Windows 2008 Complete Restore issues with DNS
-
2012年6月11日 21:46
I have a running windows 2008 Server AD with Exchange, to test our disaster recovery process, we purchased another server with same Hardware spces.
I restored the backup from USB backup drive which contains full backup of our main server.
system comes up fine with no issue, you can login with no problem but when i tried to open up active directory site and services, got an error stating it cannot contact the domain controller,
DNS is working, I also assigned same IP address as original server to one of the NIC and used same IP for DNS server.
it looks like something in DNS is changed and none of AD related application can find domain controller (like exchange mmc)
is there anything special that needs to be done when restoring a full vol on AD ?
- 已移动 Tiger LiModerator 2012年6月13日 7:26 (From:Branch Office)
全部回复
-
2012年6月14日 9:10版主
Hi,
Please run the command: dcdiag /test:dns to verify DNS registration and TCP/IP connectivity. For the detailed information, please refer to the following Microsoft TechNet article:
Verify DNS Registration and TCP/IP Connectivity
http://technet.microsoft.com/en-us/library/cc816791(v=ws.10).aspx
For more information, please also refer to the following Microsoft TechNet article:
Recovering Active Directory Domain Services
http://technet.microsoft.com/en-us/library/cc816751(v=ws.10).aspx
Regards,
Arthur Li
TechNet Community Support
-
2012年6月14日 9:24
Hi,
1)How did you verified that DNS is working, can you paste the result of dcdiag /test:dns (if not confedential) as suggested by arthur
2)Have you checked if the new DC is authenticating client machines
I guess the article given in below link applies to your scenario.
http://technet.microsoft.com/en-us/library/cc816932(v=ws.10)
Hope it helps __________________________ Best regards Sarang Tinguria MCP, MCSA, MCTS Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
-
2012年6月14日 9:51
Hello,
beside the already requested output files, which better are uploaded btw., i would like to mention that Exchange on DCs is NOT recommended by Microsoft:
ipconfig /all >c:\ipconfig.txt [from each DC/DNS Server]
dcdiag /v /c /d /e /s:dcname >c:\dcdiag.txt
repadmin /showrepl dc* /verbose /all /intersite >c:\repl.txt ["dc* is a place holder for the starting name of the DCs if they all begin the same (if more then one DC exists)]
dnslint /ad /s "DCipaddress" (http://support.microsoft.com/kb/321045)
As the output will become large, DON'T post them into the thread, please use Windows Sky Drive (skydrive.live.com) [with open access!] and add the link from it here. Also the /e in dcdiag scans the complete forest, so better run it on COB.
Best regards
Meinolf Weber
MVP, MCP, MCTS
Microsoft MVP - Directory Services
My Blog: http://msmvps.com/blogs/mweber/Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
- 已建议为答案 VenkatSP 2012年6月17日 17:19
-
2012年6月14日 10:54版主
My first question, is it a SBS server or normal windows 2008 Server with standard or enterprise edition? Running domain with single DC can be risky & difficult to provide high availability to the apps/machine dependent on the AD for the authentication. What are the error seen in the event log, because they may provide pointer to the actual error causing the issue.
Awinish Vishwakarma - MVP - Directory Services
My Blog: awinish.wordpress.com Disclaimer This posting is provided AS-IS with no warranties/guarantees and confers no rights. -
2012年6月14日 21:08
here is the output for ipconfig and dnsdiag:
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : DC01
Primary Dns Suffix . . . . . . . : mydomain.local
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mydomain.local
Ethernet adapter Private:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD Client) #4
Physical Address. . . . . . . . . : 00-22-19-01-8E-20
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.0.2.120(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Main:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD Client) #3
Physical Address. . . . . . . . . : 00-22-19-01-8E-1E
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2929:7239:a0d6:7b9f%13(Preferred)
Link-local IPv6 Address . . . . . : fe80::5cd3:da9e:8e7a:886a%13(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 285221401
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-A3-88-35-00-22-19-91-A2-4C
DNS Servers . . . . . . . . . . . : fe80::5cd3:da9e:8e7a:886a%13
10.0.0.6
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Local Area Connection* 9:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{81C00C44-79B8-4B85-9CBF-5A2626B5D
61A}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 11:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{3F0CF6F7-E2EE-4DAF-A782-76DA0D330
075}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
C:\>
C:\>dcdiag /test:dns
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DC01
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC01
Starting test: Connectivity
......................... DC01 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC01
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... DC01 passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : mydomain
Running enterprise tests on : mydomain.local
Starting test: DNS
Test results for domain controllers:
DC: DC01.mydomain.local
Domain: mydomain.local
TEST: Basic (Basc)
Warning: The AAAA record for this DC was not found
TEST: Records registration (RReg)
Network Adapter
[00000010] Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Clien
t):
Warning:
Missing AAAA record at DNS server 10.0.0.6:
DC01.mydomain.local
Warning:
Missing AAAA record at DNS server 10.0.0.6:
gc._msdcs.mydomain.local
Warning: Record Registrations not found in some network adapters
DC01 PASS WARN PASS PASS PASS WARN n/a
......................... mydomain.local passed test DNS
-
2012年6月14日 21:10
this is a test environment , just a test server no clients so far.
