alecdarragh
asked on
Source Userenv Event ID: 1054. Windows cannot obtain the Domain Controller name for your Network
I am recieving the error as stated. What I stupidly did was to give the domain the same name as a domain on the Internet, I think this may be what is causing my error. If it is is there a way I can fix it without having to rebuild the server?
Last Comment
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
That's good, yes :)
If you open up the DNS Console then expand Forward Lookup Zones and your domain do you have an _msdcs folder?
Has this ever worked? And have you installed any patches recently?
Chris
ASKER
If I expand the Forward Lookup Zones I ahve an _msdcs folder and it contains the following entry (called _msdcs.esi.ie). This folder has subfolders called 'dc','domains','gc' and 'pdc' .
Excellent, that's exactly what it should have.
Is it on the server or on clients that you see the error message?
Chris
ASKER
The error is on the server
Would you mind running DCDiag and NetDiag please?
Chris
ASKER
Here are thye results of running dcdiag:-
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\ES
Starting test: Connectivity
......................... ESIFS01 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\ES
Starting test: Replications
......................... ESIFS01 passed test Replications
Starting test: NCSecDesc
......................... ESIFS01 passed test NCSecDesc
Starting test: NetLogons
......................... ESIFS01 passed test NetLogons
Starting test: Advertising
Warning: ESIFS01 is not advertising as a time server.
......................... ESIFS01 failed test Advertising
Starting test: KnowsOfRoleHolders
......................... ESIFS01 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... ESIFS01 passed test RidManager
Starting test: MachineAccount
......................... ESIFS01 passed test MachineAccount
Starting test: Services
RPCLOCATOR Service is stopped on [ESIFS01]
w32time Service is stopped on [ESIFS01]
TrkWks Service is stopped on [ESIFS01]
TrkSvr Service is stopped on [ESIFS01]
......................... ESIFS01 failed test Services
Starting test: ObjectsReplicated
......................... ESIFS01 passed test ObjectsReplicated
Starting test: frssysvol
......................... ESIFS01 passed test frssysvol
Starting test: kccevent
......................... ESIFS01 passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x00000457
Time Generated: 07/24/2008 11:09:34
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 07/24/2008 11:09:35
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 07/24/2008 11:21:30
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 07/24/2008 11:21:30
(Event String could not be retrieved)
......................... ESIFS01 failed test systemlog
Running enterprise tests on : ESI.IE
Starting test: Intersite
......................... ESI.IE passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERV
A Good Time Server could not be located.
......................... ESI.IE failed test FsmoCheck
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\ES
Starting test: Connectivity
......................... ESIFS01 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\ES
Starting test: Replications
......................... ESIFS01 passed test Replications
Starting test: NCSecDesc
......................... ESIFS01 passed test NCSecDesc
Starting test: NetLogons
......................... ESIFS01 passed test NetLogons
Starting test: Advertising
Warning: ESIFS01 is not advertising as a time server.
......................... ESIFS01 failed test Advertising
Starting test: KnowsOfRoleHolders
......................... ESIFS01 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... ESIFS01 passed test RidManager
Starting test: MachineAccount
......................... ESIFS01 passed test MachineAccount
Starting test: Services
RPCLOCATOR Service is stopped on [ESIFS01]
w32time Service is stopped on [ESIFS01]
TrkWks Service is stopped on [ESIFS01]
TrkSvr Service is stopped on [ESIFS01]
......................... ESIFS01 failed test Services
Starting test: ObjectsReplicated
......................... ESIFS01 passed test ObjectsReplicated
Starting test: frssysvol
......................... ESIFS01 passed test frssysvol
Starting test: kccevent
......................... ESIFS01 passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x00000457
Time Generated: 07/24/2008 11:09:34
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 07/24/2008 11:09:35
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 07/24/2008 11:21:30
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 07/24/2008 11:21:30
(Event String could not be retrieved)
......................... ESIFS01 failed test systemlog
Running enterprise tests on : ESI.IE
Starting test: Intersite
......................... ESI.IE passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERV
A Good Time Server could not be located.
