Servers are not only the hub of enterprise network equipment, but also the main body of enterprise software and database applications. In practice, servers often encounter one or another failures, software or hardware. Many faults are irregular, and we can only solve them through experience. I am responsible for the maintenance of the company's servers. I encountered a strange DNS Network Fault in my actual work and the server could not log on to the server. The Troubleshooting was quite strange. I will share it with you.
I. Fault symptom:
The company is not very large. It has more than 50 computers and has bought two IBM servers. The model is x service 200. Because an internal application requires Windows Domain support, windows 2000 server domain is enabled on the two IBM servers. One is used as the domain controller DC, and the other is set as the backup Domain Controller BDC.
Because the backup domain controller plays an auxiliary role in the management domain, no modifications or operations are performed after configuration. However, in the previous section, the master Domain Controller DC Server was unable to log on to the system desktop. Every time the domain controller was started, it stayed on the 2000 logon interface, that is to say, on the interface before the Administrator account and password are required to be entered, the logon information below shows "connecting to the network", and there is still no progress in the last hour, always stay at the prompt "connecting to the network. Restart the server and press F8 to enter the safe mode normally. However, as soon as the server enters the normal mode, the problem mentioned above occurs.
Ii. troubleshooting:
Because the system login always stays at "connecting to the network", I suspect that there is a network problem, for example, the primary domain controller cannot resolve itself through DNS. Try to disable the NIC in safe mode, so that the system will not search for the network and try to connect to the network. After disabling the NIC, the system can normally enter the desktop.
However, disabling the NIC does not solve the problem. Although the server can log on to the desktop, other clients of the provided services cannot use the NIC. Why can I log on without a Nic? I once again concentrated my thoughts on resolving the fault on domain name resolution. As we all know, in a domain-Enabled Network, DNS resolution domain names correspond one to one with computers, if a computer does not retain the correct DNS name on the primary domain controller, the network cannot be used.
I checked the DNS service configuration on the primary domain controller and found that the DNS address of the primary domain controller was set as the IP address of the backup domain controller. It seems that DNS resolution on the backup domain controller is faulty. I immediately went to the backup domain controller to check whether the connection between the network cable and the NIC interface on the backup domain controller was loose. That is to say, the backup domain controller is actually out of the entire network. After plugging the network cable on the backup domain controller, start the network card on the master Domain Controller and then you can enter the system normally. This DNS Network Fault is rectified.
Iii. advanced thinking:
This DNS Network failure seems to be caused by the loose network cable on the backup domain controller. It is actually the result of a problem in the configuration during domain creation. Why? Because we recommend that you configure DNS according to the following rules when creating a domain.
1) The DNS service is installed on both DC and BDC, instead of being enabled on only one server. This prevents DNS resolution errors and provides redundancy for DNS resolution.
2) The local DNS server of DC is set to its own IP address, and the local DNS server of BDC is also set to its own IP address.
3) at the same time, the secondary DNS server address on the DC must also be set to the BDC address, and the secondary DNS server address on the corresponding BDC should also be set to the dc ip address.
In this way, we will not easily encounter problems during DNS resolution, and such a DNS Network failure will not happen. When you log on to the primary domain controller, DNS resolution is performed and the local DNS settings are automatically queried when you connect to the network. Even if the BDC network cable is loose or shut down, DC login is not affected.
Summary:
Configuring domain controllers in Windows is very troublesome, and the occurrence of faults is even more irregular, therefore, when upgrading the network to a domain, this initialization operation must follow the rules described above to minimize the chance of DNS Network failure.
- Fourteen common server troubleshooting methods
- How to Create a DNS server on Linux
- DNS fault tracking: The Butterfly Effect Caused by mutual hacking of two private servers