我将一台Windows 2008 R2服务器configuration为具有Active Directory域服务和DNS服务器的域控制器。
DNS服务器最近被卸载并重新安装,试图修复(可能不相关的)问题; 事件日志以前充斥着错误(#4000,“DNS服务器无法打开活动目录…”)重新安装没有解决。 然而,在至less从本地networking上缓慢地显示和parsing名称之前, 现在它什么也没有显示出来。
(原始错误是以#4015错误开始的 “DNS服务器遇到来自Active Directory的严重错误”,后跟一串长度为#4000和几个#4004的string,这可能是由于新的DNS名称为最近补充说,但我不能确定时间。)
尝试通过Administrative Tools > DNS会导致错误:
SERVER SERVERNAME无法联系。
错误是:
访问被拒绝。你还想添加吗?
select“是”只是将一个SERVERNAME项目放在列表中,但是所有的configuration选项都是灰显的。
我试图编辑我的主机文件按照这个职位,但无济于事。
运行dcdiag ,它可以正确识别主服务器,但立即失败,testing连接:
开始testing:连接
主机blahblahblahyaddayaddayadda无法parsing为IP地址。 检查DNS服务器,DHCP,服务器名称等
在检查LDAP和RPC连接时出错。 请检查您的防火墙设置。 ……………………. SERVERNAMEtesting连接失败
添加blahblahblahyaddayaddayadda地址主机(指向127.0.0.1),连接testing成功,但它似乎并没有解决的根本问题(访问被拒绝),所以我再次散列出来。
主DNS服务器根据ipconfig /all正确指向127.0.0.1。 并且DNS服务器正在将请求转发到外部地址(如果缓慢),但是parsing本地networking名称是被冻结的。
DNS数据库本身是足够小,我(勉强)能够重build,如果需要,但DNS服务器似乎并不愿意让我一起工作(或周围)。
(是的,在你问之前没有可用的系统备份)
我从哪里出发?
根据要求,我(稍微混淆)的dcdiag输出:
Directory Server Diagnosis Performing initial setup: Trying to find home server... Home Server = bulgogi * Identified AD Forest. Done gathering initial info. Doing initial required tests Testing server: Obfuscated\BULGOGI Starting test: Connectivity The host a-whole-lot-of-numbers._msdcs.obfuscated.address could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc. Got error while checking LDAP and RPC connectivity. Please check your firewall settings. ......................... BULGOGI failed test Connectivity Doing primary tests Testing server: Obfuscated\BULGOGI Skipping all tests, because server BULGOGI is not responding to directory service requests. Running partition tests on : ForestDnsZones Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Running partition tests on : DomainDnsZones Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Running partition tests on : Schema Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Running partition tests on : Configuration Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Running partition tests on : obfuscated Starting test: CheckSDRefDom ......................... obfuscated passed test CheckSDRefDom Starting test: CrossRefValidation ......................... obfuscated passed test CrossRefValidation Running enterprise tests on : obfuscated.address Starting test: LocatorCheck ......................... obfuscated.address passed test LocatorCheck Starting test: Intersite ......................... obfuscated.address passed test Intersite
