Link to home
Start Free TrialLog in
Avatar of icdl101
icdl101Flag for Barbados

asked on

Dcdiag /test:dns test failed

hi i ran the dcdiag /test:dns  and the results are below, indicating a failure.
How do i fix this error.
Little background on this server. This is a new 2003 DC for local domain. I m replacing the old Win 2000 DC server. I have already transferred over the 5 FSMO roles and the Global Catalog role.
While running the test ( dcdiag /test:dns) the 2000 Server is powered down.


 Testing server: Default-First-Site-Name\CORP1
    Starting test: Connectivity
       ......................... CORP1 passed test Connectivity

ing primary tests

 Testing server: Default-First-Site-Name\CORP1

S Tests are running and not hung. Please wait a few minutes...

 Running partition tests on : ForestDnsZones

 Running partition tests on : DomainDnsZones

 Running partition tests on : Schema

 Running partition tests on : Configuration

 Running partition tests on : MyLocalDomain

 Running enterprise tests on : MyLocalDomain.com
    Starting test: DNS
       Test results for domain controllers:

          DC: corp1.MyLocalDomain.com
          Domain: MyLocalDomain.com


             TEST: Forwarders/Root hints (Forw)
                Error: Root hints list has invalid root hint server: a.root-se
ers.net. (198.41.0.4)
                Error: Root hints list has invalid root hint server: b.root-se
ers.net. (192.228.79.201)
                Error: Root hints list has invalid root hint server: c.root-se
ers.net. (192.33.4.12)
                Error: Root hints list has invalid root hint server: d.root-se
ers.net. (128.8.10.90)
                Error: Root hints list has invalid root hint server: e.root-se
ers.net. (192.203.230.10)
                Error: Root hints list has invalid root hint server: f.root-se
ers.net. (192.5.5.241)
                Error: Root hints list has invalid root hint server: g.root-se
ers.net. (192.112.36.4)
                Error: Root hints list has invalid root hint server: h.root-se
ers.net. (128.63.2.53)
                Error: Root hints list has invalid root hint server: i.root-se
ers.net. (192.36.148.17)
                Error: Root hints list has invalid root hint server: j.root-se
ers.net. (192.58.128.30)
                Error: Root hints list has invalid root hint server: k.root-se
ers.net. (193.0.14.129)
                Error: Root hints list has invalid root hint server: l.root-se
ers.net. (199.7.83.42)
                Error: Root hints list has invalid root hint server: m.root-se
ers.net. (202.12.27.33)

             TEST: Dynamic update (Dyn)
                Warning: Dynamic update is enabled on the zone but not secure
reavesassociates.com.

       Summary of test results for DNS servers used by the above domain contro
ers:

          DNS server: 128.63.2.53 (h.root-servers.net.)
             1 test failure on this DNS server
             This is not a valid DNS server. PTR record query for the 1.0.0.12
in-addr.arpa. failed on the DNS server 128.63.2.53

          DNS server: 128.8.10.90 (d.root-servers.net.)
             1 test failure on this DNS server
             This is not a valid DNS server. PTR record query for the 1.0.0.12
in-addr.arpa. failed on the DNS server 128.8.10.90

          DNS server: 192.112.36.4 (g.root-servers.net.)
             1 test failure on this DNS server
             This is not a valid DNS server. PTR record query for the 1.0.0.12
in-addr.arpa. failed on the DNS server 192.112.36.4

          DNS server: 192.203.230.10 (e.root-servers.net.)
             1 test failure on this DNS server
             This is not a valid DNS server. PTR record query for the 1.0.0.12
in-addr.arpa. failed on the DNS server 192.203.230.10

          DNS server: 192.228.79.201 (b.root-servers.net.)
             1 test failure on this DNS server
             This is not a valid DNS server. PTR record query for the 1.0.0.12
in-addr.arpa. failed on the DNS server 192.228.79.201

          DNS server: 192.33.4.12 (c.root-servers.net.)
             1 test failure on this DNS server
             This is not a valid DNS server. PTR record query for the 1.0.0.12
in-addr.arpa. failed on the DNS server 192.33.4.12

