Domain Controller Down (VM)
-
If you have no backups then you need to look at DHCP and getting a second/new server set up. Or seeing if your firewall has the ability to hand out addresses that may be the quickest way to do it.
-
@wirestyle22 said in Domain Controller Down (VM):
@JaredBusch said in Domain Controller Down (VM):
@scottalanmiller said in Domain Controller Down (VM):
@wirestyle22 said in Domain Controller Down (VM):
@JaredBusch It has both. I set a static IP on the computer I am on currently and can connect to the internet.
Now that you are online again, is DNS working on the DC that is up? If so, good. If not, why not?
Willing to bet that the second DNS server is not in the DHCP config so the clients only looked to the first.
BUt that is unfixable at the moment.
How do I make it fixable? This places backups are absolutely horrendous and I'm sure it is not recoverable. I have been fighting with them to change it and then this happens.
If you have no backup, then browse the datastore as we told you and find out if all the VM files are still there.
In terms of DR, the only important one is the VMDK(s)
-
@coliver said in Domain Controller Down (VM):
If you have no backups then you need to look at DHCP and getting a second/new server set up. Or seeing if your firewall has the ability to hand out addresses that may be the quickest way to do it.
That is a step down the road if the VM is completely unrecoverable.
-
@JaredBusch said in Domain Controller Down (VM):
The fastest thing to do is to do is to simply restore from Veeam/Unitrends/Whatever.
Done up and nothing else matters.
You can then prioritize resolving the fagility in the current setup.
So AD on the down DC would not have been syncing with the other DC he has if DNS was set up incorrectly?
-
@BRRABill said in Domain Controller Down (VM):
@JaredBusch said in Domain Controller Down (VM):
The fastest thing to do is to do is to simply restore from Veeam/Unitrends/Whatever.
Done up and nothing else matters.
You can then prioritize resolving the fagility in the current setup.
So AD on the down DC would not have been syncing with the other DC he has if DNS was set up incorrectly?
This does not matter FFS, forget about AD.
-
@BRRABill said in Domain Controller Down (VM):
@JaredBusch said in Domain Controller Down (VM):
The fastest thing to do is to do is to simply restore from Veeam/Unitrends/Whatever.
Done up and nothing else matters.
You can then prioritize resolving the fagility in the current setup.
So AD on the down DC would not have been syncing with the other DC he has if DNS was set up incorrectly?
This is a down DNS and DHCP server for all intents and purposes at this point. We don't care about AD until he gets DNS and DHCP back up and running.
-
@JaredBusch said
This does not matter FFS, forget about AD.
He said there is another DC. How does it not matter?
-
@BRRABill said in Domain Controller Down (VM):
@JaredBusch said
This does not matter FFS, forget about AD.
He said there is another DC. How does it not matter?
It only matters if that other DC is also a DNS and DHCP server.
-
@BRRABill said in Domain Controller Down (VM):
@JaredBusch said
This does not matter FFS, forget about AD.
He said there is another DC. How does it not matter?
Because this is a DHCP/DNS down issue. not an AD down issue.
This has nothing to do with DC replication.
-
@coliver said in Domain Controller Down (VM):
@BRRABill said in Domain Controller Down (VM):
@JaredBusch said
This does not matter FFS, forget about AD.
He said there is another DC. How does it not matter?
It only matters if that other DC is also a DNS and DHCP server.
And this is not possible in a 2003/2008 environment. DHCP redundancy was only added in 2012 R2 (maybe 2012).
-
@wirestyle22 is the VMDK there?
-
@BRRABill it is broke because almost certainly his DHCP scope is only handing out the down DNS server as a DNS for the LAN.
-
@JaredBusch said in Domain Controller Down (VM):
@wirestyle22 is the VMDK there?
When I attempt to browse it kicks back an error stating "the server could not interpret the users request. the server is unavailable". This is applying to all servers though, not just the one that is down.
-
@wirestyle22 said in Domain Controller Down (VM):
@JaredBusch said in Domain Controller Down (VM):
@wirestyle22 is the VMDK there?
When I attempt to browse it kicks back an error stating "the server could not interpret the users request. the server is unavailable"
How are you browsing the data store?
-
@wirestyle22 said in Domain Controller Down (VM):
@JaredBusch said in Domain Controller Down (VM):
@wirestyle22 is the VMDK there?
