ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Domain Controller Down (VM)

    Scheduled Pinned Locked Moved IT Discussion
    609 Posts 16 Posters 139.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller @wirestyle22
      last edited by

      @wirestyle22 said in Domain Controller Down (VM):

      @JaredBusch said in Domain Controller Down (VM):

      @scottalanmiller said in Domain Controller Down (VM):

      @wirestyle22 said in Domain Controller Down (VM):

      @JaredBusch It has both. I set a static IP on the computer I am on currently and can connect to the internet.

      Now that you are online again, is DNS working on the DC that is up? If so, good. If not, why not?

      Willing to bet that the second DNS server is not in the DHCP config so the clients only looked to the first.

      BUt that is unfixable at the moment.

      How do I make it fixable? This places backups are absolutely horrendous and I'm sure it is not recoverable. I have been fighting with them to change it and then this happens.

      Then this is a blessing. You just did your job well, they failed at management, now you have proof. This is a good thing for you and for IT and maybe for the company. Nothing matters much less than losing a domain controller. Be thankful that the pudding with the proof was cheap pudding.

      1 Reply Last reply Reply Quote 2
      • JaredBuschJ
        JaredBusch @BRRABill
        last edited by

        @BRRABill said in Domain Controller Down (VM):

        @JaredBusch said in Domain Controller Down (VM):

        @coliver said in Domain Controller Down (VM):

        @BRRABill said in Domain Controller Down (VM):

        @JaredBusch said

        This does not matter FFS, forget about AD.

        He said there is another DC. How does it not matter?

        It only matters if that other DC is also a DNS and DHCP server.

        And this is not possible in a 2003/2008 environment. DHCP redundancy was only added in 2012 R2 (maybe 2012).

        DHCP is not what I am thinking about.

        It was my understand that AD and DNS are linked. AKA, DNS is required to run AD.

        I understand what you are saying. But if AD was installed and working correctly, then so potentially was DNS. So there could be in theory a working DC with AD and DNS already on the network.

        Hence if he is doing a restore of a DC with another working DC in the domain, it could cause even more issues.

        Or am I totally wrong here?

        DHCP, as was mentioned, could be fixed by anything. I am more thinking about AD and DNS which as I said might actually be fine.

        You are not troubleshooting the problem.
        You are conflating AD sync with a simple down server.
        The only thing that has happened is he (incorrectly) removed a domain joined machine from the network.
        So when the FSMO DC comes back up there may need to be a minor manual cleanup.
        Had he not reomved his machine from the network, there would have been no changes to worry about in the first place.

        1 Reply Last reply Reply Quote 1
        • scottalanmillerS
          scottalanmiller @coliver
          last edited by

          @coliver said in Domain Controller Down (VM):

          If you have no backups then you need to look at DHCP and getting a second/new server set up. Or seeing if your firewall has the ability to hand out addresses that may be the quickest way to do it. management decided that this outage doesn't matter.

          And I mean this. Stop for a moment, remove the stress. Management has made it totally clear to you, before this happened, that they were not concerned about this outage, right? Don't take on stress that the company doesn't have. If they don't care, why do you? I'm not saying you don't fix it, of course you fix it. But don't stress about it. They knew this was going to happen and being a 2003 machine, they knew it would be soon. They accepted the risk, they accept the consequences. It's as simple as that.

          wirestyle22W 1 Reply Last reply Reply Quote 2
          • JaredBuschJ
            JaredBusch @wirestyle22
            last edited by

            @wirestyle22 said in Domain Controller Down (VM):

            @coliver said in Domain Controller Down (VM):

            @wirestyle22 said in Domain Controller Down (VM):

            @JaredBusch said in Domain Controller Down (VM):

            @wirestyle22 is the VMDK there?

