Domain-Name-System
域名重命名後的巨大失敗
背後的故事…
我最近將 MS 伺服器從 03 升級到 2012。該伺服器需要是域控制器,為了簡單起見,我將其命名為 foo.com,而不是將其命名為與活動線上域不同的名稱。因此,我將本地域命名為與 Web 域相同的名稱,並且在嘗試訪問電子郵件帳戶時遇到了各種錯誤。我決定將域重命名為 foo.local。
目前的問題
我最近在域中添加了新機器,一切進展順利。但是,一旦我開始安裝 Outlook 2010 並添加郵箱,當域控制器名稱和 Web 域具有相同名稱時,我開始遇到以前遇到的相同問題。
出於不必再次處理該問題的病態希望並認為這是一個 DNS 問題,我從我的 DNS 管理器中刪除了一些 DNS 條目。
現在我在嘗試再次將機器添加到 foo.local 域時遇到錯誤。
當我嘗試將機器添加到域時,我收到此錯誤:
Note: This information is intended for a network administrator. If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt. DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain "foo.local": The query was for the SRV record for _ldap._tcp.dc._msdcs.foo.local The following domain controllers were identified by the query: fooserver01.foo.com However no domain controllers could be contacted. Common causes of this error include: - Host (A) or (AAAA) records that map the names of the domain controllers to their IP addresses are missing or contain incorrect addresses. - Domain controllers registered in DNS are not connected to the network or are not running.執行
dcdiag /test:dns我得到這個結果:C:\Program Files>dcdiag /test:dns Directory Server Diagnosis Performing initial setup: Trying to find home server... Home Server = fooServer01 * Identified AD Forest. Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\FOOSERVER01 Starting test: Connectivity The host 01e7fc30-b4aa-4c8e-a036-c08a45b0ffb5._msdcs.foo.local could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc. Got error while checking LDAP and RPC connectivity. Please check your firewall settings. ......................... FOOSERVER01 failed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\FOOSERVER01 Starting test: DNS DNS Tests are running and not hung. Please wait a few minutes... ......................... FOOSERVER01 passed test DNS Running partition tests on : ForestDnsZones Running partition tests on : DomainDnsZones Running partition tests on : Schema Running partition tests on : Configuration Running partition tests on : foo Running enterprise tests on : foo.local Starting test: DNS Test results for domain controllers: DC: fooServer01.foobar.com Domain: foo.local TEST: Basic (Basc) Error: No LDAP connectivity No host records (A or AAAA) were found for this DC TEST: Records registration (RReg) Error: Record registrations cannot be found for all the network adapters Summary of DNS test results: Auth Basc Forw Del Dyn RReg Ext _________________________________________________________________ Domain: foo.local fooServer01 PASS FAIL PASS PASS PASS FAIL n/a ......................... foo.local failed test DNS如果我是正確的,幾個小時無望的Google搜尋已經產生了,我需要恢復/修復我遺憾地從我的 DNS 管理器中刪除的 DNS 條目。
如果有任何進一步的資訊有幫助,請告訴我!
