Secondary DC causing DNS problems in AD

  • Thread starter Thread starter Keeper
  • Start date Start date
K

Keeper

Dear Group,

The following poser happened to me just now and I can't figure out
why. I'm studying Active Directory and so I created second Domain
controller as an additional Domain Controller. I went into sites and
services and was going to practice setting up replication between
sites. I created the subnets, servers etc... and did as much as I
could then I turned off the second server as I don't really need it to
run my little network at home.

The next thing that happened is what I can't figure out. I started
to have DNS problems. When I pinged my own domain name, it timed
out because it couldn't find the second DC that I just turned off.
Why couldn't it use the DNS server that it has been using in the past?
I did a ipconfig /all and all was fine. I went into DNS on the first
server and didn't see anything unusual but I'm not a "seasoned"
veteran of this stuff. I'm a student like most others. I flushed out
the DNS cache and that seemed to fix things. But I can't figure out
why the sudden change. Just for laughs, I started the second server
and the whole thing started again. This time I couldn't resolve any
DNS names, internal or external. I'm not even running DNS on the
second server! Any ideas? Is it possible that a misconfigured
replication setup cause this?

Keeper
 
Dear Group,

I'd like to add the following info to my original question. I've
noticed that when I flush the DNS cache, the response seems to
switch to and from my two domain controllers. For example. I do a
ping abc.com and I get the address from the first DC. I flush the
cache (ipconfig /flushdns) and then I get the second DC. And so on
and so on.

I'm beginning to believe that this is normal behavior and that I got
my panties in a bunch over nothing. Does this sound correct? I'm
still bewildered over the fact that when I turned off the second DC
that I couldn't resolve my domain name. I don't even see why the
second domain controller is even in the mix anyway. With a little
more work, I may be able to uncover this.

Keeper
 
what do you mean you 'turned it off'? You would want to undo all you
modifications in sites and services first and then dcpromo down you
2nd DC. You don't just 'turn it off'.

The whole purpose of creating sites is so that clients use DC's closes
to them to resolve IP's/login/etc... It's likely that the DC that yo
'turned off' is the one that your machine is attempting to use and yo
are now having issues because it's shutdown and you haven't cleaned u
AD

kenj
 
kenjr,

Thanks for the reply. I turned it off because I'm the only client.
One client doesn't need two servers. I only did this to get some
exposure on setting up replication.

Once again, the thing that I found unusual was that all of the
machines in the network, including the the original server which holds
all of the FSMO roles, is also the Catalog server and the DNS server,
will look for the second server, which by the way does nothing except
replicate AD data.

Upon further investigation, I've discovered that by pinging the local
domain.com, flushing the cache, and pinging the domain.com again will
alternate between the two servers. I believe this to be a way the DNS
distributes the load between servers but I don't understand why
because the second server isn't setup to resolve anything. I was
hoping that somebody may be able to tell me if this was normal
behavior or not.

Lastely, I did undo my replication configuration and this didn't alter
the effects as mentioned in my original post. Turning off the server
won't hurt anything anyway. At worst it will just throw a few errors
in the event log. I will eventually demote the server, but I'm not
done playing with it yet.

Like I said, Thanks for the reply. I wish it could have been some
help though.

Keeper
 
Back
Top