            When I attempt to browse it kicks back an error stating "the server could not interpret the users request. the server is unavailable"

            You're browsing in the VMWare console? The easiest way to get to it is via:

            0_1473355605895_chrome_2016-09-08_13-26-23.png

            I'm running version 5.1.0 and I just click on Datastores

            So you are using the fat client on your workstation?

            Are you logged in with VMWare local account or a domain account?

            Because obviously you have domain issues because of the bad DNS setup.

            log in to the VMWare client with root and the local password.

            wirestyle22W 1 Reply Last reply Reply Quote 2
            • scottalanmillerS
              scottalanmiller @BRRABill
              last edited by

              @BRRABill said in Domain Controller Down (VM):

              @JaredBusch said in Domain Controller Down (VM):

              The fastest thing to do is to do is to simply restore from Veeam/Unitrends/Whatever.

              Done up and nothing else matters.

              You can then prioritize resolving the fagility in the current setup.

              So AD on the down DC would not have been syncing with the other DC he has if DNS was set up incorrectly?

              Correct. Nothing works when it doesn't work. That's what not working means. "Set up incorrectly" is just another way of saying "not working."

              1 Reply Last reply Reply Quote 0
              • wirestyle22W
                wirestyle22 @scottalanmiller
                last edited by

                @scottalanmiller said in Domain Controller Down (VM):

                @coliver said in Domain Controller Down (VM):

                If you have no backups then you need to look at DHCP and getting a second/new server set up. Or seeing if your firewall has the ability to hand out addresses that may be the quickest way to do it. management decided that this outage doesn't matter.

                And I mean this. Stop for a moment, remove the stress. Management has made it totally clear to you, before this happened, that they were not concerned about this outage, right? Don't take on stress that the company doesn't have. If they don't care, why do you? I'm not saying you don't fix it, of course you fix it. But don't stress about it. They knew this was going to happen and being a 2003 machine, they knew it would be soon. They accepted the risk, they accept the consequences. It's as simple as that.

                I'm stressed because I honestly do not know how to fix it. I have people calling me literally every 2 minutes for progress updates and I really have nothing to tell them. My job is to know and I don't know.

                scottalanmillerS 1 Reply Last reply Reply Quote 0
                • scottalanmillerS
                  scottalanmiller @BRRABill
                  last edited by

                  @BRRABill said in Domain Controller Down (VM):

                  @JaredBusch said

                  This does not matter FFS, forget about AD.

                  He said there is another DC. How does it not matter?

                  He also said it doesn't work. AD isn't the issue right now.

                  JaredBuschJ BRRABillB 2 Replies Last reply Reply Quote 0
                  • wirestyle22W
                    wirestyle22 @JaredBusch
                    last edited by

                    @JaredBusch said in Domain Controller Down (VM):

                    @wirestyle22 said in Domain Controller Down (VM):

                    @coliver said in Domain Controller Down (VM):

                    @wirestyle22 said in Domain Controller Down (VM):

                    @JaredBusch said in Domain Controller Down (VM):

                    @wirestyle22 is the VMDK there?

                    When I attempt to browse it kicks back an error stating "the server could not interpret the users request. the server is unavailable"

                    You're browsing in the VMWare console? The easiest way to get to it is via:

                    0_1473355605895_chrome_2016-09-08_13-26-23.png

                    I'm running version 5.1.0 and I just click on Datastores

                    So you are using the fat client on your workstation?

                    Are you logged in with VMWare local account or a domain account?

                    Because obviously you have domain issues because of the bad DNS setup.

                    log in to the VMWare client with root and the local password.

                    I'm logging in with root and the local password actually on the server itself.

                    JaredBuschJ 1 Reply Last reply Reply Quote 1
                    • JaredBuschJ
                      JaredBusch @wirestyle22
                      last edited by

                      @wirestyle22 said in Domain Controller Down (VM):

                      @JaredBusch said in Domain Controller Down (VM):

                      @wirestyle22 said in Domain Controller Down (VM):

                      @coliver said in Domain Controller Down (VM):

                      @wirestyle22 said in Domain Controller Down (VM):

                      @JaredBusch said in Domain Controller Down (VM):

                      @wirestyle22 is the VMDK there?

