Просмотр темы - Не могу поднять 2-й domain controller после сбоя

[SergeyN Профиль]

Добрый день, Коллеги!

помогите решить проблему:

до аппаратного сбоя было:
PDC (Active Directory(operations master), DNS(primary), DHCP, exchange)
BDC (Active Directory, DNS(secondary) )
имя домена ***.local

pdc после аппаратного сбоя потерял raid и восстановлению не подлежит.

при временном восстановлении на BDC были захвачены все 5 ролей и он стал operations master-ом.
также DNS был переведен в состояние primary.
На BDC поднял dhcp.

Проблема появляется при попытке сделать восстановленный pdc домен-контроллером.

выдает ошибку что 0000232A и пишет что не один домен контроллер не может быть contacted.

Судя по коду ошибки получается что мой домен состоит из одной метки(single label), но непонятно как это может быть если везде указано ***.local



результат выполнения dcdiag

Domain Controller Diagnosis

Performing initial setup:
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-SiteBDC
Starting test: Connectivity
The host adab6959-c257-428b-b1f3-31ca076d0564._msdcs.***.local could not be resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name

(adab6959-c257-428b-b1f3-31ca076d0564._msdcs.***.local) couldn't be

resolved, the server name (BDC.***.local) resolved to the IP address

(192.168.0.12) and was pingable. Check that the IP address is

registered correctly with the DNS server.
......................... BDC failed test Connectivity

Doing primary tests

Testing server: Default-First-SiteBDC
Skipping all tests, because server BDC is
not responding to directory service requests

Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom

Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom

Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom

Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom

Running partition tests on : ***
Starting test: CrossRefValidation
......................... *** passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... *** passed test CheckSDRefDom

Running enterprise tests on : ***.local
Starting test: Intersite
......................... ***.local passed test Intersite
Starting test: FsmoCheck
......................... ***.local passed test FsmoCheck



результат выполнения netdiag


.....................................

Computer Name: BDC
DNS Host Name: BDC.***.local
System info : Windows 2000 Server (Build 3790)
Processor : x86 Family 15 Model 2 Stepping 9, GenuineIntel
List of installed hotfixes :
Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

Adapter : Local Area ***

Netcard queries test . . . : Passed

Host Name. . . . . . . . . : BDC
IP Address . . . . . . . . : 192.168.0.12
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . :
Dns Servers. . . . . . . . : 192.168.0.12


AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Skipped
[WARNING] No gateways defined for this adapter.

NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.

WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{882DF6D7-AD48-420C-94C4-425FF5D4314F}
1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed

Default gateway test . . . . . . . : Failed

[FATAL] NO GATEWAYS ARE REACHABLE.
You have no connectivity to other network segments.
If you configured the IP protocol manually then
you need to add at least one valid gateway.


NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
[WARNING] The DNS entries for this DC are not registered correctly on DNS server '192.168.0.12'. Please wait for 30 minutes for DNS server replication.
[FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{882DF6D7-AD48-420C-94C4-425FF5D4314F}
The redir is bound to 1 NetBt transport.

List of NetBt transports currently bound to the browser
NetBT_Tcpip_{882DF6D7-AD48-420C-94C4-425FF5D4314F}
The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully


ipconfig /all:


Windows IP Configuration



Host Name . . . . . . . . . . . . : pdc

Primary Dns Suffix . . . . . . . : ***.local

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : ***.local



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Marvell Yukon 88E8050 PCI-E ASF Gigabit Ethernet Controller

Physical Address. . . . . . . . . : 00-04-23-B7-CF-39



Ethernet adapter Local Area Connection 3:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® PRO/1000 MT Network Connection

Physical Address. . . . . . . . . : 00-04-23-B7-CF-38

DHCP Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 192.168.0.1

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . :

DNS Servers . . . . . . . . . . . : 192.168.0.12



результат выполнения netdiag /fix на bdc

.....................................

Computer Name: BDC
DNS Host Name: BDC.***.local
System info : Windows 2000 Server (Build 3790)
Processor : x86 Family 15 Model 2 Stepping 9, GenuineIntel
List of installed hotfixes :
Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

Adapter : Local Area ***

Netcard queries test . . . : Passed

Host Name. . . . . . . . . : BDC
IP Address . . . . . . . . : 192.168.0.12
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . :
Dns Servers. . . . . . . . : 192.168.0.12


AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Skipped
[WARNING] No gateways defined for this adapter.

NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.
No remote names have been found.

WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{882DF6D7-AD48-420C-94C4-425FF5D4314F}
1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Failed

[FATAL] NO GATEWAYS ARE REACHABLE.
You have no connectivity to other network segments.
If you configured the IP protocol manually then
you need to add at least one valid gateway.


NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.ce02e1fb-b711-4a5d-9042-16c3784cefaa.domains._msdcs.***.local. re-registeration on DNS server '192.168.0.12' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry adab6959-c257-428b-b1f3-31ca076d0564._msdcs.***.local. re-registeration on DNS server '192.168.0.12' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry _kerberos._tcp.dc._msdcs.***.local. re-registeration on DNS server '192.168.0.12' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry _kerberos._tcp.Default-First-Site._sites.dc._msdcs.***.local. re-registeration on DNS server '192.168.0.12' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.dc._msdcs.***.local. re-registeration on DNS server '192.168.0.12' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-Site._sites.dc._msdcs.***.local. re-registeration on DNS server '192.168.0.12' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.gc._msdcs.***.local. re-registeration on DNS server '192.168.0.12' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-Site._sites.gc._msdcs.***.local. re-registeration on DNS server '192.168.0.12' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry gc._msdcs.***.local. re-registeration on DNS server '192.168.0.12' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Fix Failed: netdiag failed to re-register missing DNS entries for this DC on DNS server '192.168.0.12'.
[FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{882DF6D7-AD48-420C-94C4-425FF5D4314F}
The redir is bound to 1 NetBt transport.

List of NetBt transports currently bound to the browser
NetBT_Tcpip_{882DF6D7-AD48-420C-94C4-425FF5D4314F}
The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully



Все ПК в локальной одноранговой сети работают нормально(так это выглядит по крайней мере).
В журналах все чисто.

Помогите разобраться с проблемой.
Не могу ввсети еще один домен контроллер

[biruk Профиль]

убей все воспоминания об ...12

[GifteD]

[GifteD]

SergeyN
Правильно ли я понял, что новый контроллер ввелся с тем же именнем и темеже IP?

[domovoy]

[domovoy]

GifteD

[domovoy]

biruk

[domovoy]

SergeyN
Так
1. Сколько сетевых интерфейсов на "192.168.0.12" вообще и сколько используется (подключено к сети) ?
2. какова последовательность инерфейсов (network connection- advanced setings) ?
ipconfig /all с BDC ?
Основная ошибка на данный момент с ДНС сервером на оставшимся контролере.
Проверяем еще раз что ВСЕ роли 100% за вторым контролером (BDC)
1. Проверяй все записи сервера и регистрайцию в ДНС ?
2. иногда netdoiag /fix не срабатывает на правку ДНС, как выход делаем бэкап ДНС после этого удаляем служебные папки _msdcs и т.д. вот критичный момент и после запускаем netdiag /fix он их востановит, но это на крайний случай, хотя по опыту у меня всегда он рабатывал.
до тех пор пока есть ошибки на втором первый лучше не вводить в домен и не поднимать до контролера.

[biruk Профиль]

команды

[SergeyN Профиль]

Коллеги!
спасибо всем! проблема решена следующим образом:

вручную удалены из DNS все записи _msdcs.
после этого запуск на bdc netdiag /fix дважды (с первого раза не все ошибки были исправлены);

все re-registeration прошли успешно.

Это исправило ошибки:
DNS test . . . . . . . . . . . . . : Failed
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.ce02e1fb-b711-4a5d-9042-16c3784cefaa.domains._msdcs.***.local. re-registeration on DNS server '192.168.0.12' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry adab6959-c257-428b-b1f3-31ca076d0564._msdcs.***.local. re-registeration on DNS server '192.168.0.12' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry _kerberos._tcp.dc._msdcs.***.local. re-registeration on DNS server '192.168.0.12' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry _kerberos._tcp.Default-First-Site._sites.dc._msdcs.***.local. re-registeration on DNS server '192.168.0.12' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.dc._msdcs.***.local. re-registeration on DNS server '192.168.0.12' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-Site._sites.dc._msdcs.***.local. re-registeration on DNS server '192.168.0.12' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.gc._msdcs.***.local. re-registeration on DNS server '192.168.0.12' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.Default-First-Site._sites.gc._msdcs.***.local. re-registeration on DNS server '192.168.0.12' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Failed to fix: DC DNS entry gc._msdcs.***.local. re-registeration on DNS server '192.168.0.12' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAILURE
[FATAL] Fix Failed: netdiag failed to re-register missing DNS entries for this DC on DNS server '192.168.0.12'.
[FATAL] No DNS servers have the DNS records for this DC registered.



После этого Получилось ввести 2-й домен контроллер. Ошибок 0000232A. больше небыло.

Сейчас система работает стабильно.

Спасибо еще раз всем огромное за участие в решении проблемы.