We value your feedback.
Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!
COURSE of the MONTH
10 days, 6 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
2008 AD DNS Recreation
Posted on 2013-01-02
My AD DNS is a bit messed up, I am unable to add new DCs to the domain as it states it is unable to find the domain in DNS.
Is there a way to recreate the DNS?
Is there a way to recreate the DNS?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
7-
5
2- +2
16 Comments
A common mistake is to use the whole domain name. Only use the leftmost portion of the domain name.
For myoffice.mydomain.local (or myoffice.mydomain.com) use only myoffice when specifying the domain to join.
If you attempt to join the "myoffice.mydomain.local" domain, it will spin for a while and respond that the domain can not be found.
- Tom
For myoffice.mydomain.local (or myoffice.mydomain.com) use only myoffice when specifying the domain to join.
If you attempt to join the "myoffice.mydomain.local" domain, it will spin for a while and respond that the domain can not be found.
- Tom
Active 3 days ago
have a look at the exisiting Domain controllers (assuming they are the DNS servers as well)
what forward lookup zones do you have listed
you should have something like
_msdcs.domain.internal
domain.internal
then below them are various sub zones which contain the all the service records which helps DC's find the domain
what forward lookup zones do you have listed
you should have something like
_msdcs.domain.internal
domain.internal
then below them are various sub zones which contain the all the service records which helps DC's find the domain
Since 2008 doesn't have the "netdiag /fix" command, can you restart the nelogon service and check whether it resolves the issue.
This can be dangerous so please do it in test environment first : If restarting netlogon service doesn't work, then we can delete the zones and just create the zones containers and restart netlogon, this normally re-creates the records.
This can be dangerous so please do it in test environment first : If restarting netlogon service doesn't work, then we can delete the zones and just create the zones containers and restart netlogon, this normally re-creates the records.
Active 3 days ago
if you are pointing it at itself it needs to be the loop back address and not the network IP
Active 3 days ago
Recreating DNS isn't that hard, but it may not be necessary. How many existing DCs do you have, and are they all using only internal DNS servers? Is the server that you're trying to promote also using internal DNS servers only? Are there any errors on the existing DCs indicating any kind of replication issues?
Active 3 days ago
if you can list out the folders you have in your DNS we can figure out if its just an issue with a server or DNS in total
additional check you can do
run nslookup from an existing member server/workstation
make sure its pointing at one of your DC's/DNS servers
then lookup your internal domain name and you should get a reply with the IP's of any DC's
using "server xxx.xxx.xxx.xxx" you can point this at other DC's/DNS servers and do the same check
additional check you can do
run nslookup from an existing member server/workstation
make sure its pointing at one of your DC's/DNS servers
then lookup your internal domain name and you should get a reply with the IP's of any DC's
using "server xxx.xxx.xxx.xxx" you can point this at other DC's/DNS servers and do the same check
@ TomRScott
The server can't see the Domain regardless of any format that I use for the domain.
@ irweazelwallis
This is where the issue is I think
_msdcs.domain.internal
domain.internal
mine shows
_msdcs.some random number
domain.local
@ thomasclm
I have run ipconfig /flushdns and /registerdns and restarted netlogon and it makes no difference.
@ irweazelwallis
So instead of 192.168.0.1 it should be 127.0.0.1?
@ DrDave242
There are currently 2 DCs, all point to internal DNS, the new server is also pointing to internal DNS but is at a remote location, the server in question use to be a DC and needs to be re-added as a RODC, Firewall is not blocking anything, was one of the first things I checked. I do have some replication issues with the SYSVOL and NETLOGON volumes, still working on that but not having much luck.
@ irweazelwallis
nslookup to all servers involved works fine.
doing a nslookup to my internal domain returns with DNS servers IPs, so that works.
The server can't see the Domain regardless of any format that I use for the domain.
@ irweazelwallis
This is where the issue is I think
_msdcs.domain.internal
domain.internal
mine shows
_msdcs.some random number
domain.local
@ thomasclm
I have run ipconfig /flushdns and /registerdns and restarted netlogon and it makes no difference.
@ irweazelwallis
So instead of 192.168.0.1 it should be 127.0.0.1?
@ DrDave242
There are currently 2 DCs, all point to internal DNS, the new server is also pointing to internal DNS but is at a remote location, the server in question use to be a DC and needs to be re-added as a RODC, Firewall is not blocking anything, was one of the first things I checked. I do have some replication issues with the SYSVOL and NETLOGON volumes, still working on that but not having much luck.
@ irweazelwallis
nslookup to all servers involved works fine.
doing a nslookup to my internal domain returns with DNS servers IPs, so that works.
Ok hang on, seems to have worked now, changed the Primary DNS of the server I wanted to add to point my DNS server at HQ.
But why wouldnt it have worked if it pointed to itself if the server is configured as a DNS server? Would it be because it is configured as a Secondary Zone?
But why wouldnt it have worked if it pointed to itself if the server is configured as a DNS server? Would it be because it is configured as a Secondary Zone?
Active 3 days ago
ok so DNS is working ok but the SRV records that help find things on the domain are broken.
is there anything in that folder _.msdcs......
i had this issue on a test domain and i was quite brutal with fixing it i did some deleting and a few other bits to get it back and working.
you have a few options - as safe one is this article from MS - but i think you might have already tried a few of the steps
http://support.microsoft.com/kb/310568
you could also try deleting the zone and restarting netlogon on the DC's to repopulate this - but there are risks with doing this
is there anything in that folder _.msdcs......
i had this issue on a test domain and i was quite brutal with fixing it i did some deleting and a few other bits to get it back and working.
you have a few options - as safe one is this article from MS - but i think you might have already tried a few of the steps
http://support.microsoft.com/kb/310568
you could also try deleting the zone and restarting netlogon on the DC's to repopulate this - but there are risks with doing this
Active 3 days ago
its possible that it hasn't replicated DNS yet so has none of the information so when you tried to add it to the domain it still didn't know where to go
when configuring DNS i put onto DC's so that its AD integrated which give a lot more security and functionality
When configuring the DNS on those servers the primary DNS is pointed at the other sever (assuming you have at least 2) and the second it pointed at 127.0.0.1
when configuring DNS i put onto DC's so that its AD integrated which give a lot more security and functionality
When configuring the DNS on those servers the primary DNS is pointed at the other sever (assuming you have at least 2) and the second it pointed at 127.0.0.1
I have attached a screen shot of my DNS on my PDC,
One thing is bothering me though, and not sure if I'm just not thinking straight, under the domains folder it doesn't say my internal domain name, just a number, that normal?
Untitled.jpg
One thing is bothering me though, and not sure if I'm just not thinking straight, under the domains folder it doesn't say my internal domain name, just a number, that normal?
Untitled.jpg
Active 3 days ago
yes thats correct. If you look under msdcs it will give a GUID and not a logical name
the one you have redacted it the only place where it will say the logical internal domain name
the one you have redacted it the only place where it will say the logical internal domain name
Active 3 days ago
yeap i reckon so
if you can add servers to the domain and nslookup come back ok then you should be fine
check the AD errors out with replication to be sure
if you can add servers to the domain and nslookup come back ok then you should be fine
check the AD errors out with replication to be sure
Featured Post
The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders.
Click on Start and then select Computer to view the available drives on the se…
This Micro Tutorial hows how you can integrate Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease.
The following video show how to bind OSX Mavericks to …
Suggested Courses
Course of the Month10 days, 6 hours left to enroll
765 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.