can't see Domain Controller - need help ASAP!

[Jeff Zylstra]

The event ID 5774 seems to have a lot of TCP/IP BIND errors associated with it.  Possible corruption of the IP stack?

Restting the IP stack won't hurt anything.  You may have to reconfigure the network settings of the server afterward, but we already suspect them anyway.

At a command prompt, type:
netsh winsock reset
netsh int ip reset logfile.txt



Here's a good article on DNS setup.  I know you don't "do" servers, but you're plenty smart enough to fix this, and if you need help Rick will always be there for you.   


http://rcpmag.com/articles/2004/05/01/10-dns-errors-that-will-kill-your-network.aspx

Good luck, Marie.

[Bob]

I know you don't "do" servers, but you're plenty smart enough to fix this, and if you need help Rick will always be there for you.   

Good luck, Marie.

ROFL!  I need to do this to Steve some time!  Too funny!

[Marie (Zionkowski) Gozikowski]

ok guys....  sorry for the delay- local guy trying to diagnose over the phone...

results of c:\>ipconfig /all    (bear with me - have to type this all by hand)

Windows IP configuration

   Host Name.......................  appsrv02
   Primary DNS Suffix............   iddings.local
   Node Type......................   Hybrid
   IP Routing Enabled ..........    no
   WINS Proxy enabled ........    no
   DNS Suffix Search List......    iddings.local

Ethernet adapter Server Local Area Connection

   Connection Specific DNS Suffix .......   : (blank)
   Description:..................   Intel (R) Pro/1000 MT Network Connection
   Physical Address............   00-15-17-8D-9D-86
   DHCP Enabled................   no
   IP address....................   192.168.1.1
   Subnet Mask.................   255.255.255.0
   IP Address....................   192.168.1.200
   Subnet Mask ................    255.255.255.0
   Default Gateway............    192.168.1.1
                                         192.168.1.200
   DNS Servers ................     192.168.1.1
                                         192.168.1.104
   Primary WINS Server......     192.168.1.104


yes --- the IP Address appears twice under Local Area Connection,
and I screwed up something because that IP address should not
be 192.168.1.1 (that is the router's IP address)

I do have the ability to reserve an IP address for the
server in the router if needed....    I'm slightly frazzled here...

[Jeff Zylstra]

Changes in bold below...

Connection Specific DNS Suffix .......   : (blank)
   Description:..................   Intel (R) Pro/1000 MT Network Connection
   Physical Address............   00-15-17-8D-9D-86
   DHCP Enabled................   no
   IP address....................   192.168.1.104
   Subnet Mask.................   255.255.255.0
   IP Address....................   Are there 2 network cards or ports on this machine?  If so, make this one 192.168.1.105
   Subnet Mask ................    255.255.255.0
   Default Gateway............    192.168.1.1
                                         This should only contain your router, and this looks like this is your router.
   DNS Servers ................     192.168.1.104
                                         
   Primary WINS Server......     192.168.1.104

You may also want to stop and start your netlogon service again.  Don't worry, it won't hurt anything.

At a command prompt type

net stop netlogon

after that's done, type

net start netlogon

I'm hoping this will reestablish the server logon role for workstations so the workstations can log on to it.   Unfortunately I have to go to a meeting now.  Hopefully Rick or someone else can log in and help you out.

[Bloody Jack Kidd]

I guess we should also try to establish what the DHCP scope is or was set for.  You will likely want to make sure you leave a little address space reserved for static IPs - like your DC, router, etc.

even if you have two network cards - if they are not both cabled, just disable the unused one.

Once we get DNS resolving properly on the DC (hope the zones are still viable) - we'll delve into DHCP setup.

Ultimately, I'd like to see if it's possible to setup a 2nd DC to give you a bit of redundancy... if that cannot be worked into the budget, a *nix-based DNS slave and DHCP server could also be quite beneficial.

[Marie (Zionkowski) Gozikowski]

OK ---

Here is what I did......    I got brave and did the ip stack reset....
it re-enabled the DHCP server on the server... so I went into services
and stopped it... then went into the network card and reset the
IP address, DNS & WINS back to 192.168.1.104....  rebooted server

So, now ipconfig/all reads the way Jeff said it should and I have
internet access back on the server!.... BUT workstations still
can't access the DC (it is like iddings.local is not configured right now)

When I get back in tomorrow, I will check workstation & server
event logs to see if any new ones show up

Rick.... if I understand right... the router is set to use 192.168.1.50 to 99
for DHCP assigned addresses... is that what you were asking?  And we
do have our old server still connected (appsrv01) which we use for
backups...might be able to establish second DC there?

Jeff & Rick.....Thanks so much for trying to help with this!