                      When I attempt to browse it kicks back an error stating "the server could not interpret the users request. the server is unavailable"

                      You're browsing in the VMWare console? The easiest way to get to it is via:

                      0_1473355605895_chrome_2016-09-08_13-26-23.png

                      I'm running version 5.1.0 and I just click on Datastores

                      So you are using the fat client on your workstation?

                      Are you logged in with VMWare local account or a domain account?

                      Because obviously you have domain issues because of the bad DNS setup.

                      log in to the VMWare client with root and the local password.

                      I'm logging in with root and the local password actually on the server itself.

                      No you are not. You said you are using a client. The VMWare server itself only provides a command line interface.

                      wirestyle22W 1 Reply Last reply Reply Quote 2
                      • scottalanmillerS
                        scottalanmiller @BRRABill
                        last edited by

                        @BRRABill said in Domain Controller Down (VM):

                        @JaredBusch said in Domain Controller Down (VM):

                        @coliver said in Domain Controller Down (VM):

                        @BRRABill said in Domain Controller Down (VM):

                        @JaredBusch said

                        This does not matter FFS, forget about AD.

                        He said there is another DC. How does it not matter?

                        It only matters if that other DC is also a DNS and DHCP server.

                        And this is not possible in a 2003/2008 environment. DHCP redundancy was only added in 2012 R2 (maybe 2012).

                        DHCP is not what I am thinking about.

                        It was my understand that AD and DNS are linked. AKA, DNS is required to run AD.

                        Unilaterally coupled, yes. DNS is needed for AD; AD is irrelevant to DNS. Right now, he has a network issue. AD simply doesn't matter right now. AD outages rarely matter. DNS and DHCP outages, normally are critical.

                        1 Reply Last reply Reply Quote 1
                        • wirestyle22W
                          wirestyle22 @JaredBusch
                          last edited by

                          @JaredBusch said in Domain Controller Down (VM):

                          @wirestyle22 said in Domain Controller Down (VM):

                          @JaredBusch said in Domain Controller Down (VM):

                          @wirestyle22 said in Domain Controller Down (VM):

                          @coliver said in Domain Controller Down (VM):

                          @wirestyle22 said in Domain Controller Down (VM):

                          @JaredBusch said in Domain Controller Down (VM):

                          @wirestyle22 is the VMDK there?

                          When I attempt to browse it kicks back an error stating "the server could not interpret the users request. the server is unavailable"

                          You're browsing in the VMWare console? The easiest way to get to it is via:

                          0_1473355605895_chrome_2016-09-08_13-26-23.png

                          I'm running version 5.1.0 and I just click on Datastores

                          So you are using the fat client on your workstation?

                          Are you logged in with VMWare local account or a domain account?

                          Because obviously you have domain issues because of the bad DNS setup.

                          log in to the VMWare client with root and the local password.

                          I'm logging in with root and the local password actually on the server itself.

                          No you are not. You said you are using a client. The VMWare server itself only provides a command line interface.

                          They created a VM called vcenter that uses the client so yes you are correct.

                          scottalanmillerS 1 Reply Last reply Reply Quote 0
                          • scottalanmillerS
                            scottalanmiller @BRRABill
                            last edited by

                            @BRRABill said in Domain Controller Down (VM):

                            Hence if he is doing a restore of a DC with another working DC in the domain, it could cause even more issues.

                            Or am I totally wrong here?

                            There isn't another working DC.

                            BRRABillB 1 Reply Last reply Reply Quote 1
                            • JaredBuschJ
                              JaredBusch @scottalanmiller
                              last edited by

                              @scottalanmiller said in Domain Controller Down (VM):

                              @BRRABill said in Domain Controller Down (VM):

                              @JaredBusch said

                              This does not matter FFS, forget about AD.

