An error occurred while validating the server dns

30-Dec-2019 19:59

2000, 2003, and 2008 have all had periodic issues, bugs, performance hits, etc through their lifetime when DC's would be pointed to self first for DNS. In order to keep the experience as even and reliable as possible, we recommend pointing to another DNS server, then yourself – you get the best of both worlds.Not all the old documentation has been updated to reflect this; there's a TON of it, and it costs us a lot of money to hunt them all down when they are localized in at least 36 languages.You can add other AD DNS servers as secondaries if you like, however it is entirely not necessary and can in fact just confuse things if there is a DNS issue as it makes troubleshooting just that bit harder. inclusion of its own IP address in the list of DNS servers improves performance and increases availability of DNS servers.However, if the DNS server is also a domain controller and it points only to itself for name resolution, it can become an island and fail to replicate with other domain controllers.I don't wish to enter an argument (I'd rather an informed discussion), I am just pointing out that the notion of 'primary DNS server should be itself' appears to be dated, depending on the scenario.

Even if I switch around the DNS server order within the NICs, it still doesn't get past the issue that DC1 has issues communicating with DC2 which is what this post is about :) As a bit of background, the reason I am looking into this issue is because users on the same site as DC2 are experiencing slow logins.

); the newest article googled on DNS islanding is 4 years old; the next newest is dated 2004. TL; DR your references are dated and not relevant in modern systems. For this reason, use caution when configuring the loopback address on an adapter if the server is also a domain controller.

If you're still admininig server 2003 or 2000, or regularly screw up your NIC configuration (e.g. The loopback address should be configured only as a secondary or tertiary DNS server on a domain controller.

The other reason is DNS islanding, which is also an extremely rare fault-situation (there's the reason DC's have static entries in DNS).

DNS islanding is basically a non-issue (the premise of which is moot – otherwise how would the 1st AD server ever boot? Once again, this is easily resolved with a quick edit to DNS, should it happen.

Even if I switch around the DNS server order within the NICs, it still doesn't get past the issue that DC1 has issues communicating with DC2 which is what this post is about :) As a bit of background, the reason I am looking into this issue is because users on the same site as DC2 are experiencing slow logins.); the newest article googled on DNS islanding is 4 years old; the next newest is dated 2004. TL; DR your references are dated and not relevant in modern systems. For this reason, use caution when configuring the loopback address on an adapter if the server is also a domain controller.If you're still admininig server 2003 or 2000, or regularly screw up your NIC configuration (e.g. The loopback address should be configured only as a secondary or tertiary DNS server on a domain controller.The other reason is DNS islanding, which is also an extremely rare fault-situation (there's the reason DC's have static entries in DNS).DNS islanding is basically a non-issue (the premise of which is moot – otherwise how would the 1st AD server ever boot? Once again, this is easily resolved with a quick edit to DNS, should it happen.The users are experiencing 5-10minute logon periods.