Domain removed, DNS messed up

Similar Messages

• Strange issues with domain controller/DNS server

  Our domain controller/DNS server was working fine this morning. Then suddenly we stopped being able to access certain things on it. I could ping it, RDP into it, and access some files on it, but I couldn't run any applications hosted on it, accessing shared
  network files was slow, and different people around the office were getting access denied errors to files and folders they had full control of in NTFS (and in shared permissions).
  At first I noticed an NTP error so I registered w32tm and started the service and that got rid of the error but didn't fix anything.
  Oddly, machines still had internet access.
  We tried rebooting everything, restarting services, nothing has helped.
  When I accessed the server directly through the console I could access everything, could connect to any machine in the office, nothing seemed to be wrong with it.
  Any ideas?

  Is there any recent changes in your network or firewall or antivirus? Is there any change/updates performed in the AD side? I would suggest find out changes being done at the AD or Network/FIrewall level. You can run various diagnostic test within your AD
  environment to find the overall health of the AD infra.
  What does DCDIAG actually… do?
  Active Directory Replication Status Tool Released 
  http://msmvps.com/blogs/ad/archive/2008/06/03/active-directory-health-checks-for-domain-controllers.aspx
  Awinish Vishwakarma - MVP
  My Blog: awinish.wordpress.com
  Disclaimer This posting is provided AS-IS with no warranties/guarantees and confers no rights.

• Unix command in ARD to remove DNS Servers from Network prefs?

  I need to know how to send a unix command to remove DNS Servers in Network preferences. I need the DNS Servers field to be blank. Can this be done?

  Our network administrator is getting ready to change the IP address of our DNS server. This means I have over 30 Macs that will be needing changes to their DNS settings. Since each machine is setup with limited access to the system prefs, that means I have to go to each machine and log in as the admin user to make this change. In the interest of saving time, is this something I can do with Remote Desktop and how? Would I use the same commands in this post and replace dns1 with our DNS' new IP address? Will this distrupt the users access to the network when I do so?
  Thanks for any help.
  Beth

• New Domain controller, DNS client settings before FSMO transfer

  I recently promoted a new domain controller.  It is the fourth domain controller and third in the site.  I plan to decommission the other two domain controllers in the site leaving just the new one.   Right now the new domain controller points
  its tcp\ip client to the other other domain controller\DNS servers as primary and itself at the bottom.  The other domain controllers point to themselves as primary and the newest domain controller on the bottom of the list.  Clients on the network
  use the original domain controllers as DNS from DHCP first and then the new domain controller DNS.  Is it okay to transfer all the FSMO roles to the new domain controller or should I make all the DNS clients point to it first?

  Hi,
  It is possible to first change your FSMO roles and after this is done then point your DNS clients to the new DC. This should not be a problem.
  some interesting information about assigning your FSMO Roles: http://www.windowsdevcenter.com/pub/a/windows/2004/06/15/fsmo.html
  Hope this helps you out.

• Removing DHCP failover removes DNS A records

  We are running a windows 2012 r2 domain with 4 DCs all configured as DNS servers. One of the DCs is also our DHCP server. We configured a second dhcp server in January and joined it in failover mode. It was fine for a couple weeks, but then we got spammed
  with 20291 and 20292 errors. We decided to remove the failover relationship and unauthorize the second dhcp server which we did without any errors. However when we rebooted the original dhcp server, we immediately lost over 30 A records in dns, mostly printers,
  and we found that the dns server ip addresses on the nics of the dhcp server were changed to invalid addresses. Is there anything known that could explain this behavior? Otherwise the server seems to be working fine, and diagnostics (dcdiag, repadmin, event
  log) are not showing any errors.

  Hi,
  Was the second DHCP server also a DC? Which kind of DHCP Failover Modes did you used?
  Based on my experience, a DHCP server can register and update DNS PTR and address A resource records on behalf of its DHCP-enabled clients. I assume the lost A
  records may be due to the IP address of the DNS server was changed. Did you configure a static DNS server in the DNS settings on the DHCP server? I assume that you select "Obtain DNS server address automatically" as if you define a DNS
  server, it won't be changed after reboot.
  In general, it would be better to point the preferred/secondary DNS server to the DC instead of obtaining the DNS server address automatically.
  Besides, for event ID 20291, you can refer to the KB below:
  http://support.microsoft.com/kb/2955135
  Best regards,
  Susie
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• Can't remove dns zone

  I messed up my dns zone while while adding a zone. I am trying to remove everything and start over, but SA will not let me. I have a primary and reverse zone that keeps coming back after I remove it. I have looked in /var/named/zone, but there is nothing there.
  If I add another zone, it appears in /var/named/zone, and I can remove it with SA. What should I try next?

