Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

NetDiag DNS Test : 2 DCs

Posted on 2009-05-20
1
Medium Priority
?
745 Views
Last Modified: 2012-05-07
Added a 2nd DC (windows server 2003) to a domain with the first DC being SBS 2003.
Ran NetDiag on each.
The new DC is clean as a whistle.
The original DC (SBS 2003) has these issues:
     DNS Test . . . . . passed
     PASS - all the DNS enteries for DC are registered on the DNS server '192.xx (original DC) and other DCs also have some of the names registered.
     [WARNING] The DNS entries for this DC cannot be verified right now on DNS server 192.xx (new DC), ERROR_TIMEOUT

     LDAP test . . . . passed
     [FATAL] Cannot open an LDAP session to 'remus (new DC) at 192.xx
     [WARNING] Failed to query SPN registration on DC 'remus. (new DC)

Note: I don't get these messages when running this test on the new DC.

AD replicates ok, after verifying this each DC has its own IP as pref. DNS and each other as second DNS.

Other points to note:
1) ReplMon: FAILURE: 1753 There are no more end points available from the endpoint mapper.
2) GPOTool: ERROR: Version mismatch on Argus (original DC), DS=13, SysVol=11
3) Users are having no issues
4) New DC was DCPromoed last week.
5) Things I've done since:   "dnscmd /clearcache", "ipconfig /flushdns and /registerdns", renamed netlogon.dns and netlogon.db, net stopped and started netlogo, recrated netlogon files, ran "netdiag /fix", and rebooted both servers.
checked replication.

I've researched this to death.  How can I clean up my NetDiag test? Why I'm I getting "passed" on the LDAP test followed by "Fatal" and "Warning"?    

appreciate any thoughts.
0
Comment
Question by:ShawnGray
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 

Accepted Solution

by:
ShawnGray earned 0 total points
ID: 24434438
This appears to be a Firewall issue.
I disabled the firewall on the new DC and reran NetDiag on the original DC.
It was clean.  I suppose the question now is what settings should be allowed so I can run the firewall?
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question