Announcement

Collapse
No announcement yet.

DCPROMO on a DHCP / DNS / RRAS server

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • DCPROMO on a DHCP / DNS / RRAS server

    I currently run a RRAS server with VPN / NAT enabled which also has its own DNS and DHCP role.

    I am trying to promote this server to a domain controller (first DC, new Forrest) but I get an error which drives me mental.

    Here you can see it can find the working DNS server (which is itself)





    But then



    Anyone seen this before ? I really don't want to remove the DNS role and let it reinstall it ...

  • #2
    Re: DCPROMO on a DHCP / DNS / RRAS server

    Can't you just delete the DNS zone, or use a different DNS name for the domain?
    Why do you need to keep the existing DNS zone?
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: DCPROMO on a DHCP / DNS / RRAS server

      Originally posted by Ossian View Post
      Can't you just delete the DNS zone, or use a different DNS name for the domain?
      Why do you need to keep the existing DNS zone?
      For the sake of argument I did try that, even removed the role but it still fails to create the AD zones. It probably leaves the zone files behind.

      But imagine you have 100s of records. Deleting / starting from scratch might not be an option (unless you have a secondary DNS server of course).

      I just want to know why this isn't working and if there is a fix for it.

      Main reason is simply that back in the days, on 2003, you HAD to have a zone named exactly like the domain you intend to use and have to have the DNS suffix configured accordingly. Sometimes you might have to run netdiag /fix to get all the required AD records but that is how it was working.

      So why you just cannot use a pre configured local DNS server is beyond me and I just want to understand the reason behind it.

      Comment


      • #4
        Re: DCPROMO on a DHCP / DNS / RRAS server

        I can see a problem in one of your first images:
        The zone is not AD Integrated.

        The second error occured because of a transient network connection - RPC Server was unavailable.
        So make sure all your firewalls are down, then try again.
        Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

        Comment


        • #5
          Re: DCPROMO on a DHCP / DNS / RRAS server

          Originally posted by tehcamel View Post
          I can see a problem in one of your first images:
          The zone is not AD Integrated.

          The second error occured because of a transient network connection - RPC Server was unavailable.
          So make sure all your firewalls are down, then try again.
          Like I say - this is the first DC, in a new domain / new forrest, so there doesn't exist any Active Directory just yet the zone could be integrated to. You cannot configure a zone to be integrated into AD if the DNS server is a single server in a workgroup to be promoted to a domain controller.

          The server does not have any firewall activated and I don't believe connections to "localhost" (as this is only a single server) would be affected anyway - and yes, the Remote Procedure service is running and has even be restarted ... The server uses itself as DNS server so does not try to connect to an external server at all.

          Comment


          • #6
            Re: DCPROMO on a DHCP / DNS / RRAS server

            Since you have a non-ADI zone, all your records will be in a text file and scripting their import into AD will not be too taxing.

            Can you tell us more about your infrastructure?
            Tom Jones
            MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
            PhD, MSc, FIAP, MIITT
            IT Trainer / Consultant
            Ossian Ltd
            Scotland

            ** Remember to give credit where credit is due and leave reputation points where appropriate **

            Comment


            • #7
              Re: DCPROMO on a DHCP / DNS / RRAS server

              Originally posted by Ossian View Post
              Since you have a non-ADI zone, all your records will be in a text file and scripting their import into AD will not be too taxing.

              Can you tell us more about your infrastructure?
              Yea I know it is possible and all .. i just want to understand why 2008 gives so much trouble if you

              a. want to use a local, already working DNS server NOT being in the domain
              or
              b. not having another DNS already in the domain it can use.

              As for the infrastructre. Not much more to tell to be honest. Like I say, this is a single server, no internet connection, running DNS / DHCP for clients in a lab environment connecting to this DNS server and getting IPs assigned.

              Now imagine the networking is using domain.local as dns suffix, as a result there exists a DNS forward zone called domain.local

              Now, again, still a plain install with a DNS / DHCP role, you decide you want also the AD role added. There is no other DNS server in the network and no other domain.

              It simply fails .. even if you remove the DNS role, it will simply create a new DNS role and unless you also delete all the text files as well, it will still miss every single AD related record.

              The only way it seems is letting dcpromo its thing and never have DNS running before you decide to run AD ..

              Just annoying that if you want to do it "the old way" you get owned unless you really let the wizards do its thing.

              Comment

              Working...
              X