我正在對林中主 DC 上的 dns 伺服器問題進行故障排除。我在嘗試啟動並運行第二個控制器時結束了這一點。
dcdiag /test:dns 目前的結果如下
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = ad
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: ad\AD
Starting test: Connectivity
......................... AD passed test Connectivity
Doing primary tests
Testing server: ad\AD
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... AD passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : domain
Running enterprise tests on : domain.com
Starting test: DNS
Test results for domain controllers:
DC: ad.domain.com
Domain: domain.com
TEST: Basic (Basc)
Warning: adapter
[00000011] Intel(R) 82574L Gigabit Network Connection has
invalid DNS server: 127.0.0.1 (AD)
Error: all DNS servers are invalid
TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the network
adapters
Summary of test results for DNS servers used by the above domain
controllers:
DNS server: 192.168.0.26 (AD)
1 test failure on this DNS server
Name resolution is not functional. _ldap._tcp.domain.com. failed on the DNS server 192.168.0.26
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
_________________________________________________________________
Domain: domain.com
ad PASS FAIL PASS PASS PASS FAIL n/a
......................... domain.com failed test DNS
因此,我一直在嘗試解決 Basc 錯誤可能是什麼,但目前我不確定,並且任何有關它的搜尋都沒有結果。
我很高興提供更多資訊或診斷輸出。
編輯:ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : ad
Primary Dns Suffix . . . . . . . : domain.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.com
Ethernet adapter Ethernet0:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82574L Gigabit Network Connection
Physical Address. . . . . . . . . : 00-0C-29-3F-20-F4
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b916:e720:ea8b:a326%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.26(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::1:1%14
192.168.0.3
DHCPv6 IAID . . . . . . . . . . . : 352324649
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-C4-A2-0C-00-0C-29-A9-80-01
DNS Servers . . . . . . . . . . . : 127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{715545D0-9D5A-4707-91A2-876364FA3227}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
謝謝,卡姆
答案1
您已在伺服器的 TCP/IP 設定中將 127.0.0.1 列為唯一的 DNS 伺服器。 DCPROMO 進程確實進行了該設置,但如果 127.0.0.1 配置為第一個 DNS 伺服器,BPA 將產生警告。將伺服器實際ip位址設定為主DNS,設定127.0.0.1為輔助DNS,然後重新啟動伺服器並再次檢查
答案2
我看到這個問題已經得到解答,但我想跟進。這是一個最佳實踐問題。執行 DNS 的 BPA,您將看到不再建議將環回位址作為第一個 DNS 伺服器。在單一 DNS 伺服器環境中,伺服器的 IP 應該是主要的,然後如果您願意,可以將環回位址放在輔助插槽中。
這實際上是 BPA 旨在解決的問題。完成 AD 部署後,您應該執行 DNS 和 AD BPA。透過儘早且經常執行 BPA(在配置變更、新增伺服器等之後),可以避免許多奇怪且難以排除故障/追蹤的問題。