I noticed that the preparing network connections was hanging for a few minutes after boot up. So I looked around the event viewer and noticed that DNS server service is starting about 3 minutes later than other services. I also noticed that since DNS server is not starting quickly other services that rely on it intial fail but start after it. What would cause DNS server to start late without errors?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
DNS Server service starting 3 minutes later than other services
- Thread starter silvercas
- Start date
Hello silvercas
You need to modify registry and create dependency for DNS service.
Check this article:
You need to modify registry and create dependency for DNS service.
Check this article:
Taking a guess at your system here...but is it a DC that is pointed to itself for preferred DNS and you are using AD integrated zones? If so, is it the PDCe? Are all of your DCs configured the same way?
Anyways most likely you have a race condition which occurs because AD tries to start (well actually the netlogon service), which cant because DNS hasnt started yet, and since DNS hasnt started yet, the domain cannot be found to perform a lookup against DomainDnsZones or ForestDnsZones.
- Brandon Wilson
MCSE:Security00/03; MCSA:Security03
MCSA:Messaging00; MCP; A+
IT Pangaea (
Anyways most likely you have a race condition which occurs because AD tries to start (well actually the netlogon service), which cant because DNS hasnt started yet, and since DNS hasnt started yet, the domain cannot be found to perform a lookup against DomainDnsZones or ForestDnsZones.
- Brandon Wilson
MCSE:Security00/03; MCSA:Security03
MCSA:Messaging00; MCP; A+
IT Pangaea (
- Thread starter
- #4
Yes you are corrent. DNS needs to be installed on all DCs for the best operation.
Afterwards, as you mentioned, the PDCe should have itself listed as primary, and the 2nd DC as alternative.
The new replica DC should be opposite, it should face the PDCe for preferred and itself as alternate (only the PDCe should face itself as the preferred).
- Brandon Wilson
MCSE:Security00/03; MCSA:Security03
MCSA:Messaging00; MCP; A+
IT Pangaea (
Afterwards, as you mentioned, the PDCe should have itself listed as primary, and the 2nd DC as alternative.
The new replica DC should be opposite, it should face the PDCe for preferred and itself as alternate (only the PDCe should face itself as the preferred).
- Brandon Wilson
MCSE:Security00/03; MCSA:Security03
MCSA:Messaging00; MCP; A+
IT Pangaea (
- Thread starter
- #6
I have lacked on installing DNS on the secondary DC due to a virtualization project where the secondary DC will be virtualized.
though I was wondering if I install DNS right now on the physical server what will be involved in removing DNS once i virtualize a new DC and pull the plug on the physical
though I was wondering if I install DNS right now on the physical server what will be involved in removing DNS once i virtualize a new DC and pull the plug on the physical
not much involved at all
first, you should be forewarned...installing a DC on ANY VM software other than MS Virtual Server 2005 or MS Hyper-V (which require Win2003 SP1 minimum in order for it to be a supported DC then too) is best effort support ONLY. This means if the immediate problem cannot be identified, youll basically be told to put it on hardware and try to reproduce the issue.
No matter which way you go, DCs should NEVER be virtualized if you want a reliable infrastructure (neither should CAs). If you lose a VM host machine for any reason, you can REALLY mess things up for your domain functionality. Always remember that AD is the engine of the car that is your environment...all other things (exchange, sharepoint, SQL, etc.) are merely accessories attached to your engine. Without your engine, nothing works
As far as whats involved...real simple...
1. VM needs to be brought up with a different name if you bring it up before demoting and disjoining the 2nd DC from the domain-required if using the same name in the end..i assume you are)-VM then of course needs static IP assigned, and pointed to the PDCe for preferred DNS..the static IP can be swapped with the old replica DC too after its demotion
2. the zone is replicated-this means when you bring in the new DC, it will already have the zone information replicated to it...just choose the option to install DNS on this computer in the dcpromo wizard if DNS hasnt already been installed, and you are done
3. clean up _msdcs and the domain's zone of any references to the old DC before promoting the new VM
- Brandon Wilson
MCSE:Security00/03; MCSA:Security03
MCSA:Messaging00; MCP; A+
IT Pangaea (
first, you should be forewarned...installing a DC on ANY VM software other than MS Virtual Server 2005 or MS Hyper-V (which require Win2003 SP1 minimum in order for it to be a supported DC then too) is best effort support ONLY. This means if the immediate problem cannot be identified, youll basically be told to put it on hardware and try to reproduce the issue.
No matter which way you go, DCs should NEVER be virtualized if you want a reliable infrastructure (neither should CAs). If you lose a VM host machine for any reason, you can REALLY mess things up for your domain functionality. Always remember that AD is the engine of the car that is your environment...all other things (exchange, sharepoint, SQL, etc.) are merely accessories attached to your engine. Without your engine, nothing works
As far as whats involved...real simple...
1. VM needs to be brought up with a different name if you bring it up before demoting and disjoining the 2nd DC from the domain-required if using the same name in the end..i assume you are)-VM then of course needs static IP assigned, and pointed to the PDCe for preferred DNS..the static IP can be swapped with the old replica DC too after its demotion
2. the zone is replicated-this means when you bring in the new DC, it will already have the zone information replicated to it...just choose the option to install DNS on this computer in the dcpromo wizard if DNS hasnt already been installed, and you are done
3. clean up _msdcs and the domain's zone of any references to the old DC before promoting the new VM
- Brandon Wilson
MCSE:Security00/03; MCSA:Security03
MCSA:Messaging00; MCP; A+
IT Pangaea (
- Status
Similar threads
- Locked
- Question
- Locked
- Question