New 2008R2 Server To 2003 Domain

[ICTCity]

Ehi, wait a minute...

 

Your DC should be named BIG-RIG2 not BIG-RIG, right?

 

If this is right I must know WHEN you renamed the DC (after / before the promotion?)

 

Anyway, if you don't use IPv6 remove it. As said before your migration, you could have troubles migrating from 2k3 to 2k8 with ipv6 enabled, but this is another story.

 

 

After you disabled that option, did you restarted the server?

[SailingNut]

The DC should now be named big-rig. It was previously named big-rig2. I renamed it after I demoted the old server. (The old server was named big-rig and I renamed it to big-rigx after demotion and before renaming the new one to big-rig)

 

I will disable IPv6 on the server.

 

I did not reboot the server after disabling the option. I didn't think I would need to since it reset the adapter. But I guess I may be wrong there. I'll give it a try rebooting after I disable IPv6

[ICTCity]

The DC should now be named big-rig. It was previously named big-rig2. I renamed it after I demoted the old server. (The old server was named big-rig and I renamed it to big-rigx after demotion and before renaming the new one to big-rig)

 

Ok, that means I think I've found your problem but I have to think about a solution.

 

If you look at the output of DCDIAG, you can see that many test have been made to BIG-RIG2, which actually doesn't exist... but in some way it just passed tests.

 

Now I'm going to read your output once again trying to understand where is the problem.

 

Of course we need to be able to access Domain and Trusts snap-in, I don't know if there's a way to do the same thing from command line.

 

I'll wait for your restart, then I hope I can find a solution...

[ICTCity]

Mhhhhh can you please run these commands?

 

(from a workstation)

 

ipconfig /flushdns

ping big-rig

ping big-rig2

ipconfig /displaydns

 

Post results.

[SailingNut]

Results of the tests. Interestingly the server is responding to both names!

 

C:\Users\tborland.WTBHOME>ipconfig /flushdns

 

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

 

C:\Users\tborland.WTBHOME>ping big-rig

 

Pinging big-rig.wtbhome.net [192.168.0.2] with 32 bytes of data:

Reply from 192.168.0.2: bytes=32 time

[ICTCity]

Results of the tests. Interestingly the server is responding to both names!

 

That's ok :)

 

So... now I've found the problem... but actually I'm not sure about the solution.

 

The problem is the renaming of your DC made before the migration. As you can see, both BIG-RIG and BIG-RIG2 are responding from the same IP.

 

I *THINK* that the problem is when a DC operation is performed, the DNS resolve both big-rig & big-rig2 correctly, but the operation cannot be completed due to the same IP.

 

 

I tought about 2 solutions, but I AM REALLY NOT SURE ABOUT CONSEQUENCES you may have.

 

1) rename your DC from big-rig to big-rig2

2) Follow this procedure:

Transfer FSMO roles

To transfer the FSMO roles by using the Ntdsutil utility, follow these steps:

Log on to a Windows 2000 Server-based or Windows Server 2003-based member computer or domain controller that is located in the forest where FSMO roles are being transferred. We recommend that you log on to the domain controller that you are assigning FSMO roles to. The logged-on user should be a member of the Enterprise Administrators group to transfer Schema master or Domain naming master roles, or a member of the Domain Administrators group of the domain where the PDC emulator, RID master and the Infrastructure master roles are being transferred.

Click Start, click Run, type ntdsutil in the Open box, and then click OK.

Type roles, and then press ENTER.

 

Note To see a list of available commands at any one of the prompts in the Ntdsutil utility, type ?, and then press ENTER.

Type connections, and then press ENTER.

Type connect to server servername, and then press ENTER, where servername is the name of the domain controller you want to assign the FSMO role to.

At the server connections prompt, type q, and then press ENTER.

Type transfer role, where role is the role that you want to transfer. For a list of roles that you can transfer, type ? at the fsmo maintenance prompt, and then press ENTER, or see the list of roles at the start of this article. For example, to transfer the RID master role, type transfer rid master. The one exception is for the PDC emulator role, whose syntax is transfer pdc, not transfer pdc emulator.

At the fsmo maintenance prompt, type q, and then press ENTER to gain access to the ntdsutil prompt. Type q, and then press ENTER to quit the Ntdsutil utility.

 

Taken from http://support.microsoft.com/kb/255504/en-us

 

 

Sorry, but I can't test this scenario... but if you wanna try, start with the second option (transfer FSMO roles) first, which should be the safest one.

[SailingNut]

I FINALLY had some time to give this a try and it did not seem to work.

 

I only tried method 2 that you mentioned because you thought it was the safest. After trying to transfer the roles, I ran dcdiag.exe and I see that big-rig2 is still being referenced for many things.

 

Do you think I should try seizing roles or shold I rename the server back to big-rig2 and then try using the NETDOM method to name the server back to big-rig? Although at this poing, if things get happy with the server named back to big-rig2, I'll be more than happy to change all of the network share references! (Way less work than completely rebuilding the server!)

[ICTCity]

I FINALLY had some time to give this a try and it did not seem to work.

 

I only tried method 2 that you mentioned because you thought it was the safest. After trying to transfer the roles, I ran dcdiag.exe and I see that big-rig2 is still being referenced for many things.

 

Do you think I should try seizing roles or shold I rename the server back to big-rig2 and then try using the NETDOM method to name the server back to big-rig? Although at this poing, if things get happy with the server named back to big-rig2, I'll be more than happy to change all of the network share references! (Way less work than completely rebuilding the server!)

 

I really cannot tell you what can happens by renaming the DC...

 

I think that you could try seizing roles... and just after that... try the rename... Actually I don't know what can happen...

[SailingNut]

OK, intersting behavior by the server.....

 

I tried seizing the FSMO roles over to BIG-RIG and every one of them reported that seizure was not necessary and that they were transferred properly. However, when I run dcdiag, BIG-RIG2 is still showing up as it did before.

 

So, next I attempted a rename using the computer properties and that failed with an error "The specified domain either does not exist or could not be contacted" I then tried the NETDOM mathod as well and it failed with the same error.

 

So, it looks like I'll have to completely rebuild the server from scratch, unless you can come up with a great idea.

 

If I'm going to do the rebuild I was wondering if you could recommend any good reading on how I should set it up to avoid any problems down the line. One area where I'm not really certain is in the DNS configuration. I should also probably read up on AD configuration and DHCP configuration.

 

I also heard on the MS forums that there is a way to re-build the server and to not have to recreate the user accounts. (Export then import or something like that.) Given the source I wanted to ask you, since I've gotten some marginal advice from the MS forums before.

 

Thanks SO much! (Earliest I'll get to rebuilding the Server will be this Saturday. It also depends on how much reasing you give me to do! ) )

[ICTCity]

OK, intersting behavior by the server.....

 

I tried seizing the FSMO roles over to BIG-RIG and every one of them reported that seizure was not necessary and that they were transferred properly. However, when I run dcdiag, BIG-RIG2 is still showing up as it did before.

 

So, next I attempted a rename using the computer properties and that failed with an error "The specified domain either does not exist or could not be contacted" I then tried the NETDOM mathod as well and it failed with the same error.

 

So, it looks like I'll have to completely rebuild the server from scratch, unless you can come up with a great idea.

 

If I'm going to do the rebuild I was wondering if you could recommend any good reading on how I should set it up to avoid any problems down the line. One area where I'm not really certain is in the DNS configuration. I should also probably read up on AD configuration and DHCP configuration.

 

I also heard on the MS forums that there is a way to re-build the server and to not have to recreate the user accounts. (Export then import or something like that.) Given the source I wanted to ask you, since I've gotten some marginal advice from the MS forums before.

 

Thanks SO much! (Earliest I'll get to rebuilding the Server will be this Saturday. It also depends on how much reasing you give me to do! ) )

 

 

I just need the last attempt... pleeeeeease :)

 

Open this file: C:\Windows\system32\drivers\etc\hosts

 

you should see only the localhost, add these lines:

 

192.168.0.2 big-rig wtbhome.net

 

Then retry with rename.

 

 

After this we could look at the clean install, anyway we have to pay attention by importing DNS, I think the best way is to create a new DNS service (I don't think you have thousand of names...), regarding AD it's quite easy, look at these document:

http://technet.microsoft.com/en-us/library/cc771290(WS.10).aspx

 

 

I really suggest you to WAIT before doing a clean install, now the situation is working in some way and I think we could come to a solution... . Anyway, if you want to do it, try first a simpler way before:

 

Install a new server (let big-rig / 2 up and running).

Choose a name and NEVER change it :P (don't call it big-rig or big-rig2!!!)

Add that server in domain and, when asked, choose that it will be part of an existing domain, then make it as a global catalogue.

Once you are finished, wait until replication has been completed, you will have all your objects in the new DC. Now you can demote the big-rig / 2 and turn it off.

 

Let me know... we still have time until saturday :)

[SailingNut]

Still no joy, the rename fails with the same error.

 

the line that I added to the hosts file was as follows:

 

192.168.0.2 big-rig.wtbhome.net

 

I also finally disabled IPv6! (Clearing the check mark next to IPv6 was just too obvious for me and it took this long to figure it out!)

 

Possible interesting information from doing Pings on the server.

 

When I ping big-rig.wtbhome.net, big-rig2, or big-rig2.wtbhome.net the server responds on 192.168.0.2 BUT when I ping big-rig, the reply comes from the IPv6 stack (not typing the address here because I assume it's not important) not 192.168.0.2. So when the server is resolving the name for big-rig, it's only finding it on the IPv6 loopback interface.

 

What if I played with the DNS records for big-rig and big-rig2? I looked through the DNS configuration and there are a lot of things that point only to big-rig2. (I tried to do an export, but it's not recursive so I couldn't capture all of it in one file, at least as far as I could tell.)

 

Also thought including the following error might provide some clues, there are lots of them in the event viewer:

 

Event Type:	Warning
Event Source:	DNS
Event Category:	None
Event ID:	7062
Date:		4/18/2011
Time:		9:04:18 PM
User:		N/A
Computer:	big-rig.wtbhome.net
Description:
The DNS server encountered a packet addressed to itself on IP address 192.168.0.2. The packet is for the DNS name "178.20.50.208.in-addr.arpa.". The packet will be discarded. This condition usually indicates a configuration error. 

Check the following areas for possible self-send configuration errors: 
1) Forwarders list. (DNS servers should not forward to themselves). 
2) Master lists of secondary zones. 
3) Notify lists of primary zones. 
4) Delegations of subzones.  Must not contain NS record for this DNS server unless subzone is also on this server. 
5) Root hints. 

Example of self-delegation: 
-> This DNS server dns1.example.microsoft.com is the primary for the zone example.microsoft.com. 
-> The example.microsoft.com zone contains a delegation of bar.example.microsoft.com to dns1.example.microsoft.com, 
(bar.example.microsoft.com NS dns1.example.microsoft.com) 
-> BUT the bar.example.microsoft.com zone is NOT on this server. 

Note, you should make this delegation check (with nslookup or DNS manager) both on this DNS server and on the server(s) you delegated the subzone to. It is possible that the delegation was done correctly, but that the primary DNS for the subzone, has any incorrect NS record pointing back at this server. If this incorrect NS record is cached at this server, then the self-send could result.  If found, the subzone DNS server admin should remove the offending NS record. 

You can use the DNS server debug logging facility to track down the cause of this problem.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 50 25 00 00               P%..    

 

Another thing that I noticed is that there is a forwarder in the list for 192.168.0.2 big-rig.wtbhome.net. Thet does not seem right to me, but being a novice didn't want to muck about with it.

[ICTCity]

Can you remember when I told you to disable the ipv6 before migration? eheheh

 

Problems are two: error in name (big-rig / big-rig2) and IPv6.

 

big-rig2 and big-rig2.wtbhome.net are the same thing, big-rig sounds like an Alias.

 

To export dns entries use the command prompt and type:

 

dnscmd

 

I know we can find a solution :)

[SailingNut]

Yeah, Oops on the IPv6!

 

Here is the export of my DNS configuration:

 

 Database file (null) for wtbhome.net zone.
     Zone version:  5608


@                       IN  SOA big-rig.wtbhome.net. admin.wtbhome.net. (
5608          serial number
900           refresh
600           retry
86400         expire
3600       )  default TTL


 Zone NS records


@                       NS	big-rig.wtbhome.net.
@                       NS	somewhere-hot.wtbhome.net.


