Solved

Active Directory HELP, Can't add any DC's to new Domain, Directory Binding Error -2146892976,

Posted on 2006-11-24
16
1,310 Views
Last Modified: 2012-06-27
Hello,  I need some help!  

Today we begin our domain upgrade from NT4 to 2003R2, We went thru ALL the motions testing EVERYTHING prior to this.  All hardware etc, DNS services and so on.

So we ran the upgrade and it worked quite well, No errors reported or anything like that,  Here is the process I went thru.  We bought all new hardware to act as our new DC which will also run Wins, DHCP, DNS, AD.  Installed 2003R2 for 64 bit and also setup our DNS server on this unit, we then switched the whole domain over to that DNS server.  We then setup an older unit in the NT4 domain promoted to PDC and upgraded in place.  NO issues whatsoever, Active directory Mixed mode and also had the NT4emulator just in case we needed to go backwards to NT4 if it didnt' work.  So with everything up and working we moved onto step two.

Which would be adding another DC.  Specifically the new hardware, We planned to add that as a DC then transfer all services and rolls to it.  This is where it gets troublesome,  So I try to add the service with the server manager, and I get to the authentication screen and bam, error.  It lists that is is able to get the DC from DNS just fine.  But then goes on to say this may be either caused by missing A records or the DC is not connected to the network, neither of which, i don't believe, is correct anyway.  TO test this I used NSlookup with both IP and Name of the DC and it resolved it fine.  So i'm stumped.  

I then go to another one of our server 2003 boxes and try to make it a DC just in case it was the new hardware, nope same issue and same error mesage during authentication.  

I ran DCdiag and have the following errors.  I have tried to find info on them but find very little so far.

During initial setup it trys to connect to the directory service and gives me the following warning.  

Warning: could not confirm the identity of this server  in the directory versus the names returned by the DNS server.  If there are problems accessing this directory server then you may need to check that this server is correctly registered with DNS.

ALso

Directory Binding Error -2146892976  The system detected a possible attempt to compromise security.  Please make sure you can contact the server that authenticated you.

Then it moves on to the actual test (above was gathering info stage of DCDIAG)

Active directory LDAP services.. Check
Active directory RPC services,, Check
[servername]DSBINDWITHSPNEX()  failed with error -2146892976  The system detected a possible attempt to compromise security.  Please make sure you can contact the server that authenticated you.
Failed test connectivity

Doing primary tests

Testing server: Default-first-site-name /servername
skipping all tests because the server (servername) is not responding to directory service requests.

Those are my results from the DCDIAG.exe.  (this was truncated to only show the errors. Other items were there and did pass but it didn't come close to running all the tests)  Doesn't sound good to me.  I am unsure what to do next.

So my other helper said lets setup the DNS on the same server we upgraded making it active directory integrated DNS and see if that helps our cause.  SO we stop the DNS server and delete that DNS setup.  Setup DNS on the upgraded DC and pointed everything to that DNS server now instead.

Went back to the new hardware and tried to make the DC again but no dice.  Same errors as before.  

SOmething is causing me a major pain and I am not sure where to go next.

The clients seem to be logging on OK and DHCP is working correctly as well.  SO there seemed to be no issue with the DC other than the fact I can't move my services to the new hardware.  At least so far... Maybe not soon...

The only real option I can think of is taking the upgraded DC offline and setup the WHOLE domain again which is no small undertaking.  I have 10 servers and about 70 clients so doing this would mean touching each machine as opposed to using the upgrade process where I wouldn't need to touch any of them.

could I move any of that active directory info to my other machine to rebuild it or something?

any help is GREATLY appreciated.  Hopefully a suggestion on what I should do would be helpful

Lastly going back to NT4 really ISN'T an option for reasons I can't get into to!  SO please think in terms of saving what I have so far etc.

Thanks
0
Comment
Question by:rox5488
  • 8
  • 8
16 Comments
 
LVL 51

Expert Comment

by:Netman66
Comment Utility
Well, after reading that, there are a few things I need to clarify.

1)  When you installed DNS on the R2 machine to service your network did you create the Forward and Reverse Lookup zones for the domain?  Also, did you create the _msdcs.domain.com zone?

2)  Since the new server is not a DC then the zones are all Standard Primary - did you allow Dynamic Updates?  This needs to be set to Secure and Non-Secure since the server isn't in a DC role.

3)  The records it is likely missing are all in the _msdcs zone which is where all the Service Records live.

4)  When you upgraded the NT4 PDC did you finish the Security config after first reboot?  You need to check if the firewall is OFF on that box.

5)  You CAN install and configure DNS on the upgraded machine to service the domain (make sure ALL zones are AD Integrated and accept Dynamic Updates)- just point everything to that old server for DNS in the interim and remove DNS from the new R2 server until you get it sorted out.  Once that's done, and you successfully promote the R2 server then simply install DNS on it and nothing more.  The zones will get automatically created and populated from the old server.  Once complete you can carry on with your transfer process - DON'T forget the GC role!!!!!

Let us know.
0
 

Author Comment

by:rox5488
Comment Utility
Hello Netman66 and thanks for your reply.

1.  Yes all look ups were created on the original DNS server.  Then we deleted that DNS server and started the service on the DC as active directory integrated.  When looking at it it appears to have all the correct Entries to me.  They would have been automatically generated with the wizard.  The _msdcs is there as well.

2.  THe new server at this time is effectively nothing.  its just a member of the domain.  No services are running on it.  Before we shut the DNS off and moved it to the upgraded DC we did however have the dynamic updates allowed and it did test to make sure it could generate those settings.

3.  the MSDCS zone is on the new DNS ( from above it is now on the DC )  So the DC now runs all services.  The problem is the hardware is just temp becuase its old so we want to get all the roles moved...

4.  this is a big negative.  I was not prompted to do ANYTHING security related and when I read this number I thought... Darn I bet I have to do something with this... Possibly in the security services area?  None of my servies are configured security wise.  I checked that this afternoon when I went in to work after reading that.  THe firewall and ICS (i think?) service is OFF.  Not running at all in fact.  BUt as mentioned none of my security settings are configured.  DO you think this could be the issue?  ANy help on what I need to configure at least to get moving would be great.  I brought home my win2003R2 book and am going to read thru the upgrade section and see if they mention what security settings I need to setup.  I assume it is possible that is why it will not allow directory binding maybe?

5.  I did install it on that machine...  It is accepting the dynamic updates.  We did this the other day.  everything is pointing to the upgraded machine DNS wise.  I can't do anything else at the moment because of the original issue...  

Thanks for your help!  really interested to hear what you think on number 4 there.  Maybe we are on to something?  What normally does it ask you to configure security wise after the first reboot?  To my knowledge it never asked me anything...  I assume this simply because I would have obviously remembered that step!  

Thanks again so far.
0
 
LVL 51

Expert Comment

by:Netman66
Comment Utility
Normally, the defaults are fine to get you started.  You only need to tweak them as you start tightening things down.  

From the DC, run DCDIAG /v > c:\dcdiag.txt and also run NETDIAG /v > c:\netdiag.txt

Post the results of DCDIAG (scrubbed, of course) here.  Hold onto the Netdiag log for now.

Check to see if any of the Services (in Services.msc) that are set to Automatic are not started.  

Was NT4 running at least SP5?  

Check the Event Logs too - post anything that looks unusual - I need the Event number with anything you post from there.

Advise.


0
 
LVL 51

Expert Comment

by:Netman66
Comment Utility
When you upgraded from NT4 did you make the domain name an FQDN or leave it at a NetBIOS name?  This is important because otherwise DNS doesn't register single-labled DNS names.

You need to change something for this to work:

http://support.microsoft.com/kb/300684

You may also need to change something else in the Registry if it still fails to register.  BTW: the Wizard doesn't create any records, only the zones.  The computers themselves register the records and the DC requires SVC records in order to find services such as LDAP and Kerberos.

0
 

Author Comment

by:rox5488
Comment Utility
Hi.

The DCDIAG I had posted the errors from above there. Please see my original post for those errors.  THis was running DCDIAG on a different server than teh DC.  I can run it again on the DC and get it posted tomorrow or monday.  Didn't do netdiag.  Maybe it will be more helpful from the DC>  I shall do this tomorrow.

NT4 was running SP6a.

There were no events that i noticed in the log that were warning or failed to start etc.  Everything looked fairly clean to me.

on the domain name.  I don't know how to correctly answer this to be honest.  I know my DNS names are now domain.local or in the DC case server.domain.local  that is the name of the DC and it seems to work.  Also showing that way in the DNS records.

I am 99% sure I made it an FQDN for this reason about single name domains... I had read that you shouldn't do that etc.

Thanks so far Netman.  I'll get that log posted tomorrow morning.
0
 
LVL 51

Expert Comment

by:Netman66
Comment Utility
Yes, from the DC would be best - this is where the problem seems to be and it should give us a better picture.

It sounds like you have a proper DNS domain name from what you're saying.

Will wait for Monday's reports.
0
 

Author Comment

by:rox5488
Comment Utility
Netman

Here are the results you were looking for from DCDIAG run on the DC this morning.  I beleive I scrubbed it all pretty well.  it doesn't look like anything is failing.  After this I am posting the Netdiag for you to see.  Then also posting the error I get when trying to promote a DC.  Finally I did get a few ID's from event viewer but I'm not sure they mean much to you either.  I'm still pretty stumped!  The only thinK I saw in the Netdiag was no primary wins server... ALthough I do have the service setup and running on this DC?


Domain Controller Diagnosis

Performing initial setup:
   * Verifying that the local machine server, is a DC.
   * Connecting to directory service on server server.
   * Collecting site info.
   * Identifying all servers.
   * Identifying all NC cross-refs.
   * Found 1 DC(s). Testing 1 of them.
   Done gathering initial info.

Doing initial required tests
   
   Testing server: Default-First-Site-Name\server
      Starting test: Connectivity
         * Active Directory LDAP Services Check
         * Active Directory RPC Services Check
         ......................... server passed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site-Name\server
      Starting test: Replications
         * Replications Check
         * Replication Latency Check
         ......................... server passed test Replications
      Test omitted by user request: Topology
      Test omitted by user request: CutoffServers
      Starting test: NCSecDesc
         * Security Permissions check for all NC's on DC server.
         * Security Permissions Check for
           DC=ForestDnsZones,DC=domain,DC=local
            (NDNC,Version 2)
         * Security Permissions Check for
           DC=DomainDnsZones,DC=domain,DC=local
            (NDNC,Version 2)
         * Security Permissions Check for
           CN=Schema,CN=Configuration,DC=domain,DC=local
            (Schema,Version 2)
         * Security Permissions Check for
           CN=Configuration,DC=domain,DC=local
            (Configuration,Version 2)
         * Security Permissions Check for
           DC=domain,DC=local
            (Domain,Version 2)
         ......................... server passed test NCSecDesc
      Starting test: NetLogons
         * Network Logons Privileges Check
         Verified share \\server\netlogon
         Verified share \\server\sysvol
         ......................... server passed test NetLogons
      Starting test: Advertising
         The DC server is advertising itself as a DC and having a DS.
         The DC server is advertising as an LDAP server
         The DC server is advertising as having a writeable directory
         The DC server is advertising as a Key Distribution Center
         The DC server is advertising as a time server
         The DS server is advertising as a GC.
         ......................... server passed test Advertising
      Starting test: KnowsOfRoleHolders
         Role Schema Owner = CN=NTDS Settings,CN=server,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local
         Role Domain Owner = CN=NTDS Settings,CN=server,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local
         Role PDC Owner = CN=NTDS Settings,CN=server,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local
         Role Rid Owner = CN=NTDS Settings,CN=server,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local
         Role Infrastructure Update Owner = CN=NTDS Settings,CN=server,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local
         ......................... server passed test KnowsOfRoleHolders
      Starting test: RidManager
         * Available RID Pool for the Domain is 2203 to 1073741823
         * server.domain.local is the RID Master
         * DsBind with RID Master was successful
         * rIDAllocationPool is 1703 to 2202
         * rIDPreviousAllocationPool is 1703 to 2202
         * rIDNextRID: 1709
         ......................... server passed test RidManager
      Starting test: MachineAccount
         Checking machine account for DC server on DC server.
         * SPN found :LDAP/server.domain.local/domain.local
         * SPN found :LDAP/server.domain.local
         * SPN found :LDAP/server
         * SPN found :LDAP/server.domain.local/netbios domain
         * SPN found :LDAP/8412b6b6-fcd5-4d5a-a78f-e3ad7366831b._msdcs.domain.local
         * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/8412b6b6-fcd5-4d5a-a78f-e3ad7366831b/domain.local
         * SPN found :HOST/server.domain.local/domain.local
         * SPN found :HOST/server.domain.local
         * SPN found :HOST/server
         * SPN found :HOST/server.domain.local/netbios domain
         * SPN found :GC/server.domain.local/domain.local
         ......................... server passed test MachineAccount
      Starting test: Services
         * Checking Service: Dnscache
         * Checking Service: NtFrs
         * Checking Service: IsmServ
         * Checking Service: kdc
         * Checking Service: SamSs
         * Checking Service: LanmanServer
         * Checking Service: LanmanWorkstation
         * Checking Service: RpcSs
         * Checking Service: w32time
         * Checking Service: NETLOGON
         ......................... server passed test Services
      Test omitted by user request: OutboundSecureChannels
      Starting test: ObjectsReplicated
         server is in domain DC=domain,DC=local
         Checking for CN=server,OU=Domain Controllers,DC=domain,DC=local in domain DC=domain,DC=local on 1 servers
            Object is up-to-date on all servers.
         Checking for CN=NTDS Settings,CN=server,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local in domain CN=Configuration,DC=domain,DC=local on 1 servers
            Object is up-to-date on all servers.
         ......................... server passed test ObjectsReplicated
      Starting test: frssysvol
         * The File Replication Service SYSVOL ready test
         File Replication Service's SYSVOL is ready
         ......................... server passed test frssysvol
      Starting test: frsevent
         * The File Replication Service Event log test
         ......................... server passed test frsevent
      Starting test: kccevent
         * The KCC Event log test
         Found no KCC errors in Directory Service Event log in the last 15 minutes.
         ......................... server passed test kccevent
      Starting test: systemlog
         * The System Event log test
         Found no errors in System Event log in the last 60 minutes.
         ......................... server passed test systemlog
      Test omitted by user request: VerifyReplicas
      Starting test: VerifyReferences
         The system object reference (serverReference)

         CN=server,OU=Domain Controllers,DC=domain,DC=local and backlink on

         CN=server,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local

         are correct.
         The system object reference (frsComputerReferenceBL)

         CN=server,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=domain,DC=local

         and backlink on CN=server,OU=Domain Controllers,DC=domain,DC=local are

         correct.
         The system object reference (serverReferenceBL)

         CN=server,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=domain,DC=local

         and backlink on

         CN=NTDS Settings,CN=server,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local

         are correct.
         ......................... server passed test VerifyReferences
      Test omitted by user request: VerifyEnterpriseReferences
      Test omitted by user request: CheckSecurityError
   
   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
   
   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
   
   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
   
   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
   
   Running partition tests on : domain
      Starting test: CrossRefValidation
         ......................... domain passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... domain passed test CheckSDRefDom
   
   Running enterprise tests on : domain.local
      Starting test: Intersite
         Skipping site Default-First-Site-Name, this site is outside the scope

         provided by the command line arguments provided.
         ......................... domain.local passed test Intersite
      Starting test: FsmoCheck
         GC Name: \\server.domain.local
         Locator Flags: 0xe00003fd
         PDC Name: \\server.domain.local
         Locator Flags: 0xe00003fd
         Time Server Name: \\server.domain.local
         Locator Flags: 0xe00003fd
         Preferred Time Server Name: \\server.domain.local
         Locator Flags: 0xe00003fd
         KDC Name: \\server.domain.local
         Locator Flags: 0xe00003fd
         ......................... domain.local passed test FsmoCheck
      Test omitted by user request: DNS
      Test omitted by user request: DNS

)____________________  END OF DCDIAG  START OF NETDIAG LOG_______________________________





    Gathering IPX configuration information.
    Querying status of the Netcard drivers... Passed
    Testing Domain membership... Passed
    Gathering NetBT configuration information.
    Testing for autoconfiguration... Passed
    Testing IP loopback ping... Passed
    Testing default gateways... Passed
    Enumerating local and remote NetBT name cache... Passed
    Testing the WINS server
        Local Area Connection
            There is no primary WINS server defined for this adapter.
            There is no secondary WINS server defined for this adapter.
    Gathering Winsock information.
    Testing DNS
    PASS - All the DNS entries for DC are registered on DNS server '127.0.0.1'.
    Testing redirector and browser... Passed
    Testing DC discovery.
        Looking for a DC
        Looking for a PDC emulator
        Looking for an Active Directory DC
    Gathering the list of Domain Controllers for domain 'NETBIOSDOMAINNAME'
    Testing trust relationships... Skipped
    Testing Kerberos authentication... Passed
    Testing LDAP servers in Domain NETBIOSDOMAINNAME ...
    Gathering routing information
    Gathering network statistics information.
    Gathering configuration of bindings.
    Gathering RAS connection information
    Gathering Modem information
    Gathering Netware information
    Gathering IP Security information

    Tests complete.


    Computer Name: SERVER
    DNS Host Name: SERVER.domain.local
    DNS Domain Name: domain.local
    System info : Microsoft Windows Server 2003 R2 (Build 3790)
    Processor : x86 Family 6 Model 7 Stepping 3, GenuineIntel
    Hotfixes :
        Installed?      Name
           Yes          KB893756
           Yes          KB896358
           Yes          KB896424
           Yes          KB896428
           Yes          KB898715
           Yes          KB899587
           Yes          KB899588
           Yes          KB899589
           Yes          KB899591
           Yes          KB900725
           Yes          KB901017
           Yes          KB901214
           Yes          KB902400
           Yes          KB904706
           Yes          KB905414
           Yes          KB908519
           Yes          KB908531
           Yes          KB910437
           Yes          KB911164
           Yes          KB911280
           Yes          KB911562
           Yes          KB911567
           Yes          KB911927
           Yes          KB912919
           Yes          KB914388
           Yes          KB914389
           Yes          KB917344
           Yes          KB917422
           Yes          KB917734
           Yes          KB917953
           Yes          KB918439
           Yes          KB920213
           Yes          KB920214
           Yes          KB920670
           Yes          KB920683
           Yes          KB920685
           Yes          KB921398
           Yes          KB921883
           Yes          KB922582
           Yes          KB922616
           Yes          KB922760
           Yes          KB922819
           Yes          KB923191
           Yes          KB923414
           Yes          KB923980
           Yes          KB924191
           Yes          KB924496
           Yes          KB925486
           Yes          Q147222


Netcard queries test . . . . . . . : Passed

    Information of Netcard drivers:

    ---------------------------------------------------------------------------
    Description: 3Com 3C905TX-based Ethernet Adapter (Generic)
    Device: \DEVICE\{D5DAF071-9DC9-4DE3-A996-F0CFD6F5F9C2}

    Media State:                     Connected

    Device State:                    Connected
    Connect Time:                    1 days, 18:57:32
    Media Speed:                     100 Mbps

    Packets Sent:                    64624
    Bytes Sent (Optional):           0

    Packets Received:                645500
    Directed Pkts Recd (Optional):   65631
    Bytes Received (Optional):       0
    Directed Bytes Recd (Optional):  0

    Packets SendError:               4
    ---------------------------------------------------------------------------
    [PASS] - At least one netcard is in the 'Connected' state.



Per interface results:

    Adapter : Local Area Connection
        Adapter ID . . . . . . . . : {D5DAF071-9DC9-4DE3-A996-F0CFD6F5F9C2}

        Netcard queries test . . . : Passed

        Adapter type . . . . . . . : Ethernet
        Host Name. . . . . . . . . : SERVER.NETBIOSDOMAINNAME
        Description. . . . . . . . : 3Com 3C905TX-based Ethernet Adapter (Generic)
        Physical Address . . . . . : 00-60-97-D1-90-85
        Dhcp Enabled . . . . . . . : No
        DHCP ClassID . . . . . . . :
        Autoconfiguration Enabled. : Yes
        IP Address . . . . . . . . : 192.168.20.9
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.20.20
        Dns Servers. . . . . . . . : 127.0.0.1

        IpConfig results . . . . . : Passed

        AutoConfiguration results. . . . . . : Passed
            AutoConfiguration is not in use.

        Default gateway test . . . : Passed
            Pinging gateway 192.168.20.20 - reachable
            At least one gateway reachable for this adapter.

        NetBT name test. . . . . . : Passed
            NetBT_Tcpip_{D5DAF071-9DC9-4DE3-A996-F0CFD6F5F9C2}
            SERVER         <00>  UNIQUE      REGISTERED
            NETBIOSDOMAINNAME            <00>  GROUP       REGISTERED
            NETBIOSDOMAINNAME            <1C>  GROUP       REGISTERED
            SERVER         <20>  UNIQUE      REGISTERED
            NETBIOSDOMAINNAME            <1B>  UNIQUE      REGISTERED
            SERVER         <03>  UNIQUE      REGISTERED
            NETBIOSDOMAINNAME            <1E>  GROUP       REGISTERED
            NETBIOSDOMAINNAME            <1D>  UNIQUE      REGISTERED
            ..__MSBROWSE__.<01>  GROUP       REGISTERED

            NetBios Resolution : via DHCP

            No remote names have been found.

        WINS service test. . . . . : Skipped
            There is no primary WINS server defined for this adapter.
            There is no secondary WINS server defined for this adapter.
            There are no WINS servers configured for this interface.

        Ipx configration
            Network Number . . . . : 00000000
            Node . . . . . . . . . : 006097d19085
            Frame type . . . . . . : 802.2



    Adapter : IPX Internal Interface
        Adapter ID . . . . . . . . : Internal

        Netcard queries test . . . : Passed

        Ipx configration
            Network Number . . . . : 00000000
            Node . . . . . . . . . : 000000000001
            Frame type . . . . . . : Ethernet II



    Adapter : IpxLoopbackAdapter
        Adapter ID . . . . . . . . : IpxLoopbackAdapter

        Netcard queries test . . . : Passed

        Ipx configration
            Network Number . . . . : 1234cdef
            Node . . . . . . . . . : 000000000002
            Frame type . . . . . . : 802.2



    Adapter : NDISWANIPX
        Adapter ID . . . . . . . . : NDISWANIPX

        Netcard queries test . . . : Passed

        Ipx configration
            Network Number . . . . : 00000000
            Node . . . . . . . . . : 84e220524153
            Frame type . . . . . . : Ethernet II




Global results:


IP General configuration
    LMHOSTS Enabled. . . . . . . . : Yes
    DNS for WINS resolution. . . . : Enabled
    Node Type. . . . . . . . . . . : Hybrid
    NBT Scope ID . . . . . . . . . :
    Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled . . . . . . : No
    DNS resolution for NETBIOS . . : No



Domain membership test . . . . . . : Passed
    Machine is a . . . . . . . . . : Primary Domain Controller Emulator
    Netbios Domain name. . . . . . : NETBIOSDOMAINNAME
    Dns domain name. . . . . . . . : domain.local
    Dns forest name. . . . . . . . : domain.local
    Domain Guid. . . . . . . . . . : {1164D7AD-1824-483B-AC3B-18C17FA5BB67}
    Domain Sid . . . . . . . . . . : S-1-5-21-1346044129-2019391317-1232828436
    Logon User . . . . . . . . . . : Administrator
    Logon Domain . . . . . . . . . : NETBIOSDOMAINNAME


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{D5DAF071-9DC9-4DE3-A996-F0CFD6F5F9C2}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed
    PASS - you have at least one non-autoconfigured IP address


IP loopback ping test. . . . . . . : Passed
    PASS - pinging IP loopback address was successful.
    Your IP stack is most probably OK.


Default gateway test . . . . . . . : Passed
    PASS - you have at least one reachable gateway.


NetBT name test. . . . . . . . . . : Passed
   No NetBT scope defined

   PASS - The NetBT is properly configured.
     There is at least one interface where the <00> 'WorkStation Service',
     <03> 'Messenger Service', <20> 'WINS' names are defined and they are
     not in conflict.


Winsock test . . . . . . . . . . . : Passed
    The number of protocols which have been reported : 17
        Description: MSAFD Tcpip [TCP/IP]
            Provider Version   :2
            Max message size  : Stream Oriented
        Description: MSAFD Tcpip [UDP/IP]
            Provider Version   :2
        Description: MSAFD NwlnkIpx [IPX]
            Provider Version   :2
        Description: MSAFD NwlnkSpx [SPX]
            Provider Version   :2
            Max message size  : depends on MTU
        Description: MSAFD NwlnkSpx [SPX] [Pseudo Stream]
            Provider Version   :2
            Max message size  : Stream Oriented
        Description: MSAFD NwlnkSpx [SPX II]
            Provider Version   :2
            Max message size  : depends on MTU
        Description: MSAFD NwlnkSpx [SPX II] [Pseudo Stream]
            Provider Version   :2
            Max message size  : Stream Oriented
        Description: RSVP UDP Service Provider
            Provider Version   :6
        Description: RSVP TCP Service Provider
            Provider Version   :6
            Max message size  : Stream Oriented
        Description: MSAFD NetBIOS [\Device\NwlnkNb] SEQPACKET 1
            Provider Version   :2
        Description: MSAFD NetBIOS [\Device\NwlnkNb] DATAGRAM 1
            Provider Version   :2
        Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{D5DAF071-9DC9-4DE3-A996-F0CFD6F5F9C2}] SEQPACKET 2
            Provider Version   :2
        Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{D5DAF071-9DC9-4DE3-A996-F0CFD6F5F9C2}] DATAGRAM 2
            Provider Version   :2
        Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DF0FF40C-1117-41EC-8DD0-6031303121F9}] SEQPACKET 0
            Provider Version   :2
        Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{DF0FF40C-1117-41EC-8DD0-6031303121F9}] DATAGRAM 0
            Provider Version   :2
        Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1314CD5C-D459-4CB9-A205-C6B1C13C904D}] SEQPACKET 3
            Provider Version   :2
        Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1314CD5C-D459-4CB9-A205-C6B1C13C904D}] DATAGRAM 3
            Provider Version   :2

    Max UDP size : 65507 bytes


DNS test . . . . . . . . . . . . . : Passed
      Interface {D5DAF071-9DC9-4DE3-A996-F0CFD6F5F9C2}
        DNS Domain: NETBIOSDOMAINNAME
        DNS Servers: 127.0.0.1
        IP Address:         Expected registration with PDN (primary DNS domain name):
          Hostname: SERVER.domain.local.
          Authoritative zone: domain.local.
          Primary DNS server: SERVER.domain.local 192.168.20.9
          Authoritative NS:192.168.20.9
        Expected registration with adapter's DNS Domain Name:
          Hostname: SERVER.NETBIOSDOMAINNAME.
          Registration with adapter's DNS domain name is disabled.
Check the DNS registration for DCs entries on DNS server '127.0.0.1'
The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

The Record is correct on DNS server '127.0.0.1'.

    PASS - All the DNS entries for DC are registered on DNS server '127.0.0.1'.


Redir and Browser test . . . . . . : Passed
    List of transports currently bound to the Redir
        NwlnkNb
        NetbiosSmb
        NetBT_Tcpip_{D5DAF071-9DC9-4DE3-A996-F0CFD6F5F9C2}
    The redir is bound to 1 NetBt transport.

    List of transports currently bound to the browser
        NwlnkNb
        NetBT_Tcpip_{D5DAF071-9DC9-4DE3-A996-F0CFD6F5F9C2}
        NwlnkIpx
    The browser is bound to 1 NetBt transport.
    Mailslot test for NETBIOSDOMAINNAME* passed.


DC discovery test. . . . . . . . . : Passed

    Find DC in domain 'NETBIOSDOMAINNAME':
    Found this DC in domain 'NETBIOSDOMAINNAME':
        DC. . . . . . . . . . . : \\SERVER.domain.local
        Address . . . . . . . . : \\192.168.20.9
        Domain Guid . . . . . . : {1164D7AD-1824-483B-AC3B-18C17FA5BB67}
        Domain Name . . . . . . : domain.local
        Forest Name . . . . . . : domain.local
        DC Site Name. . . . . . : Default-First-Site-Name
        Our Site Name . . . . . : Default-First-Site-Name
        Flags . . . . . . . . . : PDC emulator GC DS KDC TIMESERV GTIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST CLOSE_SITE 0x8

    Find PDC emulator in domain 'NETBIOSDOMAINNAME':
    Found this PDC emulator in domain 'NETBIOSDOMAINNAME':
        DC. . . . . . . . . . . : \\SERVER.domain.local
        Address . . . . . . . . : \\192.168.20.9
        Domain Guid . . . . . . : {1164D7AD-1824-483B-AC3B-18C17FA5BB67}
        Domain Name . . . . . . : domain.local
        Forest Name . . . . . . : domain.local
        DC Site Name. . . . . . : Default-First-Site-Name
        Our Site Name . . . . . : Default-First-Site-Name
        Flags . . . . . . . . . : PDC emulator GC DS KDC TIMESERV GTIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST CLOSE_SITE 0x8

    Find Active Directory DC in domain 'NETBIOSDOMAINNAME':
    Found this Active Directory DC in domain 'NETBIOSDOMAINNAME':
        DC. . . . . . . . . . . : \\SERVER.domain.local
        Address . . . . . . . . : \\192.168.20.9
        Domain Guid . . . . . . : {1164D7AD-1824-483B-AC3B-18C17FA5BB67}
        Domain Name . . . . . . : domain.local
        Forest Name . . . . . . : domain.local
        DC Site Name. . . . . . : Default-First-Site-Name
        Our Site Name . . . . . : Default-First-Site-Name
        Flags . . . . . . . . . : PDC emulator GC DS KDC TIMESERV GTIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST CLOSE_SITE 0x8


DC list test . . . . . . . . . . . : Passed
    List of DCs in Domain 'NETBIOSDOMAINNAME':
        SERVER.domain.local
        NETBIOSDOMAINNAME_01  (this DC is down)
        PLANT_FP01


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed
    Cached Tickets:


LDAP test. . . . . . . . . . . . . : Passed

    Do un-authenticated LDAP call to 'SERVER.domain.local'.
        Found 1 entries:
        Attr: currentTime
            Val: 17 20061126150620.0Z
        Attr: subschemaSubentry
            Val: 57 CN=Aggregate,CN=Schema,CN=Configuration,DC=domain,DC=local
        Attr: dsServiceName
            Val: 108 CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local
        Attr: namingContexts
            Val: 17 DC=domain,DC=local
            Val: 34 CN=Configuration,DC=domain,DC=local
            Val: 44 CN=Schema,CN=Configuration,DC=domain,DC=local
            Val: 35 DC=DomainDnsZones,DC=domain,DC=local
            Val: 35 DC=ForestDnsZones,DC=domain,DC=local
        Attr: defaultNamingContext
            Val: 17 DC=domain,DC=local
        Attr: schemaNamingContext
            Val: 44 CN=Schema,CN=Configuration,DC=domain,DC=local
        Attr: configurationNamingContext
            Val: 34 CN=Configuration,DC=domain,DC=local
        Attr: rootDomainNamingContext
            Val: 17 DC=domain,DC=local
        Attr: supportedControl
            Val: 22 1.2.840.113556.1.4.319
            Val: 22 1.2.840.113556.1.4.801
            Val: 22 1.2.840.113556.1.4.473
            Val: 22 1.2.840.113556.1.4.528
            Val: 22 1.2.840.113556.1.4.417
            Val: 22 1.2.840.113556.1.4.619
            Val: 22 1.2.840.113556.1.4.841
            Val: 22 1.2.840.113556.1.4.529
            Val: 22 1.2.840.113556.1.4.805
            Val: 22 1.2.840.113556.1.4.521
            Val: 22 1.2.840.113556.1.4.970
            Val: 23 1.2.840.113556.1.4.1338
            Val: 22 1.2.840.113556.1.4.474
            Val: 23 1.2.840.113556.1.4.1339
            Val: 23 1.2.840.113556.1.4.1340
            Val: 23 1.2.840.113556.1.4.1413
            Val: 23 2.16.840.1.113730.3.4.9
            Val: 24 2.16.840.1.113730.3.4.10
            Val: 23 1.2.840.113556.1.4.1504
            Val: 23 1.2.840.113556.1.4.1852
            Val: 22 1.2.840.113556.1.4.802
            Val: 23 1.2.840.113556.1.4.1907
        Attr: supportedLDAPVersion
            Val: 1 3
            Val: 1 2
        Attr: supportedLDAPPolicies
            Val: 14 MaxPoolThreads
            Val: 15 MaxDatagramRecv
            Val: 16 MaxReceiveBuffer
            Val: 15 InitRecvTimeout
            Val: 14 MaxConnections
            Val: 15 MaxConnIdleTime
            Val: 11 MaxPageSize
            Val: 16 MaxQueryDuration
            Val: 16 MaxTempTableSize
            Val: 16 MaxResultSetSize
            Val: 22 MaxNotificationPerConn
            Val: 11 MaxValRange
        Attr: highestCommittedUSN
            Val: 5 36966
        Attr: supportedSASLMechanisms
            Val: 6 GSSAPI
            Val: 10 GSS-SPNEGO
            Val: 8 EXTERNAL
            Val: 10 DIGEST-MD5
        Attr: dnsHostName
            Val: 18 SERVER.domain.local
        Attr: ldapServiceName
            Val: 31 domain.local:SERVER$@domain.LOCAL
        Attr: serverName
            Val: 91 CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local
        Attr: supportedCapabilities
            Val: 22 1.2.840.113556.1.4.800
            Val: 23 1.2.840.113556.1.4.1670
            Val: 23 1.2.840.113556.1.4.1791
        Attr: isSynchronized
            Val: 4 TRUE
        Attr: isGlobalCatalogReady
            Val: 4 TRUE
        Attr: domainFunctionality
            Val: 1 1
        Attr: forestFunctionality
            Val: 1 1
        Attr: domainControllerFunctionality
            Val: 1 2

    Do NTLM authenticated LDAP call to 'SERVER.domain.local'.
        Found 1 entries:
        Attr: currentTime
            Val: 17 20061126150620.0Z
        Attr: subschemaSubentry
            Val: 57 CN=Aggregate,CN=Schema,CN=Configuration,DC=domain,DC=local
        Attr: dsServiceName
            Val: 108 CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local
        Attr: namingContexts
            Val: 17 DC=domain,DC=local
            Val: 34 CN=Configuration,DC=domain,DC=local
            Val: 44 CN=Schema,CN=Configuration,DC=domain,DC=local
            Val: 35 DC=DomainDnsZones,DC=domain,DC=local
            Val: 35 DC=ForestDnsZones,DC=domain,DC=local
        Attr: defaultNamingContext
            Val: 17 DC=domain,DC=local
        Attr: schemaNamingContext
            Val: 44 CN=Schema,CN=Configuration,DC=domain,DC=local
        Attr: configurationNamingContext
            Val: 34 CN=Configuration,DC=domain,DC=local
        Attr: rootDomainNamingContext
            Val: 17 DC=domain,DC=local
        Attr: supportedControl
            Val: 22 1.2.840.113556.1.4.319
            Val: 22 1.2.840.113556.1.4.801
            Val: 22 1.2.840.113556.1.4.473
            Val: 22 1.2.840.113556.1.4.528
            Val: 22 1.2.840.113556.1.4.417
            Val: 22 1.2.840.113556.1.4.619
            Val: 22 1.2.840.113556.1.4.841
            Val: 22 1.2.840.113556.1.4.529
            Val: 22 1.2.840.113556.1.4.805
            Val: 22 1.2.840.113556.1.4.521
            Val: 22 1.2.840.113556.1.4.970
            Val: 23 1.2.840.113556.1.4.1338
            Val: 22 1.2.840.113556.1.4.474
            Val: 23 1.2.840.113556.1.4.1339
            Val: 23 1.2.840.113556.1.4.1340
            Val: 23 1.2.840.113556.1.4.1413
            Val: 23 2.16.840.1.113730.3.4.9
            Val: 24 2.16.840.1.113730.3.4.10
            Val: 23 1.2.840.113556.1.4.1504
            Val: 23 1.2.840.113556.1.4.1852
            Val: 22 1.2.840.113556.1.4.802
            Val: 23 1.2.840.113556.1.4.1907
        Attr: supportedLDAPVersion
            Val: 1 3
            Val: 1 2
        Attr: supportedLDAPPolicies
            Val: 14 MaxPoolThreads
            Val: 15 MaxDatagramRecv
            Val: 16 MaxReceiveBuffer
            Val: 15 InitRecvTimeout
            Val: 14 MaxConnections
            Val: 15 MaxConnIdleTime
            Val: 11 MaxPageSize
            Val: 16 MaxQueryDuration
            Val: 16 MaxTempTableSize
            Val: 16 MaxResultSetSize
            Val: 22 MaxNotificationPerConn
            Val: 11 MaxValRange
        Attr: highestCommittedUSN
            Val: 5 36966
        Attr: supportedSASLMechanisms
            Val: 6 GSSAPI
            Val: 10 GSS-SPNEGO
            Val: 8 EXTERNAL
            Val: 10 DIGEST-MD5
        Attr: dnsHostName
            Val: 18 SERVER.domain.local
        Attr: ldapServiceName
            Val: 31 domain.local:SERVER$@domain.LOCAL
        Attr: serverName
            Val: 91 CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local
        Attr: supportedCapabilities
            Val: 22 1.2.840.113556.1.4.800
            Val: 23 1.2.840.113556.1.4.1670
            Val: 23 1.2.840.113556.1.4.1791
        Attr: isSynchronized
            Val: 4 TRUE
        Attr: isGlobalCatalogReady
            Val: 4 TRUE
        Attr: domainFunctionality
            Val: 1 1
        Attr: forestFunctionality
            Val: 1 1
        Attr: domainControllerFunctionality
            Val: 1 2

    Do Negotiate authenticated LDAP call to 'SERVER.domain.local'.
        Found 1 entries:
        Attr: currentTime
            Val: 17 20061126150620.0Z
        Attr: subschemaSubentry
            Val: 57 CN=Aggregate,CN=Schema,CN=Configuration,DC=domain,DC=local
        Attr: dsServiceName
            Val: 108 CN=NTDS Settings,CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local
        Attr: namingContexts
            Val: 17 DC=domain,DC=local
            Val: 34 CN=Configuration,DC=domain,DC=local
            Val: 44 CN=Schema,CN=Configuration,DC=domain,DC=local
            Val: 35 DC=DomainDnsZones,DC=domain,DC=local
            Val: 35 DC=ForestDnsZones,DC=domain,DC=local
        Attr: defaultNamingContext
            Val: 17 DC=domain,DC=local
        Attr: schemaNamingContext
            Val: 44 CN=Schema,CN=Configuration,DC=domain,DC=local
        Attr: configurationNamingContext
            Val: 34 CN=Configuration,DC=domain,DC=local
        Attr: rootDomainNamingContext
            Val: 17 DC=domain,DC=local
        Attr: supportedControl
            Val: 22 1.2.840.113556.1.4.319
            Val: 22 1.2.840.113556.1.4.801
            Val: 22 1.2.840.113556.1.4.473
            Val: 22 1.2.840.113556.1.4.528
            Val: 22 1.2.840.113556.1.4.417
            Val: 22 1.2.840.113556.1.4.619
            Val: 22 1.2.840.113556.1.4.841
            Val: 22 1.2.840.113556.1.4.529
            Val: 22 1.2.840.113556.1.4.805
            Val: 22 1.2.840.113556.1.4.521
            Val: 22 1.2.840.113556.1.4.970
            Val: 23 1.2.840.113556.1.4.1338
            Val: 22 1.2.840.113556.1.4.474
            Val: 23 1.2.840.113556.1.4.1339
            Val: 23 1.2.840.113556.1.4.1340
            Val: 23 1.2.840.113556.1.4.1413
            Val: 23 2.16.840.1.113730.3.4.9
            Val: 24 2.16.840.1.113730.3.4.10
            Val: 23 1.2.840.113556.1.4.1504
            Val: 23 1.2.840.113556.1.4.1852
            Val: 22 1.2.840.113556.1.4.802
            Val: 23 1.2.840.113556.1.4.1907
        Attr: supportedLDAPVersion
            Val: 1 3
            Val: 1 2
        Attr: supportedLDAPPolicies
            Val: 14 MaxPoolThreads
            Val: 15 MaxDatagramRecv
            Val: 16 MaxReceiveBuffer
            Val: 15 InitRecvTimeout
            Val: 14 MaxConnections
            Val: 15 MaxConnIdleTime
            Val: 11 MaxPageSize
            Val: 16 MaxQueryDuration
            Val: 16 MaxTempTableSize
            Val: 16 MaxResultSetSize
            Val: 22 MaxNotificationPerConn
            Val: 11 MaxValRange
        Attr: highestCommittedUSN
            Val: 5 36966
        Attr: supportedSASLMechanisms
            Val: 6 GSSAPI
            Val: 10 GSS-SPNEGO
            Val: 8 EXTERNAL
            Val: 10 DIGEST-MD5
        Attr: dnsHostName
            Val: 18 SERVER.domain.local
        Attr: ldapServiceName
            Val: 31 domain.local:SERVER$@domain.LOCAL
        Attr: serverName
            Val: 91 CN=SERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=domain,DC=local
        Attr: supportedCapabilities
            Val: 22 1.2.840.113556.1.4.800
            Val: 23 1.2.840.113556.1.4.1670
            Val: 23 1.2.840.113556.1.4.1791
        Attr: isSynchronized
            Val: 4 TRUE
        Attr: isGlobalCatalogReady
            Val: 4 TRUE
        Attr: domainFunctionality
            Val: 1 1
        Attr: forestFunctionality
            Val: 1 1
        Attr: domainControllerFunctionality
            Val: 1 2

    Registered Service Principal Names:
        ldap/SERVER.domain.local/ForestDnsZones.domain.local
        ldap/SERVER.domain.local/DomainDnsZones.domain.local
        DNS/SERVER.domain.local
        NtFrs-88f5d2bd-b646-11d2-a6d3-00c04fc9b232/SERVER.domain.local
        GC/SERVER.domain.local/domain.local
        HOST/SERVER.domain.local/NETBIOSDOMAINNAME
        HOST/SERVER
        HOST/SERVER.domain.local
        HOST/SERVER.domain.local/domain.local
        E3514235-4B06-11D1-AB04-00C04FC2DCD2/8412b6b6-fcd5-4d5a-a78f-e3ad7366831b/domain.local
        ldap/8412b6b6-fcd5-4d5a-a78f-e3ad7366831b._msdcs.domain.local
        ldap/SERVER.domain.local/NETBIOSDOMAINNAME
        ldap/SERVER
        ldap/SERVER.domain.local
        ldap/SERVER.domain.local/domain.local
    Cannot test LDAP to 'NETBIOSDOMAINNAME_01' since it isn't running the DS. [Test skipped.]
    Cannot test LDAP to 'PLANT_FP01' since it isn't running the DS. [Test skipped.]


Routing table test . . . . . . . . : Passed
Active Routes :
Network Destination        Netmask           Gateway         Interface  Metric
         0.0.0.0           0.0.0.0     192.168.20.20      192.168.20.9      20
       127.0.0.0         255.0.0.0         127.0.0.1         127.0.0.1       1
    192.168.20.0     255.255.255.0      192.168.20.9      192.168.20.9      20
    192.168.20.9   255.255.255.255         127.0.0.1         127.0.0.1      20
  192.168.20.255   255.255.255.255      192.168.20.9      192.168.20.9      20
       224.0.0.0         240.0.0.0      192.168.20.9      192.168.20.9      20
 255.255.255.255   255.255.255.255      192.168.20.9      192.168.20.9       1
No persistent route entries.


Netstat information test . . . . . : Passed


    Interface Statistics

                                    Received             Sent
    Unicast Packets                120108893         73582414
    Non-unicast packets               398641             3692
    Discards                               0                0
    Errors                                 0                0
    Unknown protocols                  54326           458284

    Interface index         =  1
    Description             =  MS TCP Loopback interface
    Type                    =  24
    MTU                     =  1520
    Speed                   =  10000000
    Physical Address        =  00-00-00-00-00-00
    Administrative Status   =  1
    Operational Status      =  1
    Last Changed            =  986998773
    Output Queue Length     =  0


    Interface index         =  2
    Description             =  3Com 3C905TX-based Ethernet Adapter (Generic)
    Type                    =  6
    MTU                     =  1500
    Speed                   =  100000000
    Physical Address        =  00-60-97-D1-90-85
    Administrative Status   =  1
    Operational Status      =  1
    Last Changed            =  986998784
    Output Queue Length     =  0



    Active Connections

  Proto Local Address         Foreign Address                           State
    TCP   SERVER:nameserver     SERVER.domain.local:28744                  LISTENING
    TCP   SERVER:domain         SERVER.domain.local:2182                   LISTENING
    TCP   SERVER:kerberos       SERVER.domain.local:59507                  LISTENING
    TCP   SERVER:epmap          SERVER.domain.local:2144                   LISTENING
    TCP   SERVER:ldap           SERVER.domain.local:24683                  LISTENING
    TCP   SERVER:microsoft-ds   SERVER.domain.local:2080                   LISTENING
    TCP   SERVER:kpasswd        SERVER.domain.local:28823                  LISTENING
    TCP   SERVER:http-rpc-epmap  SERVER.domain.local:53367                  LISTENING
    TCP   SERVER:ldaps          SERVER.domain.local:24683                  LISTENING
    TCP   SERVER:1025           SERVER.domain.local:49205                  LISTENING
    TCP   SERVER:1027           SERVER.domain.local:18470                  LISTENING
    TCP   SERVER:1047           SERVER.domain.local:43029                  LISTENING
    TCP   SERVER:1048           SERVER.domain.local:26726                  LISTENING
    TCP   SERVER:1158           SERVER.domain.local:10252                  LISTENING
    TCP   SERVER:1229           SERVER.domain.local:2265                   LISTENING
    TCP   SERVER:2301           SERVER.domain.local:14568                  LISTENING
    TCP   SERVER:2381           SERVER.domain.local:32805                  LISTENING
    TCP   SERVER:msft-gc        SERVER.domain.local:39038                  LISTENING
    TCP   SERVER:msft-gc-ssl    SERVER.domain.local:2114                   LISTENING
    TCP   SERVER:ldap           SERVER.domain.local:1031                   ESTABLISHED
    TCP   SERVER:ldap           SERVER.domain.local:1032                   ESTABLISHED
    TCP   SERVER:ldap           SERVER.domain.local:1033                   ESTABLISHED
    TCP   SERVER:ldap           SERVER.domain.local:1092                   ESTABLISHED
    TCP   SERVER:1031           SERVER.domain.local:ldap                   ESTABLISHED
    TCP   SERVER:1032           SERVER.domain.local:ldap                   ESTABLISHED
    TCP   SERVER:1033           SERVER.domain.local:ldap                   ESTABLISHED
    TCP   SERVER:1092           SERVER.domain.local:ldap                   ESTABLISHED
    TCP   SERVER:netbios-ssn    SERVER.domain.local:12345                  LISTENING
    TCP   SERVER:netbios-ssn    PLANT_FP01:2546                           ESTABLISHED
    TCP   SERVER:netbios-ssn    PLANT_FP01:2641                           ESTABLISHED
    TCP   SERVER:ldap           SERVER.domain.local:1091                   ESTABLISHED
    TCP   SERVER:ldap           SERVER.domain.local:1511                   TIME_WAIT
    TCP   SERVER:ldap           SERVER.domain.local:wins                   TIME_WAIT
    TCP   SERVER:ldap           SERVER.domain.local:1513                   TIME_WAIT
    TCP   SERVER:ldap           SERVER.domain.local:1514                   TIME_WAIT
    TCP   SERVER:ldap           SERVER.domain.local:1550                   TIME_WAIT
    TCP   SERVER:ldap           SERVER.domain.local:1551                   TIME_WAIT
    TCP   SERVER:ldap           SERVER.domain.local:1558                   TIME_WAIT
    TCP   SERVER:ldap           SERVER.domain.local:1559                   ESTABLISHED
    TCP   SERVER:ldap           SERVER.domain.local:1560                   TIME_WAIT
    TCP   SERVER:1025           SERVER.domain.local:1228                   ESTABLISHED
    TCP   SERVER:1025           SERVER.domain.local:1391                   ESTABLISHED
    TCP   SERVER:1091           SERVER.domain.local:ldap                   ESTABLISHED
    TCP   SERVER:1167           SERVER.domain.local:ldap                   CLOSE_WAIT
    TCP   SERVER:1228           SERVER.domain.local:1025                   ESTABLISHED
    TCP   SERVER:1284           SERVER.domain.local:ldap                   CLOSE_WAIT
    TCP   SERVER:1391           SERVER.domain.local:1025                   ESTABLISHED
    TCP   SERVER:1450           SERVER.domain.local:1025                   TIME_WAIT
    TCP   SERVER:1505           207.46.248.249:http                       TIME_WAIT
    TCP   SERVER:1506           sa.windows.com:http                       TIME_WAIT
    TCP   SERVER:1509           SERVER.domain.local:epmap                  TIME_WAIT
    TCP   SERVER:1510           SERVER.domain.local:1025                   TIME_WAIT
    TCP   SERVER:1548           SERVER.domain.local:epmap                  TIME_WAIT
    TCP   SERVER:1549           SERVER.domain.local:1025                   TIME_WAIT
    TCP   SERVER:1552           SERVER.domain.local:microsoft-ds           TIME_WAIT
    TCP   SERVER:1554           PLANT_FP01:netbios-ssn                    ESTABLISHED
    TCP   SERVER:1555           SERVER.domain.local:netbios-ssn            TIME_WAIT
    TCP   SERVER:1557           SERVER.domain.local:ldap                   TIME_WAIT
    TCP   SERVER:1559           SERVER.domain.local:ldap                   ESTABLISHED
    TCP   SERVER:1561           SERVER.domain.local:epmap                  TIME_WAIT
    TCP   SERVER:1562           SERVER.domain.local:1025                   TIME_WAIT
    UDP  SERVER:nameserver     *:*                                    
    UDP  SERVER:epmap          *:*                                    
    UDP  SERVER:microsoft-ds   *:*                                    
    UDP  SERVER:isakmp         *:*                                    
    UDP  SERVER:1029           *:*                                    
    UDP  SERVER:1035           *:*                                    
    UDP  SERVER:1037           *:*                                    
    UDP  SERVER:1044           *:*                                    
    UDP  SERVER:1483           *:*                                    
    UDP  SERVER:ipsec-msft     *:*                                    
    UDP  SERVER:domain         *:*                                    
    UDP  SERVER:ntp            *:*                                    
    UDP  SERVER:1030           *:*                                    
    UDP  SERVER:1034           *:*                                    
    UDP  SERVER:1038           *:*                                    
    UDP  SERVER:1046           *:*                                    
    UDP  SERVER:1137           *:*                                    
    UDP  SERVER:1166           *:*                                    
    UDP  SERVER:1225           *:*                                    
    UDP  SERVER:1241           *:*                                    
    UDP  SERVER:1253           *:*                                    
    UDP  SERVER:1431           *:*                                    
    UDP  SERVER:1556           *:*                                    
    UDP  SERVER:1838           *:*                                    
    UDP  SERVER:domain         *:*                                    
    UDP  SERVER:bootps         *:*                                    
    UDP  SERVER:bootpc         *:*                                    
    UDP  SERVER:kerberos       *:*                                    
    UDP  SERVER:ntp            *:*                                    
    UDP  SERVER:netbios-ns     *:*                                    
    UDP  SERVER:netbios-dgm    *:*                                    
    UDP  SERVER:389            *:*                                    
    UDP  SERVER:kpasswd        *:*                                    
    UDP  SERVER:2535           *:*                                    


    IP  Statistics

    Packets Received              =   625,977
    Received Header Errors        =   0
    Received Address Errors       =   130
    Datagrams Forwarded           =   0
    Unknown Protocols Received    =   0
    Received Packets Discarded    =   0
    Received Packets Delivered    =   625,977
    Output Requests               =   322,258
    Routing Discards              =   0
    Discarded Output Packets      =   0
    Output Packet No Route        =   0
    Reassembly  Required          =   0
    Reassembly Successful         =   0
    Reassembly Failures           =   0
    Datagrams successfully fragmented  =   0
    Datagrams failing fragmentation    =   0
    Fragments Created                  =   0
    Forwarding                        =    2
    Default TTL                       =    128
    Reassembly  timeout               =    60


    TCP Statistics

    Active Opens               =    3,100
    Passive Opens              =    7,450
    Failed Connection Attempts =    2
    Reset Connections          =    115
    Current Connections        =    20
    Received Segments          =    301,590
    Segment Sent               =    293,464
    Segment Retransmitted      =    2,225
    Retransmission Timeout Algorithm  =   vanj
    Minimum Retransmission Timeout  = 300
    Maximum Retransmission Timeout  = 120,000
    Maximum Number of Connections   = -1


    UDP Statistics

    Datagrams Received    =   291,352
    No Ports              =   47,536
    Receive Errors        =   0
    Datagrams Sent        =   14,868


    ICMP Statistics

                              Received           Sent
    Messages                    12,674         12,674
    Errors                           0              0
    Destination  Unreachable       984            984
    Time    Exceeded                 0              0
    Parameter Problems               0              0
    Source Quenchs                   0              0
    Redirects                        0              0
    Echos                        5,860          5,860
    Echo Replies                 5,830          5,830
    Timestamps                       0              0
    Timestamp Replies                0              0
    Address Masks                    0              0
    Address Mask Replies             0              0


Bindings test. . . . . . . . . . . : Passed
    Component Name : NDIS Usermode I/O Protocol
    Bind Name: Ndisuio
    Binding Paths:
        Owner of the binding path : NDIS Usermode I/O Protocol
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: ndis5
            Upper Component: NDIS Usermode I/O Protocol
            Lower Component: 3Com 3C905TX-based Ethernet Adapter (Generic)


    Component Name : Point to Point Protocol Over Ethernet
    Bind Name: RasPppoe
    Binding Paths:
        Owner of the binding path : Point to Point Protocol Over Ethernet
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: ndis5
            Upper Component: Point to Point Protocol Over Ethernet
            Lower Component: 3Com 3C905TX-based Ethernet Adapter (Generic)


    Component Name : Point to Point Tunneling Protocol
    Bind Name: mspptp
    Binding Paths:

    Component Name : Layer 2 Tunneling Protocol
    Bind Name: msl2tp
    Binding Paths:

    Component Name : Remote Access NDIS WAN Driver
    Bind Name: NdisWan
    Binding Paths:
        Owner of the binding path : Remote Access NDIS WAN Driver
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: ndiscowan
            Upper Component: Remote Access NDIS WAN Driver
            Lower Component: Direct Parallel

        Owner of the binding path : Remote Access NDIS WAN Driver
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: ndiswan
            Upper Component: Remote Access NDIS WAN Driver
            Lower Component: WAN Miniport (PPPOE)

        Owner of the binding path : Remote Access NDIS WAN Driver
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: ndiswan
            Upper Component: Remote Access NDIS WAN Driver
            Lower Component: WAN Miniport (PPTP)

        Owner of the binding path : Remote Access NDIS WAN Driver
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: ndiscowan
            Upper Component: Remote Access NDIS WAN Driver
            Lower Component: WAN Miniport (L2TP)

        Owner of the binding path : Remote Access NDIS WAN Driver
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: ndiswanasync
            Upper Component: Remote Access NDIS WAN Driver
            Lower Component: RAS Async Adapter


    Component Name : Message-oriented TCP/IP Protocol (SMB session)
    Bind Name: NetbiosSmb
    Binding Paths:

    Component Name : WINS Client(TCP/IP) Protocol
    Bind Name: NetBT
    Binding Paths:
        Owner of the binding path : WINS Client(TCP/IP) Protocol
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: tdi
            Upper Component: WINS Client(TCP/IP) Protocol
            Lower Component: Internet Protocol (TCP/IP)
        -Interface Name: ndis5
            Upper Component: Internet Protocol (TCP/IP)
            Lower Component: 3Com 3C905TX-based Ethernet Adapter (Generic)

        Owner of the binding path : WINS Client(TCP/IP) Protocol
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: tdi
            Upper Component: WINS Client(TCP/IP) Protocol
            Lower Component: Internet Protocol (TCP/IP)
        -Interface Name: ndiswanip
            Upper Component: Internet Protocol (TCP/IP)
            Lower Component: WAN Miniport (IP)


    Component Name : Internet Protocol (TCP/IP)
    Bind Name: Tcpip
    Binding Paths:
        Owner of the binding path : Internet Protocol (TCP/IP)
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: ndis5
            Upper Component: Internet Protocol (TCP/IP)
            Lower Component: 3Com 3C905TX-based Ethernet Adapter (Generic)

        Owner of the binding path : Internet Protocol (TCP/IP)
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: ndiswanip
            Upper Component: Internet Protocol (TCP/IP)
            Lower Component: WAN Miniport (IP)


    Component Name : NWLink SPX/SPXII Protocol
    Bind Name: NwlnkSpx
    Binding Paths:
        Owner of the binding path : NWLink SPX/SPXII Protocol
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: ipx
            Upper Component: NWLink SPX/SPXII Protocol
            Lower Component: NWLink IPX/SPX/NetBIOS Compatible Transport Protocol


    Component Name : NWLink NetBIOS
    Bind Name: NwlnkNb
    Binding Paths:
        Owner of the binding path : NWLink NetBIOS
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: ipx
            Upper Component: NWLink NetBIOS
            Lower Component: NWLink IPX/SPX/NetBIOS Compatible Transport Protocol


    Component Name : NWLink IPX/SPX/NetBIOS Compatible Transport Protocol
    Bind Name: NwlnkIpx
    Binding Paths:
        Owner of the binding path : NWLink IPX/SPX/NetBIOS Compatible Transport Protocol
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: ndis5
            Upper Component: NWLink IPX/SPX/NetBIOS Compatible Transport Protocol
            Lower Component: 3Com 3C905TX-based Ethernet Adapter (Generic)

        Owner of the binding path : NWLink IPX/SPX/NetBIOS Compatible Transport Protocol
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: ndiswanipx
            Upper Component: NWLink IPX/SPX/NetBIOS Compatible Transport Protocol
            Lower Component: WAN Miniport (IPX)


    Component Name : WebClient
    Bind Name: WebClient
    Binding Paths:

    Component Name : Client for Microsoft Networks
    Bind Name: LanmanWorkstation
    Binding Paths:
        Owner of the binding path : Client for Microsoft Networks
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: netbios
            Upper Component: Client for Microsoft Networks
            Lower Component: NWLink NetBIOS

        Owner of the binding path : Client for Microsoft Networks
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: netbios_smb
            Upper Component: Client for Microsoft Networks
            Lower Component: Message-oriented TCP/IP Protocol (SMB session)

        Owner of the binding path : Client for Microsoft Networks
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: netbios
            Upper Component: Client for Microsoft Networks
            Lower Component: WINS Client(TCP/IP) Protocol
        -Interface Name: tdi
            Upper Component: WINS Client(TCP/IP) Protocol
            Lower Component: Internet Protocol (TCP/IP)
        -Interface Name: ndis5
            Upper Component: Internet Protocol (TCP/IP)
            Lower Component: 3Com 3C905TX-based Ethernet Adapter (Generic)

        Owner of the binding path : Client for Microsoft Networks
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: netbios
            Upper Component: Client for Microsoft Networks
            Lower Component: WINS Client(TCP/IP) Protocol
        -Interface Name: tdi
            Upper Component: WINS Client(TCP/IP) Protocol
            Lower Component: Internet Protocol (TCP/IP)
        -Interface Name: ndiswanip
            Upper Component: Internet Protocol (TCP/IP)
            Lower Component: WAN Miniport (IP)


    Component Name : DHCP Server
    Bind Name: DHCPServer
    Binding Paths:

    Component Name : Wireless Configuration
    Bind Name: wzcsvc
    Binding Paths:

    Component Name : Steelhead
    Bind Name: RemoteAccess
    Binding Paths:

    Component Name : Dial-Up Server
    Bind Name: msrassrv
    Binding Paths:

    Component Name : Remote Access Connection Manager
    Bind Name: RasMan
    Binding Paths:

    Component Name : Dial-Up Client
    Bind Name: msrascli
    Binding Paths:

    Component Name : Generic Packet Classifier
    Bind Name: Gpc
    Binding Paths:

    Component Name : Application Layer Gateway
    Bind Name: ALG
    Binding Paths:

    Component Name : File and Printer Sharing for Microsoft Networks
    Bind Name: LanmanServer
    Binding Paths:
        Owner of the binding path : File and Printer Sharing for Microsoft Networks
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: ipx
            Upper Component: File and Printer Sharing for Microsoft Networks
            Lower Component: NWLink IPX/SPX/NetBIOS Compatible Transport Protocol

        Owner of the binding path : File and Printer Sharing for Microsoft Networks
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: netbios
            Upper Component: File and Printer Sharing for Microsoft Networks
            Lower Component: NWLink NetBIOS

        Owner of the binding path : File and Printer Sharing for Microsoft Networks
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: netbios_smb
            Upper Component: File and Printer Sharing for Microsoft Networks
            Lower Component: Message-oriented TCP/IP Protocol (SMB session)

        Owner of the binding path : File and Printer Sharing for Microsoft Networks
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: netbios
            Upper Component: File and Printer Sharing for Microsoft Networks
            Lower Component: WINS Client(TCP/IP) Protocol
        -Interface Name: tdi
            Upper Component: WINS Client(TCP/IP) Protocol
            Lower Component: Internet Protocol (TCP/IP)
        -Interface Name: ndis5
            Upper Component: Internet Protocol (TCP/IP)
            Lower Component: 3Com 3C905TX-based Ethernet Adapter (Generic)

        Owner of the binding path : File and Printer Sharing for Microsoft Networks
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: netbios
            Upper Component: File and Printer Sharing for Microsoft Networks
            Lower Component: WINS Client(TCP/IP) Protocol
        -Interface Name: tdi
            Upper Component: WINS Client(TCP/IP) Protocol
            Lower Component: Internet Protocol (TCP/IP)
        -Interface Name: ndiswanip
            Upper Component: Internet Protocol (TCP/IP)
            Lower Component: WAN Miniport (IP)


    Component Name : NetBIOS Interface
    Bind Name: NetBIOS
    Binding Paths:
        Owner of the binding path : NetBIOS Interface
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: netbios
            Upper Component: NetBIOS Interface
            Lower Component: NWLink NetBIOS

        Owner of the binding path : NetBIOS Interface
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: netbios
            Upper Component: NetBIOS Interface
            Lower Component: WINS Client(TCP/IP) Protocol
        -Interface Name: tdi
            Upper Component: WINS Client(TCP/IP) Protocol
            Lower Component: Internet Protocol (TCP/IP)
        -Interface Name: ndis5
            Upper Component: Internet Protocol (TCP/IP)
            Lower Component: 3Com 3C905TX-based Ethernet Adapter (Generic)

        Owner of the binding path : NetBIOS Interface
        Binding Enabled: Yes
    Interfaces of the binding path:
        -Interface Name: netbios
            Upper Component: NetBIOS Interface
            Lower Component: WINS Client(TCP/IP) Protocol
        -Interface Name: tdi
            Upper Component: WINS Client(TCP/IP) Protocol
            Lower Component: Internet Protocol (TCP/IP)
        -Interface Name: ndiswanip
            Upper Component: Internet Protocol (TCP/IP)
            Lower Component: WAN Miniport (IP)


    Component Name : WAN Miniport (IPX)
    Bind Name: NdisWanIpx
    Binding Paths:

    Component Name : WAN Miniport (IP)
    Bind Name: NdisWanIp
    Binding Paths:

    Component Name : Direct Parallel
    Bind Name: {18CC999F-CB64-477F-93C3-D6CE83DB9621}
    Binding Paths:

    Component Name : WAN Miniport (PPPOE)
    Bind Name: {EAB2C18B-2504-4258-AAB8-58C71352F09E}
    Binding Paths:

    Component Name : WAN Miniport (PPTP)
    Bind Name: {8FF5EB2F-6C26-474F-9DF8-E32DBAE36CE1}
    Binding Paths:

    Component Name : WAN Miniport (L2TP)
    Bind Name: {49F8D5C5-8834-4F48-AF08-19BB7E8B8362}
    Binding Paths:

    Component Name : RAS Async Adapter
    Bind Name: {70B0C94B-0BFE-470A-8698-EFF9E17B73DF}
    Binding Paths:

    Component Name : 3Com 3C905TX-based Ethernet Adapter (Generic)
    Bind Name: {D5DAF071-9DC9-4DE3-A996-F0CFD6F5F9C2}
    Binding Paths:



WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed


Netware configuration
    You are not logged in to your preferred server .
    Netware User Name. . . . . . . :
    Netware Server Name. . . . . . :
    Netware Tree Name. . . . . . . :
    Netware Workstation Context. . :

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully
____________________________END OF NETDIAG _______________________________________


Those are those two logs...

