AboutPricingCommunityTeamsStart Free TrialLog in
Avatar of Randy Downs
Randy Downs
Flag for United States of America asked on

Server 2012 BPA errors - DNS - DHCP - NTP

I see 3 BPA errors in Server 2012. This is a small domain with only one server so it's a DC, DNS & DHCP. Are these errors fixable. Should I be concerned on a small domain like this?

Error 2 - Since it's a one server domain I didn't add a 2nd entry for DNS. One article I read advised against adding the loopback address 127.0.0.1 so this is considered unfixable, right? ON the other hand, this article supports using the loopback. Either way the BPA doesn't seem to be satisfied since the loopback was listed as 1st DNS prior to working on these BPA errors.

Error 3 - I added a user in the Administrator's group for DNS update but it didn't seem to make any difference. It already was using a user in the Administrator's group.

Error 1 - I setup NTP servers as per this video. The servers were set to reliable and show up in the query so not sure why that doesn't show on BPA. I also tried the old Microsoft Fix-it.

Error 1 - The PDC emulator master Server-xxx.xxxx.local in this forest should be configured to correctly synchronize time from a valid time source      

Error 2 - DNS: DNS servers on NIC1 should include the loopback address, but not as the first entry.      


Error 3 - DHCP: Credentials for DNS update should be configured if secure dynamic DNS update is enabled and the domain controller is on the same host as the DHCP server.      
Windows Server 2012DNSDHCP
Avatar of undefined
Last Comment
Randy Downs
8/22/2022 - Mon
SOLUTION
Member_2_6492660_1
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
SOLUTION
Will Szymkowski
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Randy Downs
ASKER
Thomas, I already ran that procedure FOR ntp (Error 1) & the query works fine. Still hasn't satisfied BPA:
C:\Windows\system32>w32tm /config /reliable:yes
The command completed successfully.

C:\Windows\system32>net start w32time
The Windows Time service is starting.
The Windows Time service was started successfully.

C:\Windows\system32>w32tm /query /configuration
[Configuration]
...

Type: NTP (Local)
NtpServer: 0.north-america.pool.ntp.org,1.north-america.pool.ntp.org,2.north-ame
rica.pool.ntp.org,2.north-america.pool.ntp.org (Local)

Error 2 is not resolved by adding loopback as secondary DNS.
error 3 Dynamic DNS is enabled in IPv4 DNS properties tab of DHCP
Randy Downs
ASKER
Will we are using 8.8.8.8 on the router so I guess that would be a decent DNS forwarder. Should it be added as a conditional forwarder & stored in AD?

I setup a time source as per the Experts video but it didn't seem to matter. They were set as reliable & I can query & see them as shown above.
SOLUTION
Member_2_6492660_1
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Randy Downs
ASKER
Thanks Thomas. the Powershell BPA cmdlets didn't run for me and but refreshing a role in the GUI did resolve 2 of my issues. I was trying to refresh from the local server pane and evidently that didn't work even after issues were resolved.

The only issue I see now is #2 & my guess is that it doesn't go away for a single server domain.

Error 2 - DNS: DNS servers on NIC1 should include the loopback address, but not as the first entry.      
Your help has saved me hundreds of hours of internet surfing.
fblack61
SOLUTION
Member_2_6492660_1
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Randy Downs
ASKER
I have ipV4 setup correctly. Is it advisable to use a static ip for ipV6 on such a small domain?

I added current ipV6 (it's DHCP), & ipV6 loopback for DNS but it still doesn't' satisfy BPA.

Should I just ignore the error?
SOLUTION
Member_2_6492660_1
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
SOLUTION
Member_2_6492660_1
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
ASKER CERTIFIED SOLUTION
Member_2_6492660_1
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Randy Downs
ASKER
The cmdlet you suggested works fine. The one in the BPA article you suggested did not (i.e., I get lots of warnings).

Get-BPAModel | Invoke-BPAModel
"WARNING: The EngineReport.xml & Result.xml files were not generated successfully..."

Yes I would like to resolve the DNS error but I don't see a solution with a single server.
Randy Downs
ASKER
OK that works for me. I excluded it from my results too. If you can't get it to clear with 2 DCs there's no chance I am clearing it with one. Perhaps it works if you have DNS servers that don't reside on DCs.
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Randy Downs
ASKER
Thanks for all the help. It's too bad that one warning has to be hidden to make the BPA panel show as all green,
Member_2_6492660_1
Randy

yes it is

did you have any warnings in the bparesults for DNS?

I found a couple in mine rooting thru them now.
Randy Downs
ASKER
No mine just comes back with success: true
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
Member_2_6492660_1
Randy

Glad to hear it is clear

glad to help too.

If you get a chance can you take a look at my issue
https://www.experts-exchange.com/questions/28694830/Windows-2012-ASP-NET-Event-Error-1334.html

You responded to it earlier today.

Thanks
Randy Downs
ASKER
Will do Thomas
Plans and Pricing
Resources
Product
Podcasts
Careers
Contact Us
Teams
Certified Expert Program
Credly Partnership
Udemy Partnership
Privacy Policy
Terms of Use

© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent