• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 87
  • Last Modified:

Server issue with AD

I have a server that is part of the domain.  The issue is domain users cannot connect to the machine nor when I go to add another domain user to the server (server 2003 sp1) can it see the domain structure only the local server structure.  Does anyone know how to fix this?
0
Jack_son_
Asked:
Jack_son_
  • 14
  • 13
  • 4
  • +1
1 Solution
 
phil435Commented:
Are you saying that you cannot login with a domain account to the server, only local users? Have you checked DNS to make sure it is pointing to your ad dns server on this server?

What error messages are you receiving?
0
 
Jack_son_Author Commented:
it is pointing to the right internal dns servers.  I also notice that there is an issue resolving dns sites - like google.com.  The dns is working for all the other servers, just not this one.
0
 
phil435Commented:
Can you ping internal servers/workstations by DNS name?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
Jack_son_Author Commented:
not from this server
0
 
andreasSystem AdminCommented:
was it ever working before?

if yes, defective NIC?

if no check IP config.
0
 
phil435Commented:
I assume that you can ping from this server via IP address just not dns name?
0
 
Jack_son_Author Commented:
correct
0
 
phil435Commented:
So you can ping the DNS server by IP address and you have verified that this DNS server is configured as primary DNS but cannot resolve any hostnames for this server. Have you tried pinging the DNS server by the fqdn such as dns1.somedomain.local?
0
 
Jack_son_Author Commented:
yes, neither works.  Would there be somewhere else on the server that someone would add a pointer?  Perhaps its getting the information somewhere other than the network card.
0
 
phil435Commented:
Could you post the output of ipconfig /all?
0
 
Jack_son_Author Commented:
Physical address:  00-50-56-B8-xx-xx
DHCP Enabled:      yes
Autoconfiguration Enabled:  Yes
IP Address:  10.1.100.101
Subnet Mask:  255.255.255.0
Default Gateway:  10.1.100.1
DHCP Server:   192.168.100.15
DNS Servers:  192.168.100.15
                          192.168.100.20
Primary Wins:  192.168.100.15
0
 
andreasSystem AdminCommented:
Does the server get its correct IP-Address? Can you ping the default gateway by IP? Can you ping the DHCP-Server by IP?

Can you ping the servers by IP from other PCs/Servers, not that pings are blocked in your network...
0
 
phil435Commented:
Since this is in a different subnet have you verified that there are no acls on the routers that would block port 53? Also check windows firewall on the DNS server to make sure its not blocking this as well.
0
 
phil435Commented:
Another thing that you can try is using this command:

telnet 192.168.100.15 53

This will test TCP port 53 to the server. Although your client requests will use UDP this will at least check TCP port 53. Since you have pulled an IP address from this same server it appears that routing it functioning properly.
0
 
Jack_son_Author Commented:
Yes, I can ping the gateway and the servers too by ip; I am testing the tcp port now
0
 
phil435Commented:
The other thing that I should have asked is do you have other clients in the 10.1.100.0 subnet and can they resolve hostnames to the 192.168.100.15 server?
0
 
Jack_son_Author Commented:
yes, they can all resolve to the .15 server
0
 
Jack_son_Author Commented:
I just noticed when I do ipconfig /displaydns the server is pointing to 1.0.0.127.in-addr.arpa. and localhost.

Do you know where i can change this?
0
 
phil435Commented:
That command is only displaying the cache which in your case is empty.

Without knowing your network setup this sounds like a firewall\access issue from this server. Have you turned off any firewalls on this server and could there be acls on your router blocking this?

Did you run the telnet command above?
0
 
Jack_son_Author Commented:
yes I can telnet and there are no firewalls between the servers, plus the software firewall is turned off
0
 
phil435Commented:
Ok, can you open up a cmd prompt and type nslookup? Do you see any errors when executing this?
0
 
Jack_son_Author Commented:
says the request timed out.  Of course I can ping it and several hundred other computers work fine with it.
0
 
WORKS2011Austin Tech CompanyCommented:
Try ipconfig /flushdns and try nslookup again. Also, clear all stagnant records in DNS, right click DNS server go to properties.
0
 
WORKS2011Austin Tech CompanyCommented:
What is the server NIC hardcoded with in the DNS settings? You may want to update the NIC card driver and and confirm the correct binding in the DHCP server. What does the DNS logs report?
0
 
Jack_son_Author Commented:
I dont have DNS logs report.   It seems the server can ping the dc's both by name and ip, although it cant add users from the domain, only the local pc.  I do have error 1053.
0
 
phil435Commented:
Do you have multiple NICs in this machine and are they active?
0
 
Jack_son_Author Commented:
I do have multiple nics, this is virtual, only 1 is active
0
 
WORKS2011Austin Tech CompanyCommented:
how is your virtual switch configured?
0
 
Jack_son_Author Commented:
the switch is really just a passthrough.  All the other servers on this network are working, only this one has an issue
0
 
WORKS2011Austin Tech CompanyCommented:
not if it's a virtual switch, every other device is connected physically through a physical switch and VM's are configure to go through a virtual switch between the host and VM.
0
 
phil435Commented:
Strange that you can ping the dc's by name. Check under system32/drivers/etc and check the hosts file for entries for these servers.
0
 
phil435Commented:
With this odd behavior you may have something corrupt on the TCP/IP stack. Since this is a VM I would create a snapshot and reset the TCP/IP stack. You can follow the instructions here to do so:

http://support.microsoft.com/kb/299357
0
 
Jack_son_Author Commented:
I agree, this is an old server.  Also is there a way to run a repair on the registry?  Not sure if someone modified it in the post to create some issues.....
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

  • 14
  • 13
  • 4
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now