  Hi
  This afp548 article explains the Leopard DNS Service including where relevant files are located. You might find it useful. You could restart the Server in safe mode (shift key depressed) and try deleting the zones that way. A normal restart thereafter should get you going again. You may actually be looking at a rebuild/reinstall but only you would know or decide that.
  This recent post describes how to set up the DNS Service in Leopard simply:
  http://discussions.apple.com/thread.jspa?threadID=1251475&tstart=0
  Stick with it because its not that obvious to begin with. Its about the 7th post down. One thing that could be added is at the setup assistant stage and when you are prompted to configure the Network Settings is to switch off IPv6.
  Hope this helps, Tony

• How to use DNS server for name resolution for items which don't exist in active directory domain controller DNS

  Dear Experts,
  In our office we have a domain controller call it 'Office.com', all computers and corporate servers e.g. exchange, antivirus etc. are member of this 'office.com', it is also having a DNS. All users in office have there preferred DNS set to the corporate
  DNS
  We are working for ministry and offering services to them from our data center so have many servers which are for ministry but they are in our data center. For all these servers we created another DNS server which contains all entries for these servers in
  forward and reverse lookup zones. In this DNS we also created a forward lookup zone for our corporate servers and zone name is 'office.com'
  What we are trying to have is name resolution of all servers which are listed in other DNS build in our office on Win 2008 R2 for ministry servers
  If the user change his preferred DNS to ministry DNS he can resolve the ministry server but then we can not control any thing through group policy since they are using other DNS and not the corporate DNS. 
  How this can be done ? like any group policy applied to corporate domain controller must take effect on users and in addition to this user must also be able to resolve server names in ministry project DNS
  Please assist ASAP.
  regards,

  Hello,
  ok so the GPO setting doesn't apply in any case.
  Clients machines use the first DNS server in the list of configured ones on the NIC. If that one is available search for additional DNS servers will stop.
  What i can not really understand is your description about the second DNS server. This should normally either another DC with AD integrated DNS, so everything is replicatedwithin AD replication or you use a secondary DNS on domain member server that pulls
  the informations from the Master.
  It sounds for me that you have configured a machine with DNS server role and created manually the zone with the same name as the domainand manually create there the required A records?
  Best regards
  Meinolf Weber
  MVP, MCP, MCTS
  Microsoft MVP - Directory Services
  My Blog: http://msmvps.com/blogs/mweber/
  Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

• Help with setting up active directory domain controller/DNS - need this for Clustering

