Secondary DC not registering in DNS

Tutorials Win: Microsoft Windows Forum

I have an active directory domain runnin all Win2003 servers with service
pack 2. In this domain I have two DCs. The first domain controller which was
also the first DC created in the domain is working fine and has all the
proper DNS records. The second DC seems to be working find and I am able to
ping it, however, if I take down the first DC I get errors from exchange and
other servers saying that a global catalog server is not available. I checked
and the second DC is acting as a global catalog but for some reason is not
seen when the first DC is taken offline. I ran DCDiag (results are below) and
it failed the connectivity test. I thought this was due to DNS entries in the
_msdcs section of the forward lookup zone. I am not sure how to fix this. I
did note that within the dc section of the msdcs zone only the main DC is
listed. This is also apparent in other sections like the gc folder. Has my
second DC failed to add it records or is something else going wrong? Any help
in this matter would be greatly appreciated


Domain Controller Diagnosis

Performing initial setup:
* Verifying that the local machine arrowdc02, is a DC.
* Connecting to directory service on server arrowdc02.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\ARROWDC02
Starting test: Connectivity
* Active Directory LDAP Services Check
The host
4ac30e94-0571-42d1-8ee5-e518d1e08079._msdcs.arrowheaddental.com could not be
resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name

(4ac30e94-0571-42d1-8ee5-e518d1e08079._msdcs.arrowheaddental.com)

couldn't be resolved, the server name (arrowdc02.arrowheaddental.com)

resolved to the IP address (192.168.9.12) and was pingable. Check

that the IP address is registered correctly with the DNS server.
......................... ARROWDC02 failed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\ARROWDC02
Skipping all tests, because server ARROWDC02 is
not responding to directory service requests
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: VerifyReplicas
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: CheckSecurityError

Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom

Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom

Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom

Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom

Running partition tests on : arrowheaddental
Starting test: CrossRefValidation
......................... arrowheaddental passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... arrowheaddental passed test CheckSDRefDom

Running enterprise tests on : arrowheaddental.com
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope

provided by the command line arguments provided.
......................... arrowheaddental.com passed test Intersite
Starting test: FsmoCheck
GC Name: \\arrowdc02.arrowheaddental.com
Locator Flags: 0xe00001fc
PDC Name: \\arrowdc01.arrowheaddental.com
Locator Flags: 0xe00003fd
Time Server Name: \\arrowdc02.arrowheaddental.com
Locator Flags: 0xe00001fc
Preferred Time Server Name: \\arrowdc01.arrowheaddental.com
Locator Flags: 0xe00003fd
KDC Name: \\arrowdc02.arrowheaddental.com
Locator Flags: 0xe00001fc
......................... arrowheaddental.com passed test FsmoCheck
Test omitted by user request: DNS
Test omitted by user request: DNS
--
Darius Sanders
--
Darius Sanders
Top

Re: Secondary DC not registering in DNS by Al

Al
Fri May 02 13:15:29 PDT 2008

It does look like it has not added the records properly. Have you tried to
re-register the server DC records?
Have you checked the event log to verify errors are cleared from there as
well?