和我的hosts文件(为了简洁,减去散列的行):
127.0.0.1 localhost ::1 localhost
而且,为了完成,这里是我的(5000行加) netstat -a -n输出的选定块:
TCP 0.0.0.0:88 0.0.0.0:0 LISTENING TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP 0.0.0.0:389 0.0.0.0:0 LISTENING TCP 0.0.0.0:445 0.0.0.0:0 LISTENING TCP 0.0.0.0:464 0.0.0.0:0 LISTENING TCP 0.0.0.0:593 0.0.0.0:0 LISTENING TCP 0.0.0.0:636 0.0.0.0:0 LISTENING TCP 0.0.0.0:3268 0.0.0.0:0 LISTENING TCP 0.0.0.0:3269 0.0.0.0:0 LISTENING TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING TCP 0.0.0.0:9389 0.0.0.0:0 LISTENING TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING TCP 0.0.0.0:49155 0.0.0.0:0 LISTENING TCP 0.0.0.0:49157 0.0.0.0:0 LISTENING TCP 0.0.0.0:49158 0.0.0.0:0 LISTENING TCP 0.0.0.0:49164 0.0.0.0:0 LISTENING TCP 0.0.0.0:49178 0.0.0.0:0 LISTENING TCP 0.0.0.0:49179 0.0.0.0:0 LISTENING TCP 0.0.0.0:50480 0.0.0.0:0 LISTENING TCP 127.0.0.1:53 0.0.0.0:0 LISTENING TCP 192.168.12.127:53 0.0.0.0:0 LISTENING TCP 192.168.12.127:139 0.0.0.0:0 LISTENING TCP 192.168.12.127:445 192.168.12.50:51118 ESTABLISHED TCP 192.168.12.127:3389 192.168.12.4:33579 ESTABLISHED TCP 192.168.12.127:3389 192.168.12.100:1115 ESTABLISHED TCP 192.168.12.127:50784 192.168.12.50:49174 ESTABLISHED TCP [::]:88 [::]:0 LISTENING TCP [::]:135 [::]:0 LISTENING TCP [::]:389 [::]:0 LISTENING TCP [::]:445 [::]:0 LISTENING TCP [::]:464 [::]:0 LISTENING TCP [::]:593 [::]:0 LISTENING TCP [::]:636 [::]:0 LISTENING TCP [::]:3268 [::]:0 LISTENING TCP [::]:3269 [::]:0 LISTENING TCP [::]:3389 [::]:0 LISTENING TCP [::]:9389 [::]:0 LISTENING TCP [::]:47001 [::]:0 LISTENING TCP [::]:49152 [::]:0 LISTENING TCP [::]:49153 [::]:0 LISTENING TCP [::]:49154 [::]:0 LISTENING TCP [::]:49155 [::]:0 LISTENING TCP [::]:49157 [::]:0 LISTENING TCP [::]:49158 [::]:0 LISTENING TCP [::]:49164 [::]:0 LISTENING TCP [::]:49178 [::]:0 LISTENING TCP [::]:49179 [::]:0 LISTENING TCP [::]:50480 [::]:0 LISTENING TCP [::1]:53 [::]:0 LISTENING TCP [::1]:389 [::1]:49745 ESTABLISHED TCP [::1]:389 [::1]:49746 ESTABLISHED TCP [::1]:389 [::1]:52383 ESTABLISHED TCP [::1]:389 [::1]:52493 ESTABLISHED TCP [::1]:389 [::1]:52494 ESTABLISHED TCP [::1]:389 [::1]:52498 ESTABLISHED TCP [::1]:49745 [::1]:389 ESTABLISHED TCP [::1]:49746 [::1]:389 ESTABLISHED TCP [::1]:52383 [::1]:389 ESTABLISHED TCP [::1]:52493 [::1]:389 ESTABLISHED TCP [::1]:52494 [::1]:389 ESTABLISHED TCP [::1]:52498 [::1]:389 ESTABLISHED TCP [fe80::f1da:cb41:d0f5:5c0e%20]:53 [::]:0 LISTENING TCP [fe80::f1da:cb41:d0f5:5c0e%20]:135 [fe80::f1da:cb41:d0f5:5c0e%20]:52495 ESTABLISHED TCP [fe80::f1da:cb41:d0f5:5c0e%20]:445 [fe80::f1da:cb41:d0f5:5c0e%20]:51057 ESTABLISHED TCP [fe80::f1da:cb41:d0f5:5c0e%20]:445 [fe80::f1da:cb41:d0f5:5c0e%20]:52506 ESTABLISHED TCP [fe80::f1da:cb41:d0f5:5c0e%20]:49158 [fe80::f1da:cb41:d0f5:5c0e%20]:52501 ESTABLISHED TCP [fe80::f1da:cb41:d0f5:5c0e%20]:51057 [fe80::f1da:cb41:d0f5:5c0e%20]:445 ESTABLISHED TCP [fe80::f1da:cb41:d0f5:5c0e%20]:52495 [fe80::f1da:cb41:d0f5:5c0e%20]:135 ESTABLISHED TCP [fe80::f1da:cb41:d0f5:5c0e%20]:52496 [fe80::f1da:cb41:d0f5:5c0e%20]:49158 TIME_WAIT TCP [fe80::f1da:cb41:d0f5:5c0e%20]:52500 [fe80::f1da:cb41:d0f5:5c0e%20]:135 TIME_WAIT TCP [fe80::f1da:cb41:d0f5:5c0e%20]:52501 [fe80::f1da:cb41:d0f5:5c0e%20]:49158 ESTABLISHED TCP [fe80::f1da:cb41:d0f5:5c0e%20]:52506 [fe80::f1da:cb41:d0f5:5c0e%20]:445 ESTABLISHED UDP 0.0.0.0:123 *:* UDP 0.0.0.0:500 *:* UDP 0.0.0.0:1645 *:* UDP 0.0.0.0:1645 *:* UDP 0.0.0.0:1646 *:* UDP 0.0.0.0:1646 *:* UDP 0.0.0.0:1812 *:* UDP 0.0.0.0:1812 *:* UDP 0.0.0.0:1813 *:* UDP 0.0.0.0:1813 *:* UDP 0.0.0.0:4500 *:* UDP 0.0.0.0:5355 *:* UDP 0.0.0.0:59638 *:* <snip a few thousand lines> UDP 0.0.0.0:62140 *:* UDP 127.0.0.1:53 *:* UDP 127.0.0.1:49540 *:* UDP 127.0.0.1:49541 *:* UDP 127.0.0.1:53655 *:* UDP 127.0.0.1:54946 *:* UDP 127.0.0.1:58345 *:* UDP 127.0.0.1:63352 *:* UDP 127.0.0.1:63728 *:* UDP 127.0.0.1:63729 *:* UDP 127.0.0.1:64215 *:* UDP 127.0.0.1:64646 *:* UDP 192.168.12.127:53 *:* UDP 192.168.12.127:67 *:* UDP 192.168.12.127:68 *:* UDP 192.168.12.127:88 *:* UDP 192.168.12.127:137 *:* UDP 192.168.12.127:138 *:* UDP 192.168.12.127:389 *:* UDP 192.168.12.127:464 *:* UDP 192.168.12.127:2535 *:* UDP [::]:123 *:* UDP [::]:500 *:* UDP [::]:4500 *:* UDP [::]:5355 *:* UDP [::]:59639 *:* <snip another few thousand lines> UDP [::]:64645 *:* UDP [::1]:53 *:* UDP [::1]:54944 *:* UDP [::1]:54945 *:* UDP [::1]:59637 *:* UDP [::ffff:192.168.12.127]:1645 *:* UDP [::ffff:192.168.12.127]:1646 *:* UDP [::ffff:192.168.12.127]:1812 *:* UDP [::ffff:192.168.12.127]:1813 *:* UDP [fe80::f1da:cb41:d0f5:5c0e%20]:53 *:* UDP [fe80::f1da:cb41:d0f5:5c0e%20]:88 *:* UDP [fe80::f1da:cb41:d0f5:5c0e%20]:389 *:* UDP [fe80::f1da:cb41:d0f5:5c0e%20]:464 *:* UDP [fe80::f1da:cb41:d0f5:5c0e%20]:1645 *:* UDP [fe80::f1da:cb41:d0f5:5c0e%20]:1646 *:* UDP [fe80::f1da:cb41:d0f5:5c0e%20]:1812 *:* UDP [fe80::f1da:cb41:d0f5:5c0e%20]:1813 *:*
你有没有尝试安装第二个DC与AD DS,DNSangular色? 然后从旧DC抓住FSMO的angular色?
之后,您可以降级旧的DC,并在稍后推广。