  Disclaimer: I am new to Active Directory, so please dont rule out the obvious things I may have overlooked.
  I need to set up Active Directory Domain controller on at least one server so I can run clustering. I set up the domain controller and ran Cluster validation and that failed - unable to reach writable domain controller.
  When I look at my server manager AD DS complain about DNS:
  NASE-2012-234    4015    Error    Microsoft-Windows-DNS-Server-Service    DNS Server    1/14/2014 12:54:06 AM
  The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
  When I click on DNS this is the error:
  The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
  Output of DCDiag -v is below.
  PS C:\Users\Administrator> dcdiag -v
  Directory Server Diagnosis
  Performing initial setup:
     Trying to find home server...
     * Verifying that the local machine NASE-2012-234, is a Directory Server.
     Home Server = NASE-2012-234
     * Connecting to directory service on server NASE-2012-234.
     * Identified AD Forest.
     Collecting AD specific global data
     * Collecting site info.
     Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=lab,DC=nase,DC=com,LDAP_SCOPE_SUBTREE,(objectCategory=
  ntDSSiteSettings),.......
     The previous call succeeded
     Iterating through the sites
     Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=lab,DC=nas
  e,DC=com
     Getting ISTG and options for the site
     * Identifying all servers.
     Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=lab,DC=nase,DC=com,LDAP_SCOPE_SUBTREE,(objectClass=ntD
  SDsa),.......
     The previous call succeeded....
     The previous call succeeded
     Iterating through the list of servers
     Getting information for the server CN=NTDS Settings,CN=NASE-2012-234,CN=Servers,CN=Default-First-Site-Name,CN=Sites,C
  N=Configuration,DC=lab,DC=nase,DC=com
     objectGuid obtained
     InvocationID obtained
     dnsHostname obtained
     site info obtained
     All the info for the server collected
     * Identifying all NC cross-refs.
     * Found 1 DC(s). Testing 1 of them.
     Done gathering initial info.
  Doing initial required tests
     Testing server: Default-First-Site-Name\NASE-2012-234
        Starting test: Connectivity
           * Active Directory LDAP Services Check
           The host c0c507c4-fb9b-49a6-9a01-ef79d7960c94._msdcs.lab.nasecom could not be resolved to an IP address.
           Check the DNS server, DHCP, server name, etc.
           Got error while checking LDAP and RPC connectivity. Please check your firewall settings.
           ......................... NASE-2012-234 failed test Connectivity
  Doing primary tests
     Testing server: Default-First-Site-Name\NASE-2012-234
        Skipping all tests, because server NASE-2012-234 is not responding to directory service requests.
        Test omitted by user request: Advertising
        Test omitted by user request: CheckSecurityError
        Test omitted by user request: CutoffServers
        Test omitted by user request: FrsEvent
        Test omitted by user request: DFSREvent
        Test omitted by user request: SysVolCheck
        Test omitted by user request: KccEvent
        Test omitted by user request: KnowsOfRoleHolders
        Test omitted by user request: MachineAccount
        Test omitted by user request: NCSecDesc
        Test omitted by user request: NetLogons
        Test omitted by user request: ObjectsReplicated
        Test omitted by user request: OutboundSecureChannels
        Test omitted by user request: Replications
        Test omitted by user request: RidManager
        Test omitted by user request: Services
        Test omitted by user request: SystemLog
        Test omitted by user request: Topology
        Test omitted by user request: VerifyEnterpriseReferences
        Test omitted by user request: VerifyReferences
        Test omitted by user request: VerifyReplicas
        Test omitted by user request: DNS
        Test omitted by user request: DNS
     Running partition tests on : ForestDnsZones
        Starting test: CheckSDRefDom
           ......................... ForestDnsZones passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... ForestDnsZones passed test CrossRefValidation
     Running partition tests on : DomainDnsZones
        Starting test: CheckSDRefDom
           ......................... DomainDnsZones passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... DomainDnsZones passed test CrossRefValidation
     Running partition tests on : Schema
        Starting test: CheckSDRefDom
           ......................... Schema passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... Schema passed test CrossRefValidation
     Running partition tests on : Configuration
        Starting test: CheckSDRefDom
           ......................... Configuration passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... Configuration passed test CrossRefValidation
     Running partition tests on : lab
        Starting test: CheckSDRefDom
           ......................... lab passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... lab passed test CrossRefValidation
     Running enterprise tests on : lab.nasecom
        Test omitted by user request: DNS
        Test omitted by user request: DNS
        Starting test: LocatorCheck
           GC Name: \\NASE-2012-234.lab.nasecom
           Locator Flags: 0xe000f3fd
           PDC Name: \\NASE-2012-234.lab.nasecom
           Locator Flags: 0xe000f3fd
           Time Server Name: \\NASE-2012-234.lab.nasecom
           Locator Flags: 0xe000f3fd
           Preferred Time Server Name: \\NASE-2012-234.lab.nasecom
           Locator Flags: 0xe000f3fd
           KDC Name: \\NASE-2012-234.lab.nasecom
           Locator Flags: 0xe000f3fd
           ......................... lab.nase.com passed test LocatorCheck
        Starting test: Intersite
           Skipping site Default-First-Site-Name, this site is outside the scope provided by the command line arguments
           provided.
           ......................... lab.nasecom passed test Intersite
  PS C:\Users\Administrator>

  http://social.technet.microsoft.com/Forums/en-US/home?forum=winserverDS is the forum for Directory Services questions.  You might want to post your question there.
  .:|:.:|:. tim