          DNS server: 192.36.148.17 (i.root-servers.net.)
             1 test failure on this DNS server
             This is not a valid DNS server. PTR record query for the 1.0.0.12
in-addr.arpa. failed on the DNS server 192.36.148.17

          DNS server: 192.5.5.241 (f.root-servers.net.)
             1 test failure on this DNS server
             This is not a valid DNS server. PTR record query for the 1.0.0.12
in-addr.arpa. failed on the DNS server 192.5.5.241

          DNS server: 192.58.128.30 (j.root-servers.net.)
             1 test failure on this DNS server
             This is not a valid DNS server. PTR record query for the 1.0.0.12
in-addr.arpa. failed on the DNS server 192.58.128.30

          DNS server: 193.0.14.129 (k.root-servers.net.)
             1 test failure on this DNS server
             This is not a valid DNS server. PTR record query for the 1.0.0.12
in-addr.arpa. failed on the DNS server 193.0.14.129

          DNS server: 198.41.0.4 (a.root-servers.net.)
             1 test failure on this DNS server
             This is not a valid DNS server. PTR record query for the 1.0.0.12
in-addr.arpa. failed on the DNS server 198.41.0.4

          DNS server: 199.7.83.42 (l.root-servers.net.)
             1 test failure on this DNS server
             This is not a valid DNS server. PTR record query for the 1.0.0.12
in-addr.arpa. failed on the DNS server 199.7.83.42

          DNS server: 202.12.27.33 (m.root-servers.net.)
             1 test failure on this DNS server
             This is not a valid DNS server. PTR record query for the 1.0.0.12
in-addr.arpa. failed on the DNS server 202.12.27.33

       Summary of DNS test results:

                                          Auth Basc Forw Del  Dyn  RReg Ext
             ________________________________________________________________
          Domain: MyLocalDomain.com
             corp1                        PASS PASS FAIL PASS WARN PASS n/a

       ......................... MyLocalDomain.com failed test DNS
ASKER CERTIFIED SOLUTION
Avatar of Brian Pierce
Brian Pierce
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of icdl101
icdl101
Flag of Barbados image

ASKER

This is what i had done previously; while doing DCPROMO on the 2003 server i had initially set Preferred DNS server as 2000 Server.
Once the AD was replicated, i set up the DNS on 2003 Server, at that time i had pointed the  preferred DNS to itself and no other DNS servers.
So something must have gone wrong. I was not able to intially replicate SYSVOL or NETLOGON.
Eventually SYSVOL share came up but not NETLOGON. So i had manually copied over the Policies  from 2000 server  created SCRIPTSfolder and shared it as NETLOGON share.

Avatar of icdl101
icdl101
Flag of Barbados image

ASKER

when i reboot the 2003 server (2000 server powered off) i get following errors in the event log.

event id 4015
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.

event id 4004
The DNS server was unable to complete directory service enumeration of zone ..  This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.

event id 4004
The DNS server was unable to complete directory service enumeration of zone 254.168.192.in-addr.arpa.  This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.

event id 4004
The DNS server was unable to complete directory service enumeration of zone MyLocalDomain.com.  This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it.  Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.

then i get normal  Event id 2
The DNS server has started.



Avatar of icdl101
icdl101
Flag of Barbados image

ASKER

This is how the issue was resolved.


* Delete the forward zone and the reverse lookup zone on server:

*delete the files netlogon.dnb and netlogon.dns from
%systemroot%\system32\config

*uninstall DNS, remove DNS directory.

*Install DNS.

*create the forward lookup zone and the reverse lookup zone make them AD
integrated, for security purposes make sure that the zones only accept
secure only - updates.

*restart the netlogon service, confirm the creation of the files
netlogon.dnb and netlogon.dns on %systemroot%\system32\config

*run ipconfig /registerdns

*run netdiag /fix
Avatar of icdl101
icdl101
Flag of Barbados image

ASKER

Points awarded for contribution, not solution