                              He said there is another DC. How does it not matter?

                              He also said it doesn't work. AD isn't the issue right now.

                              Well it might work but he has not easy way to know that right now because DHCP is down. If his DHCP server had handed out this DC as a secondary DNS, then things would still be working. Thus why I assume his DHCP is improperly configured. but again. no way to know that until he brings it back online.

                              scottalanmillerS 1 Reply Last reply Reply Quote 1
                              • BRRABillB
                                BRRABill @scottalanmiller
                                last edited by

                                @scottalanmiller said in Domain Controller Down (VM):

                                @BRRABill said in Domain Controller Down (VM):

                                @JaredBusch said

                                This does not matter FFS, forget about AD.

                                He said there is another DC. How does it not matter?

                                He also said it doesn't work. AD isn't the issue right now.

                                No he said he can't access it.

                                If, as was mentioned (by @JaredBusch I think) the DNS settings in DHCP were incorrect, that would make sense.

                                All I was trying to say is that there MIGHT be a working DC on the network still. It's possible the only issue MIGHT be that DNS settings on the client are wrong.

                                So...

                                1. In this scenario, if he adds the second DC to his client DNS and it works, that temporarily fixes his issue. He can install DHCP and take his time getting the 2003 server back up.

                                2. Also in this scenario (if there is a working DC still there) I thought it was verboten to just restore. It has to be restored a certain way.

                                JaredBuschJ scottalanmillerS 2 Replies Last reply Reply Quote 0
                                • scottalanmillerS
                                  scottalanmiller @wirestyle22
                                  last edited by

                                  @wirestyle22 said in Domain Controller Down (VM):

                                  @scottalanmiller said in Domain Controller Down (VM):

                                  @coliver said in Domain Controller Down (VM):

                                  If you have no backups then you need to look at DHCP and getting a second/new server set up. Or seeing if your firewall has the ability to hand out addresses that may be the quickest way to do it. management decided that this outage doesn't matter.

                                  And I mean this. Stop for a moment, remove the stress. Management has made it totally clear to you, before this happened, that they were not concerned about this outage, right? Don't take on stress that the company doesn't have. If they don't care, why do you? I'm not saying you don't fix it, of course you fix it. But don't stress about it. They knew this was going to happen and being a 2003 machine, they knew it would be soon. They accepted the risk, they accept the consequences. It's as simple as that.

                                  I'm stressed because I honestly do not know how to fix it. I have people calling me literally every 2 minutes for progress updates and I really have nothing to tell them. My job is to know and I don't know.

                                  Tell them to stop calling. Have someone send out a notice that there is a network down and any request for update means that they think that their status is MORE important than fixing the outage. Make this clear. Ask the CEO to notify the company. Tell him that you have people causing further network problems by blocking you from working.

                                  Or just stop answering the phone. Where is your boss, his job is to protect you from this. Why are calls coming to the person working on the problem?

                                  1 Reply Last reply Reply Quote 3
                                  • BRRABillB
                                    BRRABill @scottalanmiller
                                    last edited by

                                    @scottalanmiller said in Domain Controller Down (VM):

                                    @BRRABill said in Domain Controller Down (VM):

                                    Hence if he is doing a restore of a DC with another working DC in the domain, it could cause even more issues.

                                    Or am I totally wrong here?

                                    There isn't another working DC.

                                    How do you know that? He said there was one, and the only reason mentioned it might be down was that his PC says "no domain controllers found" but as @JaredBusch has been saying, if DNS is misconfigured, that could also happen, right?

                                    scottalanmillerS 1 Reply Last reply Reply Quote 0
                                    • JaredBuschJ
                                      JaredBusch @BRRABill
                                      last edited by

                                      @BRRABill said in Domain Controller Down (VM):

                                      @scottalanmiller said in Domain Controller Down (VM):

                                      @BRRABill said in Domain Controller Down (VM):

                                      @JaredBusch said

                                      This does not matter FFS, forget about AD.

