senko
asked on
netdiag /fix shows dns test failed
I'm implementing Active Directory 03 on my network. I've successfully implemented my DC, AD, and DNS. At least that's what it seems. When I looked at the event logs on all my member servers, there were numerous amounts of event error 1053 - Windows cannot determine the user or computer name. (The specified user does not exist. ). Group Policy processing aborted.
I ran a netdiag on my dc and I get this:
Computer Name: ERULEDC
DNS Host Name: ERULEDC.erulemaking.net
System info : Windows 2000 Server (Build 3790)
Processor : x86 Family 15 Model 2 Stepping 9, GenuineIntel
List of installed hotfixes :
KB883939
KB890046
KB893756
KB896358
KB896422
KB896428
KB896688
KB898792
KB899587
KB899588
KB899589
KB899591
KB900725
KB901017
KB901214
KB902400
KB904706
KB905414
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : ERULEDC
IP Address . . . . . . . . : 192.168.1.102
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.1
Dns Servers. . . . . . . . : 192.168.1.102
10.10.9.37
10.10.11.37
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenge
r Service', <20> 'WINS' names is missing.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{0B57B98E-30C4
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Failed
[WARNING] Cannot find a primary authoritative DNS server for the name
'ERULEDC.erulemaking.net.'
The name 'ERULEDC.erulemaking.net.'
[WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '192.168.1.102'. Please wait for 30 minutes for DNS server replication.
[WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '10.10.9.37'. Please wait for 30 minutes for DNS server replication.
[WARNING] The DNS entries for this DC cannot be verified right now on DNS
server 10.10.11.37, ERROR_TIMEOUT.
[FATAL] No DNS servers have the DNS records for this DC registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{0B57B98E-30C4
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{0B57B98E-30C4
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Failed
[FATAL] Cannot initialize TAPI. Failed with error(0x80000048).
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
When I noticed that the DNS test had failed, I ran a netdiag /fix and I recieved this:
Computer Name: ERULEDC
DNS Host Name: ERULEDC.erulemaking.net
System info : Windows 2000 Server (Build 3790)
Processor : x86 Family 15 Model 2 Stepping 9, GenuineIntel
List of installed hotfixes :
KB883939
KB890046
KB893756
KB896358
KB896422
KB896428
KB896688
KB898792
KB899587
KB899588
KB899589
KB899591
KB900725
KB901017
KB901214
KB902400
KB904706
KB905414
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : ERULEDC
IP Address . . . . . . . . : 192.168.1.102
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.1
Dns Servers. . . . . . . . : 192.168.1.102
10.10.9.37
10.10.11.37
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenge
r Service', <20> 'WINS' names is missing.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{0B57B98E-30C4
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Failed
[WARNING] Cannot find a primary authoritative DNS server for the name
'ERULEDC.erulemaking.net.'
The name 'ERULEDC.erulemaking.net.'
[FATAL] Failed to fix: DC DNS entry erulemaking.net. re-registeration on DNS
server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.erulemaking.net
tion on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.Pre-Prod._sites
et. re-registeration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _kerberos._tcp.erulemaking
teration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _kerberos._tcp.Pre-Prod._s
ng.net. re-registeration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _gc._tcp.erulemaking.net. re-registerati
on on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _gc._tcp.Pre-Prod._sites.e
. re-registeration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _kerberos._udp.erulemaking
teration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _kpasswd._tcp.erulemaking.
eration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _kpasswd._udp.erulemaking.
eration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry ForestDnsZones.erulemaking
teration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.ForestDnsZones.
t. re-registeration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.Pre-Prod._sites
s.erulemaking.net. re-registeration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry DomainDnsZones.erulemaking
teration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.DomainDnsZones.
t. re-registeration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.Pre-Prod._sites
s.erulemaking.net. re-registeration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Fix Failed: netdiag failed to re-register missing DNS entries for th
is DC on DNS server '192.168.1.102'.
[FATAL] No DNS servers have the DNS records for this DC registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{0B57B98E-30C4
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{0B57B98E-30C4
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Failed
[FATAL] Cannot initialize TAPI. Failed with error(0x80000048).
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
My next step after this was to stop the net logon service and renamed both netlogon.dnb and netlogon.dns and restart net logon; ran the command ipconfig /flushdns and ipconfig /registerdns. The netdiag still failed on the dc. I even did the same thing on the DNS Server. Is there anything else I can do without rebuilding dns (if i have to)?
I ran a netdiag on my dc and I get this:
Computer Name: ERULEDC
DNS Host Name: ERULEDC.erulemaking.net
System info : Windows 2000 Server (Build 3790)
Processor : x86 Family 15 Model 2 Stepping 9, GenuineIntel
List of installed hotfixes :
KB883939
KB890046
KB893756
KB896358
KB896422
KB896428
KB896688
KB898792
KB899587
KB899588
KB899589
KB899591
KB900725
KB901017
KB901214
KB902400
KB904706
KB905414
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : ERULEDC
IP Address . . . . . . . . : 192.168.1.102
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.1
Dns Servers. . . . . . . . : 192.168.1.102
10.10.9.37
10.10.11.37
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenge
r Service', <20> 'WINS' names is missing.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{0B57B98E-30C4
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Failed
[WARNING] Cannot find a primary authoritative DNS server for the name
'ERULEDC.erulemaking.net.'
The name 'ERULEDC.erulemaking.net.'
[WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '192.168.1.102'. Please wait for 30 minutes for DNS server replication.
[WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '10.10.9.37'. Please wait for 30 minutes for DNS server replication.
[WARNING] The DNS entries for this DC cannot be verified right now on DNS
server 10.10.11.37, ERROR_TIMEOUT.
[FATAL] No DNS servers have the DNS records for this DC registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{0B57B98E-30C4
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{0B57B98E-30C4
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Failed
[FATAL] Cannot initialize TAPI. Failed with error(0x80000048).
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
When I noticed that the DNS test had failed, I ran a netdiag /fix and I recieved this:
Computer Name: ERULEDC
DNS Host Name: ERULEDC.erulemaking.net
System info : Windows 2000 Server (Build 3790)
Processor : x86 Family 15 Model 2 Stepping 9, GenuineIntel
List of installed hotfixes :
KB883939
KB890046
KB893756
KB896358
KB896422
KB896428
KB896688
KB898792
KB899587
KB899588
KB899589
KB899591
KB900725
KB901017
KB901214
KB902400
KB904706
KB905414
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : ERULEDC
IP Address . . . . . . . . : 192.168.1.102
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.1
Dns Servers. . . . . . . . : 192.168.1.102
10.10.9.37
10.10.11.37
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenge
r Service', <20> 'WINS' names is missing.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{0B57B98E-30C4
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Failed
[WARNING] Cannot find a primary authoritative DNS server for the name
'ERULEDC.erulemaking.net.'
The name 'ERULEDC.erulemaking.net.'
[FATAL] Failed to fix: DC DNS entry erulemaking.net. re-registeration on DNS
server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.erulemaking.net
tion on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.Pre-Prod._sites
et. re-registeration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _kerberos._tcp.erulemaking
teration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _kerberos._tcp.Pre-Prod._s
ng.net. re-registeration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _gc._tcp.erulemaking.net. re-registerati
on on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _gc._tcp.Pre-Prod._sites.e
. re-registeration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _kerberos._udp.erulemaking
teration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _kpasswd._tcp.erulemaking.
eration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _kpasswd._udp.erulemaking.
eration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry ForestDnsZones.erulemaking
teration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.ForestDnsZones.
t. re-registeration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.Pre-Prod._sites
s.erulemaking.net. re-registeration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry DomainDnsZones.erulemaking
teration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.DomainDnsZones.
t. re-registeration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Failed to fix: DC DNS entry _ldap._tcp.Pre-Prod._sites
s.erulemaking.net. re-registeration on DNS server '192.168.1.102' failed.
DNS Error code: DNS_ERROR_RCODE_SERVER_FAI
[FATAL] Fix Failed: netdiag failed to re-register missing DNS entries for th
is DC on DNS server '192.168.1.102'.
[FATAL] No DNS servers have the DNS records for this DC registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{0B57B98E-30C4
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{0B57B98E-30C4
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Failed
[FATAL] Cannot initialize TAPI. Failed with error(0x80000048).
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
My next step after this was to stop the net logon service and renamed both netlogon.dnb and netlogon.dns and restart net logon; ran the command ipconfig /flushdns and ipconfig /registerdns. The netdiag still failed on the dc. I even did the same thing on the DNS Server. Is there anything else I can do without rebuilding dns (if i have to)?
ASKER
Does the primary DNS server have to be a DC? Because my primary DNS is not the DC.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Okay, I can't really explain how this worked. I reconfigured my DC to be the primary DNS server and made sure dynamic updates was enabled. I ran the test and it failed. So out of curiousity, I then went to my TCP/IP properties and removed my secondary DNS Server and third DNS Server and left the local host of my DC as the primary dns. I ran netdiag and it passed! Why? I have no clue. I'll give you points anyways but if you can explain to me why this is, I'll be really grateful.
After you reconfigured the DNS settings did you restart the Netlogon service before running netdiag? This is the same as running ipconfig /flushdns from the command prompt. If you didn't do this that could explain why it failed at first but then worked the second time. Between the first and second try the DC updated DNS with the necessary records.
ASKER
Yes I did I do that. I'll see if I get the same error again if I add the secondary dns server.
But I'm still recieving the error 1053 on my member servers. That's a whole new issue I'll look into tho.
But I'm still recieving the error 1053 on my member servers. That's a whole new issue I'll look into tho.
To do this open the DNS mgmt tool and right click the erulemaking.net zone make sure Dynamic updates are turned on. Restart the netlogon service.
Matthew Wade
Microsoft Consultant
MCSE+M, MCSA+M, CCEA
Granrd Rapids, MI.