|
|
| Sexy Lexy 2002-05-07, 8:51 am |
| When using the respective Active Directory snap-ins after starting the server, after selecting the operations master from the menu the dialogue box always says either offline or error and I have to specify the server.
I have to specify the server each time in:
Active Directory Schema (Schema master)
Active Directory Users and Computers (RID, PDC and Infrastructure)
Active Directory Domains and Trusts (Naming Master)
This is on my own network not a live environment I may point out. But this can't be a function that I have to perform every time I power the server on.
Can someone please give me some insight into this.
Regards SL
Service Pack 2 is installed BTW.
 | |
| CyberDude 2002-05-07, 2:17 pm |
| Have you checked that one of your servers is a GC? I dont know if this will help but it might point you in the right direction.  | |
| Sexy Lexy 2002-05-07, 2:40 pm |
| I have indeed, in the AD sites and services snap-in right click NTDS settings and the server is holder of the Global Catalog.
I think that the problem is related to DNS because when I perform an NSLOOKUP is says that there is no default server then when I manually recreate the domain structure in DNS, NSLOOKUP runs correctly but when I type all it says non-existent domain.
I thought that the active directory wizard was supposed to install DNS correctly for you unless I am missing something obvious.
I have the W2K server resource kit, both the technical reference and the 70-217 books from microsoft and I still can not find the answer, technet doesn't help with this one.
Thank you for the advice cyberdude.
Has anyone else had this problem? Not even the mighty freak?????
Thanks in advance.
Sorry for such a long thread. | |
| KScheler 2002-05-07, 5:00 pm |
| I've run into that one before. Can't remember exactly what I did but I do remember it was DNS related. Hope that helps. Sorry I couldn't remember more but it's been several months ago and forgot to document it  | |
| CyberDude 2002-05-08, 7:45 am |
| Have you installed a firewall recently? Perhaps it is not configured for dns traffic, which will stop AD finding one. It will cause dns to be a caching only server.
I only say this as this is what I experienced after I installed ZA. After ZA was configured everything ran smoothly again.  | |
| Sexy Lexy 2002-05-08, 1:59 pm |
| No, no firewall, nothing extra added. This is the only domain controller on the network as it is my practice domain.
To be honest I believe that is it a DNS issue as I have heard that the AD install doesn't always configure DNS correctly.
I shall install DNS manually and then see if this resolves the problem.
Has anyone else had a similiar experience?
This may have been the same since I built the server as I have only recently started using the AD in depth so I don't know if it is a recent issue or always been the same.
Any advice would be appreciated.
| |
| Sexy Lexy 2002-05-09, 12:21 pm |
| Where are you?????
I have removed Active Directory and DNS. Re-installed DNS and configured accordingly.
Then ran DCPROMO (Checked DNS works correctly) and after the install . . .
Exactly the same as before but they do connect to the servers at will, sometimes they list the server and others time the server is off line or unavailable.
Is this just a synchronisation issue or is there something else amiss?
| |
| CyberDude 2002-05-09, 1:36 pm |
| I had a problem with dns when I configured it first and then promoted the server to a dc. The install said that it could not detect one and that I could have it choose to install it. I chose no as I knew it was already configured. After the reboot all worked but I was receiving some errors in event viewer. I fixed that but then got hit with the nimda virus, as I was stupid enough to connect to the net with an out of the box OS with no SP or hotfixes.
Reformatted and reinstalled. This time I did not install and configure dns before dcpromo. During the promo. dns was installed and configured with a forward lookup zone. After the reboot, I configured the reverse lookup zone, and everything has been hunky-dorey. | |
| Sexy Lexy 2002-05-09, 3:34 pm |
| Then this is a strange one indeed, as I get the same connection errors if I configure DNS or if the Active Directory installs DNS for me during the promotion.
If it was easy, everyone would be an MCSE though! | |
| Sexy Lexy 2002-05-09, 6:11 pm |
| When using the snap-in's for active directory they don't actually connect to the server until you expand the snap in branch.
Initially you get the error or offline notification until you expand the container (To display server or contents etc.)
Then, when you look at the operations master it indicated the correct server and domain.
I can only presume that the LDAP connection is not established until the containers are expanded thus connecting to the respective server.
This can cause unnecessary heartache, hope it helps someone else who encounters the same problem.
| |
| Sexy Lexy 2002-05-09, 6:13 pm |
| quote:
Originally posted by Sexy Lexy
When using the snap-in's for active directory they don't actually connect to the server until you expand the snap in branch.
Initially you get the error or offline notification until you expand the container (To display server or contents etc.)
Then, when you look at the operations master it indicates the correct server and domain.
I can only presume that the LDAP connection is not established until the containers are expanded thus connecting to the respective server.
