Question

trying to decommission a Windows 2000 domain controller

Asked by: Winstink

I am trying to decommission a Windows 2000 domain controller.  I am following the steps provided at http://technet.microsoft.com/en-us/library/cc755937%28WS.10%29.aspx.  I got to the point where I am verifying dns registration and functionality.  I run netdiag /test:dns and get the following for DNS:

DNS test . . . . . . . . . . . . . : Failed
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '13.0.0.9'. Please wait for 30 minutes for DNS server replication.
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '13.0.0.3'. Please wait for 30 minutes for DNS server replication.
    [FATAL] No DNS servers have the DNS records for this DC registered.

I have no events in the dns event log.  I ran netdiag /test:dns /v and get the following:
C:\Program Files\Support Tools>netdiag /test:dns /v

    Gathering IPX configuration information.
    Querying status of the Netcard drivers... Passed
    Testing Domain membership... Passed
    Gathering NetBT configuration information.
    Testing DNS
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '13.0.0.9'. Please wait for 30 minutes for DNS server replication.
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '13.0.0.3'. Please wait for 30 minutes for DNS server replication.
        [FATAL] No DNS servers have the DNS records for this DC registered.

    Tests complete.


    Computer Name: UT1
    DNS Host Name: ut1.hq.theptiway.com
    DNS Domain Name: hq.theptiway.com
    System info : Windows 2000 Server (Build 2195)
    Processor : x86 Family 15 Model 3 Stepping 4, GenuineIntel
    Hotfixes :
        Installed?      Name
           Yes          KB329115
           Yes          KB822343
           Yes          KB823182
           Yes          KB823559
           Yes          KB824105
           Yes          KB825119
           Yes          KB826232
           Yes          KB828035
           Yes          KB828749
           Yes          KB831047
           Yes          KB832353
           Yes          KB832359
           Yes          KB841356
           Yes          KB842773
           Yes          KB885836
           Yes          KB893756
           Yes          KB893803v2
           Yes          KB896358
           Yes          KB896422
           Yes          KB896423
           Yes          KB899587
           Yes          KB899589
           Yes          KB899591
           Yes          KB900725
           Yes          KB901017
           Yes          KB901214
           Yes          KB905414
           Yes          KB905495-IE6SP1-20050805.184113
           Yes          KB905749
           Yes          KB908519
           Yes          KB908531
           Yes          KB909520
           Yes          KB911280
           Yes          KB911564
           Yes          KB913580
           Yes          KB914388
           Yes          KB914389
           Yes          KB917008
           Yes          KB917537
           Yes          KB917953
           Yes          KB918118
           Yes          KB920213
           Yes          KB920670
           Yes          KB920683
           Yes          KB920685
           Yes          KB921398
           Yes          KB921503
           Yes          KB922582
           Yes          KB923191
           Yes          KB923414
           Yes          KB923561
           Yes          KB923810
           Yes          KB923980
           Yes          KB924270
           Yes          KB924667
           Yes          KB925398_WMP64
           Yes          KB925902
           Yes          KB926122
           Yes          KB926436
           Yes          KB927891
           Yes          KB928843
           Yes          KB930178
           Yes          KB931784
           Yes          KB933729
           Yes          KB935839
           Yes          KB935840
           Yes          KB935966
           Yes          KB936021
           Yes          KB936782_WMP9
           Yes          KB937894
           Yes          KB938127-IE6SP1-20070626.120000
           Yes          KB938464-IE6SP1-20080429.120000
           Yes          KB938827
           Yes          KB938829
           Yes          KB941202-OE6SP1-20070820.120000
           Yes          KB941568
           Yes          KB941568_DX9
           Yes          KB941569
           Yes          KB941644
           Yes          KB941693
           Yes          KB942615-IE6SP1-20071029.120000
           Yes          KB942831
           Yes          KB943055
           Yes          KB943485
           Yes          KB944338
           Yes          KB945553
           Yes          KB948590
           Yes          KB950749
           Yes          KB950759-IE6SP1-20080418.120000
           Yes          KB950760
           Yes          KB950974
           Yes          KB951066-OE6SP1-20080625.120000
           Yes          KB951698_DX9
           Yes          KB951748
           Yes          KB952004
           Yes          KB952069_WM71
           Yes          KB952954
           Yes          KB953155
           Yes          KB954211
           Yes          KB954600_WM41
           Yes          KB955069
           Yes          KB956802
           Yes          KB957097
           Yes          KB958215-IE6SP1-20081016.120000
           Yes          KB958644
           Yes          KB958687
           Yes          KB958690
           Yes          KB959426
           Yes          KB960225
           Yes          KB960714-IE6SP1-20081211.120000
           Yes          KB960715
           Yes          KB960803
           Yes          KB961063
           Yes          KB961373_DX9
           Yes          KB963027-IE6SP1-20090303.120000
           Yes          KB967715
           Yes          KB969898
           Yes          Q147222
           Yes          Q828026
           No           ServicePackUninstall
           Yes          Update Rollup 1


Netcard queries test . . . . . . . : Passed

    Information of Netcard drivers:

    ---------------------------------------------------------------------------
    Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Teefer2 Minipor
t
    Device: \DEVICE\{28D44955-14EE-4614-BC0F-6964A8061AD8}

    Media State:                     Connected

    Device State:                    Connected
    Connect Time:                    6 days, 02:06:58
    Media Speed:                     100 Mbps

    Packets Sent:                    4147955
    Bytes Sent (Optional):           0

    Packets Received:                3254976
    Directed Pkts Recd (Optional):   3085042
    Bytes Received (Optional):       0
    Directed Bytes Recd (Optional):  0

    ---------------------------------------------------------------------------
    Description: Infrared Modem Port
    Device: \DEVICE\{B4A730AA-D9A5-4575-A580-A2B109466714}
    GetStats failed for 'Infrared Modem Port'. [ERROR_NOT_SUPPORTED]
    ---------------------------------------------------------------------------
    Description: Infrared Port
    Device: \DEVICE\{31A61DDF-6BFF-4AA8-BA55-36C3A7C2AB17}
    GetStats failed for 'Infrared Port'. [ERROR_NOT_SUPPORTED]
    ---------------------------------------------------------------------------
    Description: Built-in Infrared Device
    Device: \DEVICE\{55B38EC4-C651-4AE2-ADCB-D97AB7E81ADB}

    Media State:                     Connected

    Device State:                    Connected
    Connect Time:                    6 days, 02:06:59
    Media Speed:                     115 Kbps

    Packets Sent:                    920647
    Bytes Sent (Optional):           0

    Packets Received:                0
    Directed Pkts Recd (Optional):   0
    Bytes Received (Optional):       0
    Directed Bytes Recd (Optional):  0

    [WARNING] The net card 'Built-in Infrared Device' may not be working because
 it has not received any packets.
    ---------------------------------------------------------------------------
    Description: Realtek RTL8139/810x Family Fast Ethernet NIC
    Device: \DEVICE\{30A0E7B6-1085-4059-8AC8-0DF6E5BF7989}

    Media State:                     Connected

    Device State:                    Connected
    Connect Time:                    6 days, 02:07:01
    Media Speed:                     100 Mbps

    Packets Sent:                    4147955
    Bytes Sent (Optional):           0

    Packets Received:                3254976
    Directed Pkts Recd (Optional):   3085042
    Bytes Received (Optional):       0
    Directed Bytes Recd (Optional):  0

    ---------------------------------------------------------------------------
    [PASS] - At least one netcard is in the 'Connected' state.



Per interface results:

    Adapter : Local Area Connection
        Adapter ID . . . . . . . . : {30A0E7B6-1085-4059-8AC8-0DF6E5BF7989}

        Netcard queries test . . . : Passed


Global results:


Domain membership test . . . . . . : Passed
    Machine is a . . . . . . . . . : Domain Controller
    Netbios Domain name. . . . . . : PTIHQ
    Dns domain name. . . . . . . . : hq.theptiway.com
    Dns forest name. . . . . . . . : hq.theptiway.com
    Domain Guid. . . . . . . . . . : {2020A71F-0CBC-4A45-9A04-D2395AD1FAE4}
    Domain Sid . . . . . . . . . . : S-1-5-21-91431572-1618574414-929701000
    Logon User . . . . . . . . . . : Admin2
    Logon Domain . . . . . . . . . : PTIHQ


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{30A0E7B6-1085-4059-8AC8-0DF6E5BF7989}
    1 NetBt transport currently configured.


DNS test . . . . . . . . . . . . . : Failed
      Interface {30A0E7B6-1085-4059-8AC8-0DF6E5BF7989}
        DNS Domain:
        DNS Servers: 13.0.0.9 13.0.0.3
        IP Address: 13.0.0.3
        Expected registration with PDN (primary DNS domain name):
          Hostname: ut1.hq.theptiway.com.
          Authoritative zone: hq.theptiway.com.
          Primary DNS server: dc5.hq.theptiway.com 13.0.0.9
          Authoritative NS:11.0.0.2 13.0.0.9 13.0.0.10 11.0.0.8 18.0.0.4 13.0.0.
3
          Update is not allowed in zone hq.theptiway.com..
Check the DNS registration for DCs entries on DNS server '13.0.0.9'
The Record is different on DNS server '13.0.0.9'.
DNS server has more than one entries for this name, usually this means there are
 multiple DCs for this domain.
Your DC entry is one of them on DNS server '13.0.0.9', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = hq.theptiway.com.
DNS DATA =
            A  13.0.0.3

The record on DNS server 13.0.0.9 is:
DNS NAME = hq.theptiway.com
DNS DATA =
            A  13.0.0.65
            A  13.0.0.3
            A  13.0.0.45
            A  13.0.0.10
            A  13.0.0.9
            A  13.0.0.2
            A  13.0.0.44
            A  13.0.0.8
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.9'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.hq.theptiway.com.
DNS DATA =
            SRV 0 100 389 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.9 is:
DNS NAME = _ldap._tcp.hq.theptiway.com
DNS DATA =
            SRV 0 100 389 dc5.hq.theptiway.com
            SRV 0 100 389 dch1.hq.theptiway.com
            SRV 0 100 389 dc4.hq.theptiway.com
            SRV 0 100 389 hunt1.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.9'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.ParadigmHQ._sites.hq.theptiway.com.
DNS DATA =
            SRV 0 100 389 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.9 is:
DNS NAME = _ldap._tcp.ParadigmHQ._sites.hq.theptiway.com
DNS DATA =
            SRV 0 100 389 dc5.hq.theptiway.com
            SRV 0 100 389 dc4.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.9'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.2020a71f-0cbc-4a45-9a04-d2395ad1fae4.domains._msdcs.hq.the
ptiway.com.
DNS DATA =
            SRV 0 100 389 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.9 is:
DNS NAME = _ldap._tcp.2020a71f-0cbc-4a45-9a04-d2395ad1fae4.domains._msdcs.hq.the
ptiway.com
DNS DATA =
            SRV 0 100 389 dc5.hq.theptiway.com
            SRV 0 100 389 dch1.hq.theptiway.com
            SRV 0 100 389 dc4.hq.theptiway.com
            SRV 0 100 389 hunt1.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.9'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._tcp.dc._msdcs.hq.theptiway.com.
DNS DATA =
            SRV 0 100 88 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.9 is:
DNS NAME = _kerberos._tcp.dc._msdcs.hq.theptiway.com
DNS DATA =
            SRV 0 100 88 dc4.hq.theptiway.com
            SRV 0 100 88 hunt1.hq.theptiway.com
            SRV 0 100 88 dch1.hq.theptiway.com
            SRV 0 100 88 dc5.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.9'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._tcp.ParadigmHQ._sites.dc._msdcs.hq.theptiway.com.
DNS DATA =
            SRV 0 100 88 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.9 is:
DNS NAME = _kerberos._tcp.ParadigmHQ._sites.dc._msdcs.hq.theptiway.com
DNS DATA =
            SRV 0 100 88 dc4.hq.theptiway.com
            SRV 0 100 88 dc5.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.9'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.dc._msdcs.hq.theptiway.com.
DNS DATA =
            SRV 0 100 389 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.9 is:
DNS NAME = _ldap._tcp.dc._msdcs.hq.theptiway.com
DNS DATA =
            SRV 0 100 389 dc5.hq.theptiway.com
            SRV 0 100 389 dch1.hq.theptiway.com
            SRV 0 100 389 dc4.hq.theptiway.com
            SRV 0 100 389 hunt1.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.9'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.ParadigmHQ._sites.dc._msdcs.hq.theptiway.com.
DNS DATA =
            SRV 0 100 389 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.9 is:
DNS NAME = _ldap._tcp.ParadigmHQ._sites.dc._msdcs.hq.theptiway.com
DNS DATA =
            SRV 0 100 389 dc5.hq.theptiway.com
            SRV 0 100 389 dc4.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.9'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._tcp.hq.theptiway.com.
DNS DATA =
            SRV 0 100 88 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.9 is:
DNS NAME = _kerberos._tcp.hq.theptiway.com
DNS DATA =
            SRV 0 100 88 dc5.hq.theptiway.com
            SRV 0 100 88 hunt1.hq.theptiway.com
            SRV 0 100 88 dc4.hq.theptiway.com
            SRV 0 100 88 dch1.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.9'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._tcp.ParadigmHQ._sites.hq.theptiway.com.
DNS DATA =
            SRV 0 100 88 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.9 is:
DNS NAME = _kerberos._tcp.ParadigmHQ._sites.hq.theptiway.com
DNS DATA =
            SRV 0 100 88 dc5.hq.theptiway.com
            SRV 0 100 88 dc4.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.9'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._udp.hq.theptiway.com.
DNS DATA =
            SRV 0 100 88 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.9 is:
DNS NAME = _kerberos._udp.hq.theptiway.com
DNS DATA =
            SRV 0 100 88 dc4.hq.theptiway.com
            SRV 0 100 88 hunt1.hq.theptiway.com
            SRV 0 100 88 dch1.hq.theptiway.com
            SRV 0 100 88 dc5.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.9'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kpasswd._tcp.hq.theptiway.com.
DNS DATA =
            SRV 0 100 464 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.9 is:
DNS NAME = _kpasswd._tcp.hq.theptiway.com
DNS DATA =
            SRV 0 100 464 dch1.hq.theptiway.com
            SRV 0 100 464 hunt1.hq.theptiway.com
            SRV 0 100 464 dc1.hq.theptiway.com
            SRV 0 100 464 dc4.hq.theptiway.com
            SRV 0 100 464 dc5.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.9'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kpasswd._udp.hq.theptiway.com.
DNS DATA =
            SRV 0 100 464 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.9 is:
DNS NAME = _kpasswd._udp.hq.theptiway.com
DNS DATA =
            SRV 0 100 464 dc4.hq.theptiway.com
            SRV 0 100 464 hunt1.hq.theptiway.com
            SRV 0 100 464 dch1.hq.theptiway.com
            SRV 0 100 464 dc5.hq.theptiway.com
+------------------------------------------------------+

Query for DC DNS entry 919b900a-affc-4cf9-894c-2049e5887af0._msdcs.hq.theptiway.
com. on DNS server 13.0.0.9 failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '13.0.0.9'. Please wait for 30 minutes for DNS server replication.
Check the DNS registration for DCs entries on DNS server '13.0.0.3'
The Record is different on DNS server '13.0.0.3'.
DNS server has more than one entries for this name, usually this means there are
 multiple DCs for this domain.
Your DC entry is one of them on DNS server '13.0.0.3', no need to re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = hq.theptiway.com.
DNS DATA =
            A  13.0.0.3

