+ Post New Thread
Results 1 to 7 of 7
Windows Thread, DNS problem under Active Directory. in Technical; Hi there, I need some kind person to check their AD DNS so I can reset mine correctly (if needed). ...
  1. #1
    ArchersIT's Avatar
    Join Date
    Nov 2006
    Location
    Bedfordshire
    Posts
    114
    Thank Post
    14
    Thanked 24 Times in 20 Posts
    Rep Power
    21

    DNS problem under Active Directory.

    Hi there,

    I need some kind person to check their AD DNS so I can reset mine correctly (if needed).

    A long time ago (in a ....etc ) our AD was rebuilt. This was initially with one domain controller but that one has passed on and we have two new DCs. All the FSMO roles were transferred and everything has been working for well over a year.

    However, I have recently had a couple of problem joinging a PC to the domain and the help has pointed me towards DNS. In looking around I noticed that we still have a couple of DNS entry pointing at the original DC. Most of these areas also have entries for the new DCs so I am planning to just remove the entries for the old DC.

    Unfortunately, there is one area that there is *only* an entry for the old DC. This is in "Forward Lookup Zones/AD site name/_msdcs". This folder is a different shade from the others, although I dont think the shade indicates a problem.

    Could some kind people have a look in their DNS and tell me what they have in that folder? I just have a NS record for the old DC - so I would like to know:
    - Are there just NS entries in here, or should there be other records as well
    - Are all the DCs listed, or just one? If there is not all the DCs listed, is it and particular FSMO roles that are listed (e.g. global catalog servers etc).

    Many thanks for any help

    Cheers

    Jonathan

  2. #2

    Join Date
    Jan 2007
    Location
    Birmingham
    Posts
    80
    Thank Post
    1
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Re: DNS problem under Active Directory.

    the _msdcs folder is a delegated folder - hence it is grayed out. The server entry indicated the server it is delegated to. By default, the first domain controller on the domain.

    You will notice in the root of the forward lookup zone you have _msdcs.domain.com.

    If that server no longer exists, then any changes to this zone will not be available. I would edit it and make it an existing domain controller.

  3. #3
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    5,007
    Thank Post
    124
    Thanked 286 Times in 263 Posts
    Rep Power
    109

    Re: DNS problem under Active Directory.

    Download DCDiag and Netdiag from microsoft and run them. That should highlight any other issues you are having.

  4. #4

    Join Date
    Nov 2006
    Location
    Derbyshire
    Posts
    101
    Thank Post
    16
    Thanked 5 Times in 4 Posts
    Blog Entries
    1
    Rep Power
    17

    Re: DNS problem under Active Directory.

    Whilst I agree with the posts, are you positive that the issue is DNS?

    Bit more info about the PC in question - has it been on the domain before? Has it recently been renamed?

  5. #5
    ArchersIT's Avatar
    Join Date
    Nov 2006
    Location
    Bedfordshire
    Posts
    114
    Thank Post
    14
    Thanked 24 Times in 20 Posts
    Rep Power
    21

    Re: DNS problem under Active Directory.

    Quote Originally Posted by ChrisH
    Download DCDiag and Netdiag from microsoft and run them. That should highlight any other issues you are having.
    Thanks - these do not highlight any problems, which is wierd as I can see DNS entries in there for the server that no longer exists!

    Quote Originally Posted by cheesypete
    Whilst I agree with the posts, are you positive that the issue is DNS?

    Bit more info about the PC in question - has it been on the domain before? Has it recently been renamed?
    Fairly sure that DNS has a problem - there are references to servers that no longer exist, which doesn't feel like a good thing. While it may not fix the issue I am having it is probably something that I should sort out sooner rather than later.

    As to the new PC - it was actually a bank of ten new laptops all being built from an OSD image that has worked before. My suspicion was that the load caused by all 10 being built at once was causing it to try to find other name servers rather than just using the normal one and this might be why it was trying to find a different server from normal (and so possibly picking up the references to the old server). I am not sure if the entries in the DNS are the cause of this issue, but they are a problem to solve on the way.

    Cheers

    Jonathan

  6. #6

    Join Date
    Jan 2007
    Location
    Birmingham
    Posts
    807
    Thank Post
    29
    Thanked 36 Times in 24 Posts
    Rep Power
    27

    Re: DNS problem under Active Directory.

    Tut tut tut, whose been switching DC's off and deleting them from AD without doing a proper demotion.

    We had same problem (not my causing i hasten to add), went un-noticed for ages, then we installed exchange and this highlighted the problem as email would stop working when the GC / DC's replicated and got stuck on the DC that didnt exist anymore. Wasnt pretty to fix.

    If this is the problem you will need ADSIedit which allows you to edit the AD schema. If i remember correctly the dead DC should still be under domain --> DC="school" --> CN=System --> CN=File Replication Service --> CN-Domain System Volume (SYSVOL share) --> CN="Dead DC".

    You *should* be able to delete it in here without any major repercussions.
    These should help.
    http://support.microsoft.com/kb/555846
    http://support.microsoft.com/kb/216498

    I will not be held responsible for any problems though! Good luck! Hope this solves your problems.

  7. #7
    ArchersIT's Avatar
    Join Date
    Nov 2006
    Location
    Bedfordshire
    Posts
    114
    Thank Post
    14
    Thanked 24 Times in 20 Posts
    Rep Power
    21

    Re: DNS problem under Active Directory.

    Quote Originally Posted by Lee_K_81
    Tut tut tut, whose been switching DC's off and deleting them from AD without doing a proper demotion.
    <snip>
    Thanks for the helpful links - I have followed them all and there were no references to the old DC anywhere (other than this one entry in DNS).

    For peoples interest I have added the DCs into that DNS folder and am now happier that the DNS is correct. Unfortunately it hasnt yet solved my joining the domain problem. I think I will have to get a sniffer setup and try to see what traffic is failing - automatic builds are OK until they are going wrong!

    Cheers

    Jonathan



SHARE:
+ Post New Thread

Similar Threads

  1. Active Directory Auditing??
    By ICTNUT in forum How do you do....it?
    Replies: 8
    Last Post: 28th November 2012, 03:21 AM
  2. active directory all messed up
    By alonebfg in forum Windows
    Replies: 2
    Last Post: 7th January 2008, 09:25 PM
  3. PDA and Active Directory
    By localzuk in forum Windows
    Replies: 4
    Last Post: 10th October 2007, 04:54 PM
  4. Terrastation and active directory
    By edie209 in forum Windows
    Replies: 8
    Last Post: 27th September 2007, 03:46 PM
  5. script for active directory
    By chalkwellstu in forum Scripts
    Replies: 8
    Last Post: 24th September 2007, 02:53 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •