none
Unable to connect to the active directory .... RRS feed

  • Question

  • Dear Everyone,

     

    I've a problem with DPM 2007 X86 Sp1, My information as bellow:

    DPM server (it's not located in my hyper-v, its another PC):

    Win server 2k3 enterprise sp2 x86

    DPM 2007 x86 sp1

     

    my server that I want to protect:

    Windows server 2k8 enterprise x64 + Hyper-V

    6 Virtual machines.

    <Server0> that is my file server, has attached physical hard drives to it. (win 2003 enterprise R2 sp2 x86)

     

    Now when I want to install agents on my <server0> or even any other VMs like my DC and etc. I get :

    Unable to connect to the active directory domain services database.

    Make Sure that the DPM server is a member of a domain and that a domain controller is running. Also verify that there is network connectivity between the DPM server and the domain controller.

    ID:7

    Details: The server is not operational (0x8007203A)

     

    I searched a lot and followed lots of guides, but it seems everything should be fine in both ends.

     

    I was wondering if anyone could guide me through as this is very critical to be setup ASAP.

     

    Regards,

     

    Wednesday, July 28, 2010 4:11 PM

Answers

  • HI,

    If I understand right, you are trying to protect your guest machines inside Hyper-V. Are these guest machines part of the same domain as the DPM server? Are you able to nslookup to those servers from DPM? Are you able to install the DPM agent on the Hyper-V server?

    Further, even though your reverse lookup zone is created, at the time you ran nslookup, you still did not have a record for server1. Please run ipconfig/registerdns on the DNS / DC.

     


    Regards, Rajeev Narshana [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights
    Wednesday, August 4, 2010 5:53 PM
    Moderator

All replies

  • Please check if "Authenticated Users" group is part of USERS group on the Domain Controller.

    To be sure DNS is working properly, try these steps.

    Try running nslookup <FQDN>   (Of the domain for list of DC IP addresses)

        IE: nslookup MyDomain.com

    On DPM Server try these to reset / troubleshoot DNS issues:
    ipconfig /flushdns
    ipconfig /registerdns
    net stop netlogon
    net start netlogon
     


    1.) From DPM:

    nslookup
    set q=any
    <dc_name> then try <dpm_name>


    2.) Then from DPM:

    nslookup
    server <dns ip address>
    set q=any
    <dc_name> then try <dpm_name>


    Are the ip's correct?

     

     


    Regards, Mike J [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights.
    Wednesday, July 28, 2010 9:53 PM
    Moderator
  • Hi,

     

    Thank you for your reply. I tried all of them.

    --

    The authenticated users group has Read permission on DC. I checked with adsiedit.

     

    --

    When I => nslookup <mydomain> I get:

    *** Can't find server name for address 192.168.30.1: Non-existent domain
    Server:  UnKnown.

    But the ip address that is returning is correct.

    Also I get :

    addresses:  192.168.30.1, 192.168.30.2, 192.168.10.6

    I do not know why it's returning 3 IP addresses. My DC IP is 192.168.30.1

     

    --

    Also in all of the nslookup parts, I get the ip addresses return correct except that the server field returns => Unknown. (for both DC and DPM)

    --

    No other problem popped-out. 

    I'll really appreciate it if you could guide me through.

     

    Regards,

    Wednesday, July 28, 2010 10:39 PM
  • Hmm, This error does not really makse sense when querying the fqdn.

     

    *** Can't find server name for address 192.168.30.1: Non-existent domain

    I think I would concentrate on figuring out how to resolve that, I don't have that problem.


    Regards, Mike J [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights.
    Friday, July 30, 2010 12:02 AM
    Moderator
  • *** Can't find server name for address 192.168.30.1: Non-existent domain

    can occur if the reverse lookup zone is not configured on your DNS server or if the entry for the DC (192.168.30.1) is not configured. You might want to configure the reverse lookup zone. From your replies, I am assuming that 192.168.30.1 is your only DC / DNS in the domain.

    The fact that nslookup <mydomain> returns 3 addresses in place of one is a problem. This means that your DPM & most likely all other servers in the domain think that there are 3 DCs and could attempt to connect to any one. Again check your DNS and look for Host A type of record named (same as parent folder). There should be exactly one record per DC.

    You need help from AD / DNS experts to resolve that part of the problem first.

    Regards

    Saturday, July 31, 2010 9:48 PM
    Moderator
  • Hi,

    I moved to DPM 2010, with the same problem still.

    I checked any hole in my DNS and fixed it. Fixed the 3 ip returning. Even setup reserve lookup zone.

    Now I've this:

    C:\Users\administrator.MYDOMAIN>nslookup server1
    Server:  UnKnown
    Address:  192.168.30.1

    Name:    server1.mydomain.local
    Address:  192.168.30.1

     

    I really don't know where to look anymore!

    If anyone can guide me through I'll really appreciate that.

     

    Regards,

     

    Tuesday, August 3, 2010 4:40 PM
  • HI,

    If I understand right, you are trying to protect your guest machines inside Hyper-V. Are these guest machines part of the same domain as the DPM server? Are you able to nslookup to those servers from DPM? Are you able to install the DPM agent on the Hyper-V server?

    Further, even though your reverse lookup zone is created, at the time you ran nslookup, you still did not have a record for server1. Please run ipconfig/registerdns on the DNS / DC.

     


    Regards, Rajeev Narshana [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights
    Wednesday, August 4, 2010 5:53 PM
    Moderator
  • Hi,

     

    Thank you for your respond.

     

    I solved the problem by removing my DNS server and re-installing it. It seems it had some problems from before, and this action fixed the issue. I could install the agents and add them to protection groups in DPM.

     

    Hope this helps others who might have the same problem.

     

    Regards,

    Friday, August 6, 2010 8:55 PM