Client DNS issue after Domain controller migration

Sabir Shibley 41 Reputation points
2020-12-06T09:50:42.11+00:00

i had migrated from 2008 R2 Domain controller to 2016, all FSMO roles transferred to 2016 server. after migration existing clients machines not resolving new server DNS, it gives below error.

C:\Users\administrator.CLOUD>nslookup
DNS request timed out.
timeout was 2 seconds.
Default Server: UnKnown
Address: 192.168.201.11

new servers are able to resolve 2016 server DNS without any issue.

i did not demoted 2008 R2 domain due to DNS issue. i tried registering DNS manually but no luck

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,230 questions
Windows DHCP
Windows DHCP
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.DHCP: Dynamic Host Configuration Protocol (DHCP). A communications protocol that lets network administrators manage centrally and automate the assignment of Internet Protocol (IP) addresses in an organization's network.
1,035 questions
Windows Server Migration
Windows Server Migration
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Migration: The process of making existing applications and data work on a different computer or operating system.
417 questions
0 comments
Accepted answer
  1. Thameur-BOURBITA 32,626 Reputation points
    2020-12-06T14:25:20.443+00:00

    Hi,

    it seems a network issue. check if the DNS network flow port 53 used by the client to send DNS request is opened between client and new DNS server. you can use this tools https://www.microsoft.com/en-us/download/details.aspx?id=24009
    It can be also a DC problem because the DNS zone is active directory integrated so , it can be impacted if there is a replication issue.

    Please don't forget to mark this reply as answer if it help you to fix your issue

    0 comments

8 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sabir Shibley 41 Reputation points
    2020-12-06T14:06:23.127+00:00
    0 comments
  2. Anonymous
    2020-12-06T14:21:21.993+00:00

    There is a time difference between the two domain controllers, this needs to be corrected. May need to look at the domain time service configuration. Looks like there are replication problems between the two. I'd check the event logs for more details of issues. Also check that problem clients are getting the ip address of new DC listed for DNS on connection properties.

    --please don't forget to Accept as answer if the reply is helpful--

    0 comments
  3. Gloria Gu 3,896 Reputation points
    2020-12-07T03:35:52.71+00:00

    @Sabir Shibley Hi,

    Thank you for posting in Q&A!

    Please try to point the DNS server list to each other, rather than point to itself first.

    If multiple DCs are configured as DNS servers, they should be configured to use each other for resolution first and themselves second. If the DC point to itself as the primary DNS server, it might cause some unexpected AD replication issue.

    For more details, please refer to:
    https://www.dell.com/support/article/en-sg/sln155801/best-practices-for-dns-configuration-in-an-active-directory-domain?lang=en

    Hope you have a nice day : )
    Gloria

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
    https://video2.skills-academy.com/en-us/answers/articles/67444/email-notifications.html

    0 comments
  4. Sabir Shibley 41 Reputation points
    2020-12-07T08:56:30.1+00:00

    Dear All,

    Issue fixed as our firewall is blocking port 53, Thanks @Thameur-BOURBITA @Anonymous @Gloria Gu