still cannot find domain

G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

you guys gave me some clues for DNS troubleshoot. however my server crashed
before I could try anything. Luckily I was configuring a backup because the
old one showed me the "blue screen" a few days ago.
I set up another DC on a 4 port router beforehand. I had no problem joining
its domain. I then swapped the DC's, went to the computer(s) that i had joind
to it on the 4 port router but when on the network switches the SAME DC and
the SAME PC would not join. I still get "cannot find domain controller.'
Switches giving me a problem??
I can ping IP Ok.
I can ping server by name Ok.
I ended up putting all in workgroups with default DNS server so we can have
functionality.
What's driving me nuts here....any ideas??/
Does anyone else find that AD, when implementing, seems to configure DNS no
two same ways each time??? The first time I has the "." file in my forward
zone...the second shot did not have the "." zone but did not load the other 4
files and there was no A file pointing to the server. I'll let ya know how AD
loads it next time. I am going to keep all in a workgroup and do this 100
times if I have too.
Cheers


--
Message posted via WinServerKB.com
http://www.winserverkb.com/Uwe/Forums.aspx/windows-2000-dns/200507/1
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

In news:5113F0F84BF80@WinServerKB.com,
bill s via WinServerKB.com <forum@WinServerKB.com> posted this:
> you guys gave me some clues for DNS troubleshoot. however my server
> crashed before I could try anything. Luckily I was configuring a
> backup because the old one showed me the "blue screen" a few days ago.
> I set up another DC on a 4 port router beforehand. I had no problem
> joining its domain. I then swapped the DC's, went to the computer(s)
> that i had joind to it on the 4 port router but when on the network
> switches the SAME DC and the SAME PC would not join. I still get
> "cannot find domain controller.' Switches giving me a problem??
> I can ping IP Ok.
> I can ping server by name Ok.
> I ended up putting all in workgroups with default DNS server so we
> can have functionality.
> What's driving me nuts here....any ideas??/
> Does anyone else find that AD, when implementing, seems to configure
> DNS no two same ways each time??? The first time I has the "." file
> in my forward zone...the second shot did not have the "." zone but
> did not load the other 4 files and there was no A file pointing to
> the server. I'll let ya know how AD loads it next time. I am going to
> keep all in a workgroup and do this 100 times if I have too.
> Cheers

When you run DCPROMO, if DNS cannot contact the Root Servers it will create
a Root "." zone. If it can contact the Root Servers it will not create the
root zone.

That said, when you created the second DC did you promote it as a replica of
the first DC?
-or-
Did you run DCPromo using the same domain name?
If you answer yes to the second question you just created to different
domains with the same name and there will be no relationship between the two
domains. The members of one domain won't recognize the other domain even
though the name is the same.


--?
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

Kevin D. Goodknecht Sr. [MVP] wrote:
>> you guys gave me some clues for DNS troubleshoot. however my server
>> crashed before I could try anything. Luckily I was configuring a
>[quoted text clipped - 16 lines]
>> keep all in a workgroup and do this 100 times if I have too.
>> Cheers
>
>When you run DCPROMO, if DNS cannot contact the Root Servers it will create
>a Root "." zone. If it can contact the Root Servers it will not create the
>root zone.
>
>That said, when you created the second DC did you promote it as a replica of
>the first DC?
>-or-
> Did you run DCPromo using the same domain name?
>If you answer yes to the second question you just created to different
>domains with the same name and there will be no relationship between the two
>domains. The members of one domain won't recognize the other domain even
>though the name is the same.
>
>--?
>Best regards,
>Kevin D4 Dad Goodknecht Sr. [MVP]
>Hope This Helps
>===================================
>When responding to posts, please "Reply to Group"
>via your newsreader so that others may learn and
>benefit from your issue, to respond directly to
>me remove the nospam. from my email address.
>===================================
>http://www.lonestaramerica.com/
>===================================
>Use Outlook Express?... Get OE_Quotefix:
>It will strip signature out and more
>http://home.in.tum.de/~jain/software/oe-quotefix/
>===================================
>Keep a back up of your OE settings and folders
>with OEBackup:
>http://www.oehelp.com/OEBackup/Default.aspx
>===================================
Kevin............I first put all the PC's into a workgroup, then demoted the
DC and swapped out with another AND with a different domain name. Then when
I went to join the PCs to the domain they could not find the DC


--
Message posted via WinServerKB.com
http://www.winserverkb.com/Uwe/Forums.aspx/windows-2000-dns/200507/1
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

In news:511967FBBBD80@WinServerKB.com,
bill s via WinServerKB.com <forum@WinServerKB.com> posted this:

> Kevin............I first put all the PC's into a workgroup, then
> demoted the DC and swapped out with another AND with a different
> domain name. Then when I went to join the PCs to the domain they
> could not find the DC


OK, is the DC using its own address for DNS?
Is the Domain a multi-label name such as domain.com?
Is there a zone with dynamic updates allowed in the local DNS for this
domain name?
Does the Primary DNS suffix on the DC match exactly the domain name?

If all the answers above are true, restart the netlogon service, run netdiag
/fix and dcdiag /fix.

