Solved

DNS problem with new Domain Controller

Posted on 2013-06-12
9
323 Views
Last Modified: 2016-11-23
Hi,

I have a small problem with one of my DCs.
I recently built a new DC using a Dell 2850, running Windows Server 2008 R2 x64. I was given a project to upgrade all our training infrastructure to x64 bit.

The DC has been built and works okay, however I'm having real difficulties with DNS, AD Replication.

I'm unable to do a replication to the new DC, as it complains about RPC errors. I know the IP addressing that I've used is fine as the server can be pinged from any of the other servers.

I ran the DNS tests from a command prompt but to no avail. I have attached both files as well to make it easier to see what I have done.

From server 1 I can create an object in AD and have it replicate successfully. However it does not work the other way. I am going to demote the old DC and transfer its roles, DHCP etc...

I know there is a Windows Migration tool in Server 2008 to do this but I am not clued up in Powershell well enough to do this yet.

So everyone is clear, the setup currently is:

DC1 - Server 2003 R2 (Schema Master etc)
DC2 - Server 2008 R2 x64 (Normal DC/GC server)

Any help would be appreciated.
dcdiag.txt
dnstest.log
0
Comment
Question by:ambri5h
  • 5
  • 3
9 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 39242711
Is KHC-STU-DC4 the new DC?
0
 
LVL 2

Author Comment

by:ambri5h
ID: 39242744
nope, its HCBETA-BHS-DC1

Basically KHC-STU-DC3 and KHC-STU-DC4 are remote, i.e. in a data centre and between a DMZ some place.

KHC-STU-DC2 and HCBETA-BHS-DC1 are in the same building.

KHC-STU-DC0 is in another building
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 39242762
Can you run repadmin /showreps and repadmin /showrepl from BHS-DC1?

Thanks

Mike
0
 
LVL 2

Author Comment

by:ambri5h
ID: 39242791
repadmin /showreps - output:
C:\Users\administrator.HCBETA>repadmin /showreps
Holborn-College\HCBETA-BHS-DC1
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: 9fc724d9-37c7-41a1-991d-87af5865240e
DSA invocationID: 2f7a237b-4c69-49a5-a758-50b74c879ace

==== INBOUND NEIGHBORS ======================================

DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.

CN=Configuration,DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.

CN=Schema,CN=Configuration,DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.

DC=ForestDnsZones,DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.

DC=DomainDnsZones,DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.

===================================================================

repadmin /showrepl - output:
C:\Users\administrator.HCBETA>repadmin /showreps
Holborn-College\HCBETA-BHS-DC1
DSA Options: IS_GC
Site Options: (none)
DSA object GUID: 9fc724d9-37c7-41a1-991d-87af5865240e
DSA invocationID: 2f7a237b-4c69-49a5-a758-50b74c879ace

==== INBOUND NEIGHBORS ======================================

DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.

CN=Configuration,DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.

CN=Schema,CN=Configuration,DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.

DC=ForestDnsZones,DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.

DC=DomainDnsZones,DC=hcbeta,DC=com
    Holborn-College\KHC-STU-DC2 via RPC
        DSA object GUID: a0bce9d5-ef37-4ccc-af02-cdfdaa4c4707
        Last attempt @ 2013-06-12 21:48:48 was successful.
    InTech-DC-DMZ\KHC-STU-DC4 via RPC
        DSA object GUID: 7583b48b-e979-4ac6-af27-3f4660f0abe8
        Last attempt @ 2013-06-12 22:18:48 was successful.
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 9

Assisted Solution

by:Zenvenky
Zenvenky earned 250 total points
ID: 39243410
It is a DNS mis-configuration issue. As per the logs I see connectivity issues on KHC-STU-DC4, PWHCBADC01, HCBETA-BHS-DC1. Use below link and correct DNS settings and restart DNS and Netlogon. Once everything is done and if you see any errors in repadmin /replsum and dcdiag /test:dns log let us know.

DNS Best Practices

Authoritative Time Server
0
 
LVL 2

Author Comment

by:ambri5h
ID: 39244052
repadmin /replsum results:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\administrator.HCBETA>repadmin /replsum
Replication Summary Start Time: 2013-06-13 11:41:16

Beginning data collection for replication summary, this may take awhile:
  .........


Source DSA          largest delta    fails/total %%   error
 KHC-STU-DC0               20m:24s    0 /  10    0
 KHC-STU-DC2               51m:10s    3 /  22   13  (1722) The RPC server is una
vailable.
 KHC-STU-DC3               20m:23s    0 /   6    0
 KHC-STU-DC4               20m:21s    0 /  15    0


Destination DSA     largest delta    fails/total %%   error
 HCBETA-BHS-DC1            51m:13s    0 /  10    0
 KHC-STU-DC0               04m:04s    0 /   5    0
 KHC-STU-DC2               19m:25s    0 /  13    0
 KHC-STU-DC3               11m:25s    0 /   3    0
 KHC-STU-DC4               17m:57s    3 /   5   60  (1722) The RPC server is una
vailable.
 PWHCBADC01                20m:25s    0 /  17    0


dcdiag /test:dns results
please see logfile
dcdiag-13june2013.log
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 250 total points
ID: 39244211
Also look at this technet KB for the RPC issue

http://support.microsoft.com/kb/2102154

Thanks

Mike
0
 
LVL 2

Assisted Solution

by:ambri5h
ambri5h earned 0 total points
ID: 39252495
Hi guys,

I actually did some more Googling and found this website: http://www.petenetlive.com/KB/Article/0000301.htm

Step 1 seems to have fixed things for me. I'm going to monitor this over the course of the week and will update this question later on this week.
0
 
LVL 2

Author Closing Comment

by:ambri5h
ID: 39366340
Provided another source of information for potential other users.
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
OfficeMate Freezes on login or does not load after login credentials are input.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now