Solved

default-first-site-name points to orphaned dc

Posted on 2014-12-30
10
370 Views
Last Modified: 2014-12-30
I had a dying dc (which also held all roles).
Was able to transfer roles before it died.
Could not run dcpromo before it died.
Cleared up metadata using Active Directory Users and Computers as per this article: http://technet.microsoft.com/en-us/library/cc816907%28v=ws.10%29.aspx#bkmk_graphical
I want to promote another server using a different name, but same ip address.
To do that, I wanted to make sure that DNS was clean and found some instances of the original server in DNS.
Additionally, found that the original server is referenced as the only server in Default First Sites under Forward Lookup Zones, DomainDNSZones, and ForestDNSZones.
The domain has been divided into two sites as well, which we will call SITE-1 and SITE-2
Services look correct in them (except for the extra orphaned server entry in SITE-1)
All existing dc pass all tests in dcdiag.

Do I need to do anything to the Default First Sites entries?
Am I safe to delete the extra entries for the orphaned server under SITE-1?

Thoughts?  Things I should look out for?

Thanks!
0
Comment
Question by:dustypenguin
  • 5
  • 4
10 Comments
 

Author Comment

by:dustypenguin
ID: 40523716
Note ... also noticed that the original server is the only entry in "Forward Lookup Zones ---> <DomainName> ---> _msdcs ....
0
 
LVL 25

Expert Comment

by:DrDave242
ID: 40523838
Deleting the records that refer to the defunct DC shouldn't cause a problem, but these statements are a little worrisome:

Additionally, found that the original server is referenced as the only server in Default First Sites under Forward Lookup Zones, DomainDNSZones, and ForestDNSZones.
Note ... also noticed that the original server is the only entry in "Forward Lookup Zones ---> <DomainName> ---> _msdcs ....
Would you mind posting screenshots of each of these locations?
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 40523878
I had a dying dc (which also held all roles).
Was able to transfer roles before it died.

The server that you transferred the roles to should be the one and replace the older server in those locations
0
 

Author Comment

by:dustypenguin
ID: 40523880
Remember that the DNS is divided into two sites, and the Default First Site Name entries may be redundant ( left over? Not sure of that, hence my question ?)

I'm getting that idea from this link https://social.technet.microsoft.com/Forums/windowsserver/en-US/9cdae960-f3e5-414b-87b3-40e3c6b0eafe/new-sites-and-services-setup-now-but-defaultfirstsitename-still-in-dns?forum=winserverDS

Little leery of posting screen shot.  Will see what I can do to clean one up.
0
 
LVL 25

Expert Comment

by:DrDave242
ID: 40524028
Sorry - the only reason I asked for a screenshot is so that I can be certain of the locations you're referring to. I'll do what I can without one, but I'll be making a couple of assumptions.

Additionally, found that the original server is referenced as the only server in Default First Sites under Forward Lookup Zones, DomainDNSZones, and ForestDNSZones.
DomainDnsZones\sites\Default-First-Site-Name\_tcp should contain _ldap SRV records for each domain controller in the domain that's located in the Default-First-Site-Name site and is also a DNS server.
ForestDnsZones\sites\Default-First-Site-Name\_tcp should contain _ldap SRV records for each domain controller in the forest that's located in the Default-First-Site-Name site and is also a DNS server.
If the forest contains a single domain, the records in these two locations will be identical.
If the forest was created back in the days of Windows 2000 (before the DomainDnsZones and ForestDnsZones partitions existed), your mileage may vary.

Note ... also noticed that the original server is the only entry in "Forward Lookup Zones ---> <DomainName> ---> _msdcs ....
Are you referring to the gray _msdcs folder within the DomainName zone? If so, that's the delegation that is supposed to contain name server (NS) records for each DNS server which hosts a copy of the _msdcs.DomainName zone. I have seen this delegation fail to update as new DNS servers are added, and it's simple to fix. Just right-click that gray folder and select Properties. In the Name Servers tab, click Add and add entries for each DNS server which hosts a copy of the _msdcs.DomainName forward lookup zone.
0
 

Author Comment

by:dustypenguin
ID: 40524088
   DomainDnsZones\sites\Default-First-Site-Name\_tcp should contain _ldap SRV records for each domain controller in the domain that's located in the Default-First-Site-Name site and is also a DNS server.

    ForestDnsZones\sites\Default-First-Site-Name\_tcp should contain _ldap SRV records for each domain controller in the forest that's located in the Default-First-Site-Name site and is also a DNS server.

This is where I am a little hazy.  Under _sites there are three entries; Default-First-Site-Name, SITE1 and SITE2.  The original site back in history was broken into SITE1 and SITE2.  The _tcp entries for SITE1 and SITE2 correspond correctly to the servers in each location.  There is, in reality no site that corresponds to Default-First-Site-Name .... Does that make it either discardable, or ignorable?

Just above the _sites entry is the _msdcs entry (yes, it is grey), that only has the now defunct server listed.  I understand you to believe I should still add new servers there in that scenario, correct?

Thanks for your time.

I have not given up on doing a screen shot, and will get one up eventually.
0
 
LVL 25

Expert Comment

by:DrDave242
ID: 40524129
The _tcp entries for SITE1 and SITE2 correspond correctly to the servers in each location.  There is, in reality no site that corresponds to Default-First-Site-Name .... Does that make it either discardable, or ignorable?
Either one. It's not hurting anything by remaining in DNS, but since it doesn't refer to an actual site, it's not serving any purpose either. Personally, I'd get rid of it, in the interest of keeping DNS as clean as possible, but it's up to you.

Just above the _sites entry is the _msdcs entry (yes, it is grey), that only has the now defunct server listed.  I understand you to believe I should still add new servers there in that scenario, correct?
Correct. That delegation is serving a purpose - directing queries for records in the _msdcs zone to the servers that host a copy of that zone - so it should be updated with records corresponding to those servers.
0
 

Author Comment

by:dustypenguin
ID: 40524335
So here is the screen shot.  
Red ovals are where there is a reference to (and only to) the orphaned DC.  Note that the bottom one points to the last entry in ForestDnsZones\sites\Default-First-Site-Name\_tcp   I should delete the orphaned server from these folders, and leave blank?

The pink oval is the aforementioned _msdcs zone that you suggest I add the now authoritative servers, and I assume delete the entry to the orphaned server.

I have already deleted other references to the orphaned server in the SITE2 folders.

Thanks for your help, it has been a learning experience.
Clipboard02.jpg
0
 
LVL 25

Accepted Solution

by:
DrDave242 earned 500 total points
ID: 40524360
Thanks! You can delete those Default-First-Site-Name folders entirely, since there's no longer an existing site with that name.

The pink oval is the aforementioned _msdcs zone that you suggest I add the now authoritative servers, and I assume delete the entry to the orphaned server.
Yep, that's exactly right.
0
 

Author Closing Comment

by:dustypenguin
ID: 40524373
Thanks DrDave!  Appreciated your patience while I got it all clear in my own mind as well.
0

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now