ICTCity Posted April 19, 2011 Posted April 19, 2011 Mhhhh that's a good question. I think you should copy the original file, modify it as I suggested before, stop dns service (open DNS snap-in > right click > stop), rename the new file properly, flush DNS cache, restart DNS and export again everything just to be sure everything has gone in the properly way. EDIT ***Uh... DELETE ALSO the entry for ipv6!*** After that, try to open sites and services and tell me if you have the same error again. DO NOT RENAME YOUR SERVER! We are going to fix this problem in another way. Check event log for a while. If you can open sites and services with no errors... we can be a bit more happy :) If not... well... I still have time before the clean install :P Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
SailingNut Posted April 19, 2011 Author Posted April 19, 2011 Still not sure on the "rename properly" part of the above. Can I just go into the DNS snapin and change the enrties? Quote
ICTCity Posted April 20, 2011 Posted April 20, 2011 Still not sure on the "rename properly" part of the above. Can I just go into the DNS snapin and change the enrties? yes :) Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
SailingNut Posted April 20, 2011 Author Posted April 20, 2011 OK, got the DNS reconfigured and I still get the "interface is unknown" problem when opening the AD Dimain Services. :wallbash: Output from dcdiag.exe still shows references to big-rig2 (I can post if you want to see.) Shuld I go through and try seizing roles again now that the DNS stuff is cleared up? FYI, there is no deadline for doing a clean install on Saturday. I'm happy to keep working on this as long as you are! Quote
SailingNut Posted April 20, 2011 Author Posted April 20, 2011 Other information.... I grabbed the event log from a reboot after I changed the DNS entries. The file is attached. Quote
ICTCity Posted April 20, 2011 Posted April 20, 2011 Other information.... I grabbed the event log from a reboot after I changed the DNS entries. The file is attached. Grrrrrrrr f****ng ipv6!!! First try this procedure which surely disable IPv6: http://www.windowsreference.com/networking/disable-ipv6-in-windows-server-20008-full-core-installation/ Then Export and post the DNS configuration again. The first error is interesting: The processing of Group Policy failed. Windows could not determine if the user and computer accounts are in the same forest. Ensure the user domain name matches the name of a trusted domain that resides in the same forest as the computer account. It looks like it's trying to access another server via the wrong interface! I'm still trying to find a way to manage domain and trust from command line... Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
ICTCity Posted April 20, 2011 Posted April 20, 2011 Do you have another server? If yes, open domain and trusts from there and connect to the dc by typing the ip. Let me know. Somebody explain me WHY you can't manage a server with core install -.- now I want to open a new topic in this forum! Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
SailingNut Posted April 20, 2011 Author Posted April 20, 2011 Here's the output after doing the registry edit & rebooting. ; ; Database file (null) for wtbhome.net zone. ; Zone version: 5632 ; @ IN SOA big-rig.wtbhome.net. admin.wtbhome.net. ( 5632 ; serial number 900 ; refresh 600 ; retry 86400 ; expire 3600 ) ; default TTL ; ; Zone NS records ; @ NS big-rig.wtbhome.net. @ NS somewhere-hot.wtbhome.net. ; ; Zone records ; @ 600 A 192.168.0.2 @ 600 AAAA fd47:dced:df9d:5a5f::1 63fa3998-2396-4450-b046-a8ceb3bf85dc._msdcs 600 CNAME big-rig.wtbhome.net. _kerberos._tcp.wtbhome._sites.dc._msdcs 600 SRV 0 100 88 big-rig.wtbhome.net. _ldap._tcp.wtbhome._sites.dc._msdcs 600 SRV 0 100 389 big-rig.wtbhome.net. _kerberos._tcp.dc._msdcs 600 SRV 0 100 88 big-rig.wtbhome.net. _ldap._tcp.dc._msdcs 600 SRV 0 100 389 big-rig.wtbhome.net. _ldap._tcp.d170d4c1-dda7-4565-b23c-024adc8e5aa9.domains._msdcs 600 SRV 0 100 389 big-rig.wtbhome.net. gc._msdcs 600 A 192.168.0.100 600 A 192.168.0.2 