• New Domain Controller DNS Issues

  Hello,
  We currently have 2 root Domain Controllers (ROOTDOM) and 4 child Domain Controllers (MYDOM). ROOTDOM is an empty domain, everything on our network uses the MYDOM domain.
  These existing DCs were running Server 2003, so we upgraded the schema and added 2 Server 2008 DCs in ROOTDOM and 4 Server 2008 DCs in MYDOM. All servers are DNS servers and Global Catalog servers.
  The AD replication status tool shows replication is working perfectly between the new and old DCs, and everything looks up to date in AD and DNS on all servers.
  The new servers have a SYSVOL and NETLOGON share as they should.
  The servers are all in the Domain Controllers AD group and have correct static IP addresses, forwarders are pointing to the 2 old 2003 ROOTDOM DCs which in turn point to an internet source which works fine.
  The problem is that when I change the DNS server address of a machine in MYDOM to one of my new 2008 DCs, the machine appears to lose connectivity with the domain. As soon as I put the DNS server back to one of the existing 2003 DCs, connectivity resumes
  as normal.
  I really don't understand what else I'm missing on those 2008 DCs, could you give me any pointers of where to look?
  ROOTDOM          MYDOM
  2003RDC1         2003DC1
  2003RDC2         2003DC2
  2008RDC1         2003DC3
  2008RDC2         2003DC4
                          2008DC1
                          2008DC2
                          2008DC3
                          2008DC4
  The issue is slightly complicated by the fact that 2008DC2 has a hardware failure so DCDIAG (understandably) reports replication issues to that at the moment.
  Any pointers greatly appreciated.
  EDIT - DCDIAG results as follows:
  Directory Server Diagnosis
  Performing initial setup:
  Trying to find home server...
  Home Server = 2008DC1
  * Identified AD Forest.
  Done gathering initial info.
  Doing initial required tests
  Testing server: Central-Site\2008DC1
  Starting test: Connectivity
  ......................... 2008DC1 passed test Connectivity
  Doing primary tests
  Testing server: Central-Site\2008DC1
  Starting test: Advertising
  ......................... 2008DC1 passed test Advertising
  Starting test: FrsEvent
  ......................... 2008DC1 passed test FrsEvent
  Starting test: DFSREvent
  ......................... 2008DC1 passed test DFSREvent
  Starting test: SysVolCheck
  ......................... 2008DC1 passed test SysVolCheck
  Starting test: KccEvent
  ......................... 2008DC1 passed test KccEvent
  Starting test: KnowsOfRoleHolders
  ......................... 2008DC1 passed test KnowsOfRoleHolders
  Starting test: MachineAccount
  ......................... 2008DC1 passed test MachineAccount
  Starting test: NCSecDesc
  ......................... 2008DC1 passed test NCSecDesc
  Starting test: NetLogons
  ......................... 2008DC1 passed test NetLogons
  Starting test: ObjectsReplicated
  ......................... 2008DC1 passed test ObjectsReplicated
  Starting test: Replications
  ......................... 2008DC1 passed test Replications
  Starting test: RidManager
  ......................... 2008DC1 passed test RidManager
  Starting test: Services
  ......................... 2008DC1 passed test Services
  Starting test: SystemLog
  ......................... 2008DC1 passed test SystemLog
  Starting test: VerifyReferences
  ......................... 2008DC1 passed test VerifyReferences
  Running partition tests on : DomainDnsZones
  Starting test: CheckSDRefDom
  ......................... DomainDnsZones passed test CheckSDRefDom
  Starting test: CrossRefValidation
  ......................... DomainDnsZones passed test
  CrossRefValidation
  Running partition tests on : ForestDnsZones
  Starting test: CheckSDRefDom
  ......................... ForestDnsZones passed test CheckSDRefDom
  Starting test: CrossRefValidation
  ......................... ForestDnsZones passed test
  CrossRefValidation
  Running partition tests on : MYDOM
  Starting test: CheckSDRefDom
  ......................... MYDOM passed test CheckSDRefDom
  Starting test: CrossRefValidation
  ......................... MYDOM passed test CrossRefValidation
  Running partition tests on : Schema
  Starting test: CheckSDRefDom
  ......................... Schema passed test CheckSDRefDom
  Starting test: CrossRefValidation
  ......................... Schema passed test CrossRefValidation
  Running partition tests on : Configuration
  Starting test: CheckSDRefDom
  ......................... Configuration passed test CheckSDRefDom
  Starting test: CrossRefValidation
  ......................... Configuration passed test CrossRefValidation
  Running enterprise tests on : ROOTDOM.mycompany.co.uk
  Starting test: LocatorCheck
  ......................... ROOTDOM.mycompany.co.uk passed test
  LocatorCheck
  Starting test: Intersite
  ......................... ROOTDOM.mycompany.co.uk passed test
  Intersite

  Hi Kev,
  >>The problem is that when I change the DNS server address of a machine in MYDOM to one of my new 2008 DCs, the machine appears to lose connectivity with the domain.
  Before going further, does the 2008 DC belong to MYDOM domain? For AD-integrated DNS servers and if these servers belong to the same domain, they should hold the same set
  of DNS records.  
  Besides, we can check DNS event logs to see if some related events were logged.
  Best regards,
  Frank Shen

• Remove DNS entries and reset from the Terminal

  I have a DNS service running on my Mac Server and it seems to be screwed up, because I can not remove any entries.
  Initially, it let's me remove them...but when I click save...they all appear again!
  What I want to do is to remove all entries manually and do anything else that will reset all of the DNS settings and let me start from scratch.
  Can anyone help me?

