dns - 如何修复 Windows Server 2012 上的 DCDiag 连接测试
问题描述
我们的第二个域上有两个域控制器。两者都未通过 dcdiag 连接测试。两者都不能更新 DNS 记录,AD 不会启动,因为找不到域控制器并且该域上的所有证书都已过期。
当我重新启动服务器时,它会将 dc2001 添加到 dns 区域,而不是已经存在的 dc2001.domain.local。
当我 ping dc2001 时,我得到了 fe80::1d61:f361:801a:bbfc%17 time<1ms 的回复。
当我 ping dc2001.domain.local 时,我收到了来自 10.93.41 的回复。字节=32 时间<1ms TTL-128。我不确定为什么我得到的是 ipv6 地址而不是 ipv4 地址。
我试过注册DNS,但失败了。我尝试从 AD 断开 DNS 区域,然后注册 DNS,但它在没有 FQDN 的情况下添加 dc2001,仍然无法解析 DNS 地址。
我尝试将未通过 DNS 测试的特定主机添加到 DNS 中的正确位置。我尝试了主机名和 cname,但 DNS 服务器似乎没有响应它自己的查询。
对于后续步骤或如何解决此连接问题和我们的域的任何帮助将不胜感激。
Here is my ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : dc2001
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.local
Ethernet adapter Ethernet1 2:
Connection-specific DNS Suffix . : domain.local
Description . . . . . . . . . . . : vmxnet3 Ethernet Adapter #2
Physical Address. . . . . . . . . : 00-50-56-01-17-08
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1d61:f361:801a:bbfc%17(Preferred)
IPv4 Address. . . . . . . . . . . : 10.93.41.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.93.41.254
DHCPv6 IAID . . . . . . . . . . . : 335564886
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-3C-C0-C4-00-50-56-01-05-9A
DNS Servers . . . . . . . . . . . : 10.93.41.1
10.93.41.3
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Local Area Connection* 12:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.rwl.local:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : domain.local
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
这是我的 dcdiag 失败
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = dc2001
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site\DC2001
Starting test: Connectivity
The host e9aff47f-e80d-4a27-a362-e790dd8dc3a6._msdcs.domain.local could
not be resolved to an IP address. Check the DNS server, DHCP, server
name, etc.
Got error while checking LDAP and RPC connectivity. Please check your
firewall settings.
......................... DC2001 failed test Connectivity
Doing primary tests
Testing server: Default-First-Site\DC2001
Skipping all tests, because server DC2001 is not responding to directory
service requests.
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : rwl
Starting test: CheckSDRefDom
......................... rwl passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... rwl passed test CrossRefValidation
Running enterprise tests on : domain.local
Starting test: LocatorCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error
1355
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... domain.local failed test LocatorCheck
Starting test: Intersite
......................... domain.local passed test Intersite
NSlookup 返回:
Default Server: UnKnown
Address: 10.93.41.1
解决方案
我能够通过删除 DNS 区域来解决这个问题,然后将它们重新添加为本地区域,而不是 AD 区域。然后注册DNS。之后,我重新启动了 Netlogon。然后我重建了 FRS 和 SYSVOL。AD 终于开始工作了,连接错误也被消除了。
推荐阅读
- c++ - 使用 SIMD 将累积(单个)值打包成两个值管理清理代码循环的方法是什么?
- reactjs - 父元素如何调用在子元素上定义的函数?
- linkedin - 如何删除Linkedin中的应用程序?
- excel - 格式化单元格而不直接覆盖内容
- python - 如何获取列中最频繁的类别并将其余的计数存储在另一列中
- payment-gateway - 我的 redirect_url 页面需要一个 csrf_token
- ios - 通过 Auto Layout 根据 UILabel 的内容自动调整 UIView 的大小
- ios - 我可以获得有关 iOS 崩溃日志的帮助吗?
- performance - PWA 添加主屏幕需要时间
- html - 在 iOS 应用程序收到点击事件之前,您触摸屏幕发生了什么?