Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: DNS or AD problem?

DNS or AD problem? 9 years 7 months ago #21615

  • KiLLaBeE
  • KiLLaBeE's Avatar
  • Offline
  • Expert Member
  • Posts: 466
  • Karma: 0
After setting up DNS followed Active Directory on my 2000 server, I ran “nslookup experimental.net” and get the following:


Server: pasha.experimental.net
Address: 10.20.25.32

Name: experimental.net
Address: 10.20.25.32



By the way, computer name is "Pasha" and domain name is "experimental.net"

Before, when I setup DNS and AD on a 2003 server, both the "Server:" and the "Name:" section read the same information--computername.servername.net. I suspected that something was wrong. I then ran Active Directory Users and Computers, and received the following error:

Naming information cannot be located because:
The server is not operational.
Contact your system administrator to verify that your domain is properly configured and is currently online.

I looked up the error on Google and it says that TCP/IP filtering may be blocking LDAP traffic, but I verified that all the TCP/IP filters settings were set to "Permit All."

Should I first setup DNS then run DCPROMO, or the other way around?

I used this site (www.petri.co.il/how_to_install_active_directory_on_w2k.htm) to assist me in setting up DNS and AD, but the site isn’t well organized and so I must have either skipped something, or added something that shouldn’t have been added. I’ve tried demoting the server, uninstalling DNS and running them again several times, but neither time am I able to get it working properly.

I ask for your assistance in helping me resolve this issue.

Thanks for your time,
K
The administrator has disabled public write access.

Re: DNS or AD problem? 9 years 7 months ago #21617

  • S0lo
  • S0lo's Avatar
  • Offline
  • Moderator
  • Posts: 1577
  • Thank you received: 7
  • Karma: 3
Should I first setup DNS then run DCPROMO, or the other way around?

You probably know this, but just in case. DCPROMO will offer you to create a DNS server for you while it's promoting to DA. This is probably the easiest way to do it.
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
The administrator has disabled public write access.

Re: DNS or AD problem? 9 years 6 months ago #21618

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
Have you setup your reverse zone ? The reverse zone is the one that can do the IP to Name translation which is sounds like may be the issue.
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
The administrator has disabled public write access.

Re: DNS or AD problem? 9 years 6 months ago #21651

  • KiLLaBeE
  • KiLLaBeE's Avatar
  • Offline
  • Expert Member
  • Posts: 466
  • Karma: 0
Ok. I uninstalled DNS and then demoted the server. I then started over, this time I ran DCPROMO and allowed it to config DNS for me. In the end, I ran nslookup and got a worse looking message then what I started with....so I went into DNS and setup the forward and reverse lookup zones, in the end, the nslookup result looked the same as yesterday and when I would try to access AD Users and Computers.....I would receive the same error.....then I looked in event viewer and saw a suggestion of "restart DNS," so I went into DNS and stopped it, then started it, I was then able to pull Users and Computers with no error.

I'm still not sure if the problem is resolved, and I'd hate to imagine that just because no error shows up, that DNS is working fine....only to find out later that internally, the DNS is screwed up.

The result of running nslookup shows the following

Server: pasha.experimental.net
Address: 10.20.25.32

Name: experimental.net
Address: 10.20.25.32

Does it look right? Is it a big deal that they look identical? Again, when I setup a 2003 box with AD, both the Server and Name sections looked the same. Is it different for 2000 Server?

Also, when demoting a server, should I first disable DNS then run DCPROMO, or other way around? Does it matter?

I'll soon start learning Server 2003 and I'll stop asking these silly questions :-P

Thanks again for helping
K
The administrator has disabled public write access.

Re: DNS or AD problem? 9 years 6 months ago #21652

  • KiLLaBeE
  • KiLLaBeE's Avatar
  • Offline
  • Expert Member
  • Posts: 466
  • Karma: 0
Ahhhhhhh, someone shoot me.

I just realized that my firewall must have been blocking LDAP packets, because once I took the firewall down, Users and Computers work well.

K
The administrator has disabled public write access.
Time to create page: 0.084 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup