Link to home
Avatar of Randy Downs
Randy DownsFlag for United States of America

asked on

Server 2012 BPA errors - DNS - DHCP - NTP

I see 3 BPA errors in Server 2012. This is a small domain with only one server so it's a DC, DNS & DHCP. Are these errors fixable. Should I be concerned on a small domain like this?

Error 2 - Since it's a one server domain I didn't add a 2nd entry for DNS. One article I read advised against adding the loopback address 127.0.0.1 so this is considered unfixable, right? ON the other hand, this article supports using the loopback. Either way the BPA doesn't seem to be satisfied since the loopback was listed as 1st DNS prior to working on these BPA errors.

Error 3 - I added a user in the Administrator's group for DNS update but it didn't seem to make any difference. It already was using a user in the Administrator's group.

Error 1 - I setup NTP servers as per this video. The servers were set to reliable and show up in the query so not sure why that doesn't show on BPA. I also tried the old Microsoft Fix-it.

Error 1 - The PDC emulator master Server-xxx.xxxx.local in this forest should be configured to correctly synchronize time from a valid time source      

Error 2 - DNS: DNS servers on NIC1 should include the loopback address, but not as the first entry.      


Error 3 - DHCP: Credentials for DNS update should be configured if secure dynamic DNS update is enabled and the domain controller is on the same host as the DHCP server.      
SOLUTION
Avatar of Member_2_6492660_1
Member_2_6492660_1
Flag of United States of America image

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
SOLUTION
Avatar of Will Szymkowski
Will Szymkowski
Flag of Canada image

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Avatar of Randy Downs

ASKER

Thomas, I already ran that procedure FOR ntp (Error 1) & the query works fine. Still hasn't satisfied BPA:
C:\Windows\system32>w32tm /config /reliable:yes
The command completed successfully.

C:\Windows\system32>net start w32time
The Windows Time service is starting.
The Windows Time service was started successfully.

C:\Windows\system32>w32tm /query /configuration
[Configuration]
...

Type: NTP (Local)
NtpServer: 0.north-america.pool.ntp.org,1.north-america.pool.ntp.org,2.north-ame
rica.pool.ntp.org,2.north-america.pool.ntp.org (Local)

Error 2 is not resolved by adding loopback as secondary DNS.
error 3 Dynamic DNS is enabled in IPv4 DNS properties tab of DHCP
Will we are using 8.8.8.8 on the router so I guess that would be a decent DNS forwarder. Should it be added as a conditional forwarder & stored in AD?

I setup a time source as per the Experts video but it didn't seem to matter. They were set as reliable & I can query & see them as shown above.
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Thanks Thomas. the Powershell BPA cmdlets didn't run for me and but refreshing a role in the GUI did resolve 2 of my issues. I was trying to refresh from the local server pane and evidently that didn't work even after issues were resolved.

The only issue I see now is #2 & my guess is that it doesn't go away for a single server domain.

Error 2 - DNS: DNS servers on NIC1 should include the loopback address, but not as the first entry.      
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
I have ipV4 setup correctly. Is it advisable to use a static ip for ipV6 on such a small domain?

I added current ipV6 (it's DHCP), & ipV6 loopback for DNS but it still doesn't' satisfy BPA.

Should I just ignore the error?
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
The cmdlet you suggested works fine. The one in the BPA article you suggested did not (i.e., I get lots of warnings).

Get-BPAModel | Invoke-BPAModel
"WARNING: The EngineReport.xml & Result.xml files were not generated successfully..."

Yes I would like to resolve the DNS error but I don't see a solution with a single server.
OK that works for me. I excluded it from my results too. If you can't get it to clear with 2 DCs there's no chance I am clearing it with one. Perhaps it works if you have DNS servers that don't reside on DCs.
Thanks for all the help. It's too bad that one warning has to be hidden to make the BPA panel show as all green,
Randy

yes it is

did you have any warnings in the bparesults for DNS?

I found a couple in mine rooting thru them now.
No mine just comes back with success: true
Randy

Glad to hear it is clear

glad to help too.

If you get a chance can you take a look at my issue
https://www.experts-exchange.com/questions/28694830/Windows-2012-ASP-NET-Event-Error-1334.html

You responded to it earlier today.

Thanks
Will do Thomas