 Zone records


@                       600	A	192.168.0.2
@                       600	AAAA	fd47:dced:df9d:5a5f::1
63fa3998-2396-4450-b046-a8ceb3bf85dc._msdcs 600	CNAME	big-rig2.wtbhome.net.
_kerberos._tcp.wtbhome._sites.dc._msdcs 600	SRV	0 100 88	big-rig2.wtbhome.net.
_ldap._tcp.wtbhome._sites.dc._msdcs 600	SRV	0 100 389	big-rig2.wtbhome.net.
_kerberos._tcp.dc._msdcs 600	SRV	0 100 88	big-rig2.wtbhome.net.
_ldap._tcp.dc._msdcs    600	SRV	0 100 389	big-rig2.wtbhome.net.
_ldap._tcp.d170d4c1-dda7-4565-b23c-024adc8e5aa9.domains._msdcs 600	SRV	0 100 389	big-rig2.wtbhome.net.
gc._msdcs               600	A	192.168.0.100
600	A	192.168.0.2
600	AAAA	fd47:dced:df9d:5a5f::1
_ldap._tcp.wtbhome._sites.gc._msdcs 600	SRV	0 100 3268	big-rig2.wtbhome.net.
_ldap._tcp.gc._msdcs    600	SRV	0 100 3268	big-rig2.wtbhome.net.
_ldap._tcp.pdc._msdcs   600	SRV	0 100 389	big-rig2.wtbhome.net.
_gc._tcp.wtbhome._sites 600	SRV	0 100 3268	big-rig2.wtbhome.net.
_kerberos._tcp.wtbhome._sites 600	SRV	0 100 88	big-rig2.wtbhome.net.
_ldap._tcp.wtbhome._sites 600	SRV	0 100 389	big-rig2.wtbhome.net.
_gc._tcp                600	SRV	0 100 3268	big-rig2.wtbhome.net.
_kerberos._tcp          600	SRV	0 100 88	big-rig2.wtbhome.net.
_kpasswd._tcp           600	SRV	0 100 464	big-rig2.wtbhome.net.
_ldap._tcp              600	SRV	0 100 389	big-rig2.wtbhome.net.
_kerberos._udp          600	SRV	0 100 88	big-rig2.wtbhome.net.
_kpasswd._udp           600	SRV	0 100 464	big-rig2.wtbhome.net.
apocalypso              1200	A	192.168.0.68
ATMRACK                 1200	A	192.168.0.54
BankOfBadHabits         1200	A	192.168.0.53
big-rig2                A	192.168.0.2
AAAA	fd47:dced:df9d:5a5f::1
big-rigx                1200	A	192.168.0.7
CHGSINLATTITUDE         1200	A	192.168.0.55
DomainDnsZones          600	A	192.168.0.2
600	AAAA	fd47:dced:df9d:5a5f::1
_ldap._tcp.wtbhome._sites.DomainDnsZones 600	SRV	0 100 389	big-rig2.wtbhome.net.
600	SRV	0 100 389	big-rig.wtbhome.net.
_ldap._tcp.DomainDnsZones 600	SRV	0 100 389	big-rig2.wtbhome.net.
600	SRV	0 100 389	big-rig.wtbhome.net.
ForestDnsZones          600	A	192.168.0.2
600	AAAA	fd47:dced:df9d:5a5f::1
_ldap._tcp.wtbhome._sites.ForestDnsZones 600	SRV	0 100 389	big-rig2.wtbhome.net.
600	SRV	0 100 389	big-rig.wtbhome.net.
_ldap._tcp.ForestDnsZones 600	SRV	0 100 389	big-rig.wtbhome.net.
600	SRV	0 100 389	big-rig2.wtbhome.net.
JamaciaMistaka          1200	A	192.168.0.54
mame-cabinet            1200	A	192.168.0.57
mamecab                 1200	A	192.168.0.69
mamestation             1200	A	192.168.0.59
Margaritaville          1200	A	192.168.0.54
miss-magic              1200	A	192.168.0.57
missmagic               1200	A	192.168.0.51
overkill                1200	A	192.168.0.55
virtoverkill            1200	A	192.168.0.69
WIN7TEST-PC             1200	A	192.168.131.66

[ICTCity]

Comment out (put the "" at the beginning) all the lines with BIG-RIG2 and substitute them with big rig.

