MAJOR DNS PROBLESM. Please help 2

[ftoddt]

Win2k server and clients. Using active directory. Problems started after trying to redo a dns on a backup domanin controller. Presently have two domain controllers called dc and bc(bc is the backup). bc was created because it was a newer and faster machine. When I do NS lookup on other severs, I always get the error "Can't find bc: Non-existent domain". If I do nslookup with either IP or name, I get the same. When I do the two query test, it is good on both the bc and dc. I found it odd that while in the DNS console of either the bc or dc, I can right click on the DNS icon and select connect to. If I select either the ip if that is missing or the ip's name, it will add the icon. So now on each computer, I show two computer icons, one with the ip and the other with the computer name and they each have identical forward and reverse lookup zones.
I am so lost on this thing. I don't know where to start. There is a lot invested in the Active Directory and I cannot afford to lose any of it. If there was a way to reinstall the whole DNS without affecting active directory, I would do it but when I attempt to delete a forward lookup zone, it warns me that active directory zones will be lost too. I need some real good advise as to how to approach this thing.
Thanks for your time
Todd

 

[NetIntruder]

ok, first - are you using AD Integrated DNS or Primary/Secondary?

Second - How do your servers/clients point at your DNS servers? ie, are they set to point to "DC" first and "BC" second?

On your "BC" Server, try reloading the zone - if this doesn't work, You may want to uninstall DNS from your "BC" Server and reinstall it.

Is AD replication working properly?

oh, yeah... Don't delete your zone

~Intruder~

"The Less You Do, The Less Can Go Wrong"

 

[ftoddt]

NetIntruder,
Thanks for your response. Am using active directory Intergrated DNS. Clients point both ways, some to the BC and some to the DC. I am changing most back to the DC for now. I was afraid to delete it based on it saying it would delete my active directory also. I tried refoming the zone on the BC with strange results. The BC lists records as Host records, Mail Exchange, State of Authority, etc and the Dc list them as A, MX, and SOA(I might have this reversed. The Reverse lookups look different between the two domain controllers. One shows the in appria backwards and the other forwards with xxx at the end. (I wish I was in front of it now and I would list the reverse lookups here exactly to show you how strange they look). One dns shows caching and the other does not. After I reconfigured the BC, I lost email. Event viewer said that Email was having trouble finding the global catalog so I added another global catalog to the DC and everything is back to somewhat normal.
I only work part-time for this school district so yesterday, I researched a good book on DNS at

http://www.bookpool.com

(super discount site).
How does one uninstall and reinstall DNS? It looks like you might have to demote the BC from domain controller status and then you can delete all that stuff without affecting active directory.
I will research and hopefully get more response to this over the week until I go back on Fri or Sat. My book is backordered so will hang on for a while. I want to check out all the domain controller master roles and make sure I have them seperated or added where they need to be. I am pretty new at this but hanging on. Thanks for your help
Todd

 

[NetIntruder]

You can remove DNS right through Add/Remove Programs. Personally, I would uninstall DNS from BC and take a good look at your DC server. Fix any errors that are in there and then reinstall DNS on BC.

As far as how your clients/servers point to your internal DNS... have then point to DC as primary and BC as secondary. I would also recommend that you make your settings on both of them the same (Scavenging, etc).

If you still have problems after doing this, let me know - there are some utilities that you can run that we can look at.

~Intruder~

"The Less You Do, The Less Can Go Wrong"

 

[ftoddt]

Hmmmm. I thought I read where you can only assign one schema master and one domain naming master in a domain. If the operations master roles are assigned to multiple domain controllers, do you set them as primary and secondary or active directory integrated?
Todd

 

[ftoddt]

Weird Reverse lookups:
Here is what my BC looks like:
Reverse Lookup Zones
0.in-addr.arpa
1.254.169.in-addr.arpa (note all PTR records here)
127.in-addr.arpa
169.254.1.in-addr.arpa
255.in-addr.arpa
7.157.152.in-addr.arpa
and here is what my DC (which seems to be the better of the two looks like:
Reverse Lookup Zones
169.254.1.x Subnet (PTR records here)
1.254.169.x Subnet
152.157.7.x Subnet
Seems strange that they would both be so different.
Todd

 

[ftoddt]

Uninstalled and reinstalled DNS and now it looks like the DC. It has lost the caching but it looks much better. Will see how it works later.
Thanks,
Todd

 

[ftoddt]

DNS looks much much better and I found a few checkboxes that were checked and should not be checked. After much reading, I did notice one strange thin in my DNS. Could be the main problem.
Everything I have read says that there is only one SOA
Record per domain. I have a single domanin with two domain controllers and each one has DNS that is AD Integrated. That was done to provide security in having two domain controllers in case one goes down. DHCP is only on one since I have not split it. Each domain controller computer has it own SOA record pointing to itself. Is that still OK or do I need to get rid on one of them???
Thanks
Todd

 

[ITPangaeaArchitect]

the SOA record on any DNS server will be itself (primary or ad integrated zones anyway)

so that's ok

now make sure your DCs are poitning correctly to ensure no problems....

oh and to answer the fsmo role question...there is only 3 roles per domain, and two roles for the forest...domain naming master and schema master...pdc, rid, and infrastructure will be at all domains in the forest

anyways...DNS config

PDC should be pointing to itself and itself only
replica DC should be pointing to PDC as preferred and itself as secondary since you only have two DCs
cl;ients should use same form


about wackin the zones

easiest bet, as mentioned before my post, is to just uninstall and reinstall DNS

make sure all DCs are on SP4 too, SP3 and SP4 don't like ot replicate so well due to changes in ntfrs

if you do ever wack the zones, make sure to note MX records and such

as far as screwy views...its a view, no biggie how it says it

exchange is MX
host is A
etc. etc., I'm sure you kknow all that junk



-Brandon Wilson
MCSE00/03, MCSA:Messaging, MCSA03, A+
almost got a paragraph there

 

[ftoddt]

Brandon,
Thanks so much for your reponse. Sorry long getting back to you. The unistall and reinstall did clean a lot up. I ran some dns diagnostic software from men&mice and they found about 8 SOA records that I was missing in various locations. After adding those records, replication between the DNS servers did really well. Errors have decreased a lot but I did not have enough time to monitor the LAN for improvement.
Will add posts if I find any more improvements.
Thanks again,
Todd