SBSIAdmin
asked on
Unable to perform DNS lookups against SBS 2011 server
Ok, here's the scenario. I built a new server with SBS 2011. I uninstalled SharePoint, disabled all Exchange services, but left SQL and all other apps/services intact. I built a second server also with SBS 2011; however, that server really only needed to be a file server, so I uninstalled SharePoint and SQL, and disabled all of the Exchange services. I know I probably should've just used 2008 R2, but this is what I had for licenses so I'm making the best of it.
After uninstalling the unneeded stuff from the second server, and applying all applicable Windows patches, I removed the domain and set to a workgroup server. My intent was then to join the domain on the first server. That's when I discovered a problem. Svr2 is unable to do DNS lookups against Svr1, so joining the domain fails because it can't resolve.
Actions taken:
- I've added the domain of Svr1 to the domain suffix list on Svr2
- Svr2 can ping Svr1 by name; however, nslookup of Svr1 on Svr2 fails. Weird.
- I tried adding a local host file entry on Svr2, but that didn't work. That's probably
why I can ping Svr1 by name, but nslookup fails.
- I've verified that "Everyone" has access to DNS on Svr1.
- I've run simply and recursive tests via DNS Admin on Svr1 and both are successful.
- Svr1's DNS is configured with external IP's as Forwarders for internet browsing.
- Svr2 has Svr1 defined as its primary DNS. Svr2 is able to resolve public domains. In
other words, Svr2 is unable to resolve svr1.domain; however, Svr2 is able to use
Svr1 as DNS with Forwarder to resolve www.google.com.
I'm really baffled by this and not quite sure what else to try. I've read horror stories about trying to deviate at all from SBS 2011's canned script, so I'm wondering if that's what's going on here. My #1 issue is that I'm unable to join Svr2 to Svr1's domain and that seems to be rooted in the fact that Svr2 can't resolve to Svr1.
After uninstalling the unneeded stuff from the second server, and applying all applicable Windows patches, I removed the domain and set to a workgroup server. My intent was then to join the domain on the first server. That's when I discovered a problem. Svr2 is unable to do DNS lookups against Svr1, so joining the domain fails because it can't resolve.
Actions taken:
- I've added the domain of Svr1 to the domain suffix list on Svr2
- Svr2 can ping Svr1 by name; however, nslookup of Svr1 on Svr2 fails. Weird.
- I tried adding a local host file entry on Svr2, but that didn't work. That's probably
why I can ping Svr1 by name, but nslookup fails.
- I've verified that "Everyone" has access to DNS on Svr1.
- I've run simply and recursive tests via DNS Admin on Svr1 and both are successful.
- Svr1's DNS is configured with external IP's as Forwarders for internet browsing.
- Svr2 has Svr1 defined as its primary DNS. Svr2 is able to resolve public domains. In
other words, Svr2 is unable to resolve svr1.domain; however, Svr2 is able to use
Svr1 as DNS with Forwarder to resolve www.google.com.
I'm really baffled by this and not quite sure what else to try. I've read horror stories about trying to deviate at all from SBS 2011's canned script, so I'm wondering if that's what's going on here. My #1 issue is that I'm unable to join Svr2 to Svr1's domain and that seems to be rooted in the fact that Svr2 can't resolve to Svr1.
David Johnson, CD
What you have is because you are trying to get around licensing limitations. Each SBS Server HAS to be the one and only boss of their domain.
Hello,
AS ve3ofa has said, SBS 2011 is mean to be the root of the domain. You are violating Microsofts licencing agreements by having two on the same network for the same company.
As you said in your original post, what you should have done is installed SBS 2011 and a SERVER 2008 R2 (Premiem Add-on would also have given you full SQL Server). What you have at the moment is a mess.
Have you added a forward lookup zone and created A-Records for each of the Servers?
AS ve3ofa has said, SBS 2011 is mean to be the root of the domain. You are violating Microsofts licencing agreements by having two on the same network for the same company.
As you said in your original post, what you should have done is installed SBS 2011 and a SERVER 2008 R2 (Premiem Add-on would also have given you full SQL Server). What you have at the moment is a mess.
Have you added a forward lookup zone and created A-Records for each of the Servers?
ASKER
I don't feel as though I'm trying to get around licensing limitations if I own two licenses of SBS 2011. Wouldn't that make it perfectly legal? Are you saying that you can't have two SBS 2011 servers on your network?
What I'm trying to get around is all of the extra bundled stuff with SBS 2011 that I don't need on the second server.
What I really wanted was two 2008 R2 servers and two SQL 2008 Standard licenses. In order to do that cost effectively, I opted to purchase two copies of SBS 2011, which comes with SQL Server bundled. That was my original plan. The more I'm getting into this, the more I'm learning that SBS 2011 has issues if you attempt to deviate from its original packaging in any way, shape, or form! Much of the chatter I've read would seem to suggest that SBS 2011 is a mess no matter how you implement it.
I've never actually heard of the "Premium Add-on". Is that available for 2008 R2, or is that only available for SBS 2011? And in theory, purchasing Premium Add-on for 2008 R2 would be less expensive than purchasing SQL Server Standard??
The first SBS 2011 still holds the original domain and DNS with a forward lookup zone. It's a fully-functional, in-production server. I created A records for both servers with their IP4 addresses because the auto-created A records utilized the IP6 address.
So should I just scrap the second SBS 2011 license and purchase a 2008 R2 license? Before I do that I'll test to make sure that any device can do DNS lookups against the original server. It just doesn't seem like an issue with the second server; it seems like an issue with the first server. The other strange thing is that the second server can do public DNS lookups through the first server (Forwarders), but it can't resolve any local DNS records. That would seem to suggest an issue with the first server.
What I'm trying to get around is all of the extra bundled stuff with SBS 2011 that I don't need on the second server.
What I really wanted was two 2008 R2 servers and two SQL 2008 Standard licenses. In order to do that cost effectively, I opted to purchase two copies of SBS 2011, which comes with SQL Server bundled. That was my original plan. The more I'm getting into this, the more I'm learning that SBS 2011 has issues if you attempt to deviate from its original packaging in any way, shape, or form! Much of the chatter I've read would seem to suggest that SBS 2011 is a mess no matter how you implement it.
I've never actually heard of the "Premium Add-on". Is that available for 2008 R2, or is that only available for SBS 2011? And in theory, purchasing Premium Add-on for 2008 R2 would be less expensive than purchasing SQL Server Standard??
The first SBS 2011 still holds the original domain and DNS with a forward lookup zone. It's a fully-functional, in-production server. I created A records for both servers with their IP4 addresses because the auto-created A records utilized the IP6 address.
So should I just scrap the second SBS 2011 license and purchase a 2008 R2 license? Before I do that I'll test to make sure that any device can do DNS lookups against the original server. It just doesn't seem like an issue with the second server; it seems like an issue with the first server. The other strange thing is that the second server can do public DNS lookups through the first server (Forwarders), but it can't resolve any local DNS records. That would seem to suggest an issue with the first server.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok, good information, thank you. I'll scrap the second instance of SBS 2011 and actually, never deploy SBS 2011 ever again. It has been a huge pain in the a** from the get-go. The first eye opener for me was when the install took upwards of 15 hours to complete!! It was crazy, and that was on new hardware. I did poking around online for that one and read a lot of chatter that excessive install times for SBS 2011 weren't uncommon. I spin up 2008 servers all the time and have never had the issues I've experienced with SBS 2011.
I'm done. Going to retire from all future SBS 2011 adventures!! Thanks again.
I'm done. Going to retire from all future SBS 2011 adventures!! Thanks again.