E
Ericlch44
Hello,
As a Microsoft Trainer, i'm helping (for free) one of my client which is encountering a DFS problem since its main DC crashes last week.
Before asking my question, let's start by the beginning...
As a small business company, around 200 people on 3 sites they have 2 DCs located in a Datacenter DC00 and DC01.
Both DCs runs Windows 2012 R2 with ADDS,DNS with AD integrated zone, DHCP,DFS. DC00 hosts ADCS
Last week, DC00 crashes severely. They have Veeam backup, but for an unexplicated reason for the moment after both DC restoration in an isolated network, it's impossible to open a local session on both DCs but it's not the main issue for us because we still have DC01 the second DC which is in operation.
DC00 was hosting all FSMO roles, we seize all of them to DC01 and we move DC00 to an isolated network. We can only open a session in safe mode on it. We have deleted DC00 from AD in AD sites and services and it doesn't appear anywhere but ...
After the crash, we have discovered a big issue with DFSN (DFSR is just used for SYSVOL replication).
My client has two DFS namespaces \\domain.local\namespace1 en \\domain.local\namespace2 with several links in both namespaces.
Both namespaces are in Windows 2008 mode and stored in AD.
After the crash, they lost all access to DFS namespaces even with DC01 running.
I've read numbers of threads on these technet forum and haven't found yet any similar experience.
DFS management gave me RPC errors
When i try to run dfsutil root \\domail.local\namespace1 or namespace2 i have a RPC error
Could not complete the command successfully.
SYSTEM ERROR - The RPC server is unavailable.
i've found both namespaces stored in adsiedit with all their links but nothing in the registry.
I've read tons of threads in forums and two days ago i've found command on one of them (sorry but i don't remember the command and i didn't save both dfs command and the forum where i've found it).
When i've ran this dfs command, i've got as nameserver for both namespaces, DC00 which was deleted from AD.
I didn't retrieved the command but today i've ran dfsutil root \\domain.local\namespace1 and i've used wireshark to see the network exchanges with DC01.
DFSutil sends a FSCTL_DFS_get_REFERRALS request to DC01 for the namespace but we received a FSCTL_DFS_get_REFERRALS response wtih DC00 as node server.
So my question is where this information is it stored ? I would like to delete it to rebuild new namespaces.
I've tried to delete with both dfsutil commands and adsiedit the two namespaces and redbuid them with the same name. The deletion works but and i could'nt create new namespaces with the same name. Query refused :-(
Could somebody help me ?
Best regards
Eric
PS Sorry if i've made spelling and gramamr mistakes but i'm not native english
Continue reading...
As a Microsoft Trainer, i'm helping (for free) one of my client which is encountering a DFS problem since its main DC crashes last week.
Before asking my question, let's start by the beginning...
As a small business company, around 200 people on 3 sites they have 2 DCs located in a Datacenter DC00 and DC01.
Both DCs runs Windows 2012 R2 with ADDS,DNS with AD integrated zone, DHCP,DFS. DC00 hosts ADCS
Last week, DC00 crashes severely. They have Veeam backup, but for an unexplicated reason for the moment after both DC restoration in an isolated network, it's impossible to open a local session on both DCs but it's not the main issue for us because we still have DC01 the second DC which is in operation.
DC00 was hosting all FSMO roles, we seize all of them to DC01 and we move DC00 to an isolated network. We can only open a session in safe mode on it. We have deleted DC00 from AD in AD sites and services and it doesn't appear anywhere but ...
After the crash, we have discovered a big issue with DFSN (DFSR is just used for SYSVOL replication).
My client has two DFS namespaces \\domain.local\namespace1 en \\domain.local\namespace2 with several links in both namespaces.
Both namespaces are in Windows 2008 mode and stored in AD.
After the crash, they lost all access to DFS namespaces even with DC01 running.
I've read numbers of threads on these technet forum and haven't found yet any similar experience.
DFS management gave me RPC errors
When i try to run dfsutil root \\domail.local\namespace1 or namespace2 i have a RPC error
Could not complete the command successfully.
SYSTEM ERROR - The RPC server is unavailable.
i've found both namespaces stored in adsiedit with all their links but nothing in the registry.
I've read tons of threads in forums and two days ago i've found command on one of them (sorry but i don't remember the command and i didn't save both dfs command and the forum where i've found it).
When i've ran this dfs command, i've got as nameserver for both namespaces, DC00 which was deleted from AD.
I didn't retrieved the command but today i've ran dfsutil root \\domain.local\namespace1 and i've used wireshark to see the network exchanges with DC01.
DFSutil sends a FSCTL_DFS_get_REFERRALS request to DC01 for the namespace but we received a FSCTL_DFS_get_REFERRALS response wtih DC00 as node server.
So my question is where this information is it stored ? I would like to delete it to rebuild new namespaces.
I've tried to delete with both dfsutil commands and adsiedit the two namespaces and redbuid them with the same name. The deletion works but and i could'nt create new namespaces with the same name. Query refused :-(
Could somebody help me ?
Best regards
Eric
PS Sorry if i've made spelling and gramamr mistakes but i'm not native english
Continue reading...