thanks for the article i'll read it and hopefully find the answer!
-
2012年6月14日 21:22
this is not SBS, its Server 2008 standard with exchange 2007, it the production we have two DC, for this test, we are just trying to restore first DC (which already have exchange installed ) in our test environment, so just one server, no client machine and secondary DC.
error logs sample:
The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
....
Process STORE.EXE (PID=4132). Topology discovery failed, error 0x80040a02 (DSC_E_NO_SUITABLE_CDC). Look up the Lightweight Directory Access Protocol (LDAP) error code specified in the event description. To do this, use Microsoft Knowledge Base article 218185, "Microsoft LDAP Error Codes." Use the information in that article to learn more about the cause and resolution to this error. Use the Ping or PathPing command-line tools to test network connectivity to local domain controllers.also when i try to open anything AD related like users and computers:Naming information cannot be located because the specific domain either does not exist or could not be contacted.
Opening up exchange MMC: Domain mydomain.local cannot be contacted or does not exit.
-
2012年6月14日 21:33
Hello,
the DC is multihomed, which is also bad configuration on DCs, more then one ip address/NIC is used. This result always in name resolution problems as you see now.
So disable one NIC and run ipconfig /flushdns and ipconfig /registerdns and restart the netlogon service. Also assure there is only one ip address for the server registered in DNS.
Best regards
Meinolf Weber
MVP, MCP, MCTS
Microsoft MVP - Directory Services
My Blog: http://msmvps.com/blogs/mweber/Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
-
2012年6月15日 19:39
I disabled private NIC and changed DNS to listen to Main NIC IP, still same issue like this event:
Active Directory Domain Services was unable to establish a connection with the global catalog.
Additional Data
Error value:
1355 The specified domain either does not exist or could not be contacted.
Internal ID:
3200d50
User Action:
Make sure a global catalog is available in the forest, and is reachable from this domain controller. You may use the nltest utility to diagnose this problem. -
2012年6月17日 15:12
Hello,
so you have also run "ipconfig /flushdns and ipconfig /registerdns and restart the netlogon service"?
And if you check within AD sites and services you also have the GC checkmark set?
Best regards
Meinolf Weber
MVP, MCP, MCTS
Microsoft MVP - Directory Services
My Blog: http://msmvps.com/blogs/mweber/Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
-
2012年6月17日 16:41
Have you verified that sysvol and netlogon share is available.Run net share command to check the same.
Check NIC binding the NIC which is online and has ip details should be in first order.If multiple NIC are present then disabled the unrequired NIC.http://theregime.wordpress.com/2008/03/04/how-to-setview-the-nic-bind-order-in-windows/
Restart the netlogon and dns service.Run dcdiag /fix and check how does it work.In case if sysvol and netlogon share is not available.Assuming you have single DC perfrom authorative restore(D4) of sysvol.Kindly take the backup of the sysvol folder from DC that is copy paste the content of the sysvol to temp location.http://support.microsoft.com/kb/316790
Hope this helpsBest Regards,
Sandesh Dubey.
MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator | My Blog
Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.- 已标记为答案 Arthur_LiMicrosoft Contingent Staff, Moderator 2012年6月20日 4:19
.png)
.png){kind=spacer}