......................... ESI.IE failed test FsmoCheck
Is this one set to Automatic? Default is Manual.
RPCLOCATOR Service is stopped on [ESIFS01]
And is there a reason you have this stopped?
w32time Service is stopped on [ESIFS01]
Chris
ASKER
The RPLOCATOR Service is set to Manual.
w32time Service should not be stopped, I reconfigured it to use the internal clock as I was getting errors (see http://support.microsoft.com/kb/816042 )
w32time Service should not be stopped, I reconfigured it to use the internal clock as I was getting errors (see http://support.microsoft.com/kb/816042 )
Hmm but you do need w32tm to run properly on your DC, if time falls 5 minutes out between server and client authentication will fail.
I normally set my PDC emulator to sync time with servers listed on ntp.org. At the moment I use pool.ntp.org which has a constantly changing collection of accurate time sources.
How often does the error at the top (could not find domain) repeat?
Chris
ASKER
How do you set the PDC emulator to sync with external servers? Is it similar to what is mentioned in the article to which I referred previously?
The error appears at 5 minute intervals.
- Alec.
The error appears at 5 minute intervals.
- Alec.
I use the command line options, that sets the registry values, so the two have the same effect in the end.
w32tm /config /ManualPeerList:pool.ntp.o
w32tm /config /update
Then:
w32tm /resync
To force it to update time from the specified time source (pool.ntp.org). If you run "nslookup pool.ntp.org" you'll see it's a number of different IP addresses. That list changes frequently.
It will mean you need to open up outbound requests on UDP Port 123 (NTP) if your server is to be able to contact those.
I take it NetDiag didn't show you any errors?
Chris
ASKER
When I ran w32tm /resync I got the message 'The computer did not resync because no time data was available'.
When I tried to run 'netdiag' a dialog box appered saying 'The procedure entry point DnsGetPrimaryDomainName_UT
When I tried to run 'netdiag' a dialog box appered saying 'The procedure entry point DnsGetPrimaryDomainName_UT
> 'The computer did not resync because no time data was available'.
Try "w32tm /monitor" (that'll tell you who it's trying with. Otherwise it's likely to be rules on your Firewall.
That means you have the wrong version of NetDiag, it's not compatible with your system. Windows 2000 or Windows 2003 (or Windows 2008)?
Chris
ASKER
When I ran w32tm /monitor i got the message:-
'esifs01.ESI.IE *** PDC *** [192.168.59.5]
ICMP: 429496728ms Delay.
NTP: +0.00000000s offset from esifs01.ESI.IE
RefID: 'LOCL' [76.79.67.76]
I am running Windows 2003 and I have double checked and i appear to be running the correct version of 'Netdiag'
- Alec.
'esifs01.ESI.IE *** PDC *** [192.168.59.5]
ICMP: 429496728ms Delay.
NTP: +0.00000000s offset from esifs01.ESI.IE
RefID: 'LOCL' [76.79.67.76]
I am running Windows 2003 and I have double checked and i appear to be running the correct version of 'Netdiag'
- Alec.
Do a search for NetDiag on your computer, it could be that you have two versions on there and it's calling the wrong one.
Otherwise, can you tell me the file versions for both DNSAPI.dll and NetDiag.exe?
Chris
ASKER
Sorry Chris, for some reason there were two versions of Netdiag installed. Here are the results of the Netdiag test:-
.
..........................
Computer Name: ESIFS01
DNS Host Name: esifs01.ESI.IE
System info : Microsoft Windows Server 2003 R2 (Build 3790)
Processor : x86 Family 15 Model 67 Stepping 3, AuthenticAMD
List of installed hotfixes :
KB924667-v2
KB925398_WMP64
KB925902
KB926122
KB927891
KB929123
KB930178
KB931784
KB932168
KB933729
KB933854
KB935839
KB935840
KB936021
KB936782
KB938127
KB938127-IE7
KB941202
KB941569
KB941693
KB942763
KB943055
KB943460
KB943485
KB944653
KB945553
KB946026
KB948496
KB948590
KB949014
KB950759-IE7
KB950760
KB950762
KB951698
KB951746
KB951748
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : esifs01
IP Address . . . . . . . . : 192.168.59.5
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.59.1
Dns Servers. . . . . . . . : 192.168.59.5
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.