Al


"Darius Sanders" <DariusSanders@discussions.microsoft.com> wrote in message
news:E5AAA77B-2DBC-4B9D-9F2E-F7E4C33DA607@microsoft.com...
>I have an active directory domain runnin all Win2003 servers with service
> pack 2. In this domain I have two DCs. The first domain controller which
> was
> also the first DC created in the domain is working fine and has all the
> proper DNS records. The second DC seems to be working find and I am able
> to
> ping it, however, if I take down the first DC I get errors from exchange
> and
> other servers saying that a global catalog server is not available. I
> checked
> and the second DC is acting as a global catalog but for some reason is not
> seen when the first DC is taken offline. I ran DCDiag (results are below)
> and
> it failed the connectivity test. I thought this was due to DNS entries in
> the
> _msdcs section of the forward lookup zone. I am not sure how to fix this.
> I
> did note that within the dc section of the msdcs zone only the main DC is
> listed. This is also apparent in other sections like the gc folder. Has my
> second DC failed to add it records or is something else going wrong? Any
> help
> in this matter would be greatly appreciated
>
>
> Domain Controller Diagnosis
>
> Performing initial setup:
> * Verifying that the local machine arrowdc02, is a DC.
> * Connecting to directory service on server arrowdc02.
> * Collecting site info.
> * Identifying all servers.
> * Identifying all NC cross-refs.
> * Found 2 DC(s). Testing 1 of them.
> Done gathering initial info.
>
> Doing initial required tests
>
> Testing server: Default-First-Site-Name\ARROWDC02
> Starting test: Connectivity
> * Active Directory LDAP Services Check
> The host
> 4ac30e94-0571-42d1-8ee5-e518d1e08079._msdcs.arrowheaddental.com could not
> be
> resolved to an
> IP address. Check the DNS server, DHCP, server name, etc
> Although the Guid DNS name
>
> (4ac30e94-0571-42d1-8ee5-e518d1e08079._msdcs.arrowheaddental.com)
>
> couldn't be resolved, the server name
> (arrowdc02.arrowheaddental.com)
>
> resolved to the IP address (192.168.9.12) and was pingable. Check
>
> that the IP address is registered correctly with the DNS server.
> ......................... ARROWDC02 failed test Connectivity
>
> Doing primary tests
>
> Testing server: Default-First-Site-Name\ARROWDC02
> Skipping all tests, because server ARROWDC02 is
> not responding to directory service requests
> Test omitted by user request: Topology
> Test omitted by user request: CutoffServers
> Test omitted by user request: OutboundSecureChannels
> Test omitted by user request: VerifyReplicas
> Test omitted by user request: VerifyEnterpriseReferences
> Test omitted by user request: CheckSecurityError
>
> Running partition tests on : DomainDnsZones
> Starting test: CrossRefValidation
> ......................... DomainDnsZones passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... DomainDnsZones passed test CheckSDRefDom
>
> Running partition tests on : ForestDnsZones
> Starting test: CrossRefValidation
> ......................... ForestDnsZones passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... ForestDnsZones passed test CheckSDRefDom
>
> Running partition tests on : Schema
> Starting test: CrossRefValidation
> ......................... Schema passed test CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... Schema passed test CheckSDRefDom
>
> Running partition tests on : Configuration
> Starting test: CrossRefValidation
> ......................... Configuration passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... Configuration passed test CheckSDRefDom
>
> Running partition tests on : arrowheaddental
> Starting test: CrossRefValidation
> ......................... arrowheaddental passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... arrowheaddental passed test
> CheckSDRefDom
>
> Running enterprise tests on : arrowheaddental.com
> Starting test: Intersite
> Skipping site Default-First-Site-Name, this site is outside the
> scope
>
> provided by the command line arguments provided.
> ......................... arrowheaddental.com passed test
> Intersite
> Starting test: FsmoCheck
> GC Name: \\arrowdc02.arrowheaddental.com
> Locator Flags: 0xe00001fc
> PDC Name: \\arrowdc01.arrowheaddental.com
> Locator Flags: 0xe00003fd
> Time Server Name: \\arrowdc02.arrowheaddental.com
> Locator Flags: 0xe00001fc
> Preferred Time Server Name: \\arrowdc01.arrowheaddental.com
> Locator Flags: 0xe00003fd
> KDC Name: \\arrowdc02.arrowheaddental.com
> Locator Flags: 0xe00001fc
> ......................... arrowheaddental.com passed test
> FsmoCheck
> Test omitted by user request: DNS
> Test omitted by user request: DNS
> --
> Darius Sanders
> --
> Darius Sanders


Top

Re: Secondary DC not registering in DNS by DariusSanders

DariusSanders
Fri May 02 13:23:00 PDT 2008

What is the best way to reregister those records? I have heard some say that
you can do it by restarting the netlogon service?
--
Darius Sanders


"Al Mulnick" wrote:

> It does look like it has not added the records properly. Have you tried to
> re-register the server DC records?
> Have you checked the event log to verify errors are cleared from there as
> well?
>
> Al
>
>
> "Darius Sanders" <DariusSanders@discussions.microsoft.com> wrote in message
> news:E5AAA77B-2DBC-4B9D-9F2E-F7E4C33DA607@microsoft.com...
> >I have an active directory domain runnin all Win2003 servers with service
> > pack 2. In this domain I have two DCs. The first domain controller which
> > was
> > also the first DC created in the domain is working fine and has all the
> > proper DNS records. The second DC seems to be working find and I am able
> > to
> > ping it, however, if I take down the first DC I get errors from exchange
> > and
> > other servers saying that a global catalog server is not available. I
> > checked
> > and the second DC is acting as a global catalog but for some reason is not
> > seen when the first DC is taken offline. I ran DCDiag (results are below)
> > and
> > it failed the connectivity test. I thought this was due to DNS entries in
> > the
> > _msdcs section of the forward lookup zone. I am not sure how to fix this.
> > I
> > did note that within the dc section of the msdcs zone only the main DC is
> > listed. This is also apparent in other sections like the gc folder. Has my
> > second DC failed to add it records or is something else going wrong? Any
> > help
> > in this matter would be greatly appreciated
> >
> >
> > Domain Controller Diagnosis
> >
> > Performing initial setup:
> > * Verifying that the local machine arrowdc02, is a DC.
> > * Connecting to directory service on server arrowdc02.
> > * Collecting site info.
> > * Identifying all servers.
> > * Identifying all NC cross-refs.
> > * Found 2 DC(s). Testing 1 of them.
> > Done gathering initial info.
> >
> > Doing initial required tests
> >
> > Testing server: Default-First-Site-Name\ARROWDC02
> > Starting test: Connectivity
> > * Active Directory LDAP Services Check
> > The host
> > 4ac30e94-0571-42d1-8ee5-e518d1e08079._msdcs.arrowheaddental.com could not
> > be
> > resolved to an
> > IP address. Check the DNS server, DHCP, server name, etc
> > Although the Guid DNS name
> >
> > (4ac30e94-0571-42d1-8ee5-e518d1e08079._msdcs.arrowheaddental.com)
> >
> > couldn't be resolved, the server name
> > (arrowdc02.arrowheaddental.com)
> >
> > resolved to the IP address (192.168.9.12) and was pingable. Check
> >
> > that the IP address is registered correctly with the DNS server.
> > ......................... ARROWDC02 failed test Connectivity
> >
> > Doing primary tests
> >
> > Testing server: Default-First-Site-Name\ARROWDC02
> > Skipping all tests, because server ARROWDC02 is
> > not responding to directory service requests
> > Test omitted by user request: Topology
> > Test omitted by user request: CutoffServers
> > Test omitted by user request: OutboundSecureChannels
> > Test omitted by user request: VerifyReplicas
> > Test omitted by user request: VerifyEnterpriseReferences
> > Test omitted by user request: CheckSecurityError
> >
> > Running partition tests on : DomainDnsZones
> > Starting test: CrossRefValidation
> > ......................... DomainDnsZones passed test
> > CrossRefValidation
> > Starting test: CheckSDRefDom
> > ......................... DomainDnsZones passed test CheckSDRefDom
> >
> > Running partition tests on : ForestDnsZones
> > Starting test: CrossRefValidation
> > ......................... ForestDnsZones passed test
> > CrossRefValidation
> > Starting test: CheckSDRefDom
> > ......................... ForestDnsZones passed test CheckSDRefDom
> >
> > Running partition tests on : Schema
> > Starting test: CrossRefValidation
> > ......................... Schema passed test CrossRefValidation
> > Starting test: CheckSDRefDom
> > ......................... Schema passed test CheckSDRefDom
> >
> > Running partition tests on : Configuration
> > Starting test: CrossRefValidation
> > ......................... Configuration passed test
> > CrossRefValidation
> > Starting test: CheckSDRefDom
> > ......................... Configuration passed test CheckSDRefDom
> >
> > Running partition tests on : arrowheaddental
> > Starting test: CrossRefValidation
> > ......................... arrowheaddental passed test
> > CrossRefValidation
> > Starting test: CheckSDRefDom
> > ......................... arrowheaddental passed test
> > CheckSDRefDom
> >
> > Running enterprise tests on : arrowheaddental.com
> > Starting test: Intersite
> > Skipping site Default-First-Site-Name, this site is outside the
> > scope
> >
> > provided by the command line arguments provided.
> > ......................... arrowheaddental.com passed test
> > Intersite
> > Starting test: FsmoCheck
> > GC Name: \\arrowdc02.arrowheaddental.com
> > Locator Flags: 0xe00001fc
> > PDC Name: \\arrowdc01.arrowheaddental.com
> > Locator Flags: 0xe00003fd
> > Time Server Name: \\arrowdc02.arrowheaddental.com
> > Locator Flags: 0xe00001fc
> > Preferred Time Server Name: \\arrowdc01.arrowheaddental.com
> > Locator Flags: 0xe00003fd
> > KDC Name: \\arrowdc02.arrowheaddental.com
> > Locator Flags: 0xe00001fc
> > ......................... arrowheaddental.com passed test
> > FsmoCheck
> > Test omitted by user request: DNS
> > Test omitted by user request: DNS
> > --
> > Darius Sanders
> > --
> > Darius Sanders
>
>
>
Top

Re: Secondary DC not registering in DNS by DariusSanders

DariusSanders
Fri May 02 13:40:02 PDT 2008

Thanks for you help everybody. All I needed to do was restart the netlogon
service on the second DC and it registered all the records in the msdcs
forward lookup zones. I then ran DCdiag again and the second DC passed the
connectivity test. Thanks again for the help.
--
Darius Sanders


"Meinolf Weber" wrote:

> Hello Al,
>
> What states a dcdiag on the first installed DC? Please post also an unedited
> ipconfig /all from both machines here.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and confers
> no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
>
> > It does look like it has not added the records properly. Have you
> > tried to
> > re-register the server DC records?
> > Have you checked the event log to verify errors are cleared from there
> > as
> > well?
> > Al
> >
> > "Darius Sanders" <DariusSanders@discussions.microsoft.com> wrote in
> > message news:E5AAA77B-2DBC-4B9D-9F2E-F7E4C33DA607@microsoft.com...
> >
> >> I have an active directory domain runnin all Win2003 servers with
> >> service
> >> pack 2. In this domain I have two DCs. The first domain controller
> >> which
> >> was
> >> also the first DC created in the domain is working fine and has all
> >> the
> >> proper DNS records. The second DC seems to be working find and I am
> >> able
> >> to
> >> ping it, however, if I take down the first DC I get errors from
> >> exchange
> >> and
> >> other servers saying that a global catalog server is not available. I
> >> checked
> >> and the second DC is acting as a global catalog but for some reason
> >> is not
> >> seen when the first DC is taken offline. I ran DCDiag (results are
> >> below)
> >> and
> >> it failed the connectivity test. I thought this was due to DNS
> >> entries in
> >> the
> >> _msdcs section of the forward lookup zone. I am not sure how to fix
> >> this.
> >> I
> >> did note that within the dc section of the msdcs zone only the main
> >> DC is
> >> listed. This is also apparent in other sections like the gc folder.
> >> Has my
> >> second DC failed to add it records or is something else going wrong?
> >> Any
> >> help
> >> in this matter would be greatly appreciated
> >> Domain Controller Diagnosis
> >>
> >> Performing initial setup:
> >> * Verifying that the local machine arrowdc02, is a DC.
> >> * Connecting to directory service on server arrowdc02.
> >> * Collecting site info.
> >> * Identifying all servers.
> >> * Identifying all NC cross-refs.
> >> * Found 2 DC(s). Testing 1 of them.
> >> Done gathering initial info.
> >> Doing initial required tests
> >>
> >> Testing server: Default-First-Site-Name\ARROWDC02
> >> Starting test: Connectivity
> >> * Active Directory LDAP Services Check
> >> The host
> >> 4ac30e94-0571-42d1-8ee5-e518d1e08079._msdcs.arrowheaddental.com could
> >> not
> >> be
> >> resolved to an
> >> IP address. Check the DNS server, DHCP, server name, etc
> >> Although the Guid DNS name
> >> (4ac30e94-0571-42d1-8ee5-e518d1e08079._msdcs.arrowheaddental.com)
> >>
> >> couldn't be resolved, the server name (arrowdc02.arrowheaddental.com)
> >>
> >> resolved to the IP address (192.168.9.12) and was pingable. Check
> >>
> >> that the IP address is registered correctly with the DNS server.
> >> ......................... ARROWDC02 failed test Connectivity