Now I have copied out the info from the other controller when trying to add it as a DC.  What I am trying to do is go to server manager and add the role of DC to this machine (this is the new hardware we bought as mentioned).  I choose another DC in an existing DOmain from the choice.  THen It wants credentials.  I put in the credentials but I get the error.   Here is what that log says.  I KNOW the DC is on and working so I don't believe its missing its records and i KNOW its not off.  I can ping it from that machine.  

First one is when using our NEW FQDN   domain.local as the domain

DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain domain.local:

The query was for the SRV record for _ldap._tcp.dc._msdcs.domain.local

The following domain controllers were identified by the query:

server.domain.local

Common causes of this error include:

- Host (A) records that map the name of the domain controller to its IP addresses are missing or contain incorrect addresses.

- Domain controllers registered in DNS are not connected to the network or are not running.

For information about correcting this problem, click Help.


___________________________________________________________

THis one is using out old NETBIOS domain name.  I just wanted to try it and see if it would work.  it didn't but it did give me different errors.

The domain name DOMAIN might be a NetBIOS domain name.  If this is the case, verify that the domain name is properly registered with WINS.

If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain CBS:

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.DOMAIN
Common causes of this error include the following:

- The DNS SRV records required to locate a domain controller for the domain are not registered in DNS. These records are registered with a DNS server automatically when a domain controller is added to a domain. They are updated by the domain controller at set intervals. This computer is configured to use DNS servers with following IP addresses:

192.168.20.9

- One or more of the following zones do not include delegation to its child zone:

DOMAIN
. (the root zone)

For information about correcting this problem, click Help.
____________________________________________END__________________________________

DO I need to add records in the DNS for the NETBIOS names as well?  I assumed it should just work with the new scheme of domain.local.???

Finally here are a few events I did fine in the logs.  These happened right after or during the upgrade.  I don't know if they are of any use or not.  I have not gotten any of these events since and the logs are clean after this basically.

Event logs

System
Warning 1056  
warning 2504
Warning 5781

Application

Warning 5603
Warning 53258

I sure hope maybe something in here sticks out at you!  Only item I saw was the WINS on the nic.  

Thanks for your help

0
 
LVL 51

Expert Comment

by:Netman66
Comment Utility
First of all, in the domain.local zone there should be an (A) record for the server - simply "server" with the right IP.
Next, there should be an SOA record with your FQDN of server.domain.local.
Next, there should be a (same as parent) record with server.domain.local.

As far as the rest of the log it's clean.

Now, those errors in System and Application - could you resend with the Source beside them?

0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 51

Expert Comment

by:Netman66
Comment Utility
Try this for the Application 53258 error - this may correct other errors too.

http://support.microsoft.com/default.aspx?scid=kb;en-us;923977

0
 

Author Comment

by:rox5488
Comment Utility
Hi Netman

In regard to the records info.  All those records are currently there and do exist.  I checked again to make sure.  none of those were ever missing to my knowledge.  

on the second item.  I tried the microsoft fix but according to their article that really doesn't matter that you get that error anyway?

the other errors.

5603  source winmgmt

System

1056  source DHCPSERVER
This one is telling me DHCP knows it is running on the DC but has no credentials configured to use with dynamic DNS registrations initiated by the DHCP service.

interesting?
2504 source server

the server could not bind to the transport \device\Nwlnklpx

5781 source  NETLOGON

THis is in regard to dynamic registration or deletions of DNS zones

It looks like something did not register correctly dynamically and it is talking about computers not being able to find it as the DC.

Maybe this one is it.  I have to run now but will post more on this tomorrow  or maybe later here if you need it?  full text from the message.  I will do that tomorrow AM first thing if it is helpful?

let me know.

Thanks




0
 

Author Comment

by:rox5488
Comment Utility
Here it is!  figured I would do it now quickly.  There are 3 with different text

Event Type:      Warning
Event Source:      NETLOGON
Event Category:      None
Event ID:      5781
Date:            11/24/2006
Time:            2:58:34 PM
User:            N/A
Computer:      SERVER

Description:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.domain.local.' failed.  These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).  

Possible causes of failure include:  
- TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers
- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration  

USER ACTION  
Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt or by restarting Net Logon service. Nltest.exe is available in the Microsoft Windows Server Resource Kit CD.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 000005b4


Event Type:      Warning
Event Source:      NETLOGON
Event Category:      None
Event ID:      5781
Date:            11/24/2006
Time:            2:58:34 PM
User:            N/A
Computer:      SERVER
Description:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'DomainDnsZones.domain.local.' failed.  These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).  

Possible causes of failure include:  
- TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers
- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration  

USER ACTION  
Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt or by restarting Net Logon service. Nltest.exe is available in the Microsoft Windows Server Resource Kit CD.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 000005b4



Event Type:      Warning
Event Source:      NETLOGON
Event Category:      None
Event ID:      5781
Date:            11/24/2006
Time:            2:58:22 PM
User:            N/A
Computer:      SERVER
Description:
Dynamic registration or deletion of one or more DNS records associated with DNS domain 'domain.local.' failed.  These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).  

Possible causes of failure include:  
- TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers
- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration  

USER ACTION  
Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt or by restarting Net Logon service. Nltest.exe is available in the Microsoft Windows Server Resource Kit CD.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 000005b4
0
 
LVL 51

Expert Comment

by:Netman66
Comment Utility
the server could not bind to the transport \device\Nwlnklpx

Did you ever have IPX loaded?  Are you interop'ing with Netware?  If not, remove IPX.

DHCP issue - expand the server then right click the server in DHCP management, select Properties, on the Advanced tab select Credentials and re-enter the Administrator's password.

Once all that is done, try running dcdiag /fix and netdiag /fix - post any errors.

0
 

Author Comment

by:rox5488
Comment Utility
no IPX.  I will have to disable that.  Not sure why its there.  No netware only MS stuff.

I will try the DHCP tomorrow and see what it says.  I'll post the results.
0
 

Author Comment

by:rox5488
Comment Utility
I disabled IPX and also fixed the DHCP issue.  I now have credentials.

At this point I have no errors in any event log on the server.  I ran the DCdiag and Netdiag / fix and found no errors.  I can post them if you like?  Please advise.

I also did ipconfig/registerdns on the NEW hardware that I wish to make a DC.  it showed up with the correct DNS records (or at least the Server and IP A record) in the DNS server as I believe it should.

I still receive the same error as I did when this all started.

I don't even understand this.  It finds the correct info... the server is ON.  the A records are there.

Any more ideas to try?  I almost think it is SOMETHING security related but I have been checking everything.

OF NOTE:  I never get the "browse"  button to work on the credentials screen.  So its almost like it can't see the Active directory to allow me to browse and choose a user to enter.  Is there something on AD I would need to open up to allow that to work?  


DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain domain.local:

The query was for the SRV record for _ldap._tcp.dc._msdcs.domain.local

The following domain controllers were identified by the query:

server.domain.local

Common causes of this error include:

- Host (A) records that map the name of the domain controller to its IP addresses are missing or contain incorrect addresses.

- Domain controllers registered in DNS are not connected to the network or are not running.

For information about correcting this problem, click Help.
0
 

Author Comment

by:rox5488
Comment Utility
netman
First off thanks for all your help.  I figured out the problem today.  It was the fact that I still had the NT4Emulator registry setting on the DC.  so it still was using our old netbios name.  otherwise things seem OK

I have used DCPROMO on the new hardware now and it worked.  Now I just have to transfer the roles and DHCP, WINS, and DNS to that machine as well.

Any tips I should know about doing that or is it fairly straight foward?

I plan to give you all the points anyway!  Thanks again.
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 500 total points
Comment Utility
Simply adding DNS should populate it from the main server if it's set to AD Integrated.
DHCP can be setup fresh unless you have a bunch of Reservations - if so, use this article:

<http://technet2.microsoft.com/WindowsServer/en/library/4207a8c1-2788-4be8-b9f8-ce28501a24571033.mspx?mfr=true>

WINS - simply make it a peer with the upstream partner and wait for sync.



0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now