The record on DNS server 13.0.0.3 is:
DNS NAME = hq.theptiway.com
DNS DATA =
            A  13.0.0.45
            A  13.0.0.3
            A  13.0.0.65
            A  13.0.0.10
            A  13.0.0.9
            A  13.0.0.2
            A  13.0.0.44
            A  13.0.0.8
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.3'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.hq.theptiway.com.
DNS DATA =
            SRV 0 100 389 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.3 is:
DNS NAME = _ldap._tcp.hq.theptiway.com
DNS DATA =
            SRV 0 100 389 dc5.hq.theptiway.com
            SRV 0 100 389 dch1.hq.theptiway.com
            SRV 0 100 389 dc4.hq.theptiway.com
            SRV 0 100 389 hunt1.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.3'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.ParadigmHQ._sites.hq.theptiway.com.
DNS DATA =
            SRV 0 100 389 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.3 is:
DNS NAME = _ldap._tcp.ParadigmHQ._sites.hq.theptiway.com
DNS DATA =
            SRV 0 100 389 dc5.hq.theptiway.com
            SRV 0 100 389 dc4.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.3'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.2020a71f-0cbc-4a45-9a04-d2395ad1fae4.domains._msdcs.hq.the
ptiway.com.
DNS DATA =
            SRV 0 100 389 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.3 is:
DNS NAME = _ldap._tcp.2020a71f-0cbc-4a45-9a04-d2395ad1fae4.domains._msdcs.hq.the
ptiway.com
DNS DATA =
            SRV 0 100 389 dc5.hq.theptiway.com
            SRV 0 100 389 dch1.hq.theptiway.com
            SRV 0 100 389 dc4.hq.theptiway.com
            SRV 0 100 389 hunt1.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.3'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._tcp.dc._msdcs.hq.theptiway.com.
DNS DATA =
            SRV 0 100 88 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.3 is:
DNS NAME = _kerberos._tcp.dc._msdcs.hq.theptiway.com
DNS DATA =
            SRV 0 100 88 dc4.hq.theptiway.com
            SRV 0 100 88 hunt1.hq.theptiway.com
            SRV 0 100 88 dch1.hq.theptiway.com
            SRV 0 100 88 dc5.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.3'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._tcp.ParadigmHQ._sites.dc._msdcs.hq.theptiway.com.
DNS DATA =
            SRV 0 100 88 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.3 is:
DNS NAME = _kerberos._tcp.ParadigmHQ._sites.dc._msdcs.hq.theptiway.com
DNS DATA =
            SRV 0 100 88 dc4.hq.theptiway.com
            SRV 0 100 88 dc5.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.3'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.dc._msdcs.hq.theptiway.com.
DNS DATA =
            SRV 0 100 389 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.3 is:
DNS NAME = _ldap._tcp.dc._msdcs.hq.theptiway.com
DNS DATA =
            SRV 0 100 389 dc5.hq.theptiway.com
            SRV 0 100 389 dch1.hq.theptiway.com
            SRV 0 100 389 dc4.hq.theptiway.com
            SRV 0 100 389 hunt1.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.3'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.ParadigmHQ._sites.dc._msdcs.hq.theptiway.com.
DNS DATA =
            SRV 0 100 389 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.3 is:
DNS NAME = _ldap._tcp.ParadigmHQ._sites.dc._msdcs.hq.theptiway.com
DNS DATA =
            SRV 0 100 389 dc5.hq.theptiway.com
            SRV 0 100 389 dc4.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.3'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._tcp.hq.theptiway.com.
DNS DATA =
            SRV 0 100 88 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.3 is:
DNS NAME = _kerberos._tcp.hq.theptiway.com
DNS DATA =
            SRV 0 100 88 dc5.hq.theptiway.com
            SRV 0 100 88 hunt1.hq.theptiway.com
            SRV 0 100 88 dc4.hq.theptiway.com
            SRV 0 100 88 dch1.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.3'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._tcp.ParadigmHQ._sites.hq.theptiway.com.
DNS DATA =
            SRV 0 100 88 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.3 is:
DNS NAME = _kerberos._tcp.ParadigmHQ._sites.hq.theptiway.com
DNS DATA =
            SRV 0 100 88 dc5.hq.theptiway.com
            SRV 0 100 88 dc4.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.3'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._udp.hq.theptiway.com.
DNS DATA =
            SRV 0 100 88 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.3 is:
DNS NAME = _kerberos._udp.hq.theptiway.com
DNS DATA =
            SRV 0 100 88 dc4.hq.theptiway.com
            SRV 0 100 88 hunt1.hq.theptiway.com
            SRV 0 100 88 dch1.hq.theptiway.com
            SRV 0 100 88 dc5.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.3'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kpasswd._tcp.hq.theptiway.com.
DNS DATA =
            SRV 0 100 464 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.3 is:
DNS NAME = _kpasswd._tcp.hq.theptiway.com
DNS DATA =
            SRV 0 100 464 dch1.hq.theptiway.com
            SRV 0 100 464 hunt1.hq.theptiway.com
            SRV 0 100 464 dc1.hq.theptiway.com
            SRV 0 100 464 dc4.hq.theptiway.com
            SRV 0 100 464 dc5.hq.theptiway.com
+------------------------------------------------------+

The Record is different on DNS server '13.0.0.3'.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kpasswd._udp.hq.theptiway.com.
DNS DATA =
            SRV 0 100 464 ut1.hq.theptiway.com.

The record on DNS server 13.0.0.3 is:
DNS NAME = _kpasswd._udp.hq.theptiway.com
DNS DATA =
            SRV 0 100 464 dc4.hq.theptiway.com
            SRV 0 100 464 hunt1.hq.theptiway.com
            SRV 0 100 464 dch1.hq.theptiway.com
            SRV 0 100 464 dc5.hq.theptiway.com
+------------------------------------------------------+

Query for DC DNS entry 919b900a-affc-4cf9-894c-2049e5887af0._msdcs.hq.theptiway.
com. on DNS server 13.0.0.3 failed.
DNS Error code: DNS_ERROR_RCODE_NAME_ERROR (Name does not exist on DNS server)
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '13.0.0.3'. Please wait for 30 minutes for DNS server replication.
    [FATAL] No DNS servers have the DNS records for this DC registered.


The command completed successfully

C:\Program Files\Support Tools>

i deleted the netlogon.dns file, restarted netlogon, ran the netdiag/fix, and still getting the same error.  

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2009-09-22 at 12:08:54ID24752705
Tags

DNS

,

domain Controller

,

Windows 2000

Topics

Windows 2000 Operating System

,

Domain Name Service (DNS)

,

Active Directory

Participating Experts
6
Points
500
Comments
69

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. ipx/tcpip and nds
    We are currently routing ipx and everything is fine. Our Novell OS ver are 4.10 & 4.11. We are coming up on an additional network which will not route ipx. Q - If I have users on this new segment (ip only) and load and bind IP on the netware servers on the old segment ...
  2. Information on X86 Families
    I have recently come across a small network of computers that are "X86 Family X" CPU's. They are various names such as, X86 Family 5 Model 4 Stepping 3, or X86 Family 6 Model 8 Stepping 6, ...etc. Can anyone tell me where to get information on this "Family&qu...
  3. x86 family 15 model 1 stepping 2
    Hi, I need to know what kind of proccessor is this: x86 family 15 model 1 stepping 2 Genuineintel is it a pentium 4? a Celeron? is it a good proccesor? whats the difference from a x86 family 15 model 1 stepping 4? whats the difference froma pentium 4? Im very new to this. ...
  4. Netdiag/LDAP error
    I just set up a Windows serer 2003 machine, and have either an LDAP or DNS problem. I was having problems with communications, and when I turned on TCP/IP helper for Netbios, and the errors went away from event viewer. I started to install exchange, thinking that the problems...

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: ksalamehPosted on 2009-09-22 at 12:11:40ID: 25396361

 

by: ThePhreakshowPosted on 2009-09-22 at 12:17:51ID: 25396429

dcpromo /forceremoval
the metadata cleanup...

m$ info here:  http://support.microsoft.com/kb/332199

 

by: himvyPosted on 2009-09-22 at 12:49:49ID: 25396794



If you have done forceremoval ,please run metadata cleanup for it as mentioned in the earlier comment .
--Along with that please make sure that you delete the decommisioned server's entry from the adsiedit.msc and dnsmgmt.msc as well.

 

by: RickSheikhPosted on 2009-09-22 at 12:55:11ID: 25396858

Himvy, What exactly is your reference point that needs to be cleaned up ADSIEDIT.msc. The only thing known to me that is often left behind via a metadata cleanup is the site' DC object in AD sites and services, and nothing else ?

 

by: dariusgPosted on 2009-09-22 at 13:14:24ID: 25397092

Rick is right you don't need to go into the ADSIEDIT. Just delete all records from DNS.

 

by: himvyPosted on 2009-09-22 at 13:15:28ID: 25397100



You are right,under the sites verify if it there.
--If the dc is not going to be in the domain ,please verify under the computer OU as well in the adsiedit.msc.
--Delete it from the dnsmgmt console ,make sure that you do it from the forestdnszone and domaindnszone as well otherwise it will not allow you to promote it next time as well.

 

by: RickSheikhPosted on 2009-09-22 at 13:20:47ID: 25397155

Himvy, adsiedit is one of the several LDAP tools, you are not being clear on from where/which NC or attribute, your answer to clean up from there is very 'MCSE training-ish' :)

 

by: himvyPosted on 2009-09-22 at 17:51:18ID: 25399168



  Rick


I wanted to clear that the entries should be cleaned propely from adsiedit.msc.
-As you mentioned Site" ,yes it needs to be taken out from there as metadata cleanp removes entries of the FRS object not of the site object.
--DNSMGMT.MSC is another snap in from where you need to remove its all the entries like its NS,HOST A from all the zones along with domaindnszone and forestdnszone ,if you dont do that next time if you are trying to promote the same machine with the same names it will not allow us to do so.

CONFIGURATION/SITES/DEFAULT FIRST SITE(IF you have only one site ) and remove the server's entry.

This is what we have done in lot of SRX's .Its not "MCSE-training"  
It is from MS training before you start working on SRX's.


If you want to go further on this let me know.,

 

by: RickSheikhPosted on 2009-09-22 at 17:57:04ID: 25399201

Yes, in fact I would like to go further and enhance my knowledge.

My argument was never about DNS or the Site object. That is a done deal.

I reiterate myself, exactly what do you think needs to be cleaned up from the ADSIEDIT tool. Walk me thru from which naming context, which object and/or which attribute ?

Lastly, exactly what is SRX's and how its related to Active Directory ?

Thanks,

 

by: himvyPosted on 2009-09-22 at 18:27:21ID: 25399354



SRX's are the Tech support cases with MS.

Other than Sites, FRS attributes are cleaned in the metadata cleanup .
--If you are not going to use that machine in the domain again ,delete its entries from the computers container in adsiedit/domain/computers.

 

by: RickSheikhPosted on 2009-09-22 at 18:54:47ID: 25399468

In more than a dozen metadata clean ups I have had to perform due to bad administration or dead DCs, never once have I had to clean up anything from the ADSIEDIT.

 

by: himvyPosted on 2009-09-23 at 08:48:19ID: 25404572



Rick
lucky you ,that you never had to delete anything from adsiedit.msc.
Here is the link which will show you one of the case where in you will have to do it.

forums.devshed.com/attachment.php?attachmentid=1256

 

by: RickSheikhPosted on 2009-09-23 at 08:58:28ID: 25404699

Properly running metadata cleanup cleans up all thats needs to be cleaned up except for the site's server object.

 

by: WinstinkPosted on 2009-09-23 at 10:19:17ID: 25405556

it appears as though my DNS is somewhat hosed on this machine.  If I remove DNS from it (making it not a DNS server, would that help?)

 

by: dariusgPosted on 2009-09-23 at 10:28:30ID: 25405655

You could remove DNS zone then re-add the DNS zone. Make sure you remove msdcs.domain.com zone if present as well as your domain.com zone then Right-click to create new zone.

 

by: himvyPosted on 2009-09-23 at 10:56:34ID: 25405940



If you wish and you have any other good dns server then you can remove dns from that machine.

 

by: WinstinkPosted on 2009-09-23 at 11:15:13ID: 25406151

Ok I think I see the problem.  DNS does not see this machine as a DC.  I looked under msdcs and found this DC not there.  How to fix?

 

by: dariusgPosted on 2009-09-23 at 11:27:12ID: 25406270

Is your msdcs a folder under your domain.com zone or is it a seperate zone. There have been problems when msdcs folders are delegated.

Do a ipconfig /all and post. I wondering if you have external DNS servers listed in your TCP\IP settings for DNS servers. If you do remove them and only point to your DCs for DNS. You should not have any external IP addresses in your local clients and servers for DNS. Once you have remove IP address run ipconfig /flushdns, ipconfig /registerdns, netdiag /fix.

 

by: himvyPosted on 2009-09-23 at 11:30:35ID: 25406311

If you donot want DNS on this machine and a good dns server is running ,go ahead and uninstall the dns from this machine.

 

by: WinstinkPosted on 2009-09-23 at 11:35:27ID: 25406359

results of the ipconfig /all

C:\Program Files\Support Tools>ipconfig /all

Windows 2000 IP Configuration

        Host Name . . . . . . . . . . . . : ut1
        Primary DNS Suffix  . . . . . . . : hq.theptiway.com
        Node Type . . . . . . . . . . . . : Broadcast
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : hq.theptiway.com
                                            theptiway.com

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Eth
ernet NIC
        Physical Address. . . . . . . . . : 00-0F-EA-48-B6-C2
        DHCP Enabled. . . . . . . . . . . : No
        IP Address. . . . . . . . . . . . : 13.0.0.3
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 13.0.0.1
        DNS Servers . . . . . . . . . . . : 13.0.0.9
                                            11.0.0.2

C:\Program Files\Support Tools>



results from netdiag /fix:




    Computer Name: UT1
    DNS Host Name: ut1.hq.theptiway.com
    System info : Windows 2000 Server (Build 2195)
    Processor : x86 Family 15 Model 3 Stepping 4, GenuineIntel
    List of installed hotfixes :
        KB329115
        KB822343
        KB823182
        KB823559
        KB824105
        KB825119
        KB826232
        KB828035
        KB828749
        KB831047
        KB832353
        KB832359
        KB841356
        KB842773
        KB885836
        KB893756
        KB893803v2
        KB896358
        KB896422
        KB896423
        KB899587
        KB899589
        KB899591
        KB900725
        KB901017
        KB901214
        KB905414
        KB905495-IE6SP1-20050805.184113
        KB905749
        KB908519
        KB908531
        KB909520
        KB911280
        KB911564
        KB913580
        KB914388
        KB914389
        KB917008
        KB917537
        KB917953
        KB918118
        KB920213
        KB920670
        KB920683
        KB920685
        KB921398
        KB921503
        KB922582
        KB923191
        KB923414
        KB923561
        KB923810
        KB923980
        KB924270
        KB924667
        KB925398_WMP64
        KB925902
        KB926122
        KB926436
        KB927891
        KB928843
        KB930178
        KB931784
        KB933729
        KB935839
        KB935840
        KB935966
        KB936021
        KB936782_WMP9
        KB937894
        KB938127-IE6SP1-20070626.120000
        KB938464-IE6SP1-20080429.120000
        KB938827
        KB938829
        KB941202-OE6SP1-20070820.120000
        KB941568
        KB941568_DX9
        KB941569
        KB941644
        KB941693
        KB942615-IE6SP1-20071029.120000
        KB942831
        KB943055
        KB943485
        KB944338
        KB945553
        KB948590
        KB950749
        KB950759-IE6SP1-20080418.120000
        KB950760
        KB950974
        KB951066-OE6SP1-20080625.120000
        KB951698_DX9
        KB951748
        KB952004
        KB952069_WM71
        KB952954
        KB953155
        KB954211
        KB954600_WM41
        KB955069
        KB956802
        KB957097
        KB958215-IE6SP1-20081016.120000
        KB958644
        KB958687
        KB958690
        KB959426
        KB960225
        KB960714-IE6SP1-20081211.120000
        KB960715
        KB960803
        KB961063
        KB961373_DX9
        KB963027-IE6SP1-20090303.120000
        KB967715
        KB969898
        Q147222
        Q828026
        Update Rollup 1


Netcard queries test . . . . . . . : Passed
    GetStats failed for 'Infrared Modem Port'. [ERROR_NOT_SUPPORTED]
    GetStats failed for 'Infrared Port'. [ERROR_NOT_SUPPORTED]
    [WARNING] The net card 'Built-in Infrared Device' may not be working because it has not received any packets.



Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : ut1
        IP Address . . . . . . . . : 13.0.0.3
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 13.0.0.1
        Dns Servers. . . . . . . . : 13.0.0.9
                                     11.0.0.2


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{30A0E7B6-1085-4059-8AC8-0DF6E5BF7989}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.hq.theptiway.com. re-registeration on DNS server '13.0.0.9' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.ParadigmHQ._sites.hq.theptiway.com. re-registeration on DNS server '13.0.0.9' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.2020a71f-0cbc-4a45-9a04-d2395ad1fae4.domains._msdcs.hq.theptiway.com. re-registeration on DNS server '13.0.0.9' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _kerberos._tcp.dc._msdcs.hq.theptiway.com. re-registeration on DNS server '13.0.0.9' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _kerberos._tcp.ParadigmHQ._sites.dc._msdcs.hq.theptiway.com. re-registeration on DNS server '13.0.0.9' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.dc._msdcs.hq.theptiway.com. re-registeration on DNS server '13.0.0.9' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _ldap._tcp.ParadigmHQ._sites.dc._msdcs.hq.theptiway.com. re-registeration on DNS server '13.0.0.9' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _kerberos._tcp.hq.theptiway.com. re-registeration on DNS server '13.0.0.9' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _kerberos._tcp.ParadigmHQ._sites.hq.theptiway.com. re-registeration on DNS server '13.0.0.9' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _kerberos._udp.hq.theptiway.com. re-registeration on DNS server '13.0.0.9' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _kpasswd._tcp.hq.theptiway.com. re-registeration on DNS server '13.0.0.9' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry _kpasswd._udp.hq.theptiway.com. re-registeration on DNS server '13.0.0.9' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Failed to fix: DC DNS entry 919b900a-affc-4cf9-894c-2049e5887af0._msdcs.hq.theptiway.com. re-registeration on DNS server '13.0.0.9' failed.
DNS Error code: DNS_ERROR_RCODE_NOT_IMPLEMENTED
    [FATAL] Fix Failed: netdiag failed to re-register missing DNS entries for this DC on DNS server '13.0.0.9'.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{30A0E7B6-1085-4059-8AC8-0DF6E5BF7989}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{30A0E7B6-1085-4059-8AC8-0DF6E5BF7989}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Passed
    Secure channel for domain 'PTIHQ' is to '\\dc5.hq.theptiway.com'.


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed
    [WARNING] Failed to query SPN registration on DC 'dc4.hq.theptiway.com'.
    [WARNING] Failed to query SPN registration on DC 'ut1.hq.theptiway.com'.
    [WARNING] Failed to query SPN registration on DC 'dc5.hq.theptiway.com'.
    [WARNING] Failed to query SPN registration on DC 'hunt1.hq.theptiway.com'.
    [WARNING] Failed to query SPN registration on DC 'dc3.hq.theptiway.com'.


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Passed
    IPSec policy service is active, but no policy is assigned.


The command completed successfully

 

by: dariusgPosted on 2009-09-23 at 12:17:05ID: 25406799

The problem is your DNS server's IP address in TCP\IP settings aren't setup correctly. You need to point the DC to itself for DNS. You shouldn't have any external DNS server's listed your TCP\IP settings.


What are these servers?

Dns Servers. . . . . . . . : 13.0.0.9
                                     11.0.0.2
Do a screenshot of DNS and post.

 

by: himvyPosted on 2009-09-23 at 12:19:22ID: 25406824


run Ipconfig /flushdns & Ipconfig /registerdns
Use adsiedit.msc check the ForestDNSZones partition and if your original zone with
all the records is there. restart the DNS Server service to load
the original zone.

 

by: ksalamehPosted on 2009-09-23 at 12:23:49ID: 25406872

Guys,
i just see this as too much pain that is not needed at all.
Winstink :
Please do the following:
go to active directory and to the domain controllers OU, then delete the Domain Controller Computer account and then follow the things mentioned in this article:
http://www.petri.co.il/fix_unsuccessful_demotion.htm

Its Safe, it works and its tested too.

Thank you all,

 

by: himvyPosted on 2009-09-23 at 12:38:20ID: 25407013



Yes that would be better to do ,simple run metadata cleanup as mentioned above and remove its entries from the --Delete it from the dnsmgmt console ,make sure that you do it from the forestdnszone and domaindnszone as well .

 

by: WinstinkPosted on 2009-09-24 at 08:15:53ID: 25414218

"Caution: The administrator should also check that replication has occurred since the demotion before manually removing the NTDS Settings object for any server. Using the NTDSUTIL utility improperly can result in partial or complete loss of Active Directory functionality."


What does this mean that I should check replication has occurred?  how do I do that?

 

by: RickSheikhPosted on 2009-09-24 at 08:36:38ID: 25414472

Are you following this for metadata cleanup ?

http://support.microsoft.com/kb/216498

 

by: WinstinkPosted on 2009-09-24 at 08:41:02ID: 25414525

that is the same as http://www.petri.co.il/fix_unsuccessful_demotion.htm in which it says I should check that replication has occured.  My question is, how do I check that?

 

by: dariusgPosted on 2009-09-24 at 08:44:02ID: 25414562

How many DCs do you have?

 

by: WinstinkPosted on 2009-09-24 at 08:44:52ID: 25414570

including this one, four.  Trying to demote this to a regular server.  

 

by: RJCOLEPosted on 2009-09-24 at 08:45:22ID: 25414576

Did you do a role transfer?

 

by: WinstinkPosted on 2009-09-24 at 08:46:24ID: 25414590

no, how do I do that?  

 

by: RJCOLEPosted on 2009-09-24 at 08:49:49ID: 25414635

Is this your PDC? How many servers do you have? What is the OS of the server that will become the new PDC? Sorry for all the questions about your question but I want to make sure that I'm answering your question with the best solution.

 

by: WinstinkPosted on 2009-09-24 at 08:50:33ID: 25414644

no, not PDC.  PDC os is 2K.  

 

by: RJCOLEPosted on 2009-09-24 at 08:52:40ID: 25414673

ohhh that makes life eaiser. Have you run DCPROMO on the server that you wish to demote?

 

by: WinstinkPosted on 2009-09-24 at 08:54:45ID: 25414697

yes.  Get the the following error (attached).  Obviously something in DNS, but can't figure out what.

 

by: RJCOLEPosted on 2009-09-24 at 08:55:24ID: 25414709

In your event log, have you seen any events such as 13508 or 13509 or 13516?

 

by: dariusgPosted on 2009-09-24 at 08:56:15ID: 25414720

Run dcpromo /forceremoval.

Run metadata cleanup you don't need to know that it is replicated.

 

by: WinstinkPosted on 2009-09-24 at 08:57:19ID: 25414736

no, but I did see this:
Event Type:      Warning
Event Source:      NETLOGON
Event Category:      None
Event ID:      5773
Date:            9/24/2009
Time:            10:36:59 AM
User:            N/A
Computer:      UT1
Description:
The DNS server for this DC does not support dynamic DNS. Add the DNS records from the file '%SystemRoot%\System32\Config\netlogon.dns' to the DNS server serving the domain referenced in that file.
Data:
0000: 2c 23 00 00               ,#..    

 

by: RJCOLEPosted on 2009-09-24 at 09:08:05ID: 25414883

What service pack is that server 2000 on?

 

by: WinstinkPosted on 2009-09-24 at 09:08:48ID: 25414895

SP4

 

by: RJCOLEPosted on 2009-09-24 at 09:11:48ID: 25414933

Oh good. As per Microsoft, this message should only occur when a Windows 2000 server is configured to use a DNS server that doesn't support dynamic DNS. Does your PDC support dynamic DNS?

 

by: WinstinkPosted on 2009-09-24 at 09:19:49ID: 25415034

how do I check that?

 

by: RJCOLEPosted on 2009-09-24 at 09:20:21ID: 25415039

This is a known issue that was supposed to have been resolved in SP2 for server 2000 (so they say). Do you know how to tell if you DNS server allows Dynamic DNS Updates?

 

by: RJCOLEPosted on 2009-09-24 at 09:25:30ID: 25415093

go to start --> run --> dnsmgmt.msc (on your DNS server). Click on the plus sign next to your server name, drop down to your domain name (not the _msdcs one). Right click on your domain name and go to properties. Under general you will see Dynamic updates (secure only by default) change this to nonsecure and secure for the time being. After this is done, do a ipconfig /flushdns then a ipconfig /registerdns on the server that is having the issue. Then try dcpromo again.

 

by: RJCOLEPosted on 2009-09-24 at 09:30:21ID: 25415141

Here is an article on this subject. It tells you to mess with the registry. I'm not sure if want to do this or not but I'll give you the info incase you want to try it:

http://support.microsoft.com/kb/246804

 

by: RJCOLEPosted on 2009-09-24 at 09:32:05ID: 25415166

And here is another article on this subject. This one doesn't deal with the registry so it might help you understand the process a little more:

http://support.microsoft.com/kb/816592

 

by: WinstinkPosted on 2009-09-24 at 09:38:01ID: 25415231

new error attached.  

 

by: RJCOLEPosted on 2009-09-24 at 10:18:38ID: 25415586

Thats progress. Does this server still show up in Active Directory Users and Computers?

 

by: WinstinkPosted on 2009-09-24 at 10:19:33ID: 25415598

yes.  What about if I remove DNS from this machine?  i have other DNS servers.  

 

by: RJCOLEPosted on 2009-09-24 at 10:28:12ID: 25415680

Did you do that dynamic DNS update thing on all of the DNS servers? Is this server pointing to the PDC as the DNS server?

 

by: WinstinkPosted on 2009-09-24 at 10:33:07ID: 25415725

OK, I set all DNS servers to allow dynamic updates.  The server is now pointing to the PDC for DNS.  

 

by: RJCOLEPosted on 2009-09-24 at 10:46:34ID: 25415838

Good, now do the ipconfig /flushdns then ipcofnig/registerdns and try again.

 

by: WinstinkPosted on 2009-09-24 at 10:49:19ID: 25415864

back to original error

 

by: himvyPosted on 2009-09-24 at 10:50:25ID: 25415872



As dns settings have been fixed on this machine,you  can goahead and uninstall dns from this machine.

After demoting the server (use:dcpromo/forceremoval in case the graceful demotion gives any error) you can go ahead and uninatll dns from it.
--FYI:if exhange is installed on this server make sure you disable all the exchange services prior to demoting  the server.

 

by: RJCOLEPosted on 2009-09-24 at 10:51:25ID: 25415881

Is the PDC running as a DNS server?

 

by: WinstinkPosted on 2009-09-24 at 10:52:13ID: 25415892

yes the PDC is running as a DNS server  

 

by: RJCOLEPosted on 2009-09-24 at 11:01:49ID: 25415994

At this point I would recommend putting the original dns server back in (after that run ipconfig /flushdns then ipconfig /registerdns) and attempting the dcpromo/forceremoval. Let me know what errors (if any) you get with that.

 

by: WinstinkPosted on 2009-09-24 at 11:04:50ID: 25416024

So use the problematic server as its own dns?

 

by: dariusgPosted on 2009-09-24 at 11:25:00ID: 25416217

Why worry about this server if you are going to remove it?

 

by: RJCOLEPosted on 2009-09-24 at 11:48:04ID: 25416451

No I'm sorry if I wasn't clear. What I want you to do is called crossing the DNS between the servers. Point the PDC to the "problem" server (as a secondary DNS entry) and point the "problem" server to the PDC as the primary DNS server. Sometimes you need to cut out the middleman and just let them talk to each other directly.

 

by: WinstinkPosted on 2009-09-24 at 12:31:10ID: 25416869

I did the dcpromo /forceremoval and the server.  Now it is no longer part of the domain. When I try to add it, I get "the specified user already exists"

 

by: dariusgPosted on 2009-09-24 at 12:46:36ID: 25417055

Have you done the metadata cleanup on the AD yet?

 

by: WinstinkPosted on 2009-09-24 at 13:10:25ID: 25417318

OK, I just did that.  Can I re-join the domain?  

 

by: RJCOLEPosted on 2009-09-24 at 13:10:54ID: 25417324

Is the old server still listed Active Directory Users and Computers under "Domain Controllers"?

 

by: RJCOLEPosted on 2009-09-24 at 13:11:44ID: 25417336

Yup

 

by: WinstinkPosted on 2009-09-24 at 13:16:35ID: 25417404

the machine is not in A/D under "domain controllers" but I still get the same error.  

 

by: RJCOLEPosted on 2009-09-24 at 13:25:20ID: 25417484

How are you trying to join the domain? Through dcromo again? I wouldn't redcpromo the server if you are. You only need to join it to the domain not make it a domain controller (unless you need that for some bizarre reason). Would it hurt anything to rename that server?

 

by: dariusgPosted on 2009-09-24 at 13:34:57ID: 25417587

First thing go into DNS remove all records including SRV for the failed removed DC. Make sure the server isn't part of the domain still.

Go into the TCP\IP properties make sure the DNS settings are set to a working DC. Run ipconfig /flushdns, ipconfig /registerdns.

Are you sure remove all objects from AD during the metadata cleanup for the failed DC?

 

by: WinstinkPosted on 2009-09-24 at 13:39:44ID: 31632125

thank you everyone.  

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...