  I'm having a weird problem with my dns as well. I've done some research and have not been able to test it yet because the server is located at a clients business.
  However, as far as I can tell, os x server keeps it's config files for the network here...
  /Library/Preferences/SystemConfiguration/
  DNS is located here...
  /var/named
  and here...
  /etc/dns
  The name of the DNS server in the terminal is named. You can type man named in the terminal to learn how to stop and start it and other things about it.
  Before tinkering with any of the files, I would recommend making a backup of them first. Hope this helps!

• Redundant domain controller DNS settings

  Hi guys,
  We have two domain controllers, both DNS and GC. I am curious as to what the recommended IP DNS settings should be for both DCs? I think it is like this...
  DC1
  DNS1 - DC2
  DNS2 - DC1
  DC2
  DNS1 - DC1
  DNS2 - DC2
  Is this the right setup?
  Thanks
  Aaron

  Is this the right setup?
  Yes it is correct. I would go with 127.0.0.1 for 'Alternate DNS server'.
  Mahdi Tehrani   |  
    |  
  www.mahditehrani.ir
  Please click on Propose As Answer or to mark this post as
  and helpful for other people.
  This posting is provided AS-IS with no warranties, and confers no rights.
  How to query members of 'Local Administrators' group in all computers?

• Gah.. can't join domain! DNS problem

  The server has Intel Xeon CPU E5606 @ 2.13 GHz,  8 GB RAM. Windows Server 2012 R2 DataCenter x64
  The workstation has Intel Core i7 4820K CPU @ 3.70 GHz 16 GB RAM. Windows 8.1 Professional x64

  Rob Dunn wrote:Your primary DNS server address on the client...it's IPv6. I wonder if this is your problem.
  I haven't had much (*ahem* any) experience with IPv6 in a domain environment. With that said, see this link:
  https://windorks.wordpress.com/2014/09/17/the-day-ipv6-broke-my-dc/You may have to configure the IPv6 properties to use the loopback address ( ::1 ) on the DC.
  You're awesome! That was it. **Grumbling to self about what a waste of time!!!**I ended up going to the link that someone on that page you gave me referred to.. that link is to some Microsoft troubleshooting tools. I tried to do "Put IP4 before IP6" fix, but that didn't do anything. So I just went ahead with the Disable IP6 one.https://support.microsoft.com/en-us/kb/929852/en-usand now it's joined!

• Trying to remove Genieo - Messed up the process

  So I am trying to remove genieo from my computer and started by deleting it from Safari, Firefox and I think Chrome. The process I used to remove it from the browsers were from wiki how based on the following instructions:
  After I did this I looked further into the whole Genieo issue and I had a feeling I did not fully remove the program from my computer. I'm not a computer savvy guy, but a program like this sounds like something that doesnt go away this easily. After that, I found I was supposed to delete a file listed as "launchd.conf." Through all the paths that websites provided, I could not find it but I know it is there because it is still running after looking at my activity monitor. I have also read that if I do this wrong, I will potentially mess up my computer which I have neither the time nor expertise to solve such an issue.
  If anyone can please let me know where I can go from here after botching the process thus far, please let me know. Thank you.
  T

  Hi ..
  It's malware  ...
  See: (Users of Mac OS X 10.6.8 or older should use my manual removal instructions) > http://www.adwaremedic.com/index.php

• Domain and DNS

  I'm hosting a wordpress site at http://www.example.com, but I recently purchased a new domain name with namecheap, say http://example2.com. I want to keep my files at the original domain, but I want the url in chromium to display only the new domain, with nary a hint that the site is still on http://example.com Is there some way to do this easily from namecheap?

  Add a DNS CNAME for this new name to to your old one on your name server.

• Server 2012 Domain Controller / DNS Issue

  If you did ipconfig /registerdns, I'm assuming you did ipconfig /flushdns prior to that correct? Just want to make sure...
  Once you are sure you did both, go ahead and type in nslookup in the command prompt. What does it display as the current DNS server? Once you type that in, you can type in the IP address of your new DC and see what it resolves to. Please get back to us with those results when possible.

  We had a domain controller go down in a multi domain controller environment. We set a new one up and promoted it to the domain. Assigned it all the necessary roles and joined it to the domain. It has been 4 days since we did this and we cannot ping it by host name. We can ping it by IP address. I have forced replication, which allowed me to ping it by host name for a few hours, but then it stopped working. I have tried to change the DNS primary to a different DC, making the host a secondary DNS, that didn't fix it. I am looking for any suggestions on how to fix it. I have done a ipconfig /registerdns , restarted DNS services but still not able to ping host name of DC on a consistent basis.
  Any suggestions ?
  [email protected]
  This topic first appeared in the Spiceworks Community