Certbot
-
What are the results of ipconfig on this machine?
-
@Dashrender said in Certbot:
What are the results of ipconfig on this machine?
-
yep, there are your problems!!
Look at your DNS entries. You can only use Windows DNS servers for DNS to have this problem solved.
It also appears that you are not using DHCP - why not?
Also, why is 127.0.0.1 in that list? that is basically saying, use myself to find DNS information, but non of your PCs have a DNS sever installed on them, I hope.
-
@Dashrender said in Certbot:
yep, there are your problems!!
Look at your DNS entries. You can only use Windows DNS servers for DNS to have this problem solved.
It also appears that you are not using DHCP - why not?
Also, why is 127.0.0.1 in that list? that is basically saying, use myself to find DNS information, but non of your PCs have a DNS sever installed on them, I hope.
What is that ::1 in DNS servers?
-
The only DNS IPs that should be listed in any PC that lives on your network should be the IPs of these machines
-
@wirestyle22 said in Certbot:
@Dashrender said in Certbot:
yep, there are your problems!!
Look at your DNS entries. You can only use Windows DNS servers for DNS to have this problem solved.
It also appears that you are not using DHCP - why not?
Also, why is 127.0.0.1 in that list? that is basically saying, use myself to find DNS information, but non of your PCs have a DNS sever installed on them, I hope.
What is that ::1 in DNS servers?
That is IPv6 loopback
-
@JaredBusch said in Certbot:
@wirestyle22 said in Certbot:
@Dashrender said in Certbot:
yep, there are your problems!!
Look at your DNS entries. You can only use Windows DNS servers for DNS to have this problem solved.
It also appears that you are not using DHCP - why not?
Also, why is 127.0.0.1 in that list? that is basically saying, use myself to find DNS information, but non of your PCs have a DNS sever installed on them, I hope.
What is that ::1 in DNS servers?
That is IPv6 loopback
Oh I see. Thanks
-
This post is deleted! -
Do you have someone else in the company who is a senior IT person? Or are you the one currently in charge of the network?
-
@Dashrender said in Certbot:
Do you have someone else in the company who is a senior IT person? Or are you the one currently in charge of the network?
there is a senior IT person. But he is at the same level as me when it comes to DNS
-
@Dashrender said in Certbot:
The only DNS IPs that should be listed in any PC that lives on your network should be the IPs of these machines
Im aware of that
-
Hold the phone here -
JB pointed out to me that the ipconfig you posted is from your DC.
THAT majorly changes things.
You can point to yourself for DNS on a DC - in your case you don't need to, because have 6 DNS servers.
You need to change the Domain Controller's DNS to all point to other DNS servers on your network. The primary one should point to another Local DNS server if there is one, the secondary can be local or remote. If there are no other local DNS, you have no choice but to have the primary point to another DNS that is remote.
-
@Dashrender said in Certbot:
Hold the phone here -
JB pointed out to me that the ipconfig you posted is from your DC.
THAT majorly changes things.
You can point to yourself for DNS on a DC - in your case you don't need to, because have 6 DNS servers.
You need to change the Domain Controller's DNS to all point to other DNS servers on your network. The primary one should point to another Local DNS server if there is one, the secondary can be local or remote. If there are no other local DNS, you have no choice but to have the primary point to another DNS that is remote.
Yeah I was literally just typing that out in a post. Rose-DC1 so it would refer to itself for DNS
-
@alex.olynyk said in Certbot:
@Dashrender said in Certbot:
Do you have someone else in the company who is a senior IT person? Or are you the one currently in charge of the network?
there is a senior IT person. But he is at the same level as me when it comes to DNS
I'm really thinking JB is right, you need to hire someone to either remotely assist you or come onsite and give your network a good once over. it will be well worth the spend.
-
@Dashrender said in Certbot:
Hold the phone here -
JB pointed out to me that the ipconfig you posted is from your DC.
THAT majorly changes things.
You can point to yourself for DNS on a DC - in your case you don't need to, because have 6 DNS servers.
You need to change the Domain Controller's DNS to all point to other DNS servers on your network. The primary one should point to another Local DNS server if there is one, the secondary can be local or remote. If there are no other local DNS, you have no choice but to have the primary point to another DNS that is remote.
128.1 is the only DC/DNS on site so its pointing to 118.5 which is a DC/DNS server at a remote site. -
what is the name of that server at that site?
-
-
@alex.olynyk said in Certbot:
@Dashrender said in Certbot:
Hold the phone here -
JB pointed out to me that the ipconfig you posted is from your DC.
THAT majorly changes things.
You can point to yourself for DNS on a DC - in your case you don't need to, because have 6 DNS servers.
You need to change the Domain Controller's DNS to all point to other DNS servers on your network. The primary one should point to another Local DNS server if there is one, the secondary can be local or remote. If there are no other local DNS, you have no choice but to have the primary point to another DNS that is remote.
128.1 is the only DC/DNS on site so its pointing to 118.5 which is a DC/DNS server at a remote site.Gods, what a train wreck, but I keep coming back...
The DNS setting in the NIC for a DC (assuming it is also a DNS server) should ALWAYS point to itself first.
It should never point to anything else first.
DNS 1: 127.0.0.1
DNS 2: Some other INTERNAL DNS server -
@JaredBusch said in Certbot:
@alex.olynyk said in Certbot:
@Dashrender said in Certbot:
Hold the phone here -
JB pointed out to me that the ipconfig you posted is from your DC.
THAT majorly changes things.
You can point to yourself for DNS on a DC - in your case you don't need to, because have 6 DNS servers.
You need to change the Domain Controller's DNS to all point to other DNS servers on your network. The primary one should point to another Local DNS server if there is one, the secondary can be local or remote. If there are no other local DNS, you have no choice but to have the primary point to another DNS that is remote.
128.1 is the only DC/DNS on site so its pointing to 118.5 which is a DC/DNS server at a remote site.
Gods, what a train wreck, but I keep coming back...
The DNS setting in the NIC for a DC (assuming it is also a DNS server) should ALWAYS point to itself first.
It should never point to anything else first.
DNS 1: 127.0.0.1
DNS 2: Some other INTERNAL DNS serverOnce you have that setup right, everything in the local office will immediately start working right.
Next, you need to look into your DNS configuration, because in theory, you should have still been working if your DNS was properly replicating between all of your servers.
-
What DNS addresses are your clients getting from DHCP?