                                      He said there is another DC. How does it not matter?

                                      He also said it doesn't work. AD isn't the issue right now.

                                      No he said he can't access it.

                                      If, as was mentioned (by @JaredBusch I think) the DNS settings in DHCP were incorrect, that would make sense.

                                      All I was trying to say is that there MIGHT be a working DC on the network still. It's possible the only issue MIGHT be that DNS settings on the client are wrong.

                                      The secondary DC is not relevant. And changing every client to static IP scheme would be a pain in the ass when he should simply connect to ESXi, and make a new VM based on the VMDK we hope is still there.

                                      BRRABillB 1 Reply Last reply Reply Quote 2
                                      • BRRABillB
                                        BRRABill @JaredBusch
                                        last edited by

                                        @JaredBusch said

                                        The secondary DC is not relevant. And changing every client to static IP scheme would be a pain in the ass when he should simply connect to ESXi, and make a new VM based on the VMDK we hope is still there.

                                        Oh yes, that is fine. 🙂

                                        My concern was a restore from backup.

                                        1 Reply Last reply Reply Quote 0
                                        • scottalanmillerS
                                          scottalanmiller @wirestyle22
                                          last edited by

                                          @wirestyle22 said in Domain Controller Down (VM):

                                          @JaredBusch said in Domain Controller Down (VM):

                                          @wirestyle22 said in Domain Controller Down (VM):

                                          @JaredBusch said in Domain Controller Down (VM):

                                          @wirestyle22 said in Domain Controller Down (VM):

                                          @coliver said in Domain Controller Down (VM):

                                          @wirestyle22 said in Domain Controller Down (VM):

                                          @JaredBusch said in Domain Controller Down (VM):

                                          @wirestyle22 is the VMDK there?

                                          When I attempt to browse it kicks back an error stating "the server could not interpret the users request. the server is unavailable"

                                          You're browsing in the VMWare console? The easiest way to get to it is via:

                                          0_1473355605895_chrome_2016-09-08_13-26-23.png

                                          I'm running version 5.1.0 and I just click on Datastores

                                          So you are using the fat client on your workstation?

                                          Are you logged in with VMWare local account or a domain account?

                                          Because obviously you have domain issues because of the bad DNS setup.

                                          log in to the VMWare client with root and the local password.

                                          I'm logging in with root and the local password actually on the server itself.

                                          No you are not. You said you are using a client. The VMWare server itself only provides a command line interface.

                                          They created a VM called vcenter that uses the client so yes you are correct.

                                          That's not what anyone means when we say to log into the VMware ESXi server itself. That's a client on a VM. Very, very different.

                                          Log into the actual server to remove any unnecessary points of complexity.

                                          JaredBuschJ 1 Reply Last reply Reply Quote 0
                                          • scottalanmillerS
                                            scottalanmiller @JaredBusch
                                            last edited by

                                            @JaredBusch said in Domain Controller Down (VM):

                                            @scottalanmiller said in Domain Controller Down (VM):

                                            @BRRABill said in Domain Controller Down (VM):

                                            @JaredBusch said

                                            This does not matter FFS, forget about AD.

                                            He said there is another DC. How does it not matter?

                                            He also said it doesn't work. AD isn't the issue right now.

                                            Well it might work but he has not easy way to know that right now because DHCP is down. If his DHCP server had handed out this DC as a secondary DNS, then things would still be working. Thus why I assume his DHCP is improperly configured. but again. no way to know that until he brings it back online.

                                            Oh good point. Yes, it might be fine on its own. But we assume that it's not actively on the domain or that domain members are not aware of it, so it can't cause problem because it is isolated.

                                            BRRABillB 1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 30
                                            • 31
                                            • 3 / 31
                                            • First post
                                              Last post