Active Directory

A situation has arisen were domain controllers were p2v.  One of the old physical domain controllers has come back on and caused an issue with replication and the DNS forward lookup zones don't show on one of the Domain controllers....i have gone through the steps od dcdaig and netdiag which has not solved the issues
0
cmatchett
Asked:
cmatchett
  • 5
  • 4
1 Solution
 
Darius GhassemCommented:
Can you please post dcdiag

The best might be to demote the troubled DC  then repromote the server after a metadata cleanup to make sure you removed any lingering objects behind

http://www.petri.co.il/delete_failed_dcs_from_ad.htm
0
 
cmatchettAuthor Commented:
C:\Program Files\Support Tools>dcdiag /v

Domain Controller Diagnosis

Performing initial setup:
   * Verifying that the local machine duncrue1, is a DC.
   * Connecting to directory service on server duncrue1.
   Server duncrue1 resolved to this IP address 192.168.4.2,
   but the address couldn't be reached(pinged), so check the network.
   The error returned was: Error due to lack of resources.
   This error more often means that the targeted server is
   shutdown or disconnected from the network
   * Collecting site info.
   * Identifying all servers.
   * Identifying all NC cross-refs.
   * Found 4 DC(s). Testing 1 of them.
   Done gathering initial info.

Doing initial required tests

   Testing server: DUNCRUE\DUNCRUE1
      Starting test: Connectivity
         * Active Directory LDAP Services Check
         The host f2de88d6-a1a5-4478-87ac-ff8d5afa6ad6._msdcs.domain.local could
 not be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name
         (f2de88d6-a1a5-4478-87ac-ff8d5afa6ad6._msdcs.domain.local) couldn't be
         resolved, the server name (duncrue1.domain.local) resolved to the IP
         address (192.168.2.100) and was pingable.  Check that the IP address
         is registered correctly with the DNS server.
         ......................... DUNCRUE1 failed test Connectivity

Doing primary tests

   Testing server: DUNCRUE\DUNCRUE1
      Skipping all tests, because server DUNCRUE1 is
      not responding to directory service requests
      Test omitted by user request: Topology
      Test omitted by user request: CutoffServers
      Test omitted by user request: OutboundSecureChannels
      Test omitted by user request: VerifyReplicas
      Test omitted by user request: VerifyEnterpriseReferences
      Test omitted by user request: CheckSecurityError

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : domain
      Starting test: CrossRefValidation
         ......................... domain passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... domain passed test CheckSDRefDom

   Running enterprise tests on : domain.local
      Starting test: Intersite
         Skipping site DUNCRUE, this site is outside the scope provided by the
         command line arguments provided.
         Skipping site PHILIPRUSSELLS, this site is outside the scope provided
         by the command line arguments provided.
         Skipping site MCCABES, this site is outside the scope provided by the
         command line arguments provided.
         ......................... domain.local passed test Intersite
      Starting test: FsmoCheck
         GC Name: \\duncrue1.domain.local
         Locator Flags: 0xe00001fc
         Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
         A Primary Domain Controller could not be located.
         The server holding the PDC role is down.
         Time Server Name: \\duncrue1.domain.local
         Locator Flags: 0xe00001fc
         Preferred Time Server Name: \\duncrue1.domain.local
         Locator Flags: 0xe00001fc
         KDC Name: \\duncrue1.domain.local
         Locator Flags: 0xe00001fc
         ......................... domain.local failed test FsmoCheck
      Test omitted by user request: DNS
      Test omitted by user request: DNS

C:\Program Files\Support Tools>


the IP Address 192.168.4.2 is the ip address of the old machine,...i have done ip config registerdns to correct this and it does not help
0
 
Darius GhassemCommented:
Seems like the IP address can't be pinged. Did you turn on a server that has this IP address as well?
0
Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

 
cmatchettAuthor Commented:
that address is like an intergrated card for the x series servers.....the correct ip address for the server is 192.168.2.xxx

in the forestdnszones there's a record for the wrong ip and the proper ip
0
 
Darius GhassemCommented:
Remove the wrong IP address
0
 
cmatchettAuthor Commented:
i also have an error in the event log 40960 saying there's an authentication error....maybe the old computer account of the old server password has expired...maybe a simple computer password reset is required also?
0
 
Darius GhassemCommented:
You are going to have to demote this server seems like one the other way was turned on this caused a UPN rollback. Easiest way is to demote the run metadata cleanup then repromote
0
 
cmatchettAuthor Commented:
i reset the computer password and it resolved it...thanks for you help all the same
0
 
cmatchettAuthor Commented:
doing this action solved it
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now