 

For example:

 

_ldap._tcp.wtbhome._sites.gc._msdcs 600 SRV 0 100 3268 big-rig2.wtbhome.net.

_ldap._tcp.wtbhome._sites.gc._msdcs 600 SRV 0 100 3268 big-rig.wtbhome.net.

 

Flush cache and retry.

 

(Give it some time...)

[SailingNut]

Comment out (put the "" at the beginning) all the lines with BIG-RIG2 and substitute them with big rig.

 

For example:

 

_ldap._tcp.wtbhome._sites.gc._msdcs 600 SRV 0 100 3268 big-rig2.wtbhome.net.

_ldap._tcp.wtbhome._sites.gc._msdcs 600 SRV 0 100 3268 big-rig.wtbhome.net.

 

Flush cache and retry.

 

(Give it some time...)

 

So not 100% sure how to do this. (I got the file edited properly.) But not sure if the file needs to be imported or what. (I created the file using "dnscmd localhost /zoneexport wtbhome.net dns.txt") I did move the file out of c:\WIndows\system32\dns

[ICTCity]

Mhhhh that's a good question.

 

I think you should copy the original file, modify it as I suggested before, stop dns service (open DNS snap-in > right click > stop), rename the new file properly, flush DNS cache, restart DNS and export again everything just to be sure everything has gone in the properly way.

 

EDIT ***Uh... DELETE ALSO the entry for ipv6!***

 

After that, try to open sites and services and tell me if you have the same error again.

 

DO NOT RENAME YOUR SERVER! We are going to fix this problem in another way.

 

Check event log for a while.

 

If you can open sites and services with no errors... we can be a bit more happy :)

 

If not... well... I still have time before the clean install :P

[SailingNut]

Still not sure on the "rename properly" part of the above.

 

Can I just go into the DNS snapin and change the enrties?

[ICTCity]

Still not sure on the "rename properly" part of the above.

 

Can I just go into the DNS snapin and change the enrties?

 

 

yes :)

[SailingNut]

OK, got the DNS reconfigured and I still get the "interface is unknown" problem when opening the AD Dimain Services. :wallbash:

 

Output from dcdiag.exe still shows references to big-rig2 (I can post if you want to see.)

 

Shuld I go through and try seizing roles again now that the DNS stuff is cleared up?

 

FYI, there is no deadline for doing a clean install on Saturday. I'm happy to keep working on this as long as you are!

[SailingNut]

Other information.... I grabbed the event log from a reboot after I changed the DNS entries. The file is attached.

[ICTCity]

Other information.... I grabbed the event log from a reboot after I changed the DNS entries. The file is attached.

 

 

Grrrrrrrr f****ng ipv6!!!

 

First try this procedure which surely disable IPv6:

http://www.windowsreference.com/networking/disable-ipv6-in-windows-server-20008-full-core-installation/

 

Then Export and post the DNS configuration again.

 

The first error is interesting:

The processing of Group Policy failed. Windows could not determine if the user and computer accounts are in the same forest. Ensure the user domain name matches the name of a trusted domain that resides in the same forest as the computer account.

 

It looks like it's trying to access another server via the wrong interface!

 

I'm still trying to find a way to manage domain and trust from command line...

[ICTCity]

Do you have another server?

 

If yes, open domain and trusts from there and connect to the dc by typing the ip.

 

Let me know.

 

 

Somebody explain me WHY you can't manage a server with core install -.- now I want to open a new topic in this forum!

[SailingNut]

Here's the output after doing the registry edit & rebooting.

 

 Database file (null) for wtbhome.net zone.
     Zone version:  5632


@                       IN  SOA big-rig.wtbhome.net. admin.wtbhome.net. (
5632          serial number
900           refresh
600           retry
86400         expire
3600       )  default TTL


 Zone NS records


@                       NS	big-rig.wtbhome.net.
@                       NS	somewhere-hot.wtbhome.net.


