In
Jo?o P. Bragan?a said:
I screwed up my server big time... I installed Active Directory BEFORE
I installed DNS. I then installed DNS and setup the forward and
reverse lookup zones. I have shared SYSVOL. Now when eiterh a) try to
manage AD using the management console OR get rid of AD using dcpromo
i get the error: 'The specified domain either does not exist or could
not be contacted.' What can I do to fix this? Please help!
In addition to the other responses, see if these steps/guidelines help you
out....
=================================
Rules are pretty simple for AD and DNS...
1. Use only your DNS. Do not use your ISP's or your router as a DNS address.
(This goes for ALL machines, DCs and clients)
2. Set updates to at least YES.
3. Ensure that the Primary DNS Suffix is the same
name as the AD DNS domain name and the zone name in DNS.
4. If trying to add another DC or a child domain, use the same DNS server
(in your IP properties) that the other DC is using or from the parent
domain.
5. Make sure your domain name is not a single label name. HOSTS files will
NOT work withAD service and resource locations.
==========================================
Here are some guidelines for AD and DNS troubleshooting (reposted from a
previous post from many months ago). This was compiled in conjunction
between myself and Tim Hines, MVP.....
===========================================
Steps for fixing the problem when DCPROMO does not find the domain, can't
join machines, GPOs don't work, Replication fails, etc.
Things to look for when you have problems registering:
=================================
Steps for fixing the problem when DCPROMO does not find the domain, can't
join machines, GPOs don't work, Replication fails, DNS registration is not
registering, etc.
- Compiled by Tim Hines, MCSE [MVP] with additions by Ace Fekay [MVP]
=================================
1. Verify that the existing domain controller is pointing to a Windows 2000
DNS server. Do not point it to any external ISP DNS servers. You can use
forwardwers for external resolution see this for complete steps on how to:
http://support.microsoft.com/search/preview.aspx?scid=kb;en-us;Q300202
If the Forward option is grayed out, delete the Root zone. Looks like a
period.
The above link shows you how to do this too.
2. Open the DNS MMC, double click forwarders so that you can see the zone
for your domain. If the zone is missing, see this on how to create the FLZ
(Forward Lookup Zone) and a Reverse Zone too, if you want one (good for
Nslookup, etc):
http://support.microsoft.com/default.aspx?scid=kb;en-us;308201
3. Right click on this zone and select properties. Verify that your zone is
set to allow dynamic updates, if not change it so that it does. Set it to
YES.
4. Double click your zone to expand it. You should have 4 subfolders
(_MSDCS, _SITES, _TCP, _UDP) and a few records.
5. If the zones do not exist you should open a command prompt.
6. Type IPconfig /registerdns and enter
7. Type net stop netlogon
8. Type in a cmd prompt:
net start netlogon
(Restarting netlogon wil force the service to
register its SRV records with the DNS zone thus creating the missing
subfolders. The records that will be registered
are in winnt\system32\config\netlogon.dns).
9. After restarting netlogon go back into your DNS zone and verify that you
have the subfolders that I mentioned before.
10. If the folders are not there you may want to try running:
netdiag.exe /fix
from the support tools. Or try restarting netlogon again.
11. If these SRV folders still do not register, check to make sure that File
and Printer Sharing is Enabled on the Interface that is connected to the AD
network:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;254680
12. If these SRV folders still do not register, check the Primary DNS Suffix
to make sure that it exists and is the same exact name as your domain name
should be. That can be checked by typing in a cmd prompt:
ipconfig /all.
Look for the "Primary DNS Suffix entry. It should look like this:
Host Name . . . . . . . . . . . . : computername
Primary DNS Suffix . . . . . . . : domain.com
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.com
If the Primary DNS Name name is missing or not the same, this is a condition
called "disjointed namespace". Netlogon uses this name to find the zone name
in DNS to register into, as long as updates are enabled and it's spelled
correctly. There is a script that can correct this, depending on the
conditions.
If it's incorrect, check the bottom of this article:
Troubleshooting Common Active Directory Setup Issues in Windows 2000
http://support.microsoft.com/default.aspx?scid=kb;en-us;260371
and post back your findings for other possible fixes.
If the Primary DNS Suffix is correct, continue...
13. On the DC that you are trying to promote verify that it is pointing ONLY
to
the Windows 2000 DNS server that we have been working on for DNS.
14. Go to a command prompt and type nslookup 1stdcname.domainname.com to
verify that you can get a reply.
15. type nslookup and hit enter
16. type set type=srv and enter
17. type _ldap._tcp.domainname.com and hit enter
18. you should see something like this if it works.
_ldap._tcp.domain.com SRV service location:
priority = 0
weight = 100
port = 389
svr hostname = computername.domainname.com
computername.domainname.com internet address = 192.168.0.1
computername.domainname.com internet address = 25.65.3.81
19. Try running dcpromo, it should work.
For more info about the domain controller location process see
http://support.microsoft.com/default.aspx?scid=kb;EN-US;q247811
=================================
--
Regards,
Ace
Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.
Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
