我有 3 台虚拟机。由于我所在的公司存在很多问题,我不得不将它们移至另一台专用服务器。
当然,新的专用服务器有新的 IP 地址。
它们是连续的 IP 地址,例如:
192.168.1.10 DC
192.168.1.11 Server1
192.168.1.12 Server2
不是 IP 地址,只是一个例子。
所有三台计算机均在线,具有公共 IP 地址,并且可通过互联网访问。我无法让 Server1 和 Server2 看到新的域控制器。
我该如何在两台计算机上更改 DC 服务器 IP 地址才能查看 DC 的新 IP 地址?
这是我收到的消息:
我已尝试ipconfig /flushdns并重新启动,但没有成功。
编辑1
我在域控制器上执行了 dcdiag,显示的内容如下:
C:\Users\Administrator>ipconfig /registerdns
Windows IP Configuration
Registration of the DNS resource records for all adapters of this computer has b
een initiated. Any errors will be reported in the Event Viewer in 15 minutes.
C:\Users\Administrator>DCDiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = DCVM
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DCVM
Starting test: Connectivity
The host
388c6ac2-c78f-479c-b8e5-c0cc89b32024._msdcs.mydomain.com could
not be resolved to an IP address. Check the DNS server, DHCP, server
name, etc.
Got error while checking LDAP and RPC connectivity. Please check your
firewall settings.
......................... DCVM failed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DCVM
Skipping all tests, because server DCVM is not responding to directory
service requests.
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : suburbandomain
Starting test: CheckSDRefDom
......................... mydomain passed test CheckSDRefDom
Starting test: CrossRefValidation
Running enterprise tests on : mydomain.com
Starting test: LocatorCheck
......................... mydomain.com passed test LocatorCheck
Starting test: Intersite
......................... mydomain.com passed test Intersite
编辑2
I found this in the domain controllers event viewer:
The dynamic deletion of the DNS record 'DomainDnsZones.mydomain.com. 600 IN A xx.xx.xx.xx' failed on the following DNS server:
DNS server IP address: xx.xx.xx.xx
Returned Response Code (RCODE): 1
Returned Status Code: 9001
USER ACTION
To prevent remote computers from connecting unnecessarily to the domain controller, delete the record manually or troubleshoot the failure to dynamically delete the record. To learn more about debugging DNS, see Help and Support Center.
ADDITIONAL DATA
Error Value: DNS server unable to interpret format.
有什么建议么?
答案1
检查 DNS 记录。将服务器 1 和服务器 2 上的主 DNS 服务器指向您的 DC。
显示输出:dcdiag /v /c /d /e
答案2
您的主机将尝试通过查询 DNS 服务器的SRV记录来定位 Active Directory 服务器。例如,_ldap._tcp.example.com。此类记录使用域控制器的规范名称,因此应该没有问题。
但是DomainDnsZone.example.com,ForestDnsZone.example.com两者都引用域控制器的 IP 地址。因此,当更改域控制器 IP 地址时,您还应该更新 DNS 条目。
如何设置 DNS 区域取决于您的 Active Directory 域。Windows 提供了一些工具来解决这个问题。尝试在一个域控制器上运行以下命令:
> dcdiag /fix
> netdiag /fix
这应该可以修复您的 DNS 区域。