[Jeff Zylstra]

Glad to hear it!  Being a small agency owner myself, I know what it's like when the system is down.   I was checking on my backup to make sure it was working and decided to check on your situation.

Anyway, the 2 other things might be helpful to try tomorrow from a command prompt

Net stop dns
net start dns

net stop netlogon
net start netlogon

I had an issue with my new server where records were not updating properly, and stopping and restarting the dns somehow released them so they could update.  The netlogon service allows or disallows workstations from logging on to the server.

[Nick Oliver]

If you have it all set like jeff said, you may want to do a ipconfig /release on a machine and get ip info from the server again. Your pcs are probably looking at the router for dns and need to be looking at the server.

Sorry for delay in replying to your email but I am in upnort (I spelled it like that on purpose) Wisconsin and I only got cell coverage at my hotel that I just arrived at. Will probably head to the agency around 7:30 tomorrow but I'll try to follow up with you then. 

[Bloody Jack Kidd]

curse IE8!  I have a whole reply written and lost it... and I was trying so hard to stick with one browser... oh well, desparate times...

[Bloody Jack Kidd]

let's try Chrome shall we... last time I used Chrome (at initial release) I crashed it in 15 minutes and have not touched it since. 

So back to Marie's DC:

Looks like you are on the right path and it's good news you have an old server that would be perfectly suited to duties as a secondary DC.  You may wish to get an outside tech involved if you are a bit hesitant to setup the second DC though.

The second DC will provide a redundant source of DNS and login script access and should pretty much hum along nicely with little interaction once configured (other than OS updates).

I would also look into running DHCP service on it - and hand out a different portion of your available scope from each DC (and disable DHCP on the router).

e.g. - DC 1 hands out 192.168.1.1-192.168.1.99, DC hands out 192.168.1.100-199 and leave .200-.254 for static addressing.

The redundancy is a nice thing to have and since you already have the hardware and OS - your costs will just be an hour of config.  (If someone requires more than 60 mins to get this going for you - they don't know what they are doing.)

Good luck.

[Marie (Zionkowski) Gozikowski]

ok --- did all of Jeff's stuff...

Then went to workstation ---- did ipconfig /release...   rebooted workstation...
no good...

Went and changed the workstations network card TCP/Ip property
settings to:    IP address - automatic
                   DNS  & WINS ---- set for 192.168.1.104  (pointing
                          to the server Dns/DC)

rebooted.... nada

performed ipconfig / release on workstation again & checked to make sure
workstation TCP/IP settings were still set where I left them - rebooted ---- nada

Internet works fine on workstations... bit anytime I try to do anything that needs to
see the server (My computer, windows explorer, etc) ---- it freezes and I have
to use taskmaster to end program)    

stilll get the following event errors on WORKSTATION:

Under Application:
 
  Event ID 1058:    Windows can not access the file gpt.ini for GPO CN={......lots of numbers}  CN=Policies  CN+ System  DC= Iddings DC= local
The file must be present at loc \\iddings.local\sysvol\iddings.local\polcies\{ more numbers}\gpt.ini

Event ID 1030:    Windows can not query list of Group Policy Objects


Under System:
   Event ID 9:  
         The device  \Device\Ide\iastor0 did not respond within the time out period


Under the SERVER:

   Event ID 1058:
Windows cannot access the file gpt.ini for GPO CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=Iddings,DC=local. The file must be present at the location <\\Iddings.local\sysvol\Iddings.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini>. (Configuration information could not be read from the domain controller, either because the machine is unavailable, or access has been denied. ). Group Policy processing aborted.

  Event ID 1030:
Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.


looks like problem is that the gpt.ini is missing?    does that sound right?

 

[Bloody Jack Kidd]

whoa... I hope the sysvol isn't missing

check on the server to see if: \\iddings.local\sysvol\iddings.local\ exists

[Marie (Zionkowski) Gozikowski]

What about setting the server up as a workgroup instead of a domain (just until we get this figured out) - I have to get this up and running ASAP.....

or maybe just make a second domain and point people there?

I don't know, just grasping at straws here.... and I am supposed to be gone on and off
for the next two weeks, so I have to get this fixed somehow today......

Local tech doesn't know much more than me when it comes to domains   :-(

Thanks....

[Marie (Zionkowski) Gozikowski]

whoa... I hope the sysvol isn't missing

check on the server to see if: \\iddings.local\sysvol\iddings.local\ exists

went into windows explorer and pasted the above in
just sat there......   guess thats not good?   

[Bloody Jack Kidd]

this is like your DC has stopped being a DC.

usually the sysvol would be something like the previous UNC path you tried... you could also check

c:\WINDOWS\SYSVOL\[hostname.domainname]