 Zone records


@                       600	A	192.168.0.2
@                       600	AAAA	fd47:dced:df9d:5a5f::1
63fa3998-2396-4450-b046-a8ceb3bf85dc._msdcs 600	CNAME	big-rig.wtbhome.net.
_kerberos._tcp.wtbhome._sites.dc._msdcs 600	SRV	0 100 88	big-rig.wtbhome.net.
_ldap._tcp.wtbhome._sites.dc._msdcs 600	SRV	0 100 389	big-rig.wtbhome.net.
_kerberos._tcp.dc._msdcs 600	SRV	0 100 88	big-rig.wtbhome.net.
_ldap._tcp.dc._msdcs    600	SRV	0 100 389	big-rig.wtbhome.net.
_ldap._tcp.d170d4c1-dda7-4565-b23c-024adc8e5aa9.domains._msdcs 600	SRV	0 100 389	big-rig.wtbhome.net.
gc._msdcs               600	A	192.168.0.100
600	A	192.168.0.2
600	AAAA	fd47:dced:df9d:5a5f::1
_ldap._tcp.wtbhome._sites.gc._msdcs 600	SRV	0 100 3268	big-rig.wtbhome.net.
_ldap._tcp.gc._msdcs    600	SRV	0 100 3268	big-rig.wtbhome.net.
_ldap._tcp.pdc._msdcs   600	SRV	0 100 389	big-rig.wtbhome.net.
_gc._tcp.wtbhome._sites 600	SRV	0 100 3268	big-rig.wtbhome.net.
_kerberos._tcp.wtbhome._sites 600	SRV	0 100 88	big-rig.wtbhome.net.
_ldap._tcp.wtbhome._sites 600	SRV	0 100 389	big-rig.wtbhome.net.
_gc._tcp                600	SRV	0 100 3268	big-rig.wtbhome.net.
_kerberos._tcp          600	SRV	0 100 88	big-rig.wtbhome.net.
_kpasswd._tcp           600	SRV	0 100 464	big-rig.wtbhome.net.
_ldap._tcp              600	SRV	0 100 389	big-rig.wtbhome.net.
_kerberos._udp          600	SRV	0 100 88	big-rig.wtbhome.net.
_kpasswd._udp           600	SRV	0 100 464	big-rig.wtbhome.net.
apocalypso              1200	A	192.168.0.68
ATMRACK                 1200	A	192.168.0.54
BankOfBadHabits         1200	A	192.168.0.53
big-rig                 A	192.168.0.2
big-rigx                1200	A	192.168.0.7
CHGSINLATTITUDE         1200	A	192.168.0.55
DomainDnsZones          600	A	192.168.0.2
600	AAAA	fd47:dced:df9d:5a5f::1
_ldap._tcp.wtbhome._sites.DomainDnsZones 600	SRV	0 100 389	big-rig.wtbhome.net.
_ldap._tcp.DomainDnsZones 600	SRV	0 100 389	big-rig.wtbhome.net.
ForestDnsZones          600	A	192.168.0.2
600	AAAA	fd47:dced:df9d:5a5f::1
_ldap._tcp.wtbhome._sites.ForestDnsZones 600	SRV	0 100 389	big-rig.wtbhome.net.
_ldap._tcp.ForestDnsZones 600	SRV	0 100 389	big-rig.wtbhome.net.
JamaciaMistaka          1200	A	192.168.0.54
mame-cabinet            1200	A	192.168.0.57
mamecab                 1200	A	192.168.0.69
mamestation             1200	A	192.168.0.59
Margaritaville          1200	A	192.168.0.54
miss-magic              1200	A	192.168.0.57
missmagic               1200	A	192.168.0.51
overkill                1200	A	192.168.0.55
virtoverkill            1200	A	192.168.0.69
WIN7TEST-PC             1200	A	192.168.131.66

[ICTCity]

Here's the output after doing the registry edit & rebooting.

 

 Database file (null) for wtbhome.net zone.
     Zone version:  5632


@                       IN  SOA big-rig.wtbhome.net. admin.wtbhome.net. (
5632          serial number
900           refresh
600           retry
86400         expire
3600       )  default TTL


 Zone NS records


@                       NS	big-rig.wtbhome.net.
@                       NS	somewhere-hot.wtbhome.net.


