asked on 2008 AD DNS Recreation
My AD DNS is a bit messed up, I am unable to add new DCs to the domain as it states it is unable to find the domain in DNS.
Is there a way to recreate the DNS?
Is there a way to recreate the DNS?
DNSWindows Server 2008
Last Comment
DJMohr
have a look at the exisiting Domain controllers (assuming they are the DNS servers as well)
what forward lookup zones do you have listed
you should have something like
_msdcs.domain.internal
domain.internal
then below them are various sub zones which contain the all the service records which helps DC's find the domain
what forward lookup zones do you have listed
you should have something like
_msdcs.domain.internal
domain.internal
then below them are various sub zones which contain the all the service records which helps DC's find the domain
Since 2008 doesn't have the "netdiag /fix" command, can you restart the nelogon service and check whether it resolves the issue.
This can be dangerous so please do it in test environment first : If restarting netlogon service doesn't work, then we can delete the zones and just create the zones containers and restart netlogon, this normally re-creates the records.
This can be dangerous so please do it in test environment first : If restarting netlogon service doesn't work, then we can delete the zones and just create the zones containers and restart netlogon, this normally re-creates the records.
Also this server should point to it's own IP as preferred DNS Server.
if you are pointing it at itself it needs to be the loop back address and not the network IP
Recreating DNS isn't that hard, but it may not be necessary. How many existing DCs do you have, and are they all using only internal DNS servers? Is the server that you're trying to promote also using internal DNS servers only? Are there any errors on the existing DCs indicating any kind of replication issues?
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
@ TomRScott
The server can't see the Domain regardless of any format that I use for the domain.
@ irweazelwallis
This is where the issue is I think
_msdcs.domain.internal
domain.internal
mine shows
_msdcs.some random number
domain.local
@ thomasclm
I have run ipconfig /flushdns and /registerdns and restarted netlogon and it makes no difference.
@ irweazelwallis
So instead of 192.168.0.1 it should be 127.0.0.1?
@ DrDave242
There are currently 2 DCs, all point to internal DNS, the new server is also pointing to internal DNS but is at a remote location, the server in question use to be a DC and needs to be re-added as a RODC, Firewall is not blocking anything, was one of the first things I checked. I do have some replication issues with the SYSVOL and NETLOGON volumes, still working on that but not having much luck.
@ irweazelwallis
nslookup to all servers involved works fine.
doing a nslookup to my internal domain returns with DNS servers IPs, so that works.
The server can't see the Domain regardless of any format that I use for the domain.
@ irweazelwallis
This is where the issue is I think
_msdcs.domain.internal
domain.internal
mine shows
_msdcs.some random number
domain.local
@ thomasclm
I have run ipconfig /flushdns and /registerdns and restarted netlogon and it makes no difference.
@ irweazelwallis
So instead of 192.168.0.1 it should be 127.0.0.1?
@ DrDave242
There are currently 2 DCs, all point to internal DNS, the new server is also pointing to internal DNS but is at a remote location, the server in question use to be a DC and needs to be re-added as a RODC, Firewall is not blocking anything, was one of the first things I checked. I do have some replication issues with the SYSVOL and NETLOGON volumes, still working on that but not having much luck.
@ irweazelwallis
nslookup to all servers involved works fine.
doing a nslookup to my internal domain returns with DNS servers IPs, so that works.
ASKER
Ok hang on, seems to have worked now, changed the Primary DNS of the server I wanted to add to point my DNS server at HQ.
But why wouldnt it have worked if it pointed to itself if the server is configured as a DNS server? Would it be because it is configured as a Secondary Zone?
But why wouldnt it have worked if it pointed to itself if the server is configured as a DNS server? Would it be because it is configured as a Secondary Zone?
ok so DNS is working ok but the SRV records that help find things on the domain are broken.
is there anything in that folder _.msdcs......
i had this issue on a test domain and i was quite brutal with fixing it i did some deleting and a few other bits to get it back and working.
you have a few options - as safe one is this article from MS - but i think you might have already tried a few of the steps
http://support.microsoft.com/kb/310568
you could also try deleting the zone and restarting netlogon on the DC's to repopulate this - but there are risks with doing this
is there anything in that folder _.msdcs......
i had this issue on a test domain and i was quite brutal with fixing it i did some deleting and a few other bits to get it back and working.
you have a few options - as safe one is this article from MS - but i think you might have already tried a few of the steps
http://support.microsoft.com/kb/310568
you could also try deleting the zone and restarting netlogon on the DC's to repopulate this - but there are risks with doing this
its possible that it hasn't replicated DNS yet so has none of the information so when you tried to add it to the domain it still didn't know where to go
when configuring DNS i put onto DC's so that its AD integrated which give a lot more security and functionality
When configuring the DNS on those servers the primary DNS is pointed at the other sever (assuming you have at least 2) and the second it pointed at 127.0.0.1
when configuring DNS i put onto DC's so that its AD integrated which give a lot more security and functionality
When configuring the DNS on those servers the primary DNS is pointed at the other sever (assuming you have at least 2) and the second it pointed at 127.0.0.1
ASKER
I have attached a screen shot of my DNS on my PDC,
One thing is bothering me though, and not sure if I'm just not thinking straight, under the domains folder it doesn't say my internal domain name, just a number, that normal?
Untitled.jpg
One thing is bothering me though, and not sure if I'm just not thinking straight, under the domains folder it doesn't say my internal domain name, just a number, that normal?
Untitled.jpg
yes thats correct. If you look under msdcs it will give a GUID and not a logical name
the one you have redacted it the only place where it will say the logical internal domain name
the one you have redacted it the only place where it will say the logical internal domain name
ASKER
Ok, so all should be fine then?
yeap i reckon so
if you can add servers to the domain and nslookup come back ok then you should be fine
check the AD errors out with replication to be sure
if you can add servers to the domain and nslookup come back ok then you should be fine
check the AD errors out with replication to be sure
ASKER
Thanks to all who responded.
For myoffice.mydomain.local (or myoffice.mydomain.com) use only myoffice when specifying the domain to join.
If you attempt to join the "myoffice.mydomain.local" domain, it will spin for a while and respond that the domain can not be found.
- Tom