question

MichailPappas-8872 avatar image
0 Votes"
MichailPappas-8872 asked MichailPappas-8872 commented

After P2Ving a DC dcdiag reports "name unavailable" for its own ip address

We are in the process of upgrading our Server 2003 R2 infrastructure to 2019. Just before trying to take the migrate path, we had to P2V the existing two DCs to ESXi, since we were afraid of the physical hardware failing.

Specifically we've offline P2V'ed srv2 having ip 192.168.1.13 (the other DC srv1 is at 192.168.1.12). DNS forwarders for this network were 172.30.47.4 and 172.30.47.5. We've run a couple of hiccups during the conversion, but essentially all went well. Replication works fine and dcdiag /test:dns /e /v as well as repadmin /replsum /bysrc /bydest /sort:Delta pass without issues.

We do have one question though. Running dcdiag shows a "name unavailable" next to the ip corresponding to srv2:

  Summary of test results for DNS servers used by the above domain controllers:

     DNS server: 192.168.1.12 (srv1.domain.local.)
        All tests passed on this DNS server
        This is a valid DNS server 
        Name resolution is funtional. _ldap._tcp SRV record for the forest root domain is registered 
        Delegation to the domain _msdcs.domain.local. is operational
           
     DNS server: 192.168.1.13 (<name unavailable>)
        All tests passed on this DNS server
        This is a valid DNS server 
        Name resolution is funtional. _ldap._tcp SRV record for the forest root domain is registered 
           
     DNS server: 172.30.47.4 (<name unavailable>)
        All tests passed on this DNS server
        This is a valid DNS server 
           
     DNS server: 172.30.47.5 (<name unavailable>)
        All tests passed on this DNS server
        This is a valid DNS server 
           
  Summary of DNS test results:
     
                                     Auth Basc Forw Del  Dyn  RReg Ext  
        ________________________________________________________________
     Domain: domain.local
        srv2                   PASS PASS PASS PASS PASS PASS n/a  
        srv1                        PASS PASS PASS PASS PASS PASS n/a  
     
  ......................... domain.local passed test DNS

Any idea on what to look for? If needed I can paste the entire dcdiag output.

windows-server
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered

P2V should be the last resort and especially for domain controllers. The much simpler, safer, quicker method is to stand up a new one on the target host.

I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new 2003, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one.


--please don't forget to upvote and Accept as answer if the reply is helpful--





5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MichailPappas-8872 avatar image
0 Votes"
MichailPappas-8872 answered

Thank you for your detailed information. from your advice it is clear that I should not try to p2v my other DC, srv1. However, having dcdiag fun without any issues is a prerequisite to continue.

It is this context that I need help with. That is make sure that dcdiag reports back what it should (ie recognize the .13 ip as srv2).

If I can provide outputs from specific commands to help you help me here, please let me know.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered

Please run;

Dcdiag /v /c /d /e /s:%computername% >C:\dcdiag.log
repadmin /showrepl >C:\repl.txt
ipconfig /all > C:\dc1.txt
ipconfig /all > C:\dc2.txt

then put unzipped text files up on OneDrive and share a link.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MichailPappas-8872 avatar image
0 Votes"
MichailPappas-8872 answered

Thank you for your efforts to help! Here they are with srv1=atlas, srv2=prometheus (the one that got P2V):

https://1drv.ms/u/s!AkrNXPx6e5M2v1W3pqS1W_qhYhDM?e=RUSgkC

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
1 Vote"
DSPatrick answered MichailPappas-8872 commented

On atlas I'd add server own static ip address (10.128.64.12) listed for DNS then do ipconfig /flushdns, ipconfig /registerdns, restart the netlogon service
the unknown Node Type could be the netbt thing mentioned here https://www.itprotoday.com/compute-engines/jsi-tip-6538-ipconfig-all-show-node-type-unknown
Warning :There is less than 9% available RIDs in the current pool
https://docs.microsoft.com/en-us/archive/blogs/askds/managing-rid-pool-depletion


On prometheus On atlas I'd add server own static ip address (10.128.64.13) listed for DNS then do ipconfig /flushdns, ipconfig /registerdns, restart the netlogon service
same issue with the unknown Node Type

As to the migration to Server 2019 this will need to be a two-step process with (suggested) Server 2016 intermediary

I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new 2016, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one.


--please don't forget to upvote and Accept as answer if the reply is helpful--





· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Did the flushdns-registerdns-restart netlogon steps but the second server still shows up "name unavailable". Hope it's no biggie here...

What is troublesome though is this RID and the fact that less than 9% is available... Reading the link you've provided has scared me shitless...

I'll try to find out what is causing this exhaustion. In the link provided there were some power shell scripts to show what/wehn RIDs were consumed. Can anything like that be done on a "plain" 2k3 server?

And, if I understand correctly, upgrading to 2016/2019 won't save things, since this is a domain issue per se...

0 Votes 0 ·

Running a test on my DC having the RID role, I get the following:
Starting test: RidManager
Available RID Pool for the Domain is 3106 to 1073741823
atlas.Nap_Dioikitirio.local is the RID Master
DsBind with RID Master was successful
rIDAllocationPool is 2606 to 3105
rIDPreviousAllocationPool is 1606 to 2105
rIDNextRID: 2061
* Warning :There is less than 9% available RIDs in the current pool

I'm not windows server proficient, these servers were installed sometime by professionals in 2007 and we've been operating them ever since adding users/computers and gpo's (I was able to gather that much knowledge). It seems like a mountain trying to figure out how to go from here :(

0 Votes 0 ·
MichailPappas-8872 avatar image
0 Votes"
MichailPappas-8872 answered MichailPappas-8872 commented

Ok this is driving me crazy. If I interpret correctly the line "Available RID Pool for the Domain is 3106 to 1073741823" it should mean that I've not exhausted anything at all!!! Am I reading something wrong?

· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

If I interpret correctly the line "Available RID Pool for the Domain is 3106

Please close this thread by marking answer and start a new thread to discuss this new topic.


0 Votes 0 ·

Will gladly do.

0 Votes 0 ·

Sounds good, you're welcome.

--please don't forget to upvote and Accept as answer if the reply is helpful--



0 Votes 0 ·
Show more comments