Then post the results from netdiag /test:dns /v


--?
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

Kevin D. Goodknecht Sr. [MVP] wrote:
>> Kevin............I first put all the PC's into a workgroup, then
>> demoted the DC and swapped out with another AND with a different
>> domain name. Then when I went to join the PCs to the domain they
>> could not find the DC
>
>OK, is the DC using its own address for DNS?
>Is the Domain a multi-label name such as domain.com?
>Is there a zone with dynamic updates allowed in the local DNS for this
>domain name?
>Does the Primary DNS suffix on the DC match exactly the domain name?
>
>If all the answers above are true, restart the netlogon service, run netdiag
>/fix and dcdiag /fix.
Kevin.......the DC crashed by the time I could get back to it. I am now
setting up a DC on a practice domain through a 4 port router. In the mean
time I set all PC's in a workgroup just to have functionality.
My first shot today and I still could not join the domain. I got the window
that requests authorized user to join the domain but it comes back and says
"domain name not found".
It has got to be the way AD is setting up DNS. I understand there are certain
files needed in the the forward zone and it appeared I had all but an "A"
file. Is this not the address file the DC refers to? Also...if clients are to
have a DNS IP in their tcp/ip listed should it not always be the DC IP? I am
not looking to host DNS for web use, I want to rely on an external DNS for
outside resolution. Should this be set up in the forward zone on the DC too?
>
>Then post the results from netdiag /test:dns /v
>
>--?
>Best regards,
>Kevin D4 Dad Goodknecht Sr. [MVP]
>Hope This Helps
>===================================
>When responding to posts, please "Reply to Group"
>via your newsreader so that others may learn and
>benefit from your issue, to respond directly to
>me remove the nospam. from my email address.
>===================================
>http://www.lonestaramerica.com/
>===================================
>Use Outlook Express?... Get OE_Quotefix:
>It will strip signature out and more
>http://home.in.tum.de/~jain/software/oe-quotefix/
>===================================
>Keep a back up of your OE settings and folders
>with OEBackup:
>http://www.oehelp.com/OEBackup/Default.aspx
>===================================


--
Message posted via WinServerKB.com
http://www.winserverkb.com/Uwe/Forums.aspx/windows-2000-dns/200507/1
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

In news:512DFA51CD1E0@WinServerKB.com,
bill s via WinServerKB.com <forum@WinServerKB.com> posted this:
> Kevin.......the DC crashed by the time I could get back to it. I am
> now setting up a DC on a practice domain through a 4 port router. In
> the mean time I set all PC's in a workgroup just to have
> functionality.
> My first shot today and I still could not join the domain. I got the
> window that requests authorized user to join the domain but it comes
> back and says "domain name not found".
> It has got to be the way AD is setting up DNS. I understand there are
> certain files needed in the the forward zone and it appeared I had
> all but an "A" file. Is this not the address file the DC refers to?
> Also...if clients are to have a DNS IP in their tcp/ip listed should
> it not always be the DC IP? I am not looking to host DNS for web use,
> I want to rely on an external DNS for outside resolution. Should this
> be set up in the forward zone on the DC too?

Can you post the ipconfig /all (unedited) from the DC?

The DC should use only its own address for the DNS server's address in all
NICs. No ISP or external DNS allowed on any interface of any member of an AD
domain, period.


--?
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

Kevin D. Goodknecht Sr. [MVP] wrote:
>> Kevin.......the DC crashed by the time I could get back to it. I am
>> now setting up a DC on a practice domain through a 4 port router. In
>[quoted text clipped - 10 lines]
>> I want to rely on an external DNS for outside resolution. Should this
>> be set up in the forward zone on the DC too?
>
>Can you post the ipconfig /all (unedited) from the DC?
>
>The DC should use only its own address for the DNS server's address in all
>NICs. No ISP or external DNS allowed on any interface of any member of an AD
>domain, period.
>
kevin....I now understand that golden rule. I tried setting a clinet or two
to an external DNS and that's what crashed AD. However...should I not have an
external DNS added to the forwarder??? I understand the server will then
forward any unresolved requests to the external DNS. I didn't do this before
and we were having problems findind MSN.com. It was intermittent and ALL
other sites could be found.
Thanks
>--?
>Best regards,
>Kevin D4 Dad Goodknecht Sr. [MVP]
>Hope This Helps
>===================================
>When responding to posts, please "Reply to Group"
>via your newsreader so that others may learn and
>benefit from your issue, to respond directly to
>me remove the nospam. from my email address.
>===================================
>http://www.lonestaramerica.com/
>===================================
>Use Outlook Express?... Get OE_Quotefix:
>It will strip signature out and more
>http://home.in.tum.de/~jain/software/oe-quotefix/
>===================================
>Keep a back up of your OE settings and folders
>with OEBackup:
>http://www.oehelp.com/OEBackup/Default.aspx
>===================================


--
Message posted via http://www.winserverkb.com
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

In news:51349DA786940@WinServerKB.com,
bill s via WinServerKB.com <forum@WinServerKB.com> posted this:

> kevin....I now understand that golden rule. I tried setting a clinet
> or two to an external DNS and that's what crashed AD.
> However...should I not have an external DNS added to the forwarder???
> I understand the server will then forward any unresolved requests to
> the external DNS. I didn't do this before and we were having problems
> findind MSN.com. It was intermittent and ALL other sites could be
> found.

Yes, you probably should enable a forwarder.

One more thing I should point out, if this is Win2k3 and you are behind a
Pix or similar firewall that blocks UDP packets over 512 bytes, you will
need to change the firewall rules to allow these packets or disable EDNS on
the DNS server.

Frequently asked questions about Windows 2000 DNS and Windows Server 2003
DNS
http://support.microsoft.com/default.aspx?scid=kb;en-us;291382

300202 - HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/?id=300202&sd=RMVP

825036 - Best practices for DNS client settings in Windows 2000 Server and
in Windows Server 2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;825036&sd=RMVP

323380 - HOW TO: Configure DNS for Internet Access in Windows Server 2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;323380&sd=RMVP

828263 - DNS query responses do not travel through a firewall in Windows
Server 2003:
http://support.microsoft.com/default.aspx?scid=kb;en-us;828263&sd=RMVP



--?
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================