DNS issue

ajstan

ajstan

ajstan

Associate
Joined
3 Jan 2009
Posts
2,056
Location
London
We have a network running with 3 W2K3 domain controllers: cfs-sr-001, cfs-sr-002, cfs-sr-004.

cfs-sr-001 is the forest root and holds all FSMO roles, so is the only server listed under PDC, for example. That seems sensible.
We only have one site called CFS (set up by RM - this network runs RM CC3 management software).
Under sites container in DNS all 3 DCs are listed
but
under other conainers, only cfs-sr-001 and cfs-sr-002 are listed as providing services such as ldap, kerberos and global catalog.
All 3 DCs are DCs and global catalog servers so I don't why they are not listed together. As far as I can see either cfs-sr-004 should be listed along side the other 2 servers or only the FRDC should be listed. I suspect they should all be listed but I do not know what the difference is between the containers listed under site and those that are directly below each role.

2m4eg40.jpg


9vk10z.jpg


Any help much appreciated :)
 
Restart dns server service on the missing DC and see if it creates its records. On the missing server is its DNS records matching that of the other servers (to rule out replication issues).
 
SiriusB said:
Maybe it's that luminous snot-green colour scheme you got going on there that is causing the problems! :p
Click to expand...

The snot is to help prevent the server from infections as symantec can be a bit slow with their defs. ;)

topher said:
have you tried running dcdiag? if not I would recommend you run it.
Click to expand...


I have run dcdiag and netdiag on all the DCs and all tests pass ok. All tests passed for netdiag and dcdiag but for DCdiag the test said it was skipping the site CFS (which is where all the dcs reside). I cannot work out which switch to use to make it test that site.

ecksmen said:
Restart dns server service on the missing DC and see if it creates its records. On the missing server is its DNS records matching that of the other servers (to rule out replication issues).
Click to expand...

Have restarted DNS but to no avail. Replication is not a problem. All 3 servers are showing the same. I wonder if during dc promo on affected server not all records were created as cfs-sr-003 netlogon service was playing up plus other unknown issues. CFS-SR-003 has been decommissioned so not in DNS etc (RIP). I am tempted to manually create the SRV records but do not know if they are meant to be there or even if they will be used by workstations - all workstations reside in the site CFS (I think) so may not even query DNS outside the CFS site scope.
 
all services that should started actually started?
any errors if you run replmon?
are the DC's pointing to their own IP for DNS?
try running netdiag /fix on the DC with the missing records
you could always demote the DC with missing records, then re-promote it...
 
Last edited:
I manually added the SRV records to the server by copying the others for the other servers and all w/s and servers restart and logon ok (as they did before). These new records will hardly ever be used anyway - see below.

I think I worked out what had happened. The server which is now offline had a few issues, the most noteable being a netlogon service problem. I read an entry on Minasi's website http://web2.minasi.com/forum/topic.asp?TOPIC_ID=19056 which explained when the SRV records are used outside of the Site container. I saw that netlogon was involved in this process and decided that when dcpromo was run on the new server, the faulty server may have messed things up a bit (vague - I know) and so a few DNS records were not created. These records are only used during a station rebuild or when things go wrong so not so critical but I don't like DNS faults as they can cause all sorts of untold problems.
 
You must log in or register to reply here.
Back
Top Bottom