I am migrating a 2003 server to a 2008R2 server in preparation to migrate to a 2019 server. As part of the first phase, I have transferred all 5 FSMO roles to the new 2008R2 server, removed the global catalog from the 2003 server.  I was ready to dcpromo down the 2003 server when I get the message that the 2008R2 cannot be contacted.  I do not have the "This server is the last domain controller in the domain" checked.  I am pulling hair as to what I have missed.

Running dcdiag yields this:

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests
   
   Testing server: Default-First-Site-Name\FS1
      Starting test: Connectivity
         ......................... FS1 passed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site-Name\FS1
      Starting test: Replications
         ......................... FS1 passed test Replications
      Starting test: NCSecDesc
         ......................... FS1 passed test NCSecDesc
      Starting test: NetLogons
         ......................... FS1 passed test NetLogons
      Starting test: Advertising
         ......................... FS1 passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... FS1 passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... FS1 passed test RidManager
      Starting test: MachineAccount
         …

When I setup a new server is it better to have dhcp and DNS running off the router instead of the server.

The reason why I ask is if the server ever goes down they will still be able to have internet.

Especially if our client is far away.

DNS Setting in Windows TCP/ IP

on the Screenshot below , there is a configuration of network adapter for TCP/IP , and in the DNS part, we can see the primary DNS is pointing to the local server where DNS services are installed in the Alternate it is pointing to Google DNS.

Now, does that mean any name resolutions for local network will be resolved by the server , and if it is outside the network it will be resolved by Google DNS ?

If I remember, it used be that Alternate DNS will never be used unless if the primary DNS is down...and both IP address will point to DNS servers on the local Network not on the Internet.




Thank you

Hello,

We are having exchange certificate issue, We have an internal domain with [u].local[/u] and External domain with [b].com[/b], We have certificate from godaddy for [b].com[/b] external URL and applied it to our exchange server. i have dns record pointing to from .com to .local host.
Annotation-2020-02-13-160442.jpg

Hello everyone,
Today we worked on installing a new server at an office that has around 50 users.  We planned out and deployed a server migration from Server 2008 R2 to Server 2019.  

All worked well, FSMO, DHCP, DNS, everything moved over without a hitch.  After modifing the login script to recognize the new file server, all users were able to login without any problem and access files.

That all changed about an hour later.  A network connection was disconnected from the new server.  And ever since then, the computers have slowed to pas a crawl.

Like it literrally takes 15-20 mins just to LOG IN!  
Once logged in, you simply can't click any applications or even the start menu.  They aren't locked, just every operation takes minutes when they should be mili-seconds.

I started investigating.  One issue I found was the GPO objects didn't move from the old server.  So when I tried to modify them in the GPO manager, it gave errors saying it couldn't be found.  So I copied them out of SYSVOL on that old server.  Great.  I was now able to edit those GPOs.  

I cleaned up some DNS entries, but I cannot find anything in the event log of any of the servers to indicate any problems.  Since the workstations are soooooooooooo slow, I can't even open the event viewer to see what is going on.  Every command I send it, times out.  I can't find any errors in DNS or DCDIAG.  

Please help

I know there are numerous, ongoing discussions about the best naming convention for your internal Domain. The situation I encounter with almost all of my new clients is this:
> They need an in-house Domain Controller
> They will use Office365 (and sometimes/rarely gmail) for email hosting
> They need VPN access (using Server 2016 Remote Access via the Essentials Role)

Question:
I have always used .local for the internal domain name. Some have said / warned to not use that going forward. However, my clients only have the above requirements - none are hosting in-house Exchange, Websites, etc.

So is .local still a reasonable choice?
Seems so, since the Server 2016 Essentials Experience setup wizard defaults to .local as an internal domain choice...

I am trying to confirm if there will be a EMAIL / WEBSITE outage due to making changes to DNS provider / changing WHOIS tech contact or any other unforseen changes

• website domain is xyz.com DNS managed by MNSI.NET and currently hosted by go daddy

• Email domain is also xyz.com hosted by office 365 and emails MX record hit barracuda email security cloud service first

• We are launching a new website no longer going to be hosted by go daddy and DNS hosted by a different provider other than MNSI.NET

What can cause a outage to EMAIL and or website with what we are going?

Hello,

I am running a Windows 2016 server, for some reason this server will let me remote into it but I can’t ping the server from another machine on the same Network also the server is not updating in DNS.
When I receive the server, it was configure in my domain but on a different subnet so right now the nsLookup is still resolving the old DNS record. I don’t have access to the DNS Server to see the A-record.
Things I have tried:
•      Ipconfig /flush DNS
•      Ipconfig /registerdns

I think the issue is in maybe in the Windows Firewall but I’m not sure where to look.

Thank You.

I am setting up a new Windows 2019 Server for a customer.  The way I was taught in the past was to add the role of DNS server to the DC and use the router for the DHCP to the PCs.  I have done it successfully on several servers but it seems convoluted and possibly not correct and efficient.  I do have one customer where the DC is both the DHCP server and DNS server and have not had any issues.  The DNS is configured properly with the interfaces and forwarders and DHCP turned off in the SonicWall.  DHCP is configured with the scope and all of the correct parameters.  I would like to get some opinions as to which way to go.  It seems to me it would be best practice to allow the DC to do both.  What are the pros and cons (if any) using this method?
Thank you in advance,
Phil

I have a DNS entry to host name which resolve to two or more IP address. It seems like we are getting MITM warning due to this intentional configuration. What is the way to overcome this. Should we disable StrictHostKeyChecking but that would not be a good idea. I am wondering what is the recommendations.

I currently host my own exchange 2016 server internally.   I currently have a .org domain.
I just created a new DNS lookup zone of .com for the same domain, both internally and externally, in external DNS.

I also added under exchange, under accepted domains, the new domain.com, but I'm still not able to receive emails externally.

Internally, I can send from my .org email to my .com email, and works fine, but just doesn't work when I send an email from my gmail to my .com email address.

Can anyone point me in the right direction?

I have a windows server 2012R2 for DHCP and DNS.

I am reviewing my reverse lookup zones in my DNS server and I have a lot of computers in there with the same name, but with different IPs.
What is the best way to clean it up?  Can I just delete every entry for every reverse lookup zone?