Server 2008 DNS problems

Hi everyone. I need some help with Active Directory and Windows Server 2008..
First things first: How the current situation came to be: After a Windows Update, Windows Server 2008 refused to boot, going into a perpetual loop of rebooting time and again. I tried to restore the system with Windows Server Backup, the data is safe and sound, yet it seems like the problem already existed when the backup was made, so I had to reinstall. After reinstallation, I deleted the "old server" from NTDS settings, did a metadata cleanup and transferred all roles to the remaining "backup" DC. Then I setup a DNS server on the secondary DC to get the freshly installed DC to find it and be able to join the domain again (dcpromo). This worked. Now I transferred all roles back to the original server and made it a global catalogue, uninstalled the DNS server from the secondary DC and installed DNS on the primary DC (which was not possible with dcpromo, because it promted a server error). I was able to install DNS and make a primary, AD integrated zone on the server, but I can only use the Windows-2000 compatible mode, since a server error appears every time i try to switch to other modes (like replicate on all DNS within domain/structure).
The DNS records seem to be fine, as far as I can see, the two DCs are listed, both as gc and the mscds records are complete. In sites and contexts, both are marked as GC. Replication works.
What I still need to figure out and repair are the following:
a) DNS operating/replication mode: Why can I only use the Windows-2000 compatible mode, what needs to be changed?
b) Why didn't the DC after reinstallation and promotion create the sysvol and NTDS shares? (Had to create them myself and copy the content of the sysvol from the secondary DC by manually)
c) How do I resolve the problems dcdiag still prompts? (namely: Advertising test (DsGetDCname only returns the name of the secondary DC not the primary (reinstalled) DC), Netlogons failed (network share was deleted somehow and i had to recreate it, hope that solved it(?))
d) (Least of my problems ) - NET Framework gives Assembler Errors whenever I'm trying to install a .NET based application - like Office 2007, apparently. I can not repair .NET, since it's built-in with Server 08. Also the problem exists since the reinstallation, which I find very weird, since it would be SUPPOSED to work in a fresh install..

Well, thanks in advance for your help!

 

Have you reinstalled AD from backup? I think what might be happening is that part of the restored data includes elements that remember the old DNS server on that server. When they try to connect to DNS on that server they see the old settings and then don't find the matching system in the real world and fail.

Simplest solution may be to use the secondary DC as your main DNS server.

If you can get a test system together, it might be worth getting AD and DNS working before you recover the backed up AD data. I'm not sure how easy that will be with 2008 (hence the suggestion to try a test server).

Also did you start from fresh with you reinstall, or did you reinstall over the top? If the later, that might explain why you are getting odd misdirections.

 

No didn't install AD from backup. The Active Directory Data was still present on the second DC, so there was no need to use the backup. All i restored was the data on the other drives, like user home directories, network shares and stuff.
The reinstall also was a fresh one, though there is still a Windows.old folder on the drive. I can't use the secondary DC as DNS, because the second DC is not on all the time. The primary DC is a real server (Dell PET300), while the other DC is just a Desktop PC setup as DC to facilitate domain management (and to have a backup of the AD data - which proved usefull)

 

I'm sorry - I don't know 2008 enough to help you further.

 

A: There are only two modes. 2000 and 2008
B: Because the server was still in AD. DCpromo the server down to a member, and run though the removing a failed server from AD steps. Removing NTDS settings in ADSaS is not enough. The second DC has no idea that the first failed and was replaced.
C Did you seize the roles after the failure? If not it will be seen as a secondary. Regardless your domain has no FSMO holders and is not wokring correctly.
D: Not a clue.


B: http://www.petri.co.il/delete_failed_dcs_from_ad.htm
http://support.microsoft.com/kb/216498 (name is not the same as your problem, but its the same process)