Domain Controller Down (VM)
-
You are troubleshooting the wrong things. You just need to f[moderated]ng stop and go back to the beginning.
You had a report of internet outage and jumped to AD failures. This is the initial issue.
Forget about the damned DC.
Why is the user reporting internet issues. A down DC has nothing to do with that unless it has DHCP or DNS roles on it.
-
@JaredBusch It has both. I set a static IP on the computer I am on currently and can connect to the internet.
-
@JaredBusch said in Domain Controller Down (VM):
@scottalanmiller said in Domain Controller Down (VM):
@wirestyle22 said in Domain Controller Down (VM):
@RamblingBiped No. I just started here not too long ago and was trying to resolve many issues that I saw initially. Obviously not fast enough though.
So is the domain down (only one domain controller) or is the domain itself still up? What is the urgency here? Is there impact at this point, or just a VM that should be fixed?
I'm assuming that there are other roles on here that he has not mentioned.
Because if it was only as DC, the FSMO roles mean nothing to clients in general day to day work.
That's what I was thinking.
-
@JaredBusch said in Domain Controller Down (VM):
@scottalanmiller said in Domain Controller Down (VM):
@wirestyle22 said in Domain Controller Down (VM):
@RamblingBiped No. I just started here not too long ago and was trying to resolve many issues that I saw initially. Obviously not fast enough though.
So is the domain down (only one domain controller) or is the domain itself still up? What is the urgency here? Is there impact at this point, or just a VM that should be fixed?
He has a second DC on the network. It is a Server 2008 based setup according to his first post.
Cool, so in theory, no real outage right now.
-
Resolve the issue at hand logically. do not conflate issues.
-
@JaredBusch said in Domain Controller Down (VM):
Resolve the issue at hand logically. do not conflate issues.
It sounds like it is NOT an Internet issue.
Manually set IP and it works.
-
@wirestyle22 said in Domain Controller Down (VM):
I don't actually know how to fix this issue and am very stressed. Typing quickly as a result so please try to bear with me. A user called me and said she thought we had an internet outage. I checked my hypervisor and saw that the DC (2003) was greyed out and inaccessible. I'm assuming we must have had a domain syncing problem before this occurred, otherwise the other domain should have picked everything up as it is round robin. I attempted to disconnect my PC from the domain and reconnect. It claims there are no active directory controllers found.
Be systematic, and slow down. Rushing is going to make things worse. Start by looking at the 2008 Domain Controller. Is it up? Does it have DNS? Is DNS correct? Is it handing out DHCP? Are client machines pointing to it?
That the customer thought that the "Internet was down" suggests that DNS has failed because Domain Controllers normally have nothing to do with getting on a network.
-
@wirestyle22 said in Domain Controller Down (VM):
@coliver It's not listed. Can't I use one domain as the primary (FSMO)? Why is that not an issue. I'm sure I'm not understanding something about this.
FSMO roles aren't the issue here. You have a failed domain setup going on. You are imagining problems that don't exist and distracting yourself from the actual issue. Ignore the FSMO roles for now, let's deal with the two things you need to focus on...
- Restoring the VM that is down.
- Figuring out why the other domain controller is not working.
-
@wirestyle22 said in Domain Controller Down (VM):
@JaredBusch It has both. I set a static IP on the computer I am on currently and can connect to the internet.
There we go. Now the answer comes out.
The server holding DHCP and DNS roles is down.
This is the problem.
-
@coliver said in Domain Controller Down (VM):
@wirestyle22 said in Domain Controller Down (VM):
@coliver said in Domain Controller Down (VM):
@wirestyle22 said in Domain Controller Down (VM):
@coliver Can't I use one domain as the primary (FSMO)? Why is that not an issue. I'm sure I'm not understanding something about this.
One domain as the primary? There is no more primary or secondary domain controller all of them are now master/master.
Only one has FSMO roles though and that is the server that is down
That's fine. That shouldn't matter you can have the domain controller fail without issues for a little while. Generally a good amount of time as the Master/Master synchronization does its job.
In theory, weeks or more, but.... it sounds like his DCs were not set up properly and don't fail over.
-
@JaredBusch said in Domain Controller Down (VM):
@wirestyle22 said in Domain Controller Down (VM):
@JaredBusch It has both. I set a static IP on the computer I am on currently and can connect to the internet.
There we go. Now the answer comes out.
The server holder DHCP and DNS roles is down.
This is the problem.
Exactly as predicted, simple network configuration error. Not even domain related.
-
@wirestyle22 said in Domain Controller Down (VM):
@JaredBusch It has both. I set a static IP on the computer I am on currently and can connect to the internet.
Now that you are online again, is DNS working on the DC that is up? If so, good. If not, why not?
-
@scottalanmiller said in Domain Controller Down (VM):
@JaredBusch said in Domain Controller Down (VM):
@wirestyle22 said in Domain Controller Down (VM):
@JaredBusch It has both. I set a static IP on the computer I am on currently and can connect to the internet.
There we go. Now the answer comes out.
The server holder DHCP and DNS roles is down.
This is the problem.
Exactly as predicted, simple network configuration error. Not even domain related.
Exactly. Seizing FSMO roles would do zero to resolve the issue.
-
@scottalanmiller said in Domain Controller Down (VM):
@wirestyle22 said in Domain Controller Down (VM):
@JaredBusch It has both. I set a static IP on the computer I am on currently and can connect to the internet.
Now that you are online again, is DNS working on the DC that is up? If so, good. If not, why not?
Willing to bet that the second DNS server is not in the DHCP config so the clients only looked to the first.
BUt that is unfixable at the moment.
-
@JaredBusch said in Domain Controller Down (VM):
@scottalanmiller said in Domain Controller Down (VM):
@wirestyle22 said in Domain Controller Down (VM):
@JaredBusch It has both. I set a static IP on the computer I am on currently and can connect to the internet.
Now that you are online again, is DNS working on the DC that is up? If so, good. If not, why not?
Willing to bet that the second DNS server is not in the DHCP config so the clients only looked to the first.
BUt that is unfixable at the moment.
That's my guess as well.
-
@JaredBusch said in Domain Controller Down (VM):
@scottalanmiller said in Domain Controller Down (VM):
@wirestyle22 said in Domain Controller Down (VM):
@JaredBusch It has both. I set a static IP on the computer I am on currently and can connect to the internet.
Now that you are online again, is DNS working on the DC that is up? If so, good. If not, why not?
Willing to bet that the second DNS server is not in the DHCP config so the clients only looked to the first.
Which would also explain why he can't rejoin the network.
Would still be good to know if the second DC is up and running.
-
So ignore everything related to omg, it is a DC.
You simply resolve a normal basic VMWare VM issue.
-
@BRRABill said in Domain Controller Down (VM):
@JaredBusch said in Domain Controller Down (VM):
@scottalanmiller said in Domain Controller Down (VM):
@wirestyle22 said in Domain Controller Down (VM):
@JaredBusch It has both. I set a static IP on the computer I am on currently and can connect to the internet.
Now that you are online again, is DNS working on the DC that is up? If so, good. If not, why not?
Willing to bet that the second DNS server is not in the DHCP config so the clients only looked to the first.
Which would also explain why he can't rejoin the network.
Would still be good to know if the second DC is up and running.
Not relevant to resolving the issue at hand.
-
@JaredBusch said in Domain Controller Down (VM):
So ignore everything related to omg, it is a DC.
You simply resolve a normal basic VMWare VM issue.
This ^^^
Time to work through good, old fashioned triage.
-
No redundant DNS and no DHCP failover.... basic networking issues. Now that you've discovered them you can fix them permanently.