This can cause unnecessary heartache, hope it helps someone else who encounters the same problem.
| |
| KScheler 2002-05-12, 5:11 pm |
| Sorry for the absense but we just started a new semester at school and it was a hectic week. I've seen it work just like CyberDude said his did. My class has a lab where they install DNS, then do dcpromo. On about 2 out of 10, the exact same thing will happen, not on all, but just some. I watch the students install DNS and their procedures are the same. On the one's that give problems, if they expand like you said, it then connects. This week I may experiment, have half the class install DNS first, the other 1/2 during dcpromo and see what happens. | |
| jeff_j_black 2002-05-12, 11:50 pm |
| Does the network settings of your DNS server point to itself? If not then DNS will be funky, also dynamic update enabled? | |
| Sexy Lexy 2002-05-13, 12:08 pm |
| KScheler if you keep me informed of the outcome of installing active directory on the different configurations I will be eager to hear of the results if you could please keep me informed.
jeff_j_black yes and yes! this is the only server so does it help having a seperate server for DNS? DDNS is installed.
Any feedback would be appreciated, it's obvious it works but you shouldn't have to extend the snap-in to connect the active directory or should you? I didn't know that LDAP is connection orientated, is it?
| |
| jeff_j_black 2002-05-13, 12:30 pm |
| No, a separate DNS server is not neccessary. But a lot of what you mention still sounds like DNS issue.
Mixed mode or Native?
WINS server present?
If mixed mode, have WINS present and delegate a 'WINSLookup zone in DNS'
If native mode, then WINS is not really neccessary.
Have you tried installing and testing DNS prior to running dcpromo? From what I have seen, (Not much, mind you!) it best to set up and test the DNS infrastructure prior to promoting domain controllers.
I seem to recall the behavior you are referring to, as far as having to expand out the branch before connecting. Have you searched MS KB? | |
| Sexy Lexy 2002-05-13, 12:58 pm |
| No, a separate DNS server is not neccessary. But a lot of what you mention still sounds like DNS issue.
Mixed mode or Native?
Native.
WINS server present?
Running in native with 2000 only clients so not needed.
If mixed mode, have WINS present and delegate a 'WINSLookup zone in DNS'
Already knew, but not needed.
If native mode, then WINS is not really neccessary.
Agreed.
Have you tried installing and testing DNS prior to running dcpromo? From what I have seen, (Not much, mind you!) it best to set up and test the DNS infrastructure prior to promoting domain controllers.
Done that and DNS works fine, tested with NSLOOKUP -d2 and tested the reverse lookup too.
I seem to recall the behavior you are referring to, as far as having to expand out the branch before connecting. Have you searched MS KB?
I have and technet and everything I have found does not relate to offline FSMO or error with an FSMO.
It all works but I'd prefer not to have the error at all instead of having to expand the snap-in before the server is contacted.
| |
| jeff_j_black 2002-05-13, 2:21 pm |
| I have to wait to get back home and look it over. This is a stumper. | |
| Sexy Lexy 2002-05-13, 2:31 pm |
| Tell me about it, A pain yes but it appears to work with all the functionality it's just when you view the roles when you first load the snap-in the error appears.
Strage to say the least.
| |
| CyberDude 2002-05-13, 2:48 pm |
| When you say load, are you on about starting the console or installing it?
If this is the first time it has been started, then yes you will have to expand the server, but after that it should stay expanded, unless you are connecting from a remote system. | |
| Sexy Lexy 2002-05-14, 12:01 pm |
| When you load the respective snap in then right click and select operations master. If you expand the snap-in it appears to connect and everything is as it should be. However, if you right click and view the operations master before you expand the snap-in it displays and error unless you have expanded the snap-in first.
It works but I haven't seen this "feature" documented anywhere.
| |
| CyberDude 2002-05-14, 1:22 pm |
| Once I have revived my server, I will see what sitrep I receive. | |
| KScheler 2002-05-17, 4:40 pm |
| Well, I was able to recreate the problem that I've encountered. Strange as it may sound, first we installed the adminpak for the admin tools, then we joined the lab computers to the domain. The students that then logged onto the domain, snap-ins worked fine. The students that logged on locally, snap-ins had to be connected in order to work. That's all I have on it for now. | |
| secondskin 2002-05-17, 5:38 pm |
| When you removed DNS did you blow away the DNS folder in System32, and then add remove, or did you just add remove. ?
Because if you didnt remove the folder then you still end up woth the old settings and database. | |
| Sexy Lexy 2002-05-18, 8:12 am |
| Having invested a considerable amount of time on this I have managed to resolve certain issues. The individual snap-ins found in the administrative tools folders do not display the error.
However, when you create a custom console that includes some or all of the active directory snap-ins then they display the error until you initially expand the snap-in, then they display the correct server.
So it’s looks like a custom console problem. As I have manually configured DNS and allowed DCPROMO to create DNS for me with exactly the same results.
It’s a “feature” that I thought you would all like to be aware of.
|
|
|
|