No remote names have been found.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{D04016FD-5702
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server '192.168.59.5'.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{D04016FD-5702
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{D04016FD-5702
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
Regards
- Alec.
.
..........................
Computer Name: ESIFS01
DNS Host Name: esifs01.ESI.IE
System info : Microsoft Windows Server 2003 R2 (Build 3790)
Processor : x86 Family 15 Model 67 Stepping 3, AuthenticAMD
List of installed hotfixes :
KB924667-v2
KB925398_WMP64
KB925902
KB926122
KB927891
KB929123
KB930178
KB931784
KB932168
KB933729
KB933854
KB935839
KB935840
KB936021
KB936782
KB938127
KB938127-IE7
KB941202
KB941569
KB941693
KB942763
KB943055
KB943460
KB943485
KB944653
KB945553
KB946026
KB948496
KB948590
KB949014
KB950759-IE7
KB950760
KB950762
KB951698
KB951746
KB951748
Q147222
Netcard queries test . . . . . . . : Passed
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : esifs01
IP Address . . . . . . . . : 192.168.59.5
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.59.1
Dns Servers. . . . . . . . : 192.168.59.5
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.
No remote names have been found.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{D04016FD-5702
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server '192.168.59.5'.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{D04016FD-5702
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{D04016FD-5702
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
Regards
- Alec.
ASKER
Chris,
Have you had any further thoughts on the problem I am experiencing?
Regards
- Alec.
Have you had any further thoughts on the problem I am experiencing?
Regards
- Alec.
Sorry, I lost track a bit.
Could you run DNSLint against your domain?
That'd be:
dnslint /d esi.ie
Maybe that one will tell us something.
Chris
ASKER
The result said 'No match for the domain name found, the domain name has not been resistered with InterNIC'
- Alec.
- Alec.
Really? That's odd, it should find that right away if it's referring to internal DNS servers in the TCP/IP config (which it is from all of the above).
Can you try:
dnslint /ad 192.168.59.5 /s 192.168.59.5
Chris
ASKER
I'm sure we tested this before, but it does list a Host (A) Record for esifs01 under the esi.ie? It's odd that it's complaining about the NS Record.
Chris
ASKER
Do you mean is esifs01 listed in the forward lookup zone under esi.ie?
If it makes things any easier for you can access the server using RDP?
Regards
- Alec.
If it makes things any easier for you can access the server using RDP?
Regards
- Alec.
Yep.
It's not something I could do from here, it's blocked, and I suspect you leave the office around the same time as I do.
Chris
I'm rather tempted to suggest we nuke the current version of the zone and create it all from scratch. That'll be fine unless you've got lots of static records in there?
The instructions for that vary slightly based on where the zone is stored. If you open the properties for the zone, what do you see as the Replication Scope?
Chris
ASKER
If you do this will it effect the users (ie will I have to add them to the domain again?).
- Alec.
- Alec.
Nope, it might cause a slight service interruption while we rebuild the DNS part, but nothing more.
Chris
ASKER
Great, how do we go about it? If you need access to check the server outside working hours it is possible.
- Alec.
- Alec.
Replication Scope for the zone first, what's that set to? That changes the instructions I have to give you :)
Chris
Just in case...
If the replication scope is set to "All Domain Controllers in the Active Directory Domain" this article applies as the method for re-building the zone:
http://support.microsoft.com/?kbid=305967
If it's either of the other two options we need to do this through ADSIEdit.msc. The only step that differs is where the zone is deleted from.
Chris
DNS
The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.
29K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
ASKER