+ Post New Thread
Results 1 to 14 of 14
Windows Server 2000/2003 Thread, Many DC errors in Technical; Hi, Something has gone horribly, horribly wrong with our DC I inherited this sucker and it's worked fine till now. ...
  1. #1
    AntiThesis's Avatar
    Join Date
    Feb 2009
    Location
    South Africa
    Posts
    114
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Many DC errors

    Hi,

    Something has gone horribly, horribly wrong with our DC

    I inherited this sucker and it's worked fine till now. I don't currently have a backup DC because that bit the dust last week as well. Joy.

    Among other errors, DCdiag throws up a bunch as does Netdiag (both attached). I cannot join objects to the domai (Domain controller could not be contacted) and windows error 10042 seems to keep coming up in event viewer and so on.

    Unfortunately there's not a lot of information on 10042 that I can see. Any info would be really, truly, greatly appreciated. Seriously. Like cookies appreciated at this point.

    Help me Edugeek. You're my only hope.
    Attached Files Attached Files

  2. #2

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,154
    Thank Post
    114
    Thanked 527 Times in 450 Posts
    Blog Entries
    2
    Rep Power
    123
    As a wild generalisation, 100% of all active directory problems are down to DNS problems :-)

    Your netdiag shows:
    Code:
            Host Name. . . . . . . . . : zion
            IP Address . . . . . . . . : 192.168.0.1
            Subnet Mask. . . . . . . . : 255.255.255.0
            Default Gateway. . . . . . : 
            Dns Servers. . . . . . . . :
    so it looks as if your DC does not have DNS configured??

    Assuming DNS is running on the same machine then you need to configure it to point to itself for DNS resoution - you can either enter 192.168.0.1 or 127.0.0.1 (localhost - ie "me")

    Once you've done that, I'd shut down and restart the server (you can just restart services but this is probably simpler given that things are broken now) and I think it may all come back.

  3. #3
    jamesreedersmith's Avatar
    Join Date
    Sep 2009
    Location
    Ruskington
    Posts
    1,152
    Thank Post
    78
    Thanked 253 Times in 227 Posts
    Rep Power
    76
    Also check the one DC you have is a global catalog server - you will need this for people to be able to log on.

  4. #4
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,196
    Thank Post
    392
    Thanked 278 Times in 239 Posts
    Rep Power
    74
    Quote Originally Posted by srochford View Post
    As a wild generalisation, 100% of all active directory problems are down to DNS problems :-)

    Your netdiag shows:
    Code:
            Host Name. . . . . . . . . : zion
            IP Address . . . . . . . . : 192.168.0.1
            Subnet Mask. . . . . . . . : 255.255.255.0
            Default Gateway. . . . . . : 
            Dns Servers. . . . . . . . :
    so it looks as if your DC does not have DNS configured??

    Assuming DNS is running on the same machine then you need to configure it to point to itself for DNS resoution - you can either enter 192.168.0.1 or 127.0.0.1 (localhost - ie "me")

    Once you've done that, I'd shut down and restart the server (you can just restart services but this is probably simpler given that things are broken now) and I think it may all come back.


    Steve is right about DNS i'm just wondering if it's possible that this DC hasn't been doing anything for quite some time but this has only come to light with the faliure of the second DC.

  5. #5
    AntiThesis's Avatar
    Join Date
    Feb 2009
    Location
    South Africa
    Posts
    114
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    0
    I'm starting to wonder that myself... it's odd that this only started happening with the second DC failing. I've never had to do very much on this server so it's never been an issue.

    The DNS settings are now correct on the DC though buggered if I know where they went.

    OK, most of the errors on netdiag are gone as are the ones on DC diag. Still stuck with some that are causing issues though. All I want is this DC up and running so I can get a secondary going again. Good monday

    From DcDiag:
    Starting test: Connectivity
    The host d197603e-9521-4a9e-814f-1cb0a229a854._msdcs.cambridge.local could not be resolved to an
    IP address. Check the DNS server, DHCP, server name, etc
    Although the Guid DNS name (d197603e-9521-4a9e-814f-1cb0a229a854._msdcs.cambridge.local) couldn't be resolved, the server name (zion.cambridge.local) resolved to the IP address (192.168.0.1)
    and was pingable. Check that the IP address is registered correctly with the DNS server.
    ......................... ZION failed test Connectivity
    And from Netdiag

