Solution

NSLookup still showing IP of demoted Domain Controller

So had an interesting issue today where a Domain Controller (DC) was demoted yet the IP of the demoted DC was still showing up when running nslookup internaldomain.local

Demoted DC: MWDC04 / IP: 10.14.111.111

I had done the metadata cleanup and tried many suggestions when googling the subject. To my surprise none of the solutions I found worked.

I had removed the IP address from the Primary DNS Server and saw entries for:

(same as parent folder) Host(A)  10.14.111.111
(same as parent folder) NameServer (NS)  10.14.111.111

I also looked under internaldomain.local > _msdcs and deleted entries from there.

After clearing the cache and waiting for replication, did a nslookup again and the IP was still there.

Well, there are some good and bad things about Microsoft DNS.

The BAD:

You cannot search DNS values in DNS Management. You are limited to searching just the names.

THE GOOD:

All DNS entries are stored in a flat file on the DNS Server “C:\WINDOWS\system32\dns\internaldomain.local.dns” (The default location). JACKPOT!

I opened it up in Notepad++, did a search for IP and DNS name of the demoted server(MWDC04-10.14.111.111) and started deleting matched entries. I was so surprised to find entries that were deeply buried under “domaindnszones” & “forestdnszones” and a few other subzones.

Cleared the cache again and waited for replication. Once replication completed I tried nslookup internaldomain.local and this time it didn’t list the demoted DC anymore.

I hope this saves others time, because finding a record in DNS might be like searching for a needle in a haystack!

Linux: CentOS 6 kernel panic+0xa7/0x16f fix

So ran into a view issue for a Linux Host today. Kernel Panic !!!

There could be a number of reasons that you might get this error. The three common reasons may be:

  1. There was a change to selinux config – (that might be an error in the config file)
  2. There are disk errors
  3. The kernel is corrupted

None of the kernels in the GRUB boot menu will boot, you get a kernel panic:

1-kernel-panic

Kernel panic – not syncing: Attempted to kill init!
Pid: 1, comm: init Not tainted 2.6.32-504.3.3.el6.x86_64 #1
panic+0xa7/0x16f
do_exit+0x862/0x870
fput+0x25/0x30
do_group_exit+0x58/0xd0
sys_exit_group+0x17/0x20
system_call_fastpath+0x16/0x1b

Booting in single user mode doesn’t work either.

Here’s how to fix this:

            1. Reboot, and go in the GRUB menu. You have 3 seconds to strike the arrow keys before it will automatically boot the default kernel.2-grub-menu
            2. Select the first line, the default kernel, and press the E key on the keyboard to edit the parameters. You will then see the following.
              3-grub-edit
            3. Use the arrow keys to select the 2nd line, that starts with kernel. Press the E key to change this line, use the arrow keys to go to the end and type a space followed by enforcing=0
              4-grub-edit
            4. Press enter to conform and then press B to boot the system.
              It should boot up fine now.
            5. Choose your solution:

              SELINUX Config FileDisk ErrorsRebuild Kernel

              Disabled for the SELINUXTYPE variable, that’s wrong it has to be for the SELINUX variable. In the screenshot below I show you the correct settings in the config file to disable SELINUX.

              5-selinux-disabled

            6. Reboot.