DNS issues on 2003 network
-
@wirestyle22 said in DNS issues on 2003 network:
@scottalanmiller said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
So what are my options here? Are there any other tests I can run?
You could add another DC and DNS to your domain, 2003 is out of support anyway
Probably the way to go. This system is suspect. You need clean builds and new systems. Why fix what is broken when you could actually fix the problems?
I would be going from 2003 - 2012 R2. I wanted to do it on my test environment before I did it in a live environment
You can do that but DNS, DHCP, and AD are so trivial that you most likely won't have an issue.
-
You can check the Event Viewer on your server with nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
-
@coliver said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
@scottalanmiller said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
So what are my options here? Are there any other tests I can run?
You could add another DC and DNS to your domain, 2003 is out of support anyway
Probably the way to go. This system is suspect. You need clean builds and new systems. Why fix what is broken when you could actually fix the problems?
I would be going from 2003 - 2012 R2. I wanted to do it on my test environment before I did it in a live environment
You can do that but DNS, DHCP, and AD are so trivial that you most likely won't have an issue.
Trivial, non-destructive and standard.
-
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server with nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
No I can't ping it
-
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
-
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
I can't do that safely as per @scottalanmiller
-
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
Wait, something else coming to mind: You can't query the public google DNS (8.8.8.8) from your failing hosts?
-
@thwr said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
Wait, something else coming to mind: You can't query the public google DNS (8.8.8.8) from your failing hosts?
you mean nslookup www.crayola.com 8.8.8.8? No
-
Also, should be mentioned, this is the window in which to consider a Linux DC, instead of WIndows. That Windows 2003 was still running suggests a major issue that can't be fixed by updating now - something stopped people from keeping systems under support and patched for the last decade. That's a really, really big concern. A decade without proper updates? Um, you can't be on Windows. It's that simple, unless there has been a real change at the top that would make the problem go away, you need to apply business logic and realism and look at this correctly.... Linux you can update without management oversight. Windows you cannot. If you install Windows, are you just creating the same problems again? Basically, Windows is a bandaid, Linux would be a fix. Once you install 2012 R2 DCs, Linux is off the table. RIght now, it is still on the table.
-
@thwr said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
Wait, something else coming to mind: You can't query the public google DNS (8.8.8.8) from your failing hosts?
That's why I think it might have to do with SEP. He can't access external resources either.
-
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
I can't do that safely as per @scottalanmiller
That's true, but you can't keep is safely, either.
-
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
Wait, something else coming to mind: You can't query the public google DNS (8.8.8.8) from your failing hosts?
you mean nslookup www.crayola.com 8.8.8.8? No
We need to investigate that. Are you sure that there's no firewall / Norton / Symantec / whatever installed on the print- or fileserver? Because that's not related to your DC.
What kind of internet connectivity do your failing hosts have? Directly outbound via a gateway? Some proxy?
-
@scottalanmiller said in DNS issues on 2003 network:
Also, should be mentioned, this is the window in which to consider a Linux DC, instead of WIndows. That Windows 2003 was still running suggests a major issue that can't be fixed by updating now - something stopped people from keeping systems under support and patched for the last decade. That's a really, really big concern. A decade without proper updates? Um, you can't be on Windows. It's that simple, unless there has been a real change at the top that would make the problem go away, you need to apply business logic and realism and look at this correctly.... Linux you can update without management oversight. Windows you cannot. If you install Windows, are you just creating the same problems again? Basically, Windows is a bandaid, Linux would be a fix. Once you install 2012 R2 DCs, Linux is off the table. RIght now, it is still on the table.
Good point, but honestly, that requires Linux expertise.
-
@thwr said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
Wait, something else coming to mind: You can't query the public google DNS (8.8.8.8) from your failing hosts?
you mean nslookup www.crayola.com 8.8.8.8? No
We need to investigate that. Are you sure that there's no firewall / Norton / Symantec / whatever installed on the print- or fileserver? Because that's not related to your DC.
What kind of internet connectivity do your failing hosts have? Directly outbound via a gateway? Some proxy?
-
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
Wait, something else coming to mind: You can't query the public google DNS (8.8.8.8) from your failing hosts?
you mean nslookup www.crayola.com 8.8.8.8? No
We need to investigate that. Are you sure that there's no firewall / Norton / Symantec / whatever installed on the print- or fileserver? Because that's not related to your DC.
What kind of internet connectivity do your failing hosts have? Directly outbound via a gateway? Some proxy?
That doesn't answer my question
Are you using some form of a proxy for outbound internet access? Like MS ISA/TMG, Squid, Astaro etc? -
@thwr said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
Wait, something else coming to mind: You can't query the public google DNS (8.8.8.8) from your failing hosts?
you mean nslookup www.crayola.com 8.8.8.8? No
We need to investigate that. Are you sure that there's no firewall / Norton / Symantec / whatever installed on the print- or fileserver? Because that's not related to your DC.
What kind of internet connectivity do your failing hosts have? Directly outbound via a gateway? Some proxy?
That doesn't answer my question
Are you using some form of a proxy for outbound internet access? Like MS ISA/TMG, Squid, Astaro etc?No we are not
-
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
Wait, something else coming to mind: You can't query the public google DNS (8.8.8.8) from your failing hosts?
you mean nslookup www.crayola.com 8.8.8.8? No
We need to investigate that. Are you sure that there's no firewall / Norton / Symantec / whatever installed on the print- or fileserver? Because that's not related to your DC.
What kind of internet connectivity do your failing hosts have? Directly outbound via a gateway? Some proxy?
Wait ... no Internet access ... that isn't good.
-
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@wirestyle22 said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@thwr said in DNS issues on 2003 network:
@momurda said in DNS issues on 2003 network:
You can check the Event Viewer on your server nslookup errors and also on the DC, should be easy to see what the problem is.
If you do an ipconfig /flushdns on your client pc, can you ping the file server afterwards? But yes you should definitely make another dc ratehr than 2003.
5(?) people looked into this and we had to guess a lot because the symptoms didn't make much sense. Event log on the server maybe, but who knows. Getting rid of SEP prior of anything else is his best bet IMHO.
Wait, something else coming to mind: You can't query the public google DNS (8.8.8.8) from your failing hosts?
you mean nslookup www.crayola.com 8.8.8.8? No
We need to investigate that. Are you sure that there's no firewall / Norton / Symantec / whatever installed on the print- or fileserver? Because that's not related to your DC.
What kind of internet connectivity do your failing hosts have? Directly outbound via a gateway? Some proxy?
That doesn't answer my question
Are you using some form of a proxy for outbound internet access? Like MS ISA/TMG, Squid, Astaro etc?No we are not
ok, so why the heck can't you query 8.8.8.8? This is almost a no-brainer.
-
I'm going to reboot my ESX02 host. I tried to do this from a few VM's and I see that none of them are working. Giving me an inkling into what could be the problem.
No one would know if any of these other servers are functioning. They are actually somewhat unimportant with the exception of the print and file server. I think it's the host.
-
@wirestyle22 said in DNS issues on 2003 network:
I'm going to reboot my ESX02 host. I tried to do this from a few VM's and I see that none of them are working. Giving me an inkling into what could be the problem.
That thing has probably been rebooted more in the past few hours than in months combined!