600 AAAA fd47:dced:df9d:5a5f::1 _ldap._tcp.wtbhome._sites.gc._msdcs 600 SRV 0 100 3268 big-rig.wtbhome.net. _ldap._tcp.gc._msdcs 600 SRV 0 100 3268 big-rig.wtbhome.net. _ldap._tcp.pdc._msdcs 600 SRV 0 100 389 big-rig.wtbhome.net. _gc._tcp.wtbhome._sites 600 SRV 0 100 3268 big-rig.wtbhome.net. _kerberos._tcp.wtbhome._sites 600 SRV 0 100 88 big-rig.wtbhome.net. _ldap._tcp.wtbhome._sites 600 SRV 0 100 389 big-rig.wtbhome.net. _gc._tcp 600 SRV 0 100 3268 big-rig.wtbhome.net. _kerberos._tcp 600 SRV 0 100 88 big-rig.wtbhome.net. _kpasswd._tcp 600 SRV 0 100 464 big-rig.wtbhome.net. _ldap._tcp 600 SRV 0 100 389 big-rig.wtbhome.net. _kerberos._udp 600 SRV 0 100 88 big-rig.wtbhome.net. _kpasswd._udp 600 SRV 0 100 464 big-rig.wtbhome.net. apocalypso 1200 A 192.168.0.68 ATMRACK 1200 A 192.168.0.54 BankOfBadHabits 1200 A 192.168.0.53 big-rig A 192.168.0.2 big-rigx 1200 A 192.168.0.7 CHGSINLATTITUDE 1200 A 192.168.0.55 DomainDnsZones 600 A 192.168.0.2 600 AAAA fd47:dced:df9d:5a5f::1 _ldap._tcp.wtbhome._sites.DomainDnsZones 600 SRV 0 100 389 big-rig.wtbhome.net. _ldap._tcp.DomainDnsZones 600 SRV 0 100 389 big-rig.wtbhome.net. ForestDnsZones 600 A 192.168.0.2 600 AAAA fd47:dced:df9d:5a5f::1 _ldap._tcp.wtbhome._sites.ForestDnsZones 600 SRV 0 100 389 big-rig.wtbhome.net. _ldap._tcp.ForestDnsZones 600 SRV 0 100 389 big-rig.wtbhome.net. JamaciaMistaka 1200 A 192.168.0.54 mame-cabinet 1200 A 192.168.0.57 mamecab 1200 A 192.168.0.69 mamestation 1200 A 192.168.0.59 Margaritaville 1200 A 192.168.0.54 miss-magic 1200 A 192.168.0.57 missmagic 1200 A 192.168.0.51 overkill 1200 A 192.168.0.55 virtoverkill 1200 A 192.168.0.69 WIN7TEST-PC 1200 A 192.168.131.66 Quote
ICTCity Posted April 20, 2011 Posted April 20, 2011 Here's the output after doing the registry edit & rebooting. ; ; Database file (null) for wtbhome.net zone. ; Zone version: 5632 ; @ IN SOA big-rig.wtbhome.net. admin.wtbhome.net. ( 5632 ; serial number 900 ; refresh 600 ; retry 86400 ; expire 3600 ) ; default TTL ; ; Zone NS records ; @ NS big-rig.wtbhome.net. @ NS somewhere-hot.wtbhome.net. ; ; Zone records ; @ 600 A 192.168.0.2 @ 600 AAAA fd47:dced:df9d:5a5f::1 63fa3998-2396-4450-b046-a8ceb3bf85dc._msdcs 600 CNAME big-rig.wtbhome.net. _kerberos._tcp.wtbhome._sites.dc._msdcs 600 SRV 0 100 88 big-rig.wtbhome.net. _ldap._tcp.wtbhome._sites.dc._msdcs 600 SRV 0 100 389 big-rig.wtbhome.net. _kerberos._tcp.dc._msdcs 600 SRV 0 100 88 big-rig.wtbhome.net. _ldap._tcp.dc._msdcs 600 SRV 0 100 389 big-rig.wtbhome.net. _ldap._tcp.d170d4c1-dda7-4565-b23c-024adc8e5aa9.domains._msdcs 600 SRV 0 100 389 big-rig.wtbhome.net. gc._msdcs 600 A 192.168.0.100 600 A 192.168.0.2 600 AAAA fd47:dced:df9d:5a5f::1 _ldap._tcp.wtbhome._sites.gc._msdcs 600 SRV 0 100 3268 big-rig.wtbhome.net. _ldap._tcp.gc._msdcs 600 SRV 0 100 3268 big-rig.wtbhome.net. _ldap._tcp.pdc._msdcs 600 SRV 0 100 389 big-rig.wtbhome.net. _gc._tcp.wtbhome._sites 600 SRV 0 100 3268 big-rig.wtbhome.net. _kerberos._tcp.wtbhome._sites 600 SRV 0 100 88 big-rig.wtbhome.net. _ldap._tcp.wtbhome._sites 600 SRV 0 100 389 big-rig.wtbhome.net. _gc._tcp 600 SRV 0 100 3268 big-rig.wtbhome.net. _kerberos._tcp 600 SRV 0 100 88 big-rig.wtbhome.net. _kpasswd._tcp 600 SRV 0 100 464 big-rig.wtbhome.net. _ldap._tcp 600 SRV 0 100 389 big-rig.wtbhome.net. _kerberos._udp 600 SRV 0 100 88 big-rig.wtbhome.net. _kpasswd._udp 600 SRV 0 100 464 big-rig.wtbhome.net. apocalypso 1200 A 192.168.0.68 ATMRACK 1200 A 192.168.0.54 BankOfBadHabits 1200 A 192.168.0.53 big-rig A 192.168.0.2 big-rigx 1200 A 192.168.0.7 CHGSINLATTITUDE 1200 A 192.168.0.55 DomainDnsZones 600 A 192.168.0.2 600 AAAA fd47:dced:df9d:5a5f::1 _ldap._tcp.wtbhome._sites.DomainDnsZones 600 SRV 0 100 389 big-rig.wtbhome.net. _ldap._tcp.DomainDnsZones 600 SRV 0 100 389 big-rig.wtbhome.net. ForestDnsZones 600 A 192.168.0.2 600 AAAA fd47:dced:df9d:5a5f::1 _ldap._tcp.wtbhome._sites.ForestDnsZones 600 SRV 0 100 389 big-rig.wtbhome.net. _ldap._tcp.ForestDnsZones 600 SRV 0 100 389 big-rig.wtbhome.net. JamaciaMistaka 1200 A 192.168.0.54 mame-cabinet 1200 A 192.168.0.57 mamecab 1200 A 192.168.0.69 mamestation 1200 A 192.168.0.59 Margaritaville 1200 A 192.168.0.54 miss-magic 1200 A 192.168.0.57 missmagic 1200 A 192.168.0.51 overkill 1200 A 192.168.0.55 virtoverkill 1200 A 192.168.0.69 WIN7TEST-PC 1200 A 192.168.131.66 Can you please DELETE all the entries for IPv6? I see there's a zone for IPv6 and a A record. Also the two A records have the same "weight", when the DC try to use the IPv6 it doesn't work. We must delete everything related to IPv6! Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