When I attempt to browse it kicks back an error stating "the server could not interpret the users request. the server is unavailable"
You're browsing in the VMWare console? The easiest way to get to it is via:
-
@JaredBusch said in Domain Controller Down (VM):
@coliver said in Domain Controller Down (VM):
@BRRABill said in Domain Controller Down (VM):
@JaredBusch said
This does not matter FFS, forget about AD.
He said there is another DC. How does it not matter?
It only matters if that other DC is also a DNS and DHCP server.
And this is not possible in a 2003/2008 environment. DHCP redundancy was only added in 2012 R2 (maybe 2012).
DHCP is not what I am thinking about.
It was my understand that AD and DNS are linked. AKA, DNS is required to run AD.
I understand what you are saying. But if AD was installed and working correctly, then so potentially was DNS. So there could be in theory a working DC with AD and DNS already on the network.
Hence if he is doing a restore of a DC with another working DC in the domain, it could cause even more issues.
Or am I totally wrong here?
DHCP, as was mentioned, could be fixed by anything. I am more thinking about AD and DNS which as I said might actually be fine.
-
@coliver said in Domain Controller Down (VM):
@wirestyle22 said in Domain Controller Down (VM):
@JaredBusch said in Domain Controller Down (VM):
@wirestyle22 is the VMDK there?
When I attempt to browse it kicks back an error stating "the server could not interpret the users request. the server is unavailable"
You're browsing in the VMWare console? The easiest way to get to it is via:
I'm running version 5.1.0 and I just click on Datastores
-
@wirestyle22 said in Domain Controller Down (VM):
@JaredBusch said in Domain Controller Down (VM):
@scottalanmiller said in Domain Controller Down (VM):
@wirestyle22 said in Domain Controller Down (VM):
@JaredBusch It has both. I set a static IP on the computer I am on currently and can connect to the internet.
Now that you are online again, is DNS working on the DC that is up? If so, good. If not, why not?
Willing to bet that the second DNS server is not in the DHCP config so the clients only looked to the first.
BUt that is unfixable at the moment.
How do I make it fixable? This places backups are absolutely horrendous and I'm sure it is not recoverable. I have been fighting with them to change it and then this happens.
Then this is a blessing. You just did your job well, they failed at management, now you have proof. This is a good thing for you and for IT and maybe for the company. Nothing matters much less than losing a domain controller. Be thankful that the pudding with the proof was cheap pudding.
-
@BRRABill said in Domain Controller Down (VM):
@JaredBusch said in Domain Controller Down (VM):
@coliver said in Domain Controller Down (VM):
@BRRABill said in Domain Controller Down (VM):
@JaredBusch said
This does not matter FFS, forget about AD.
He said there is another DC. How does it not matter?
It only matters if that other DC is also a DNS and DHCP server.
And this is not possible in a 2003/2008 environment. DHCP redundancy was only added in 2012 R2 (maybe 2012).
DHCP is not what I am thinking about.
It was my understand that AD and DNS are linked. AKA, DNS is required to run AD.
I understand what you are saying. But if AD was installed and working correctly, then so potentially was DNS. So there could be in theory a working DC with AD and DNS already on the network.
Hence if he is doing a restore of a DC with another working DC in the domain, it could cause even more issues.
Or am I totally wrong here?
DHCP, as was mentioned, could be fixed by anything. I am more thinking about AD and DNS which as I said might actually be fine.
You are not troubleshooting the problem.
You are conflating AD sync with a simple down server.
The only thing that has happened is he (incorrectly) removed a domain joined machine from the network.
So when the FSMO DC comes back up there may need to be a minor manual cleanup.
Had he not reomved his machine from the network, there would have been no changes to worry about in the first place. -
@coliver said in Domain Controller Down (VM):
If you have no backups then
you need to look at DHCP and getting a second/new server set up. Or seeing if your firewall has the ability to hand out addresses that may be the quickest way to do it.management decided that this outage doesn't matter.And I mean this. Stop for a moment, remove the stress. Management has made it totally clear to you, before this happened, that they were not concerned about this outage, right? Don't take on stress that the company doesn't have. If they don't care, why do you? I'm not saying you don't fix it, of course you fix it. But don't stress about it. They knew this was going to happen and being a 2003 machine, they knew it would be soon. They accepted the risk, they accept the consequences. It's as simple as that.