Solved

AD DNS Replication issues across sites

Posted on 2015-02-24
6
83 Views
Last Modified: 2015-02-26
Hi MS team,

I have a customer who  just discovered a problem with replication between their ADs.  They have 2 DCs at the main office (New York) and 1 at Atlanta.

They reported DNS issues on Friday – devices at Atlanta were not accessible by DNS name from New York.   Today a user from Atlanta reported that they changed their PWD at Atlanta and when they tried to log into a system at New York they had to use the old pwd

Environment

New york Site

2 DC/DNS Windows 2008 R2

Atlanta

1 DC /DNS Windows 2008 R2

Domain and forest functional level 2008

Any thoughts?
0
Comment
Question by:Jerry Seinfield
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 1

Expert Comment

by:Sarat ch
ID: 40629888
Have you checked replication between sites!

If you share the results if will be helpful.  Go through below article.

https://technet.microsoft.com/en-us/library/cc794749(v=ws.10).aspx
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 40630262
run below commands on any one DC (PDC) and post result here

dcdiag /v

U also having name resolution problem at NewYork
Most probably your Atlanta have DHCP server and its unable to register records in DNS
You would probably face same issue at Atlanta as well.
0
 

Author Comment

by:Jerry Seinfield
ID: 40631257
Hi Everyone,

I RDP into all DC/DNS servers, and I found :

From servers in New York, DNS settings, it seems like the IP address for the DC/DNS server in Atlanta is gone or missing[state unknown]. At the same time, I RDP into the DC/DNS server in Atlanta and the IP address appears to be OK. this is definitely a DNS misconfiguration that causes replication issues. Please, check the screenshots, and let me know how can i resolve this issue

Note:

From the DC in Atlanta, I did check TCP IP properties and it has 3 network connections. One for the LAN, and two for SAN. For the two SAN connections, it seems like the same server was added as DNS server, should not be leave the DNS settings for the 2 SAN connections in blank and no values?
EEDNSERROR.jpg
EEDNSERROR2.jpg
EEDNSERROR3.jpg
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 37

Expert Comment

by:Mahesh
ID: 40631306
It seems that name server entry is missing

U need to add it manually

on each DC at each location ensure that primary dns IP is point to itself and another DC IP is defined as secondary dns
Then restart netlogon and dns server service on each DC

On each DC, navigate to C:\windows\system32\config folder and rename netlogon.dns file to netlogon.dnsold and then restart Netlogon and dns server service on that DC
This will ensure that all DNS records will get registered correctly and then check if name resolution is working or not

Also in network card properties of each DC ensure advance network settings should be as below
DNS Settings
Lastly the DC where multiple network cards available for SAN, ensure that network card belongs to for DC communication is listed 1st in network binding
Network binding can be visible once you are in network connection window and press left ALT button
0
 

Author Comment

by:Jerry Seinfield
ID: 40631361
thanks Mahesh, when you said add manually is from DNS server console where the state is unknown? or from TCP/IP protocol properties?

Should I remove the DNS server IP from the SAN adaptors? if you see the third screnshot, the 2 SAN adapters are using same DNS server. Is this even correct?
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 500 total points
ID: 40631443
1st add proper dns entry in tcp/ip

then add it from dns console where its showing unknown

From san adapters just untick "register this connection addresses in DNS" check box
also delete its host record from domain controller
0

Featured Post

Office 365 Advanced Training for Admins

Special Offer:  Buy 1 course, get 2nd free!  Buy the 'Managing Office 365 Identities & Requirements' course w/ Accelerated TestPrep, and automatically receive the 'Enabling Office 365 Services' course FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question