Solved

DNS -

Posted on 2007-04-09
11
1,136 Views
Last Modified: 2010-08-05
Hi,

I have strange problem with the DNS server, when I run netdiag I get the following output (please see DNS Test result):
.....................................

    Computer Name: DCJCC01
    DNS Host Name: dcjcc01.JCC.com
    System info : Microsoft Windows Server 2003 (Build 3790)
    Processor : EM64T Family 6 Model 15 Stepping 6, GenuineIntel
    List of installed hotfixes :
        Q147222


Netcard queries test . . . . . . . : Passed
    [WARNING] The net card 'Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client
) #2' may not be working.



Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : dcjcc01.jcc.com
        IP Address . . . . . . . . : 100.100.100.10
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 100.100.100.3
        Dns Servers. . . . . . . . : 100.100.100.10


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Failed
            No gateway reachable for this adapter.

        NetBT name test. . . . . . : Passed
            No names have been found.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.

    Adapter : Local Area Connection 2

        Netcard queries test . . . : Failed
        NetCard Status:          DISCONNECTED
            Some tests will be skipped on this interface.

        Host Name. . . . . . . . . : dcjcc01
        Autoconfiguration IP Address : 169.254.34.19
        Subnet Mask. . . . . . . . : 255.255.0.0
        Default Gateway. . . . . . :
        Dns Servers. . . . . . . . :



Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{5142D983-967B-4860-A1D8-361E57E22DC1}
        NetBT_Tcpip_{95C4FA46-1184-417D-949F-63FA4BEFFF60}
    2 NetBt transports currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Failed

    [FATAL] NO GATEWAYS ARE REACHABLE.
    You have no connectivity to other network segments.
    If you configured the IP protocol manually then
    you need to add at least one valid gateway.


NetBT name test. . . . . . . . . . : Passed
    [WARNING] You don't have a single interface with the <00> 'WorkStation Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
          [WARNING] Cannot find a primary authoritative DNS server for the name
            'dcjcc01.JCC.com.'. [ERROR_TIMEOUT]
            The name 'dcjcc01.JCC.com.' may not be registered in DNS.
    [FATAL] Could not open file C:\WINDOWS\system32\config\netlogon.dns for read
ing.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Failed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{5142D983-967B-4860-A1D8-361E57E22DC1}
        NetBT_Tcpip_{95C4FA46-1184-417D-949F-63FA4BEFFF60}
    The redir is bound to 2 NetBt transports.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{5142D983-967B-4860-A1D8-361E57E22DC1}
        NetBT_Tcpip_{95C4FA46-1184-417D-949F-63FA4BEFFF60}
    The browser is bound to 2 NetBt transports.
    [FATAL] Cannot send mailslot message to 'JCC*' via browser. [ERROR_INVALID_F
UNCTION]


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Failed
    [FATAL] Cannot lookup package Kerberos.
    The error occurred was: (null)


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


                                                                              &#1536;&#1114;&#4096;



Note that there is no external ISP DNS server configured in the Local Connections for any client nor for the server, and the DNS server is only list that under the forwarders.
Also, the DNS is allowing secure Dynamic update...

      [WARNING] Cannot find a primary authoritative DNS server for the name
            'dcjcc01.JCC.com.'. [ERROR_TIMEOUT]
            The name 'dcjcc01.JCC.com.' may not be registered in DNS.
    [FATAL] Could not open file C:\WINDOWS\system32\config\netlogon.dns for read
ing.
    [FATAL] No DNS servers have the DNS records for this DC registered.


What does it mean could not open file ... etc!
Your help is much appreciated.
Rami
0
Comment
Question by:nammari
  • 6
  • 5
11 Comments
 
LVL 38

Expert Comment

by:Hypercat (Deb)
Comment Utility
I think the problem you're having is not directly DNS related.  I believe it's related to the fact that you have two NICs in your system.  One of the NICs is disconnected but not disabled.  I'm pretty sure that if you disable that second NIC and reboot your system, your problem will disappear.
0
 

Author Comment

by:nammari
Comment Utility
Still the same issue.
I transfered all the Operation Master Privs. to the second DC, and started a fresh install of AD and DNS, but still the same issue.
If I run netdiag on the other DC all the results are marked as "Pass", and there are no problems!
I am not sure what is the problem. Please help.

I have a fee;ing that this has to do with the permissions, since the error message indicates that the file cannot be opened.

Please help,
Rami
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
Comment Utility
Did you disable the second NIC in DCJCC01 as I suggested?  You have a routing problem here that you have not addressed - note that your server cannot reach its default gateway on adapter #1.  The reason for the file opening error message is not permissions, it's because the netdiag process cannot find a DNS server - even itself.  The key message here is:

[WARNING] Cannot find a primary authoritative DNS server for the name
            'dcjcc01.JCC.com.'. [ERROR_TIMEOUT]

That is because the second adapter has an automatically assigned IP address and it is creating problems in your routing table.  You must disable this NIC completely to get rid of the routing issues before you can determine whether there is actually a DNS problem here or not, which I doubt.
0
 

Author Comment

by:nammari
Comment Utility
I did disable the network adaptor as suggested, and still the same problem.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
Comment Utility
OK.  Check the bindings to be sure that the active NIC is first in the binding order.  If there's anything else listed under Adapters and Bindings, except [Remote Access connections], disable whatever it is.  Are you using AD-integrated DNS?  Do you see a DNS record for this server on your other DC?  If so, what records are shown - host, nameserver, SOA?  Do you see any DNS records on this DC? Please also rerun netdiag on that server and repost the results.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 38

Expert Comment

by:Hypercat (Deb)
Comment Utility
Also, do you have any network connectivity from or to this server at all?  Can you ping and/or browse other servers and/or clients on the network and can they ping/browse this server?
0
 

Author Comment

by:nammari
Comment Utility
i am now out of the office, iwill check the binding tomorrow. The server have access to the internal and external network. Yes, this is the primary domain controller, and all the AD functionalties are working fine.
0
 

Author Comment

by:nammari
Comment Utility
The first network card is the first in the binding list, and the other NIC is disabled.

Below is the result of netdiag

......................................

    Computer Name: DCJCC01
    DNS Host Name: dcjcc01.JCC.com
    System info : Microsoft Windows Server 2003 (Build 3790)
    Processor : EM64T Family 6 Model 15 Stepping 6, GenuineIntel
    List of installed hotfixes :
        Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : dcjcc01
        IP Address . . . . . . . . : 100.100.100.10
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 100.100.100.3
        Dns Servers. . . . . . . . : 100.100.100.10
                                     100.100.100.11


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Failed
            No gateway reachable for this adapter.

        NetBT name test. . . . . . : Passed
            No names have been found.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{5142D983-967B-4860-A1D8-361E57E22DC1}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Failed

    [FATAL] NO GATEWAYS ARE REACHABLE.
    You have no connectivity to other network segments.
    If you configured the IP protocol manually then
    you need to add at least one valid gateway.


NetBT name test. . . . . . . . . . : Passed
    [WARNING] You don't have a single interface with the <00> 'WorkStation Serv
ce', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
    [FATAL] Could not open file C:\WINDOWS\system32\config\netlogon.dns for rea
ing.
    [FATAL] Could not open file C:\WINDOWS\system32\config\netlogon.dns for rea
ing.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Failed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{5142D983-967B-4860-A1D8-361E57E22DC1}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{5142D983-967B-4860-A1D8-361E57E22DC1}
    The browser is bound to 1 NetBt transport.
    [FATAL] Cannot send mailslot message to 'JCC*' via browser. [ERROR_INVALID_
UNCTION]


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Passed
    Secure channel for domain 'JCC' is to '\\dcjcc02.JCC.com'.


Kerberos test. . . . . . . . . . . : Failed
    [FATAL] Cannot lookup package Kerberos.
    The error occurred was: (null)


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully








Also, here is the result of dcdiag /d

Command Line: "dcdiag.exe /d"

Domain Controller Diagnosis

Performing initial setup:
   * Verifying that the local machine dcjcc01, is a DC.
   * Connecting to directory service on server dcjcc01.
   dcjcc01.currentTime = 20070411061615.0Z
   dcjcc01.highestCommittedUSN = 14581
   dcjcc01.isSynchronized = 1
   dcjcc01.isGlobalCatalogReady = 0
   * Collecting site info.
   * Identifying all servers.
   DCJCC01.currentTime = 20070411061615.0Z
   DCJCC01.highestCommittedUSN = 14581
   DCJCC01.isSynchronized = 1
   DCJCC01.isGlobalCatalogReady = 0
   * Identifying all NC cross-refs.
   * Found 2 DC(s). Testing 1 of them.
   Done gathering initial info.


===============================================Printing out pDsInfo

GLOBAL:
      ulNumServers=2
      pszRootDomain=JCC.com
      pszNC=
      pszRootDomainFQDN=DC=JCC,DC=com
      pszConfigNc=CN=Configuration,DC=JCC,DC=com
      pszPartitionsDn=CN=Partitions,CN=Configuration,DC=JCC,DC=com
      iSiteOptions=0
      dwTombstoneLifeTimeDays=60

      dwForestBehaviorVersion=0

      HomeServer=1, DCJCC01

      SERVER: pServer[0].pszName=DCJCC02
            pServer[0].pszGuidDNSName=a8a6f803-87c0-458a-9bcd-b88d807dda28._msdcs.JCC.com
            pServer[0].pszDNSName=dcjcc02.JCC.com
            pServer[0].pszDn=CN=NTDS Settings,CN=DCJCC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=JCC,DC=com
            pServer[0].pszComputerAccountDn=CN=DCJCC02,OU=Domain Controllers,DC=JCC,DC=com
            pServer[0].uuidObjectGuid=a8a6f803-87c0-458a-9bcd-b88d807dda28
            pServer[0].uuidInvocationId=48b416fb-fa9b-4acd-9cc3-b3d6b06e0099
            pServer[0].iSite=0 (Default-First-Site-Name)
            pServer[0].iOptions=1
            pServer[0].ftLocalAcquireTime=00000000 00000000

            pServer[0].ftRemoteConnectTime=00000000 00000000

            pServer[0].ppszMasterNCs:
                  ppszMasterNCs[0]=DC=DomainDnsZones,DC=JCC,DC=com
                  ppszMasterNCs[1]=DC=ForestDnsZones,DC=JCC,DC=com
                  ppszMasterNCs[2]=CN=Schema,CN=Configuration,DC=JCC,DC=com
                  ppszMasterNCs[3]=CN=Configuration,DC=JCC,DC=com
                  ppszMasterNCs[4]=DC=JCC,DC=com

      SERVER: pServer[1].pszName=DCJCC01
            pServer[1].pszGuidDNSName=59cd1106-cb95-40fa-957f-ecfb578bd5b8._msdcs.JCC.com
            pServer[1].pszDNSName=dcjcc01.JCC.com
            pServer[1].pszDn=CN=NTDS Settings,CN=DCJCC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=JCC,DC=com
            pServer[1].pszComputerAccountDn=CN=DCJCC01,OU=Domain Controllers,DC=JCC,DC=com
            pServer[1].uuidObjectGuid=59cd1106-cb95-40fa-957f-ecfb578bd5b8
            pServer[1].uuidInvocationId=b20c4c4e-58b8-40e4-a9c1-5f3a02ff1142
            pServer[1].iSite=0 (Default-First-Site-Name)
            pServer[1].iOptions=0
            pServer[1].ftLocalAcquireTime=e8c0eb70 01c77c00

            pServer[1].ftRemoteConnectTime=e8bea180 01c77c00

            pServer[1].ppszMasterNCs:
                  ppszMasterNCs[0]=DC=DomainDnsZones,DC=JCC,DC=com
                  ppszMasterNCs[1]=DC=ForestDnsZones,DC=JCC,DC=com
                  ppszMasterNCs[2]=CN=Schema,CN=Configuration,DC=JCC,DC=com
                  ppszMasterNCs[3]=CN=Configuration,DC=JCC,DC=com
                  ppszMasterNCs[4]=DC=JCC,DC=com

      SITES:  pSites[0].pszName=Default-First-Site-Name
            pSites[0].pszSiteSettings=CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=JCC,DC=com
            pSites[0].pszISTG=CN=NTDS Settings,CN=DCJCC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=JCC,DC=com
            pSites[0].iSiteOption=0

            pSites[0].cServers=2

      NC:     pNCs[0].pszName=DomainDnsZones
            pNCs[0].pszDn=DC=DomainDnsZones,DC=JCC,DC=com

                  pNCs[0].aCrInfo[0].dwFlags=0x00000201
                  pNCs[0].aCrInfo[0].pszDn=CN=ada5741a-2f91-440d-8b48-171f1ea433dd,CN=Partitions,CN=Configuration,DC=JCC,DC=com
                  pNCs[0].aCrInfo[0].pszDnsRoot=DomainDnsZones.JCC.com
                  pNCs[0].aCrInfo[0].iSourceServer=1
                  pNCs[0].aCrInfo[0].pszSourceServer=(null)
                  pNCs[0].aCrInfo[0].ulSystemFlags=0x00000005
                  pNCs[0].aCrInfo[0].bEnabled=TRUE
                  pNCs[0].aCrInfo[0].ftWhenCreated=00000000 00000000                   pNCs[0].aCrInfo[0].pszSDReferenceDomain=(null)
                  pNCs[0].aCrInfo[0].pszNetBiosName=(null)
                  pNCs[0].aCrInfo[0].cReplicas=-1
                  pNCs[0].aCrInfo[0].aszReplicas=


      NC:     pNCs[1].pszName=ForestDnsZones
            pNCs[1].pszDn=DC=ForestDnsZones,DC=JCC,DC=com

                  pNCs[1].aCrInfo[0].dwFlags=0x00000201
                  pNCs[1].aCrInfo[0].pszDn=CN=8d1c2462-06ef-4563-8abf-10af8e0521fc,CN=Partitions,CN=Configuration,DC=JCC,DC=com
                  pNCs[1].aCrInfo[0].pszDnsRoot=ForestDnsZones.JCC.com
                  pNCs[1].aCrInfo[0].iSourceServer=1
                  pNCs[1].aCrInfo[0].pszSourceServer=(null)
                  pNCs[1].aCrInfo[0].ulSystemFlags=0x00000005
                  pNCs[1].aCrInfo[0].bEnabled=TRUE
                  pNCs[1].aCrInfo[0].ftWhenCreated=00000000 00000000                   pNCs[1].aCrInfo[0].pszSDReferenceDomain=(null)
                  pNCs[1].aCrInfo[0].pszNetBiosName=(null)
                  pNCs[1].aCrInfo[0].cReplicas=-1
                  pNCs[1].aCrInfo[0].aszReplicas=


      NC:     pNCs[2].pszName=Schema
            pNCs[2].pszDn=CN=Schema,CN=Configuration,DC=JCC,DC=com

                  pNCs[2].aCrInfo[0].dwFlags=0x00000201
                  pNCs[2].aCrInfo[0].pszDn=CN=Enterprise Schema,CN=Partitions,CN=Configuration,DC=JCC,DC=com
                  pNCs[2].aCrInfo[0].pszDnsRoot=JCC.com
                  pNCs[2].aCrInfo[0].iSourceServer=1
                  pNCs[2].aCrInfo[0].pszSourceServer=(null)
                  pNCs[2].aCrInfo[0].ulSystemFlags=0x00000001
                  pNCs[2].aCrInfo[0].bEnabled=TRUE
                  pNCs[2].aCrInfo[0].ftWhenCreated=00000000 00000000                   pNCs[2].aCrInfo[0].pszSDReferenceDomain=(null)
                  pNCs[2].aCrInfo[0].pszNetBiosName=(null)
                  pNCs[2].aCrInfo[0].cReplicas=-1
                  pNCs[2].aCrInfo[0].aszReplicas=


      NC:     pNCs[3].pszName=Configuration
            pNCs[3].pszDn=CN=Configuration,DC=JCC,DC=com

                  pNCs[3].aCrInfo[0].dwFlags=0x00000201
                  pNCs[3].aCrInfo[0].pszDn=CN=Enterprise Configuration,CN=Partitions,CN=Configuration,DC=JCC,DC=com
                  pNCs[3].aCrInfo[0].pszDnsRoot=JCC.com
                  pNCs[3].aCrInfo[0].iSourceServer=1
                  pNCs[3].aCrInfo[0].pszSourceServer=(null)
                  pNCs[3].aCrInfo[0].ulSystemFlags=0x00000001
                  pNCs[3].aCrInfo[0].bEnabled=TRUE
                  pNCs[3].aCrInfo[0].ftWhenCreated=00000000 00000000                   pNCs[3].aCrInfo[0].pszSDReferenceDomain=(null)
                  pNCs[3].aCrInfo[0].pszNetBiosName=(null)
                  pNCs[3].aCrInfo[0].cReplicas=-1
                  pNCs[3].aCrInfo[0].aszReplicas=


      NC:     pNCs[4].pszName=JCC
            pNCs[4].pszDn=DC=JCC,DC=com

                  pNCs[4].aCrInfo[0].dwFlags=0x00000201
                  pNCs[4].aCrInfo[0].pszDn=CN=JCC,CN=Partitions,CN=Configuration,DC=JCC,DC=com
                  pNCs[4].aCrInfo[0].pszDnsRoot=JCC.com
                  pNCs[4].aCrInfo[0].iSourceServer=1
                  pNCs[4].aCrInfo[0].pszSourceServer=(null)
                  pNCs[4].aCrInfo[0].ulSystemFlags=0x00000003
                  pNCs[4].aCrInfo[0].bEnabled=TRUE
                  pNCs[4].aCrInfo[0].ftWhenCreated=00000000 00000000                   pNCs[4].aCrInfo[0].pszSDReferenceDomain=(null)
                  pNCs[4].aCrInfo[0].pszNetBiosName=(null)
                  pNCs[4].aCrInfo[0].cReplicas=-1
                  pNCs[4].aCrInfo[0].aszReplicas=