    [WARNING] Cannot find a primary authoritative DNS server for the name
    'zion.cambridge.local.'. [WSAENOPROTOOPT ]
    The name 'zion.cambridge.local.' may not be registered in DNS.
    [WARNING] The DNS entries for this DC are not registered correctly on DNS server '192.168.0.1'. Please wait for 30 minutes for DNS server replication.
    [WARNING] The DNS entries for this DC are not registered correctly on DNS server '192.168.0.7'. Please wait for 30 minutes for DNS server replication.
    [WARNING] The DNS entries for this DC are not registered correctly on DNS server '196.14.239.2'. Please wait for 30 minutes for DNS server replication.
    [WARNING] The DNS entries for this DC are not registered correctly on DNS server '168.210.2.2'. Please wait for 30 minutes for DNS server replication.
    [FATAL] No DNS servers have the DNS records for this DC registered.
    Thanks for the assist folks

  6. #6

    Join Date
    Dec 2009
    Posts
    262
    Thank Post
    6
    Thanked 30 Times in 28 Posts
    Rep Power
    15
    Quote Originally Posted by AntiThesis View Post
    I'm starting to wonder that myself... it's odd that this only started happening with the second DC failing. I've never had to do very much on this server so it's never been an issue.

    The DNS settings are now correct on the DC though buggered if I know where they went.

    OK, most of the errors on netdiag are gone as are the ones on DC diag. Still stuck with some that are causing issues though. All I want is this DC up and running so I can get a secondary going again. Good monday

    From DcDiag:


    And from Netdiag



    Thanks for the assist folks
    Apologies if you've already tried this, but what happens when you try ipconfig /flushdns then ipconfig /registerdns?

  7. #7

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,039
    Thank Post
    852
    Thanked 2,666 Times in 2,263 Posts
    Blog Entries
    9
    Rep Power
    767
    After the DNS reregistration (try having just itself as a DNS server), if it does not register try making one manually in DNS.

    I would check the FSMO roles. These are the core nessisary roles for AD to function
    How To Find Servers That Hold Flexible Single Master Operations Roles

    If these are still the old server then you will need to transfer them, if you can get the old server up for a short time to do this it is easier otherwise you would need to seize the roles. If you do this it means that you cannot reconnect the old server later if you do fix it without first formating it.
    Using Ntdsutil.exe to transfer or seize FSMO roles to a domain controller

  8. #8
    AntiThesis's Avatar
    Join Date
    Feb 2009
    Location
    South Africa
    Posts
    114
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    0
    This server (192.168.0.1 / zion) is operations master.

    I've managed to get all the FSMO roles transferred and it now shows that it knows all five and they are linked to it.

    From DcDiag:

    The Host {server GUID} could not be resolved to an IP address. Check the DNS server, dhcp, server name etc.
    The FQDN resolves and is pingable and if I do an nslookup of the GUID I get the correct response. In addition, the record exists in ._msdcs

    Hmm...


    edit:

    Oh, and an ipconfig /all for the server:

    Windows IP Configuration

    Host Name . . . . . . . . . . . . : zion
    Primary Dns Suffix . . . . . . . : cambridge.local
    Node Type . . . . . . . . . . . . : Unknown
    IP Routing Enabled. . . . . . . . : Yes
    WINS Proxy Enabled. . . . . . . . : Yes
    DNS Suffix Search List. . . . . . : cambridge.local

    Ethernet adapter OLD LAN:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast Ethernet NI
    Physical Address. . . . . . . . . : 00-00-21-0B-C1-79
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.0.1
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . :
    DNS Servers . . . . . . . . . . . : 192.168.0.1

    Ethernet adapter WAN:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : SURECOM EP-320X-R 100/10/M PCI Adapter
    Physical Address. . . . . . . . . : 00-02-44-65-15-2A
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 196.213.x.x
    Subnet Mask . . . . . . . . . . . : 255.255.255.x
    Default Gateway . . . . . . . . . : 196.213.x.x
    DNS Servers . . . . . . . . . . . : 192.168.0.1
    Last edited by AntiThesis; 18th January 2010 at 07:18 PM.

  9. #9

    m25man's Avatar
    Join Date
    Oct 2005
    Location
    Romford, Essex
    Posts
    1,621
    Thank Post
    49
    Thanked 451 Times in 334 Posts
    Rep Power
    137
    Just a thought, but if you appear to have "lost" your DNS settings etc on your DC do you have more than one network card in them? If so are both of your server NIC's configured?

    It's the sort of thing that happens when you suddenly drop a Team configuration which I have had after doing system updates!

