Changed AD IP addr resulted in DNS errors

I have done this in the past, but it appears this time when I changed the IP address of one of my Active Directory DC servers, it has caused an issue with my DNS.

The original IP address of the server was 192.168.1.5 and I changed it to 192.168.1.21

As a result when I run DCDiag /TEST:Dns, I get the error messages below.

What do I need to do to fix this?

Thank you,
Jeff

Output of DCDiag follows:


       Summary of DNS test results:

         
                                            Auth   Basc    Forw   Del    Dyn  RReg Ext
            _________________________________________________________________
            Domain: kwik.dom

               KWIK-DC01          PASS WARN PASS PASS PASS FAIL n/a  
               kwik-DC02             PASS PASS PASS PASS PASS PASS n/a  
         
         ......................... kwik.dom failed test DNS


                 Warning:
                     Missing CNAME record at DNS server 192.168.12.5:
                     f128ee14-c44f-493a-a35e-797b881581e9._msdcs.kwik.dom
                     [Error details: 9002 (Type: Win32 - Description: DNS server failure.)]
                     
                     Warning:
                     Missing A record at DNS server 192.168.12.5:
                     KWIK-DC01.kwik.dom
                     [Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]
                     
                     Error:
                     Missing SRV record at DNS server 192.168.12.5:
                     _ldap._tcp.kwik.dom
                     [Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]
                     
                     Error:
                     Missing SRV record at DNS server 192.168.12.5:
                     _ldap._tcp.64a7cbd5-58ca-4d22-8ade-734ab02e1799.domains._msdcs.kwik.dom
                     [Error details: 9002 (Type: Win32 - Description: DNS server failure.)]
                     
                     Error:
                     Missing SRV record at DNS server 192.168.12.5:
                     _kerberos._tcp.dc._msdcs.kwik.dom
                     [Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]
                     
                     Error:
                     Missing SRV record at DNS server 192.168.12.5:
                     _ldap._tcp.dc._msdcs.kwik.dom
                     [Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]
                     
                     Error:
                     Missing SRV record at DNS server 192.168.12.5:
                     _kerberos._tcp.kwik.dom
                     [Error details: 9002 (Type: Win32 - Description: DNS server failure.)]
jgrammer42Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Thomas GrassiSystems AdministratorCommented:
I would rebuild your DNS


Take a look at this first

https://technet.microsoft.com/en-us/library/cc816835(v=ws.10).aspx
BillBondoCommented:
Hey, why does it say 192.168.12.5? Typo? Can you simply change it back? Why the need to change? Is it pointing to itself for DNS? Double check your settings.
zalazarCommented:
Can you please make sure that the old IP-address is not within DNS anymore.
You can do this by checking domain kwik.dom and verify that the domain controller computername has the correct IP-address.
If you have reverse zones also check these. Delete the records with the wrong IP-address.
After that start a command prompt (with Run as administrator) and execute: ipconfig /registerdns
This will register the A and PTR records for the domain controller.

Did you already restart the domain controller after changing the IP-address.
If you can't restart then try to restart the "DNS Server" service.
Also restart the Netlogon service.
This will register the SRV records.

After this is done please check DNS for the correct IP-address and SRV records.
If the DC is also Global Catlog server also check the _msdcs.kwik.com\gc zone for the correct IP-address.
Defend Against the Q2 Top Security Threats

Were you aware that overall malware worldwide was down a surprising 42% from Q1'18? Every quarter, the WatchGuard Threat Lab releases an Internet Security Report that analyzes the top threat trends impacting companies worldwide. Learn more by viewing our on-demand webinar today!

footechCommented:
Did you remember to change DNS servers referenced in your NIC settings?
jgrammer42Author Commented:
BillBondo:  (you wrote) "Hey, why does it say 192.168.12.5? Typo? Can you simply change it back? Why the need to change? Is it pointing to itself for DNS? Double check your settings. "

Frankly, I did NOT even notice that.  I read that several times and just read it as 192.168.1.5.   That changes things in my mind.  It is NOT a typo.  I DID change the KWIK-DC01 from 192.168.1.5  to 192.168.1.21

I have no IDEA where or what the network is of 192.168.12.x  

From your catch of that I went back and re-read the output file, and noticed that there is ANOTHER entry for KWIK-DC01 that is not in error that is being reported back from 192.168.40.6

What I have found out is that both 192.168.40.6 and 192.168.12.5  are both entirely different DC's in different domains.  In those other domains, they had defined a forwarding domain for kwik.dom which was set to the old address of 192.168.1.5

When I went back to those other DC's in the other domains, made the changes from 192.168.1.5 and then re-ran DCDiag on my KWIK-DC01 server, everything passed perfectly.  See results:

         Summary of DNS test results:

         
                                                        Auth   Basc Forw   Del    Dyn   RReg Ext
            _________________________________________________________________
            Domain: kwik.dom

               KWIK-DC01                    PASS PASS PASS PASS PASS PASS n/a  
               Kwik-DC02                      PASS PASS PASS PASS PASS PASS n/a  
         
         ......................... kwik.dom passed test DNS

      Test omitted by user request: LocatorCheck

      Test omitted by user request: Intersite

I would like to leave this question open for a couple of days.  But BillBondo, it seems like that was my issue.  

And this is why I love experts exchange.  Sometimes, you just need another pair of eyes that are fresh to look at the data. :-)

Thank you,
Jeff

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jgrammer42Author Commented:
Solution was found
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.