Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1140
  • Last Modified:

Win2003 dns domain error dnsHostName not found

Hi,
Following an unsuccessful  demotion of one of my AD I still have an error message.  Failed to get Default-First-Site-Name site information in teknor.com. Property "dnsHostName" not found.
0
SigSupport
Asked:
SigSupport
  • 6
  • 4
  • 2
  • +3
1 Solution
 
IT-ShrekCommented:
Hi,

- Do a Full System State Backup
- open adsiedit.msc and search for the name of the orphaned DC and delete all references
- Reboot and Retry.

Shrek
0
 
Premkumar YogeswaranCommented:
Hi,

Step 1:
First make sure, you have done MDC - Meta data cleanup process.
Refer:
http://support.microsoft.com/kb/216498
http://www.petri.co.il/delete_failed_dcs_from_ad.htm

Step 2:
Run netdiag command and check for the errors.

Step 3:
run netdiag /fix.
It will rebuild the DNS architecture as per sites and services.

Any issue, let us know.

Regards,
Prem
0
 
Syed_M_UsmanCommented:
Make sure your FSMO holder is up and running, you can verify by giving below command on any server on network

start>run>cmd>netdom /qury fsmo

check your replication status

start>run>cmd>repadmin /show repl


take your current active DC backup and do followings.

Open DNS Console and take properties> delete all old DC server records from dns..
Open AD>Go to DC ou, Check if old DC exist> delete old dc record.
restart any Dc is your network,,, wait for sometime till replication finish...
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
Leon FesterCommented:
erm...where do you get this error message?
0
 
SigSupportAuthor Commented:
Hi dvt-localboy,
I have installed a tool from Quest/ScriptLogic called Active Administration and in it's reports I get the error I have included it as a print screen

I need to clarify also one point, the DC that failed during the demotion is still a domain controller, it was not removed. I just remoted the DNS role and re install it so now it is a fully functional DC again, BUT I still see that error message. And my goal is still to demote it cleanly tonight.
tx!

Dns error message
Here's what I found on Quest's sites but the problem is that it applies when the DC is not a DC anymore which is not my case.
CAUSE:

When a domain controller in Active Directory is demoted or promoted and the process fails (the reasons for your failure are outside the scope of this article), you may be left with remains of the domain controller object and some of its attributes/metadata in Active Directory. One such remnant may be a member server, once demoted, remaining in AD Sites and Services as a Domain Controller. Examine your Server containers in all Sites to locate a computer account that is no longer a domain controller. Once this computer account is identified in AD Sites and Services, examine the computer Attribute dnsHostName and its value using ADSIEdit.msc. The Distinguish path for this object/attribute in Active Directory is as follows:

Sites and Services located in:

CN=Servers,CN=Site-Name,CN=Sites,CN=Configuration,DC=DomainName,DC=Suffix there is not dnsHostName Attribute value:

[image]

 

RESOLUTION:

Non domain controller computer accounts should not be in any server container within AD Sites and Services, and need to be removed. Consult Microsoft best practice guidelines to properly remove the Domain Controller metadata from Active Directory.
0
 
Leon FesterCommented:
I'm not familiar with that tool, but it could just be that the AD database has an entry for a server that no longer has a DNS record.

I'd suggest you check out the links that premglitz posted.
It's a simple way of cleaning up failed/tombstoned/deleted Domain Controllers.

Then run your standard AD diagnostic tool, dcdiag on each server.
It should be able to tell if you have any errors.
Run it on each DC to check for errors and look for any tests that failed.
0
 
SigSupportAuthor Commented:
I tried a couple of test listed below and none found an error. But If I tweak the dcdiag test to included the /dns I have errors on Capri which I don't understand and roma the server that add a demotion remotion problem no errors?? Here they are
U:\>dcdiag /test:dns

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\SSCAPRI
      Starting test: Connectivity
         ......................... SSCAPRI passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\SSCAPRI

DNS Tests are running and not hung. Please wait a few minutes...

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : teknor

   Running enterprise tests on : teknor.com
      Starting test: DNS
         Test results for domain controllers:

            DC: SSCAPRI.teknor.com
            Domain: teknor.com


               TEST: Forwarders/Root hints (Forw)
                  Error: Forwarders list has invalid forwarder: 206.47.199.155 (<name unavailable>)
                  Error: Forwarders list has invalid forwarder: 209.226.175.141 (<name unavailable>)
                  Error: Forwarders list has invalid forwarder: 8.8.4.4 (<name unavailable>)
                  Error: Forwarders list has invalid forwarder: 8.8.8.8 (<name unavailable>)
                  Error: Root hints list has invalid root hint server: a.root-servers.net. (198.41.0.4)
                  Error: Root hints list has invalid root hint server: b.root-servers.net. (128.9.0.107)
                  Error: Root hints list has invalid root hint server: c.root-servers.net. (192.33.4.12)
                  Error: Root hints list has invalid root hint server: d.root-servers.net. (128.8.10.90)
                  Error: Root hints list has invalid root hint server: e.root-servers.net. (192.203.230.10)
                  Error: Root hints list has invalid root hint server: f.root-servers.net. (192.5.5.241)
                  Error: Root hints list has invalid root hint server: g.root-servers.net. (192.112.36.4)
                  Error: Root hints list has invalid root hint server: h.root-servers.net. (128.63.2.53)
                  Error: Root hints list has invalid root hint server: i.root-servers.net. (192.36.148.17)
                  Error: Root hints list has invalid root hint server: j.root-servers.net. (192.58.128.30)
                  Error: Root hints list has invalid root hint server: k.root-servers.net. (193.0.14.129)
                  Error: Root hints list has invalid root hint server: l.root-servers.net. (198.32.64.12)
                  Error: Root hints list has invalid root hint server: m.root-servers.net. (202.12.27.33)

               TEST: Dynamic update (Dyn)
                  Warning: Dynamic update is enabled on the zone but not secure teknor.com.

