Solved

DNS problem with new Domain Controller

Posted on 2013-06-12
9
330 Views
Last Modified: 2016-11-23
Hi,

I have a small problem with one of my DCs.
I recently built a new DC using a Dell 2850, running Windows Server 2008 R2 x64. I was given a project to upgrade all our training infrastructure to x64 bit.

The DC has been built and works okay, however I'm having real difficulties with DNS, AD Replication.

I'm unable to do a replication to the new DC, as it complains about RPC errors. I know the IP addressing that I've used is fine as the server can be pinged from any of the other servers.

I ran the DNS tests from a command prompt but to no avail. I have attached both files as well to make it easier to see what I have done.

From server 1 I can create an object in AD and have it replicate successfully. However it does not work the other way. I am going to demote the old DC and transfer its roles, DHCP etc...

I know there is a Windows Migration tool in Server 2008 to do this but I am not clued up in Powershell well enough to do this yet.

So everyone is clear, the setup currently is:

DC1 - Server 2003 R2 (Schema Master etc)
DC2 - Server 2008 R2 x64 (Normal DC/GC server)

Any help would be appreciated.
dcdiag.txt
dnstest.log
0
Comment
Question by:ambri5h
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
9 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 39242711
Is KHC-STU-DC4 the new DC?
0
 
LVL 2

Author Comment

by:ambri5h
ID: 39242744
nope, its HCBETA-BHS-DC1

Basically KHC-STU-DC3 and KHC-STU-DC4 are remote, i.e. in a data centre and between a DMZ some place.

KHC-STU-DC2 and HCBETA-BHS-DC1 are in the same building.

KHC-STU-DC0 is in another building
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 39242762
Can you run repadmin /showreps and repadmin /showrepl from BHS-DC1?

Thanks

Mike
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 2

Author Comment

by:ambri5h
ID: 39242791
repadmin /showreps - output:
C:\Users\administrator.HCBETA>repadmin /showreps
Holborn-College\HCBETA-BHS-DC1
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: 9fc724d9-37c7-41a1-991d-87af5865240e
DSA invocationID: 2f7a237b-4c69-49a5-a758-50b74c879ace

==== INBOUND NEIGHBORS ======================================

DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.

CN=Configuration,DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.

CN=Schema,CN=Configuration,DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.

DC=ForestDnsZones,DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.

DC=DomainDnsZones,DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.

===================================================================

repadmin /showrepl - output:
C:\Users\administrator.HCBETA>repadmin /showreps
Holborn-College\HCBETA-BHS-DC1
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: 9fc724d9-37c7-41a1-991d-87af5865240e
DSA invocationID: 2f7a237b-4c69-49a5-a758-50b74c879ace

==== INBOUND NEIGHBORS ======================================

DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.

CN=Configuration,DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.

CN=Schema,CN=Configuration,DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.

DC=ForestDnsZones,DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.

DC=DomainDnsZones,DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.
0
 
LVL 9

Assisted Solution

by:Zenvenky
Zenvenky earned 250 total points
ID: 39243410
It is a DNS mis-configuration issue. As per the logs I see connectivity issues on KHC-STU-DC4, PWHCBADC01, HCBETA-BHS-DC1. Use below link and correct DNS settings and restart DNS and Netlogon. Once everything is done and if you see any errors in repadmin /replsum and dcdiag /test:dns log let us know.

DNS Best Practices

Authoritative Time Server
0
 
LVL 2

Author Comment

by:ambri5h
ID: 39244052
repadmin /replsum results:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.HCBETA>repadmin /replsum
Replication Summary Start Time: 2013-06-13 11:41:16

Beginning data collection for replication summary, this may take awhile:
  .........


Source DSA          largest delta    fails/total %%   error
 KHC-STU-DC0               20m:24s    0 /  10    0
 KHC-STU-DC2               51m:10s    3 /  22   13  (1722) The RPC server is una
vailable.
 KHC-STU-DC3               20m:23s    0 /   6    0
 KHC-STU-DC4               20m:21s    0 /  15    0


Destination DSA     largest delta    fails/total %%   error
 HCBETA-BHS-DC1            51m:13s    0 /  10    0
 KHC-STU-DC0               04m:04s    0 /   5    0
 KHC-STU-DC2               19m:25s    0 /  13    0
 KHC-STU-DC3               11m:25s    0 /   3    0
 KHC-STU-DC4               17m:57s    3 /   5   60  (1722) The RPC server is una
vailable.
 PWHCBADC01                20m:25s    0 /  17    0


dcdiag /test:dns results
please see logfile
dcdiag-13june2013.log
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 250 total points
ID: 39244211
Also look at this technet KB for the RPC issue

http://support.microsoft.com/kb/2102154

Thanks

Mike
0
 
LVL 2

Assisted Solution

by:ambri5h
ambri5h earned 0 total points
ID: 39252495
Hi guys,

I actually did some more Googling and found this website: http://www.petenetlive.com/KB/Article/0000301.htm

Step 1 seems to have fixed things for me. I'm going to monitor this over the course of the week and will update this question later on this week.
0
 
LVL 2

Author Closing Comment

by:ambri5h
ID: 39366340
Provided another source of information for potential other users.
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question