> >>
> >> Doing primary tests
> >>
> >> Testing server: Default-First-Site-Name\ARROWDC02
> >> Skipping all tests, because server ARROWDC02 is
> >> not responding to directory service requests
> >> Test omitted by user request: Topology
> >> Test omitted by user request: CutoffServers
> >> Test omitted by user request: OutboundSecureChannels
> >> Test omitted by user request: VerifyReplicas
> >> Test omitted by user request: VerifyEnterpriseReferences
> >> Test omitted by user request: CheckSecurityError
> >> Running partition tests on : DomainDnsZones
> >> Starting test: CrossRefValidation
> >> ......................... DomainDnsZones passed test
> >> CrossRefValidation
> >> Starting test: CheckSDRefDom
> >> ......................... DomainDnsZones passed test CheckSDRefDom
> >> Running partition tests on : ForestDnsZones
> >> Starting test: CrossRefValidation
> >> ......................... ForestDnsZones passed test
> >> CrossRefValidation
> >> Starting test: CheckSDRefDom
> >> ......................... ForestDnsZones passed test CheckSDRefDom
> >> Running partition tests on : Schema
> >> Starting test: CrossRefValidation
> >> ......................... Schema passed test CrossRefValidation
> >> Starting test: CheckSDRefDom
> >> ......................... Schema passed test CheckSDRefDom
> >> Running partition tests on : Configuration
> >> Starting test: CrossRefValidation
> >> ......................... Configuration passed test
> >> CrossRefValidation
> >> Starting test: CheckSDRefDom
> >> ......................... Configuration passed test CheckSDRefDom
> >> Running partition tests on : arrowheaddental
> >> Starting test: CrossRefValidation
> >> ......................... arrowheaddental passed test
> >> CrossRefValidation
> >> Starting test: CheckSDRefDom
> >> ......................... arrowheaddental passed test
> >> CheckSDRefDom
> >> Running enterprise tests on : arrowheaddental.com
> >> Starting test: Intersite
> >> Skipping site Default-First-Site-Name, this site is outside the
> >> scope
> >> provided by the command line arguments provided.
> >> ......................... arrowheaddental.com passed test
> >> Intersite
> >> Starting test: FsmoCheck
> >> GC Name: \\arrowdc02.arrowheaddental.com
> >> Locator Flags: 0xe00001fc
> >> PDC Name: \\arrowdc01.arrowheaddental.com
> >> Locator Flags: 0xe00003fd
> >> Time Server Name: \\arrowdc02.arrowheaddental.com
> >> Locator Flags: 0xe00001fc
> >> Preferred Time Server Name: \\arrowdc01.arrowheaddental.com
> >> Locator Flags: 0xe00003fd
> >> KDC Name: \\arrowdc02.arrowheaddental.com
> >> Locator Flags: 0xe00001fc
> >> ......................... arrowheaddental.com passed test
> >> FsmoCheck
> >> Test omitted by user request: DNS
> >> Test omitted by user request: DNS
> >> --
> >> Darius Sanders
> >> --
> >> Darius Sanders
>
>
>
Top

Re: Secondary DC not registering in DNS by Hank

Hank
Sun May 04 04:47:09 PDT 2008

Darius Sanders wrote:
> Thanks for you help everybody. All I needed to do was restart the netlogon
> service on the second DC and it registered all the records in the msdcs
> forward lookup zones. I then ran DCdiag again and the second DC passed the
> connectivity test. Thanks again for the help.

Cool...... Always good to hear success stories. Thanks.

--

Regards,
Hank Arnold
Microsoft MVP
Windows Server - Directory Services
Top