我正在对森林中主 DC 上的 dns 服务器问题进行故障排除。我在尝试启动并运行第二个控制器时结束了这一点。
dcdiag /test:dns 的当前结果如下
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = ad
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: ad\AD
Starting test: Connectivity
......................... AD passed test Connectivity
Doing primary tests
Testing server: ad\AD
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... AD passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : domain
Running enterprise tests on : domain.com
Starting test: DNS
Test results for domain controllers:
DC: ad.domain.com
Domain: domain.com
TEST: Basic (Basc)
Warning: adapter
[00000011] Intel(R) 82574L Gigabit Network Connection has
invalid DNS server: 127.0.0.1 (AD)
Error: all DNS servers are invalid
TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the network
adapters
Summary of test results for DNS servers used by the above domain
controllers:
DNS server: 192.168.0.26 (AD)
1 test failure on this DNS server
Name resolution is not functional. _ldap._tcp.domain.com. failed on the DNS server 192.168.0.26
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
_________________________________________________________________
Domain: domain.com
ad PASS FAIL PASS PASS PASS FAIL n/a
......................... domain.com failed test DNS
因此,我一直在尝试解决 Basc 错误可能是什么,但此时我不确定,任何关于它的搜索都没有结果。
我很高兴提供更多信息或诊断输出。
编辑:ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : ad
Primary Dns Suffix . . . . . . . : domain.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.com
Ethernet adapter Ethernet0:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82574L Gigabit Network Connection
Physical Address. . . . . . . . . : 00-0C-29-3F-20-F4
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b916:e720:ea8b:a326%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.26(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::1:1%14
192.168.0.3
DHCPv6 IAID . . . . . . . . . . . : 352324649
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-C4-A2-0C-00-0C-29-A9-80-01
DNS Servers . . . . . . . . . . . : 127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{715545D0-9D5A-4707-91A2-876364FA3227}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
谢谢,凸轮
在服务器的 TCP/IP 设置中,您已将 127.0.0.1 列为唯一的 DNS 服务器。DCPROMO 进程确实进行了该设置,但如果将 127.0.0.1 配置为第一个 DNS 服务器,BPA 将生成警告。将服务器实际IP地址设置为主DNS,将127.0.0.1设置为辅助DNS,然后重启服务器并再次检查
我看到这已经回答了,但我想跟进。这是一个最佳实践问题。为 DNS 运行 BPA,您会发现不再建议将环回地址作为第一个 DNS 服务器。服务器的 IP,在单个 DNS 服务器环境中,应该是主要的,然后如果需要,您可以在辅助插槽中拥有环回地址。
这实际上是 BPA 旨在处理的事情。部署完 AD 后,您应该运行 DNS 和 AD BPA。通过尽早并经常运行 BPA(在配置更改、添加新服务器等之后),可以避免许多奇怪且难以排除/跟踪的问题。