         Summary of test results for DNS servers used by the above domain controllers:

            DNS server: 8.8.8.8 (<name unavailable>)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 8.8.8.8

            DNS server: 8.8.4.4 (<name unavailable>)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 8.8.4.4

            DNS server: 209.226.175.141 (<name unavailable>)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 209.226.175.141

            DNS server: 206.47.199.155 (<name unavailable>)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 206.47.199.155

            DNS server: 202.12.27.33 (m.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 202.12.27.33

            DNS server: 198.41.0.4 (a.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 198.41.0.4

            DNS server: 198.32.64.12 (l.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 198.32.64.12

            DNS server: 193.0.14.129 (k.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 193.0.14.129

            DNS server: 192.58.128.30 (j.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.58.128.30

            DNS server: 192.5.5.241 (f.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.5.5.241

            DNS server: 192.36.148.17 (i.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.36.148.17

            DNS server: 192.33.4.12 (c.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.33.4.12

            DNS server: 192.203.230.10 (e.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.203.230.10

            DNS server: 192.112.36.4 (g.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.112.36.4

            DNS server: 128.9.0.107 (b.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.9.0.107

            DNS server: 128.8.10.90 (d.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.8.10.90

            DNS server: 128.63.2.53 (h.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.63.2.53

         Summary of DNS test results:

                                            Auth Basc Forw Del  Dyn  RReg Ext
               ________________________________________________________________
            Domain: teknor.com
               SSCAPRI                      PASS PASS FAIL PASS WARN PASS n/a

         ......................... teknor.com failed test DNS


*****************************************
And heres for roma
U:\>dcdiag /test:dns

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\SSROMA
      Starting test: Connectivity
         ......................... SSROMA passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\SSROMA

DNS Tests are running and not hung. Please wait a few minutes...

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : teknor

   Running enterprise tests on : teknor.com
      Starting test: DNS
         Test results for domain controllers:

            DC: ssroma.teknor.com
            Domain: teknor.com


               TEST: Dynamic update (Dyn)
                  Warning: Dynamic update is enabled on the zone but not secure teknor.com.

         Summary of DNS test results:

                                            Auth Basc Forw Del  Dyn  RReg Ext
               ________________________________________________________________
            Domain: teknor.com
               ssroma                       PASS PASS PASS PASS WARN PASS n/a

         ......................... teknor.com passed test DNS
0
 
Leon FesterCommented:
Just run the "DCDIAG /V" test.

Check the DNS Settings on the network card and specify the correct IP address for the DNS servers.
Don't use the 127.0.0.1 address while we're testing.
0
 
SigSupportAuthor Commented:
When I do that I don't see any errors. I have attached both results.
dcdiagrroma.txt
dcdiag.txt
0
 
Leon FesterCommented:
You didn't remove the failed DC yet, AD still has references to a 3rd DC.
Look at the top of yor DCDIAG results:
  * Found 3 DC(s). Testing 1 of them.

We cannot move further while the failed DC is still registered in AD.
Please follow the instructions for deleting a failed DC as posted earlier...

You can confirm the names of all the DC's registered in AD by running
nltest /dclist:teknor.com

Open in new window

0
 
SigSupportAuthor Commented:
There is no failed DC, that's my point.
I have 3 DC's and all 3 works!
I fixed all errors on the dc that failed the demotion, then I try to demote them again and it worked perfectly. I then re-dcpro it and it worked like a charm. It's AD is sound, it's DNS and it's NTP.
But I still have the problem.
0
 
Premkumar YogeswaranCommented:
Hi,

Check any error occurs for below command

netdiag

If it occurs....
nest run

netdiag /fix

After replication, then try to run netdiag and look for the output...

Regards,
Prem
0
 
DrDave242Commented:
Run adsiedit.msc and connect to the Configuration naming context.  Then expand CN=Configuration,DC=domain,DC=suffix > CN=Sites > CN=Default-First-Site-Name.  Click on CN=Servers in the left pane, and the right pane should show you a list of folders corresponding to your DCs.  Right-click each of those folders and select Properties, then check the list of attributes in the properties window and make sure there is a dNSHostName attribute with the correct value (the DNS host name of the server in question).  If that attribute is not set on any of those objects, set it to the correct value and force replication, then run the Quest tool again.
0
 
SigSupportAuthor Commented:
DrDave242
Weird, when I did the adsiedit.msc procedure you said, I see 4 servers! and the 4th one is my exchange server?? I have 2 both only this one is showing there I don't know why. That by it-self raises questions.
And the only one in the 4 where dNSHostName was not set was that Exchange server!
So what should I do, find out why it is listed there and maybe remove it since it is not a DC or not even a DNS server, or add the dNSHostName values in there.
I want to make sure I do not impact anything, expecially our Exchange server.
0
 
DrDave242Commented:
Go ahead and add the dNSHostName attribute to the Exchange server's object; you won't be putting anything at risk by doing that, and if everything works at that point, you're good to go!  Does that Exchange server show up in AD Sites & Services?  That would explain why it's there in ADSIEdit too.
0
 
SigSupportAuthor Commented:
It works!
Thanks
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 6
  • 4
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now