DNS problems

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Just inherited a new SBS box today as the client said the previous IT company was f**king useless!

The SBS box is sick as a dog! Apart from the usual crap folder structure and making everyone a domain admin there are some major problems.The first problem I need to fix is in the DNS. The DNS event log is full and errors are generated every minute or so. The error is....

‘The DNS server encountered a packet addressed to itself on IP <IP of server>. The packet is for DNS name “_ldap_tcp.dc_msdcs.<domain>” The packet will be discarded. This condition usually indicates a configuration error.

Further investigation shows that the whole _msdcs forward lookup zone with all the AD info is not there, not good! The delegated _msdcs folder\containter is in the domain forward lookup zone.

Has anyone ever had to recreate the DNS on an SBS box before? I’ve been doing some research on the net and it looks like it is feasible by renaming the netlogon.dns file, recreating the zone and then restarting the net logon service.

There are many other problems with the server but they are all fixable. This is the only area which may cause a major problem, don’t want to delete the domain!

Any thoughts?

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Just found THIS on the M$ site.

I set up SBS up at home and had a flood of DNS errors. My problem was that the forwarders were wrong and buggering everything up.

 

The forwarders are configured correctly, they point at the 'real world' DNS servers. The DHCP scope is wrong as it hands out the I.P of the server and also the 'real world' DNS server I.Ps as well.

Ive rebooted the server (Windows Patch), would that be the same as restarting the service?

 

A reboot is as good as restarting the services.

 

Just a thought, as DNS is by default AD integrated on install, could you not do a restore of the dns. Not sure if you can do that, of course an idea when the DNS was broken would help if you have the backups still.

 

There are errors in the event logs relating to Group Policy and the details suggest that DNS is causing problem. The whole network has a general ‘slowness’ to it which at this early stage I think is down to the DNS issues.

The clients can log on ok but it can take some time. I think the previous company has completely screwed the DNS part of the install. Rather than having the DNS pointing at the server they have ‘real world’ DNS for the clients. Granted the clients can log on but I am assuming that the DNS lookup is timing out on the real world DNS I.Ps.

There are 30 people at the company plus loads of contacts, distribution lists and also a database application so I’m reluctant to rebuild. As the stability of the install is questionable I wouldn’t want to move that to a new server and try and restore it from tape.

To rebuild I think I would have to exmerge the whole mailbox store and then export the AD (using csvde). Then I would have to build an SBS box overnight, rebuild the AD, import the mailboxs, restore the files and then the apps. Also I would have to add all the PCs to the ‘new’ domain and perhaps try to migrate the profiles, big job!

Ive found this link that might help...

http://groups.google.co.uk/group/mi...dcs+server+2003&rnum=1&hl=en#69bed48100622bad

Think this might get me outta jail?

 

It has been like that for a year, the backups go back a week, arrgh!

I could leave it the way it is but the previous company was given the boot as they couldnt (or could not be bothered) fix the problem.

The company wants another 10 PCs installed so I dont want to do this while the server is configured incorrectly.

 

Will do, the netdiag /fix command line utility may help as well (got that from the 70-291 book!) and also..
http://www.pcreview.co.uk/forums/thread-1470716.php

Need to have a chat with my MD tomorrow about it, he would like a fix rather than a rebuild. I think it may be the case that we try the fix and if the server falls over then we have have enough guys on-site to rebuild overnight. If the fix works then its pub time. Also if I have time I might install SBS on a virtual server and break the DNS and see if I can fix it.

I *think* the guys that installed the server may have pointed the server at the real world DNS servers rather than pointing the server at itself and use forwarders, this has screwed the zone creation, could be wrong though!

Hopefully this should be sorted by the end of the week

 

Thought I would recreate this problem on my own SBS box before working on a live server.

I originally deleted the zone and recreated it however the dc,gc folders recreated instantly. Not a good test so I deleted the zone stopped the DNS and Net Logon services. Then I renamed netlogon.dns and netlogon.dnb files to completely break the dns. Rebooted and was able to logon ok.

The DNS event logs started to show the loopback problem so I then recreated the zone. The zone only recreated the basic DNS entries without the dc and gc folders so I then stopped the services and renamed the dns files (they had been recreated) and then restarted the DNS and Net Logon services. Ran the ipconfig /flushdns and ipconfig /registerdns and then opened DNS.

Only the DC folder had recreated however the last command line noted that it can take 15 mins to register the DNS. I waited about 10 mins and then re-opened the DNS console, all the entries were there. The DNS log files were not filling up with errors and I was able to reboot the server and log back on.

Looks like it can be done but I need to check there is still enough time for a rebuild. Dont want to make the changes and get a 'Domain unavailable' message when I try to log into the SBS box, arrgh!

 

Sorted!

Very busy today and didn’t actually get the chance to travel to the clients site so ended up doing this remotely. Did exactly what I did on the test SBS box and the zone recreated itself and the event logs are now looking good!

Configured the DHCP correctly and rebooted the server and also a PC. Browsed the internet on the PC and the speed is much better. Previously there was always a pause when opening a webpage probably due to the DNS being configured so badly.

Now there is no need for a rebuild and spending a few days on-site making sure everything is ok, result!

Think I’ve earned a beer or two!