 Zone records


@                       600	A	192.168.0.2
@                       600	AAAA	fd47:dced:df9d:5a5f::1
63fa3998-2396-4450-b046-a8ceb3bf85dc._msdcs 600	CNAME	big-rig.wtbhome.net.
_kerberos._tcp.wtbhome._sites.dc._msdcs 600	SRV	0 100 88	big-rig.wtbhome.net.
_ldap._tcp.wtbhome._sites.dc._msdcs 600	SRV	0 100 389	big-rig.wtbhome.net.
_kerberos._tcp.dc._msdcs 600	SRV	0 100 88	big-rig.wtbhome.net.
_ldap._tcp.dc._msdcs    600	SRV	0 100 389	big-rig.wtbhome.net.
_ldap._tcp.d170d4c1-dda7-4565-b23c-024adc8e5aa9.domains._msdcs 600	SRV	0 100 389	big-rig.wtbhome.net.
gc._msdcs               600	A	192.168.0.100
600	A	192.168.0.2
600	AAAA	fd47:dced:df9d:5a5f::1
_ldap._tcp.wtbhome._sites.gc._msdcs 600	SRV	0 100 3268	big-rig.wtbhome.net.
_ldap._tcp.gc._msdcs    600	SRV	0 100 3268	big-rig.wtbhome.net.
_ldap._tcp.pdc._msdcs   600	SRV	0 100 389	big-rig.wtbhome.net.
_gc._tcp.wtbhome._sites 600	SRV	0 100 3268	big-rig.wtbhome.net.
_kerberos._tcp.wtbhome._sites 600	SRV	0 100 88	big-rig.wtbhome.net.
_ldap._tcp.wtbhome._sites 600	SRV	0 100 389	big-rig.wtbhome.net.
_gc._tcp                600	SRV	0 100 3268	big-rig.wtbhome.net.
_kerberos._tcp          600	SRV	0 100 88	big-rig.wtbhome.net.
_kpasswd._tcp           600	SRV	0 100 464	big-rig.wtbhome.net.
_ldap._tcp              600	SRV	0 100 389	big-rig.wtbhome.net.
_kerberos._udp          600	SRV	0 100 88	big-rig.wtbhome.net.
_kpasswd._udp           600	SRV	0 100 464	big-rig.wtbhome.net.
apocalypso              1200	A	192.168.0.68
ATMRACK                 1200	A	192.168.0.54
BankOfBadHabits         1200	A	192.168.0.53
big-rig                 A	192.168.0.2
big-rigx                1200	A	192.168.0.7
CHGSINLATTITUDE         1200	A	192.168.0.55
DomainDnsZones          600	A	192.168.0.2
600	AAAA	fd47:dced:df9d:5a5f::1
_ldap._tcp.wtbhome._sites.DomainDnsZones 600	SRV	0 100 389	big-rig.wtbhome.net.
_ldap._tcp.DomainDnsZones 600	SRV	0 100 389	big-rig.wtbhome.net.
ForestDnsZones          600	A	192.168.0.2
600	AAAA	fd47:dced:df9d:5a5f::1
_ldap._tcp.wtbhome._sites.ForestDnsZones 600	SRV	0 100 389	big-rig.wtbhome.net.
_ldap._tcp.ForestDnsZones 600	SRV	0 100 389	big-rig.wtbhome.net.
JamaciaMistaka          1200	A	192.168.0.54
mame-cabinet            1200	A	192.168.0.57
mamecab                 1200	A	192.168.0.69
mamestation             1200	A	192.168.0.59
Margaritaville          1200	A	192.168.0.54
miss-magic              1200	A	192.168.0.57
missmagic               1200	A	192.168.0.51
overkill                1200	A	192.168.0.55
virtoverkill            1200	A	192.168.0.69
WIN7TEST-PC             1200	A	192.168.131.66

 

Can you please DELETE all the entries for IPv6? I see there's a zone for IPv6 and a A record. Also the two A records have the same "weight", when the DC try to use the IPv6 it doesn't work.

 

We must delete everything related to IPv6!

[SailingNut]

So I removed ALL IPv6 entries in the DNS server. I then restarted the DNS server service and attempted to open the AD Sites & Services with the same error. :-(

 

After the AD Sites & Services app came up I tried to manually connect to big-rig and it also failed with the interface unknown error. It also fails with the same error if I put in the IP address for connecting instead of the DNS name.

 

What are the next steps?