下面是
ifconfig /allfooServer01 的列印輸出C:\Program Files>ipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . . : fooServer01 Primary Dns Suffix . . . . . . . : foobar.com Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : foobar.com Ethernet adapter Ethernet: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client) #44 Physical Address. . . . . . . . . : 00-1E-C9-EA-86-30 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::d5ba:d38:e1e8:d716%12(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.0.1(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.8 DHCPv6 IAID . . . . . . . . . . . : 301997769 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-66-05-A8-00-1E-C9-EA-86-30 DNS Servers . . . . . . . . . . . : ::1 127.0.0.1 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter isatap.{B0DD6412-73DF-4EEB-B3B5-53FDC632B011}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Teredo Tunneling Pseudo-Interface: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes C:\Program Files>DNS 管理器樹
fooServer01 |- Forward Lookup Zones | |- _msdcs.foobar.com | | |- local | | | |- foo Host(A) 192.168.0.1 static | | |- (same as parent folder) Start of Authority (SOA) [7],fooserver01.foobar.com,hostmaster.foobar.com static | | |- (same as parent folder) Name Server (NS) fooserver01.foobar.com static | | |- fooserver01 Alias (CNAME) fooserver01.foobar.com static | |- foo.local | | |- _msdcs | | | |- _dc | | | | |- _sites | | | | | |- Default-First-Name-Site | | | | | | |- _tcp | | | | | | | |- _kerberos Service Location (SRV) [0][100][89] fooserver01.foobar.com. Timestamp | | | | | | | |- _ldap Service Location (SRV) [0][100][389] fooserver01.foobar.com. Timestamp | | | | |- _tcp | | | | | |- _kerberos Service Location (SRV) [0][100][88] fooserver01.foobar.com. Timestamp | | | | | |- _ldap Service Location (SRV) [0][100][389] fooserver01.foobar.com Timestamp | | | |- domains | | | | |- {long string of letters & numbers } | | | | | |- _tcp | | | | | | |- _ldap Service Location (SRV) [0][100][389] fooserver01.foobar.com. Timestamp | | | |- gc | | | | |- _sites | | | | | |- Default-First-Site-Name | | | | | | |- _tcp | | | | | | | |- _ldap Service Location (SRV) [0][100][3268] fooserver01.foobar.com. Timestamp | | | | |- _tcp | | | | | |- _ldap Service Location (SRV) [0][100][3268] fooserver01.foobar.com. Timestamp | | | |- pdc | | | | |- _tcp | | | | | |- _ldap Service Location (SRV) [0][100][389] fooserver01.foobar.com. Timestamp | | |- _sites | | | |- Default-First-Site-Name | | | | |- _tcp | | |- _tcp | | |- _udp | | |- DomainDnsZones | | | |- _sites | | | | |- Default-First-Site-Name | | | | | |- _tcp | | | |- _tcp | | |- ForestDnsZones | | | |- _sites | | | | |- Default-First-Site-Name | | | | | |- _tcp | | | |- _tcp | | |- (same as parent folder) Start of Authority (SOA) [1611], fooserver01.foobar.com, hostmaster.foobar.com static | | |- (same as parent folder) Name Server (NS) fooserver01.foobar.com static | | |- (same as parent folder) Host (A) 192.168.0.1 Timestamp | | |- LIST OF MACHINES STARTS | | |- THERE'S ABOUT 15 OF THEM | | |- fooserver Alias (CNAME) FooServer01.foobar.com | |- _ldap.foobar.com | | |- (same as parent folder) Start of Authority (SOA) [1], fooserver01.foobar.com, hostmaster.foobar.com. static | | |- (same as parent folder) Name Server (NS) fooserver01.foobar.com. static |- Reverse Lookup Zones |- Trust Points |- Conditional Forwarders |- Global logs這有什麼幫助嗎?我應該繼續嗎?
鑑於我刪除了我的 DNS 管理器中的一些條目,我認為這是一個完美的起點。我可能缺少條目,但我輸入的條目足以讓我的工作站正確加入域。這些是我添加的條目。
- 在Forward Lookup Zones中添加了一個名為foobar.com的新區域。
- 在新區域內,我添加了Other New Records並選擇了Service Location (SRV)。
- 左域預設值,服務輸入**_ldap**,協議輸入**_tcp**,優先級0 ,權重100 ,埠號****389,提供服務的主機的ip。
- 然後使用服務位置 (SRV)添加另一條新記錄
- 在此對話框中,我再次將Domain作為預設值,_gc為服務,_tcp為協議,0為優先級,100為權重,3268為埠號。
然後我跳回工作站進行測試,加入域成功。
我將其用作臨時解決方案,因為我認為我將重新安裝 Windows Server 2012 並在壓力消失後從頭開始,因此請謹慎對待。
奇怪的是,你不是第一個這樣做的人。
戴爾甚至有關於如何將您的 DC 註冊回 DNS的指南。
不過,您確實應該檢查所有內容,域控制器是您的基礎架構的關鍵部分,需要保持一致和可靠。
重命名 DC 是我過去不惜一切代價避免的事情,並且不情願地執行了很多我希望我永遠不必解決的錯誤/問題。
在每個操作之前進行系統狀態備份,並廣泛驗證每個操作。不要開始隨意刪除東西!