netdiag test failed for NetBT

Ok -- I've been struggling with this one for a while now.  We patched a domain controller with a windows patch and rebooted.  No big deal so far.

When attempting to console in after the reboot, after entering the credentials, it "thought" for a while and then gave an error saying the domain could not be contacted or did not exist.  Only after we logged on locally (at the server) did remote desktop work, etc.
After that everything seemed ok, but I ran a netdiag to see if there were any errors, and we got a NetBT test error.

I have not been able to identify the issue causing this -- I've done pretty much every basic troubleshooting task (deleting DNS zones, rebuilding DNS zones, uninstall/reinstall DNS role, ipconfig /flush & register, etc)

Here's our setup:
Two domain controllers and each are DNS servers.  The issue we are experiencing is on the PDC.

Here's the netdiag logfile:
Thanks for the help!!

............................................

    Computer Name: BIOPRO-T123
    DNS Host Name: BIOPRO-T123.OMEGA-T123.DeltaV.Biogen.local
    System info : Microsoft Windows Server 2003 (Build 3790)
    Processor : x86 Family 6 Model 15 Stepping 11, GenuineIntel
    List of installed hotfixes :
        KB921503
        KB924667-v2
        KB925902
        KB926122
        KB929123
        KB930178
        KB931768
        KB931784
        KB931836
        KB932168
        KB933360
        KB933566
        KB933729
        KB935839
        KB935840
        KB935966
        KB937143
        KB938127
        KB939653
        KB941202
        KB941568
        KB941569
        KB941644
        KB941672
        KB942763
        KB943055
        KB943460
        KB943484
        KB943485
        KB944533
        KB944653
        KB958644
        Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : DeltaV Secondary

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : BIOPRO-T123
        IP Address . . . . . . . . : 10.8.0.6
        Subnet Mask. . . . . . . . : 255.254.0.0
        Default Gateway. . . . . . :
        Dns Servers. . . . . . . . : 10.8.0.6


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Skipped
            [WARNING] No gateways defined for this adapter.

        NetBT name test. . . . . . : Failed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.

    Adapter : MCN

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : BIOPRO-T123
        IP Address . . . . . . . . : 192.168.20.47
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.20.2
        Primary WINS Server. . . . : 10.40.11.49
        Secondary WINS Server. . . : 192.168.130.95
        Dns Servers. . . . . . . . : 192.168.130.103
                                     192.168.176.105


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Failed
            \Device\NetBT_Tcpip_{F9F03661-D400-478C-8A70-3DE54CA4C3ED}
        [FATAL] At least one of your NetBT names is not registered properly.
                You have a potential name conflict.
                Please check that the machine name is unique.
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.

        WINS service test. . . . . : Passed

    Adapter : DeltaV Primary

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : BIOPRO-T123
        IP Address . . . . . . . . : 10.4.0.6
        Subnet Mask. . . . . . . . : 255.254.0.0
        Default Gateway. . . . . . :
        Dns Servers. . . . . . . . : 10.4.0.6


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Skipped
            [WARNING] No gateways defined for this adapter.

        NetBT name test. . . . . . : Failed
            \Device\NetBT_Tcpip_{CE4FA7DC-06AE-4E8C-9034-7589B8D12CB2}
        [FATAL] At least one of your NetBT names is not registered properly.
                You have a potential name conflict.
                Please check that the machine name is unique.
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.

    Adapter : OPC

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : BIOPRO-T123
        IP Address . . . . . . . . : 110.110.110.6
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . :
        Dns Servers. . . . . . . . :

        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Skipped
            [WARNING] No gateways defined for this adapter.

        NetBT name test. . . . . . : Failed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.
            No remote names have been found.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{CD123C08-4653-4BC5-A17A-988F4A6B14C1}
        NetBT_Tcpip_{F9F03661-D400-478C-8A70-3DE54CA4C3ED}
        NetBT_Tcpip_{CE4FA7DC-06AE-4E8C-9034-7589B8D12CB2}
        NetBT_Tcpip_{3796A50D-AA78-46ED-ADF8-E0F75AD0E838}
    4 NetBt transports currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Failed
    [WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
          [WARNING] Cannot find a primary authoritative DNS server for the name
            'BIOPRO-T123.OMEGA-T123.DeltaV.Biogen.local.'. [RCODE_SERVER_FAILURE]
            The name 'BIOPRO-T123.OMEGA-T123.DeltaV.Biogen.local.' may not be registered in DNS.
          [WARNING] Cannot find a primary authoritative DNS server for the name
            'BIOPRO-T123.OMEGA-T123.DeltaV.Biogen.local.'. [ERROR_TIMEOUT]
            The name 'BIOPRO-T123.OMEGA-T123.DeltaV.Biogen.local.' may not be registered in DNS.
    [FIX] re-register DC DNS entry '_ldap._tcp.gc._msdcs.OMEGA-T123.DeltaV.Biogen.local.' on DNS server '10.8.0.6' succeed.
    FIX PASS - netdiag re-registered missing DNS entries for this DC successfully on DNS server '10.8.0.6'.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{CD123C08-4653-4BC5-A17A-988F4A6B14C1}
        NetBT_Tcpip_{F9F03661-D400-478C-8A70-3DE54CA4C3ED}
        NetBT_Tcpip_{CE4FA7DC-06AE-4E8C-9034-7589B8D12CB2}
        NetBT_Tcpip_{3796A50D-AA78-46ED-ADF8-E0F75AD0E838}
    The redir is bound to 4 NetBt transports.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{F9F03661-D400-478C-8A70-3DE54CA4C3ED}
        NetBT_Tcpip_{CE4FA7DC-06AE-4E8C-9034-7589B8D12CB2}
        NetBT_Tcpip_{CD123C08-4653-4BC5-A17A-988F4A6B14C1}
        NetBT_Tcpip_{3796A50D-AA78-46ED-ADF8-E0F75AD0E838}
    The browser is bound to 4 NetBt transports.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information
sureserviceAsked:
Who is Participating?
 
sureserviceConnect With a Mentor Author Commented:
Issue was resolved after rebuilding the DNS zones (domain and _msdcs) and then rebooting.
0
 
rbeckerditeCommented:
Do you know if this problem existed before you patched the server?
0
 
sureserviceAuthor Commented:
I think so -- only because I think someone has mentioned it before and the patch we added was for the conflickr worm -- so no big changes there.
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
rbeckerditeCommented:
if you are going to use two nics on the PDC emulator i think you should team team them so they share the same IP or disable the secondary.  Is the PDC routing? why are there adapters with no default gateway?
0
 
sureserviceAuthor Commented:
The adapters that have no default gateway belong to a control system network.  These servers are part of a manufacturing system that controls plant operations.
The MCN card goes to the corporate network and therefore has a default gateway and additional DNS servers listed to resolve corporate machine names.

Teaming is not an option -- the primary nic and secondary nic are configured for redundant purposes.
Thanks!
0
 
rbeckerditeCommented:
Teaming allows redundancy but that nonwithstanding.  It looks like this article talks about how to prevent dns resitration of secondary nics.  

http://www.experts-exchange.com/Networking/Windows_Networking/Q_21577682.html

Do machines on the manufacturing network need to authenticate to the Domain? If so is dns servicing them from the PDC emulator? I wonder if the messages are coming from the manufacturning net because it cannot navigate dns on that net to trace back to an authoritative dns server.


0
 
sureserviceAuthor Commented:
Here's a little more info:

There are 3 main networks.
1 = Control System Primary Network
2 = Control System Secondary Network
3 = Manufacturing (corporate network)

I read the other posting and the resolution makes sense, although we have to listen on at least both the primary and secondary control networks.  If the primary control network switch dies, all traffic will use the secondary network and therefore needs a place to perform DNS lookups.  We have many many many other systems configured like this in production environments that do not have this problem -- so I think something broke along the way somehow and I'm not sure what it was or when it happened.

Machines on the Manufacturing network do not authenticate against this domain.

Thanks!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.