Share via

DNS Not working when main PDC down

David Krugler 0 Reputation points
2023-08-01T02:50:35.8733333+00:00

Been working with a 2012R2 and a 2019 Domain controller located at the same location/same domain. All local, no Azure. When both computers are operating, all is working. dcdiag /v /c reports all is well on both CPU's. repadmin /showrepl and /replsum show no errors. All computers within the domain operate properly and using nslookup against either server returns a correct response. Both DNS servers have what appears to be identical information as far as forward and reverse lookup zones. No conditional forwarders. Domain is 2008 R2 level. We still have a few 2003 servers running legacy license managers, so I'm not sure I can raise the level.

However, when the 2012R2 is taken down, nothing operates. nslookup fails either without the server specified or with the server specified. NSLookup run on the 2019 dc fails either with the serverip or 127.0.0.1. If the 2019 is taken down, all operations appear to run normally, dcdiag simply treats the condition as normal, nslookup works correctly. dcdiag /v /c on the 2012r2 server shown no errors (except it can't communicate with the 2019 server during this test which I would expect)

All Domain CPU's have the 2012R2 as primary DNS and the 2019 as secondary. It's almost like the dns server on 2019 server is not resolving information itself but unconditionally trying to pass it to the 2012 and failing.

Any help is appreciated. Thanks in advance.

Windows for business | Windows Server | User experience | Other
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Limitless Technology 44,766 Reputation points
    2023-08-01T10:35:03.32+00:00

    Hello David,

    Thank you for your question and for reaching out with your question today.

    Based on the information provided, it appears that there might be an issue with DNS resolution on the 2019 Domain Controller when the 2012R2 Domain Controller is offline. The 2019 DC seems to be unable to resolve DNS queries locally and relies solely on the 2012R2 DC for DNS resolution.

    Here are some steps to troubleshoot and resolve the issue:

    1. Check DNS Settings on the 2019 DC: Verify that the DNS settings on the 2019 DC are configured correctly. Ensure that the 2019 DC is using its own IP address (127.0.0.1) as the primary DNS server in its network settings. Also, confirm that the secondary DNS server is set to the IP address of the 2012R2 DC.
    2. Check DNS Zones Replication: Ensure that DNS zones are correctly replicated between the 2019 and 2012R2 DCs. You can use the "DNS Manager" console to check the zone data on both servers and verify that the information is consistent.
    3. Check DNS Forwarders: If you have DNS forwarders configured on the 2019 DC, ensure that they are still valid and functional. DNS forwarders are used to resolve external domain names that are not part of your internal domain.
    4. Check DNS Server Service: Verify that the DNS Server service is running on both the 2019 and 2012R2 DCs. If the service is stopped on the 2019 DC, start it and check if DNS resolution improves.
    5. Check Event Logs: Examine the event logs on both the 2019 and 2012R2 DCs for any DNS-related errors or warnings that might provide more insights into the issue.
    6. Clear DNS Cache: Clear the DNS cache on the 2019 DC to ensure that it doesn't hold any stale information that might be affecting resolution.
    7. Check Firewall Settings: Review the firewall settings on both the 2019 and 2012R2 DCs to ensure that DNS traffic is allowed between them.
    8. Flush DNS Cache on Client Computers: If DNS resolution is not working on client computers when the 2012R2 DC is offline, flush the DNS cache on the client computers. Open Command Prompt and run: ipconfig /flushdns.
    9. Test Direct DNS Queries: Use the nslookup command on the 2019 DC to test direct DNS queries to itself and other domain controllers. For example, run nslookup domaincontrollername to see if it can resolve the IP address.
    10. Check Network Connectivity: Ensure that there are no network connectivity issues between the 2019 and 2012R2 DCs. You can test connectivity using the ping command.

    By going through these steps, you should be able to identify and resolve the DNS resolution issue on the 2019 Domain Controller when the 2012R2 Domain Controller is offline. If the issue persists, consider checking the DNS event logs in more detail for any specific error messages that might provide further clues. Additionally, you might also consider updating the domain functional level to a more recent version (if feasible) to better support newer features and functionality.

    I used AI provided by ChatGPT to formulate part of this response. I have verified that the information is accurate before sharing it with you.

    If the reply was helpful, please don’t forget to upvote or accept as answer.

    Best regards.

    0 comments
  2. Anonymous
    2023-08-01T12:52:17.1233333+00:00

    Please run;

    Dcdiag /v /c /d /e /s:%computername% >C:\dcdiag.log (run on PDC emulator)
    repadmin /showrepl >C:\repl.txt (run on any domain controller)
    ipconfig /all > C:\%computername%.txt (run on EVERY domain controller)
    ipconfig /all > C:\problemworkstation.txt (run on problem pc)

    Also check the domain controller System and Replication (DFS or FRS) event logs for errors since last boot. Post the Event Source and Event IDs of any found. (no evtx files)

    then put unzipped text files up on OneDrive and share a link.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.