hidden hit counter
Help!

DNS/AD problems after demoting first server in AD

 
Post new topic   General Reply to Topic (not reply to a specific post)    Forums Home -> DNS RSS
Next:  Memory Dump analyzed (afd.sys)  
Author Message
Jim Helfer
External


Since: Dec 11, 2006
Posts: 2



PostPosted: Mon Dec 11, 2006 9:58 pm    Post subject: DNS/AD problems after demoting first server in AD
Archived from groups: microsoft>public>win2000>dns (more info?)

I had to demote a server that was a GC, DC and a DNS server. I didn't
see any errors on this process, but it's seemed to have some ugly side
effects on the network. First of all, the demoted server remains a
member server and a DNS server, but is not connected to the zone. (and
there are events that tell me it tried but couldn't).

But, several important-looking records in the other DNS server still
apear to reference the demoted, dns-disconnected server, such as:

ForwardLookupZpne/_msdc: NS - Name Server

ForwardLookupZone/_msdc/_tcp : SRV - Service Location

ForwardLookupZpne/_msdc/_gc: A - Host

Similar for wtwarch.com

I know this is wrong, but I'm not sure what to do. Manually delete the
records? reconnect the demoted servers DNS? Remove DNS from the demoted
server?

Thanks
Jim Helfer
WTW Architects
Pittsburgh PA
Back to top
Vincent Xu [MSFT]
External


Since: May 16, 2005
Posts: 176



PostPosted: Tue Dec 12, 2006 6:42 am    Post subject: RE: DNS/AD problems after demoting first server in AD [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)

Hi,

First, before you demote it, did you transfer FSMO to other DCs? If not,
please now try to seize FSMO to other DCs.

324801 How to view and transfer FSMO roles in Windows Server 2003
http://support.microsoft.com/default.aspx?scid=kb;EN-US;324801

255504 Using Ntdsutil.exe to transfer or seize FSMO roles to a domain
controller
http://support.microsoft.com/default.aspx?scid=kb;EN-US;255504

Second, since you demoted the DC, I suggest you let other DCs to hold the
DNS role if the DNS is stored in AD.

Third, I'm not sure what is the exact event of "not connected to the zone",
please let me know in detail.

Thanks.


Best regards,

Vincent Xu
Microsoft Online Partner Support

======================================================
Get Secure! - www.microsoft.com/security
======================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others
may learn and benefit from this issue.
======================================================
This posting is provided "AS IS" with no warranties,and confers no rights.
======================================================



--------------------
>>Date: Mon, 11 Dec 2006 16:58:11 -0500
>>From: Jim Helfer
>>User-Agent: Thunderbird 1.5.0.8 (Windows/20061025)
>>MIME-Version: 1.0
>>Subject: DNS/AD problems after demoting first server in AD
>>Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>>Content-Transfer-Encoding: 7bit
>>Message-ID:
>>Newsgroups: microsoft.public.win2000.dns
>>NNTP-Posting-Host: wtwarch.com 66.212.142.243
>>Lines: 1
>>Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP02.phx.gbl
>>Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.win2000.dns:64
>>X-Tomcat-NG: microsoft.public.win2000.dns
>>
>>
>> I had to demote a server that was a GC, DC and a DNS server. I didn't
>>see any errors on this process, but it's seemed to have some ugly side
>>effects on the network. First of all, the demoted server remains a
>>member server and a DNS server, but is not connected to the zone. (and
>>there are events that tell me it tried but couldn't).
>>
>> But, several important-looking records in the other DNS server still
>>apear to reference the demoted, dns-disconnected server, such as:
>>
>>ForwardLookupZpne/_msdc: NS - Name Server
>>
>>ForwardLookupZone/_msdc/_tcp : SRV - Service Location
>>
>>ForwardLookupZpne/_msdc/_gc: A - Host
>>
>> Similar for wtwarch.com
>>
>> I know this is wrong, but I'm not sure what to do. Manually delete the
>>records? reconnect the demoted servers DNS? Remove DNS from the demoted
>>server?
>>
>> Thanks
>> Jim Helfer
>>WTW Architects
>>Pittsburgh PA
>>
>>
Back to top
Jim Helfer
External


Since: Dec 11, 2006
Posts: 2



PostPosted: Wed Dec 13, 2006 12:29 am    Post subject: Re: DNS/AD problems after demoting first server in AD [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)

Thanks, I just removed the DNS service from the demoted server and
everything seeemed to go back to normal.
Back to top
Vincent Xu [MSFT]
External


Since: May 16, 2005
Posts: 176



PostPosted: Wed Dec 13, 2006 7:30 am    Post subject: Re: DNS/AD problems after demoting first server in AD [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)

Hi Ji,

Glad to know that. Smile

Have a good day~


Best regards,

Vincent Xu
Microsoft Online Partner Support

======================================================

Get Secure! - www.microsoft.com/security
======================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others
may learn and benefit from this issue.
======================================================
This posting is provided "AS IS" with no warranties,and confers no rights.
======================================================



--------------------
>>Date: Tue, 12 Dec 2006 19:29:22 -0500
>>From: Jim Helfer
>>User-Agent: Thunderbird 1.5.0.8 (Windows/20061025)
>>MIME-Version: 1.0
>>Subject: Re: DNS/AD problems after demoting first server in AD
>>References:

>>In-Reply-To:
>>Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>>Content-Transfer-Encoding: 7bit
>>Message-ID:
>>Newsgroups: microsoft.public.win2000.dns
>>NNTP-Posting-Host: wtwarch.com 66.212.142.243
>>Lines: 1
>>Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP03.phx.gbl
>>Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.win2000.dns:73
>>X-Tomcat-NG: microsoft.public.win2000.dns
>>
>>
>> Thanks, I just removed the DNS service from the demoted server and
>>everything seeemed to go back to normal.
>>
Back to top
Display posts from previous:   
Post new topic   General Reply to Topic (not reply to a specific post)    Forums Home -> DNS All times are: Eastern Time (US & Canada)
Page 1 of 1

 
You can post new topics in this forum
You can reply to topics in this forum
You can edit your posts in this forum
You can delete your posts in this forum
You can vote in polls in this forum