Greetings
My WSE2012 machine is setup as the DC and DNS (not DHCP) server for my network. I also have a WS2012 Standard server as a member server that is running Exchange 2013.
In order to achieve some redundancy, I added a second WS2012 Standard machine and promoted it to domain controller, replicating from the Essentials server.
All systems are connected to the outside world through a Cisco RV042G router that acts as DHCP server for the LAN.
My problem is that when the WSE machine is down, I lose all external and internal access to the Exchange server, and all LAN clients appear to lose all DNS resolution. Obviously I have made some error in my DNS setup.
Here's how it is set up, all 3 servers have fixed IP addresses:
- Cisco Router (192.168.2.1) set up as DHCP server. DHCP clients are given 192.168.2.2 and 192.168.2.6 (see below) as DNS servers.
- WSE2012 (192.168.2.2) points to itself (127.0.0.1) for DNS in the network adapter settings, default gateway set to 192.168.2.1 (router). My ISP's DNS servers, plus the router, are setup as forwarders in the DNS settings.
- WS2012 Std (domain controller, 192.168.2.6) points to itself (127.0.0.1) for DNS in the network adapter settings, default gateway set to 192.168.2.1 (router). My ISP's DNS servers, plus the router, are setup as forwarders in the DNS settings.
- WS2012 Std (Exchange server, 192.168.2.4) is set to receive DNS settings automatically, and it receives .2 and .6 which I guess is as it should be.
- Other clients (PCs, phones, tablets) are set to receive DNS settings automatically, see above.
If the WSE machine is down (it is currently very unreliable because of a hard-to-diagnose hardware problem) everything goes haywire. All servers and clients can still reach the internet, but the Exchange server becomes unreachable both internally and externally and LAN clients can only connect to each other by IP, not host name.
I find this very strange since both DCs have identical DNS setups and the "backup" domain controller appears to do its thing just fine if the WSE is down.
If I change a client's NIC settings to point to the backup domain controller ONLY, everything works fine, as long as the WSE is up and running. This suggests the backup DC's DNS settings are okay.
I also ran DCDIAG on both DCs and there are some errors - e.g. the backup DC seems to return the name of the WSE DC when queried and is deemed "unreachable or not suitable".
I almost wish I had not migrated from WHS2011 because it seems all WSE has added to my setup is a single point of failure... :(
ipconfig /all output from Exchange server:
Windows IP Configuration
Host Name . . . . . . . . . . . . : VL-MAILSERVER
Primary Dns Suffix . . . . . . . : VILLALITBY.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : VILLALITBY.local
Ethernet adapter Ethernet:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : D4-3D-7E-97-01-71
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::11bb:171b:e91:f118%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 265567614
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-DF-6D-B3-D4-3D-7E-97-01-71
DNS Servers . . . . . . . . . . . : 192.168.2.2
192.168.2.6
NetBIOS over Tcpip. . . . . . . . : Enabled
Output from DCDIAG testing the WSE server:
Directory Server Diagnosis
Performing initial setup:
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\VL-MEDIASERVER
Starting test: Connectivity
......................... VL-MEDIASERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\VL-MEDIASERVER
Starting test: Advertising
......................... VL-MEDIASERVER passed test Advertising
Starting test: FrsEvent
......................... VL-MEDIASERVER passed test FrsEvent
Starting test: DFSREvent
The event log DFS Replication on server
VL-MEDIASERVER.VILLALITBY.local could not be queried, error 0x6ba
"The RPC server is unavailable."
......................... VL-MEDIASERVER failed test DFSREvent
Starting test: SysVolCheck
......................... VL-MEDIASERVER passed test SysVolCheck
Starting test: KccEvent
The event log Directory Service on server
VL-MEDIASERVER.VILLALITBY.local could not be queried, error 0x6ba
"The RPC server is unavailable."
......................... VL-MEDIASERVER failed test KccEvent
Starting test: KnowsOfRoleHolders
......................... VL-MEDIASERVER passed test
KnowsOfRoleHolders
Starting test: MachineAccount
......................... VL-MEDIASERVER passed test MachineAccount
Starting test: NCSecDesc
......................... VL-MEDIASERVER passed test NCSecDesc
Starting test: NetLogons
......................... VL-MEDIASERVER passed test NetLogons
Starting test: ObjectsReplicated
......................... VL-MEDIASERVER passed test ObjectsReplicated
Starting test: Replications
......................... VL-MEDIASERVER passed test Replications
Starting test: RidManager
......................... VL-MEDIASERVER passed test RidManager
Starting test: Services
......................... VL-MEDIASERVER passed test Services
Starting test: SystemLog
The event log System on server VL-MEDIASERVER.VILLALITBY.local could
not be queried, error 0x6ba "The RPC server is unavailable."
......................... VL-MEDIASERVER failed test SystemLog
Starting test: VerifyReferences
......................... VL-MEDIASERVER passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : VILLALITBY
Starting test: CheckSDRefDom
......................... VILLALITBY passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... VILLALITBY passed test CrossRefValidation
Running enterprise tests on : VILLALITBY.local
Starting test: LocatorCheck
......................... VILLALITBY.local passed test LocatorCheck
Starting test: Intersite
......................... VILLALITBY.local passed test Intersite
Output from DCDIAG testing the backup domain controller:
Directory Server Diagnosis
Performing initial setup:
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\VL-DOMAIN
Starting test: Connectivity
......................... VL-DOMAIN passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\VL-DOMAIN
Starting test: Advertising
Warning: DsGetDcName returned information for
\\VL-MEDIASERVER.VILLALITBY.local, when we were trying to reach
VL-DOMAIN.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... VL-DOMAIN failed test Advertising
Starting test: FrsEvent
......................... VL-DOMAIN passed test FrsEvent
Starting test: DFSREvent
The event log DFS Replication on server VL-DOMAIN.VILLALITBY.local
could not be queried, error 0x6ba "The RPC server is unavailable."
......................... VL-DOMAIN failed test DFSREvent
Starting test: SysVolCheck
......................... VL-DOMAIN passed test SysVolCheck
Starting test: KccEvent
The event log Directory Service on server VL-DOMAIN.VILLALITBY.local
could not be queried, error 0x6ba "The RPC server is unavailable."
......................... VL-DOMAIN failed test KccEvent
Starting test: KnowsOfRoleHolders
......................... VL-DOMAIN passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... VL-DOMAIN passed test MachineAccount
Starting test: NCSecDesc
......................... VL-DOMAIN passed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\VL-DOMAIN\netlogon)
[VL-DOMAIN] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... VL-DOMAIN failed test NetLogons
Starting test: ObjectsReplicated
......................... VL-DOMAIN passed test ObjectsReplicated
Starting test: Replications
......................... VL-DOMAIN passed test Replications
Starting test: RidManager
......................... VL-DOMAIN passed test RidManager
Starting test: Services
......................... VL-DOMAIN passed test Services
Starting test: SystemLog
The event log System on server VL-DOMAIN.VILLALITBY.local could not be
queried, error 0x6ba "The RPC server is unavailable."
......................... VL-DOMAIN failed test SystemLog
Starting test: VerifyReferences
......................... VL-DOMAIN passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : VILLALITBY
Starting test: CheckSDRefDom
......................... VILLALITBY passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... VILLALITBY passed test CrossRefValidation
Running enterprise tests on : VILLALITBY.local
Starting test: LocatorCheck
......................... VILLALITBY.local passed test LocatorCheck
Starting test: Intersite
......................... VILLALITBY.local passed test Intersite