SailingNut Posted April 21, 2011 Author Posted April 21, 2011 So I removed ALL IPv6 entries in the DNS server. I then restarted the DNS server service and attempted to open the AD Sites & Services with the same error. :-( After the AD Sites & Services app came up I tried to manually connect to big-rig and it also failed with the interface unknown error. It also fails with the same error if I put in the IP address for connecting instead of the DNS name. What are the next steps? Quote
ICTCity Posted April 21, 2011 Posted April 21, 2011 So I removed ALL IPv6 entries in the DNS server. I then restarted the DNS server service and attempted to open the AD Sites & Services with the same error. :-( After the AD Sites & Services app came up I tried to manually connect to big-rig and it also failed with the interface unknown error. It also fails with the same error if I put in the IP address for connecting instead of the DNS name. What are the next steps? Ok, now we just need to set up NETLOGON properly, because it's trying to start with the wrong server's name (big-rig 2). Now the point is: how to point netlogon to the right name? Let's try this first: Open the registry and select your computer, press CTRL+F and type big-rig2 and also check "Match whole string only". Once a result has been found, rename it to big-rig. After that press F3 (find next) and continue until the end. Once done, restart the server and open a command prompt and type: net start netlogon and let me know if it's working or it gives you the same error. Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
SailingNut Posted April 22, 2011 Author Posted April 22, 2011 Quite sadly, the same error after "cleasning" the registry. Event viewer event ID = 5602 description = An internal error occurred while accessing the computer's local or network security database Next? ;-) On the plus side, dcdiag is looking a bit more like we're erasing traces of big-rig2. But the minus is that there seems to be an IPv6 entry "stuck" somewhere. Here's the output: Directory Server Diagnosis Performing initial setup: Trying to find home server... Home Server = big-rig * Identified AD Forest. Done gathering initial info. Doing initial required tests Testing server: wtbhome\BIG-RIG2 Starting test: Connectivity The host 63fa3998-2396-4450-b046-a8ceb3bf85dc._msdcs.wtbhome.net could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc. Neither the the server name (big-rig2.wtbhome.net) nor the Guid DNS name (63fa3998-2396-4450-b046-a8ceb3bf85dc._msdcs.wtbhome.net) could be resolved by DNS. Check that the server is up and is registered correctly with the DNS server. Got error while checking LDAP and RPC connectivity. Please check your firewall settings. ......................... BIG-RIG2 failed test Connectivity Doing primary tests Testing server: wtbhome\BIG-RIG2 Skipping all tests, because server BIG-RIG2 is not responding to directory service requests. Running partition tests on : ForestDnsZones Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Running partition tests on : DomainDnsZones Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Running partition tests on : Schema Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Running partition tests on : Configuration Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Running partition tests on : wtbhome Starting test: CheckSDRefDom ......................... wtbhome passed test CheckSDRefDom Starting test: CrossRefValidation ......................... wtbhome passed test CrossRefValidation Running enterprise tests on : wtbhome.net Starting test: LocatorCheck Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1722 A Global Catalog Server could not be located - All GC's are down. Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1722 A Primary Domain Controller could not be located. The server holding the PDC role is down. Warning: DcGetDcName(TIME_SERVER) call failed, error 1722 A Time Server could not be located. The server holding the PDC role is down. Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1722 A Good Time Server could not be located. Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1722 A KDC could not be located - All the KDCs are down. ......................... wtbhome.net failed test LocatorCheck Starting test: Intersite ......................... wtbhome.net passed test Intersite Quote
ICTCity Posted April 22, 2011 Posted April 22, 2011 Quite sadly, the same error after "cleasning" the registry. Event viewer event ID = 5602 description = An internal error occurred while accessing the computer's local or network security database Next? ;-) Open your DNS and add a new A record: Name: big-rig2 (yes with number 2) IP: IP_big-rig Add AAAA record: Name: big-rig2 IPv6: IP_v6_big-rig Add a CNAME: from BIG-RIG2 to BIG-RIG Flush DNS's cache. Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
SailingNut Posted April 22, 2011 Author Posted April 22, 2011 Open your DNS and add a new A record: Name: big-rig2 (yes with number 2) IP: IP_big-rig Add AAAA record: Name: big-rig2 IPv6: IP_v6_big-rig Add a CNAME: from BIG-RIG2 to BIG-RIG Flush DNS's cache. Unfortunately, when I go in to add the new A record it will not let me create the A record with IP_big-rig in the IP address field. It is insisting that I put in an IP address. Should I create the records with 192.168.0.2? (and whatever the IPv6 address is) Or should I just try adding the CNAME? Quote
ICTCity Posted April 22, 2011 Posted April 22, 2011 Unfortunately, when I go in to add the new A record it will not let me create the A record with IP_big-rig in the IP address field. It is insisting that I put in an IP address. Should I create the records with 192.168.0.2? (and whatever the IPv6 address is) Or should I just try adding the CNAME? Well of course you have to put the real IP (192.168.0.2) eheh Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
SailingNut Posted April 22, 2011 Author Posted April 22, 2011 OK, tried that and I get an error! Dialog reads: The host record big-rig2.wtbhome.net cannot be created. Refused Nothing in the event log. Quote
ICTCity Posted April 22, 2011 Posted April 22, 2011 Retry and look here: http://support.microsoft.com/kb/815224EventLog.txt Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
SailingNut Posted April 24, 2011 Author Posted April 24, 2011 Retry and look here: http://support.microsoft.com/kb/815224 So, I tried the workaround listed in the KB article and no joy. When I double click on the "Manage auditing and security log" entry under "User Rights Assignment" the ass and remove buttoms are both disabled. Also, I tried the "add the record twice" and I keep getting the same error. Won't be able to try things for over a week due to many circumstances. Looking forward to something new to try when I'm able to "play" with this. Thanks again! Quote
ICTCity Posted April 24, 2011 Posted April 24, 2011 you have to change this policy in the Default Domain Policy GPO not in local policy. Let me know. Quote -------------------------------------------------------- Tu peux aussi crire en franais. Du kannst auch auf Deutsch schreiben. Puoi scrivere anche in italiano. --------------------------------------------------------
SailingNut Posted April 28, 2011 Author Posted April 28, 2011 Finally got a moment to try this and when I open group policy management there is nothing listed. So I went to "Add forrest" and entered my domain name in the dialog. When I clicked OK it gave me the error "The specified domain either does not exist or could not be contacted." I did some googling on that error but could not seem to find anything that looked useful to me. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.