      5 NC TARGETS: DomainDnsZones, ForestDnsZones, Schema, Configuration, JCC,
      1 TARGETS: DCJCC01,

=============================================Done Printing pDsInfo

Doing initial required tests
   
   Testing server: Default-First-Site-Name\DCJCC01
      Starting test: Connectivity
         * Active Directory LDAP Services Check
         Failure Analysis: DCJCC01 ... OK.
         * Active Directory RPC Services Check
         ......................... DCJCC01 passed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site-Name\DCJCC01
      Starting test: Replications
         * Replications Check
         DC=DomainDnsZones,DC=JCC,DC=com has 3 cursors.
         DC=ForestDnsZones,DC=JCC,DC=com has 3 cursors.
         CN=Schema,CN=Configuration,DC=JCC,DC=com has 3 cursors.
         CN=Configuration,DC=JCC,DC=com has 3 cursors.
         DC=JCC,DC=com has 3 cursors.
         * Replication Latency Check
            DC=DomainDnsZones,DC=JCC,DC=com
               Latency information for 1 entries in the vector were ignored.
                  1 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC).  
            DC=ForestDnsZones,DC=JCC,DC=com
               Latency information for 1 entries in the vector were ignored.
                  1 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC).  
            CN=Schema,CN=Configuration,DC=JCC,DC=com
               Latency information for 1 entries in the vector were ignored.
                  1 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC).  
            CN=Configuration,DC=JCC,DC=com
               Latency information for 1 entries in the vector were ignored.
                  1 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC).  
            DC=JCC,DC=com
               Latency information for 1 entries in the vector were ignored.
                  1 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC).  
         * Replication Site Latency Check
         Site Settings = CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=JCC,DC=com
         [0x904de,v=616,t=2007-04-11 08:32:14,g=48b416fb-fa9b-4acd-9cc3-b3d6b06e0099,orig=45323,local=14521]
         Elapsed time (sec) = 2641
         ......................... DCJCC01 passed test Replications
      Test omitted by user request: Topology
      Test omitted by user request: CutoffServers
      Starting test: NCSecDesc
         * Security Permissions check for all NC's on DC DCJCC01.
         * Security Permissions Check for
           DC=DomainDnsZones,DC=JCC,DC=com
            (NDNC,Version 2)
         * Security Permissions Check for
           DC=ForestDnsZones,DC=JCC,DC=com
            (NDNC,Version 2)
         * Security Permissions Check for
           CN=Schema,CN=Configuration,DC=JCC,DC=com
            (Schema,Version 2)
         * Security Permissions Check for
           CN=Configuration,DC=JCC,DC=com
            (Configuration,Version 2)
         * Security Permissions Check for
           DC=JCC,DC=com
            (Domain,Version 2)
         ......................... DCJCC01 passed test NCSecDesc
      Starting test: NetLogons
         * Network Logons Privileges Check
         Verified share \\DCJCC01\netlogon
         Verified share \\DCJCC01\sysvol
         ......................... DCJCC01 passed test NetLogons
      Starting test: Advertising
         The DC DCJCC01 is advertising itself as a DC and having a DS.
         The DC DCJCC01 is advertising as an LDAP server
         The DC DCJCC01 is advertising as having a writeable directory
         The DC DCJCC01 is advertising as a Key Distribution Center
         The DC DCJCC01 is advertising as a time server
         ......................... DCJCC01 passed test Advertising
      Starting test: KnowsOfRoleHolders
         Role Schema Owner = CN=NTDS Settings,CN=DCJCC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=JCC,DC=com
         DCJCC02.currentTime = 20070411061615.0Z
         DCJCC02.highestCommittedUSN = 45365
         DCJCC02.isSynchronized = 1
         DCJCC02.isGlobalCatalogReady = 1
         Role Domain Owner = CN=NTDS Settings,CN=DCJCC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=JCC,DC=com
         Role PDC Owner = CN=NTDS Settings,CN=DCJCC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=JCC,DC=com
         Role Rid Owner = CN=NTDS Settings,CN=DCJCC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=JCC,DC=com
         Role Infrastructure Update Owner = CN=NTDS Settings,CN=DCJCC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=JCC,DC=com
         ......................... DCJCC01 passed test KnowsOfRoleHolders
      Starting test: RidManager
         ridManagerReference = CN=RID Manager$,CN=System,DC=JCC,DC=com
         * Available RID Pool for the Domain is 2603 to 1073741823
         fSMORoleOwner = CN=NTDS Settings,CN=DCJCC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=JCC,DC=com
         * dcjcc01.JCC.com is the RID Master
         * DsBind with RID Master was successful
         rIDSetReferences = CN=RID Set,CN=DCJCC01,OU=Domain Controllers,DC=JCC,DC=com
         * rIDAllocationPool is 2103 to 2602
         * rIDPreviousAllocationPool is 2103 to 2602
         * rIDNextRID: 2104
         ......................... DCJCC01 passed test RidManager
      Starting test: MachineAccount
         Checking machine account for DC DCJCC01 on DC DCJCC01.
         * SPN found :LDAP/dcjcc01.JCC.com/JCC.com
         * SPN found :LDAP/dcjcc01.JCC.com
         * SPN found :LDAP/DCJCC01
         * SPN found :LDAP/dcjcc01.JCC.com/JCC
         * SPN found :LDAP/59cd1106-cb95-40fa-957f-ecfb578bd5b8._msdcs.JCC.com
         * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/59cd1106-cb95-40fa-957f-ecfb578bd5b8/JCC.com
         * SPN found :HOST/dcjcc01.JCC.com/JCC.com
         * SPN found :HOST/dcjcc01.JCC.com
         * SPN found :HOST/DCJCC01
         * SPN found :HOST/dcjcc01.JCC.com/JCC
         * SPN found :GC/dcjcc01.JCC.com/JCC.com
         ......................... DCJCC01 passed test MachineAccount
      Starting test: Services
         * Checking Service: Dnscache
         * Checking Service: NtFrs
         * Checking Service: IsmServ
         * Checking Service: kdc
         * Checking Service: SamSs
         * Checking Service: LanmanServer
         * Checking Service: LanmanWorkstation
         * Checking Service: RpcSs
         * Checking Service: w32time
         * Checking Service: NETLOGON
         ......................... DCJCC01 passed test Services
      Test omitted by user request: OutboundSecureChannels
      Starting test: ObjectsReplicated
         DCJCC01 is in domain DC=JCC,DC=com
         Checking for CN=DCJCC01,OU=Domain Controllers,DC=JCC,DC=com in domain DC=JCC,DC=com on 1 servers
            Object is up-to-date on all servers.
         Checking for CN=NTDS Settings,CN=DCJCC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=JCC,DC=com in domain CN=Configuration,DC=JCC,DC=com on 1 servers
            Object is up-to-date on all servers.
         ......................... DCJCC01 passed test ObjectsReplicated
      Starting test: frssysvol
         * The File Replication Service SYSVOL ready test
         File Replication Service's SYSVOL is ready
         ......................... DCJCC01 passed test frssysvol
      Starting test: frsevent
         * The File Replication Service Event log test
         ......................... DCJCC01 passed test frsevent
      Starting test: kccevent
         * The KCC Event log test
         Found no KCC errors in Directory Service Event log in the last 15 minutes.
         ......................... DCJCC01 passed test kccevent
      Starting test: systemlog
         * The System Event log test
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 04/11/2007   08:51:49
            (Event String could not be retrieved)
         ......................... DCJCC01 failed test systemlog
      Test omitted by user request: VerifyReplicas
      Starting test: VerifyReferences
         The system object reference (serverReference)          CN=DCJCC01,OU=Domain Controllers,DC=JCC,DC=com and backlink on          CN=DCJCC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=JCC,DC=com          are correct.
         The system object reference (frsComputerReferenceBL)          CN=DCJCC01,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=JCC,DC=com          and backlink on CN=DCJCC01,OU=Domain Controllers,DC=JCC,DC=com are          correct.
         The system object reference (serverReferenceBL)          CN=DCJCC01,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=JCC,DC=com          and backlink on          CN=NTDS Settings,CN=DCJCC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=JCC,DC=com          are correct.
         ......................... DCJCC01 passed test VerifyReferences
      Test omitted by user request: VerifyEnterpriseReferences
      Test omitted by user request: CheckSecurityError
   
   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
   
   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
   
   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
   
   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
   
   Running partition tests on : JCC
      Starting test: CrossRefValidation
         ......................... JCC passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... JCC passed test CheckSDRefDom
   
   Running enterprise tests on : JCC.com
      Starting test: Intersite
         Skipping site Default-First-Site-Name, this site is outside the scope          provided by the command line arguments provided.
         ......................... JCC.com passed test Intersite
      Starting test: FsmoCheck
         GC Name: \\dcjcc02.JCC.com
         Locator Flags: 0xe00001fd
         PDC Name: \\dcjcc02.JCC.com
         Locator Flags: 0xe00001fd
         Time Server Name: \\dcjcc01.JCC.com
         Locator Flags: 0xe00001f8
         Preferred Time Server Name: \\dcjcc01.JCC.com
         Locator Flags: 0xe00001f8
         KDC Name: \\dcjcc01.JCC.com
         Locator Flags: 0xe00001f8
         ......................... JCC.com passed test FsmoCheck
      Test omitted by user request: DNS
      Test omitted by user request: DNS






On the DNS servers, both DCs are replicating as normal, and I can see all the recoreds on both servers... Also, I can resolve the names on the DNS servers...
When I type nslookup from any workstation it replies back to me as normal

C:\Documents and Settings\admin>nslookup www.experts-exchange.com
Server:  dcjcc01.jcc.com
Address:  100.100.100.10

Non-authoritative answer:
Name:    experts-exchange.com
Address:  64.156.132.140
Aliases:  www.experts-exchange.com


I am not sure if this error is a harmful one or not, since all the services are working fine!!!

0
 

Author Comment

by:nammari
Comment Utility
Any update guys?
0
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 500 total points
Comment Utility
Well if everything appears to be working properly, it's odd that the test would be unable to open that file.  Check that the netlogon.dns file is there.  Is this an AD-integrated zone?  Check to be sure that zone replication is set to "All DNS servers in the Active Directory domain."
0
 

Author Comment

by:nammari
Comment Utility
The netlogon.dns is there, and all the settings you mentioned are set correctly. I spent two days on this issue, since everything is working fine so I will leave it for now.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
Resolve DNS query failed errors for Exchange
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now