LaserSpot
asked on
[FATAL] No DNS servers have the DNS records for this DC registered.
I have a DC running 64-bit Windows 2003. I ran NETDIAG from 32-bit support tools and got these messages:
DNS test . . . . . . . . . . . . . : Failed
[FATAL] Could not open file C:\WINDOWS\system32\config
ing.
[FATAL] No DNS servers have the DNS records for this DC registered.
Redir and Browser test . . . . . . : Failed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{0F90D1D8-B8E4
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{0F90D1D8-B8E4
The browser is bound to 1 NetBt transport.
[FATAL] Cannot send mailslot message to 'xxx*' via browser. [ERROR_INVALID_F
UNCTION]
Kerberos test. . . . . . . . . . . : Failed
[FATAL] Cannot lookup package Kerberos.
The error occurred was: (null)
The netlogon.dns file looks ok, I can't find much on this error. Any idea?
I'm also trying to troubleshoot an Exchange 2007 Outlook Anywhere issue, but I don't know if these errors are related.
DNS test . . . . . . . . . . . . . : Failed
[FATAL] Could not open file C:\WINDOWS\system32\config
ing.
[FATAL] No DNS servers have the DNS records for this DC registered.
Redir and Browser test . . . . . . : Failed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{0F90D1D8-B8E4
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{0F90D1D8-B8E4
The browser is bound to 1 NetBt transport.
[FATAL] Cannot send mailslot message to 'xxx*' via browser. [ERROR_INVALID_F
UNCTION]
Kerberos test. . . . . . . . . . . : Failed
[FATAL] Cannot lookup package Kerberos.
The error occurred was: (null)
The netlogon.dns file looks ok, I can't find much on this error. Any idea?
I'm also trying to troubleshoot an Exchange 2007 Outlook Anywhere issue, but I don't know if these errors are related.
What account did you use to run NETDIAG ? The error you get from NETDIAG usually means that your account is not a member of administrators. Run the command as domain\administrator and then observe the results. You will probably find you post the Outlook Anywhere query seperatly.
I hope this helps.
I hope this helps.
ASKER
Yes, Exchange 2007 is installed on the DC. The only DNS server in tcp/ip properties is its own ip address.
It has one NIC enable, the other is disabled.
I looked Binding in Advanced Settings. The only services are:
File and Printer Sharing
Client for Microsoft Networks
I did run NETDIAG from the domain Administrator account.
This is the Outlook Anywhere issue: https://www.experts-exchange.com/questions/23317925/Outlook-rpcdiag-says-connecting.html
Thanks
It has one NIC enable, the other is disabled.
I looked Binding in Advanced Settings. The only services are:
File and Printer Sharing
Client for Microsoft Networks
I did run NETDIAG from the domain Administrator account.
This is the Outlook Anywhere issue: https://www.experts-exchange.com/questions/23317925/Outlook-rpcdiag-says-connecting.html
Thanks
Is this your only DC? Is DNS server "started" in the services control panel? If you open the DNS console, what do you see listed in forward lookup zones?
ASKER
Yes, it's the only DC. DNS is started; I've tried restarting DNS and rebooting the server. In DNS Manager, I have:
_msdcs
domain.local
domain.com
They're all AD integrated. I deleted the domain.com zone and restarted DNS to see it it would help; same problem.
DCDIAG passes.
_msdcs
domain.local
domain.com
They're all AD integrated. I deleted the domain.com zone and restarted DNS to see it it would help; same problem.
DCDIAG passes.
ASKER
Also, I also ran NETDIAG /fix, but it didn't help. All the records seem to be there under _msdcs and under domain.local and under _tcp.domain.local, etc...
Are you seeing any errors under the DNS event log? Any trouble with logons?
ASKER
No trouble with logons. Last week, I had:
Warning - Event ID: 3000
The DNS server has encountered numerous run-time events. To determine the initial cause of these run-time events, examine the DNS server event log entries that precede this event. To prevent the DNS server from filling the event log too quickly, subsequent events with Event IDs higher than 3000 will be suppressed until events are no longer being generated at a high rate.
When I rebooted today, I had:
Error - Event ID: 4015
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
Error - Event ID: 4004
The DNS server was unable to complete directory service enumeration of zone domain.local. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.
Later today, I had:
Warning - Event ID: 4521
The DNS server encountered error 32 attempting to load zone domain.com from Active Directory. The DNS server will attempt to load this zone again on the next timeout cycle. This can be caused by high Active Directory load and may be a transient condition.
This last one is probably from when I deleted this extra zone.
Warning - Event ID: 3000
The DNS server has encountered numerous run-time events. To determine the initial cause of these run-time events, examine the DNS server event log entries that precede this event. To prevent the DNS server from filling the event log too quickly, subsequent events with Event IDs higher than 3000 will be suppressed until events are no longer being generated at a high rate.
When I rebooted today, I had:
Error - Event ID: 4015
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
Error - Event ID: 4004
The DNS server was unable to complete directory service enumeration of zone domain.local. This DNS server is configured to use information obtained from Active Directory for this zone and is unable to load the zone without it. Check that the Active Directory is functioning properly and repeat enumeration of the zone. The extended error debug information (which may be empty) is "". The event data contains the error.
Later today, I had:
Warning - Event ID: 4521
The DNS server encountered error 32 attempting to load zone domain.com from Active Directory. The DNS server will attempt to load this zone again on the next timeout cycle. This can be caused by high Active Directory load and may be a transient condition.
This last one is probably from when I deleted this extra zone.
Has any one made and NTFS security changes in system32, thinking they would be hardening the environment? I may be wrong of course but to me it looks like it might be a permissions issue.
ASKER
Good idea, but I don't think that's it. I checked the permissions on the netlogon.dns file and the parent folder. Administrators and SYSTEM both have full control.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
That's a start, I'll offer as much as I can as information increases.
Cheers!