  10. #10
    AntiThesis's Avatar
    Join Date
    Feb 2009
    Location
    South Africa
    Posts
    114
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Quote Originally Posted by m25man View Post
    Just a thought, but if you appear to have "lost" your DNS settings etc on your DC do you have more than one network card in them? If so are both of your server NIC's configured?

    It's the sort of thing that happens when you suddenly drop a Team configuration which I have had after doing system updates!
    Yeah there are two NICs in this machine - both are configured to use the same DNS (192.168.0.1) and the external NIC is configured to not register with DNS.

  11. #11

    m25man's Avatar
    Join Date
    Oct 2005
    Location
    Romford, Essex
    Posts
    1,621
    Thank Post
    49
    Thanked 451 Times in 334 Posts
    Rep Power
    137
    You mean that you have a MuliHomed DC with a Public interface?

  12. #12
    AntiThesis's Avatar
    Join Date
    Feb 2009
    Location
    South Africa
    Posts
    114
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Quote Originally Posted by m25man View Post
    You mean that you have a MuliHomed DC with a Public interface?
    Indeedy. The poor bastard thing is also a very lightweight mail server.

    The way it's setup:

    public domain is forwarded to DC's public IP (on port 80) for webmail
    public domain is forwarded to DC's public IP (on mail ports) for incoming/outgoing mail

    I've read up a little on multihomed DCs and I can see they don't appear to be a very good idea - but currently there's no budget for something else so I guess we live with it. I'm still slightly puzzled as to why this happened now when the secondary died (unless as was posted earlier, it was doing most of the work).

    There's an email waiting for the boss to say we need some new hardware but I would love to get this sucker up and running so I can slap a secondary in there and take this one down permanently later/relegate it to only mail.

  13. #13

    m25man's Avatar
    Join Date
    Oct 2005
    Location
    Romford, Essex
    Posts
    1,621
    Thank Post
    49
    Thanked 451 Times in 334 Posts
    Rep Power
    137
    So, what IP are you using on the Public Interface? An ISP assigned Public IP or a private DMZ IP behind a router?

    Either way you don't want anything of your AD Domain showing up on the WAN NIC and Vice Versa!

    Sounds to me like the AD is referencing the External NIC somewhere!

    It's really not a good idea to Multihome DC's and always use an ISA or hardware firewall device between you and the bad guys otherwise somebody with a Metasploit toolkit will cut you to pieces in no time.

    It really sounds like you have an AD DNS config issue probably due to a NIC misconfiguration of the two cards.

  14. #14
    AntiThesis's Avatar
    Join Date
    Feb 2009
    Location
    South Africa
    Posts
    114
    Thank Post
    5
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Man it's hard to navigate here with elinks

    I've solved almost all the problems - end is in sight. The process has started to get rid of the horrible multihomed at last - I even managed (after wheedling) to get budget for some extra hardware. Machines can now auth against the server but I'm still having an issue with DNS *sigh*

    Basically, the DNS server still shows itself as unresolvable (can't ping the GUID which fails the connectivity test in dcdiag) and in a host of Netlogon errors under System I get:

    The dynamic registration of the DNS record 'dnsrecordblah' failed on the following DNS server:

    DNS server IP address: <UNAVAILABLE>
    Returned Response Code (RCODE): 0
    Returned Status Code: 0
    And then the usual load of Microsoft stuff telling me to run dcdiag followed by nltest.

    Right at the bottom under additional data I get an interesting bit that makes me think about winsock:

    Error Value: An unknown, invalid, or unsupported option or level was specified in a getsockopt or setsockopt call.
    Any ideas? The Internets is mum on this for the most part.

SHARE:
+ Post New Thread

Similar Threads

  1. w3c errors
    By speckytecky in forum EduGeek Joomla 1.5 Package
    Replies: 3
    Last Post: 17th November 2009, 01:43 PM
  2. HP Switch Errors
    By karldenton in forum Wireless Networks
    Replies: 4
    Last Post: 15th June 2009, 12:03 PM
  3. [CLOSED] Bug/Error: errors on each page
    By rush_tech in forum EduGeek.net Site Problems
    Replies: 1
    Last Post: 17th June 2008, 04:13 PM
  4. Errors During POST
    By enjay in forum Windows
    Replies: 10
    Last Post: 6th November 2007, 05:26 PM
  5. Replies: 0
    Last Post: 2nd July 2007, 03:27 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •