Domain Controller DNS Error / netdiag errors

Posted on 2010-01-04
Last Modified: 2012-05-08

Our monitoring software has detected a DNS error in our active directory enviroment:

Resource - TERRA106
Description - SAAZ monitoring Agent has discovered that the NetDiag DNS test failed with error "No DNS servers have the DNS records for this DC registered". If DNS records are not registered in the DNS server, no other computer or user is able to locate the Domain controller. Please have a Tech work on this immediately.
The Knowledge Base provided below has more information and troubleshooting steps to resolve this particular issue. The troubleshooting steps are provided based on our research and experience.

We are able to ping the servers hostname from other computers on the domain, so DNS for the server is working properly.

We ran DCDIAG which reports no problems, however NETDIAG reports a few problems which appear to be related (attached).

Any suggestions for a solution to this problem would be appreciated.

Thank you

Question by:servicad
    LVL 31

    Expert Comment

    by:Henrik Johansson
    What's the purpose of having multiple NICs enabled?
    If not really necessary, disable the one with IP=
    LVL 59

    Accepted Solution

    Remove the address from the DNS settings and put the actual IP address. Run ipconfig /flushdns, ipconfig /registerdns, and netdiag /fix.

    Also, when you have a DC running on a multihomed computer you can see some issues. If you don't need the second nic then disable it if you do make sure you uncheck the register this interface with DNS within the TCP\IP settings.

    Also, make sure you have DNS setup to listen on one interface.

    Make sure you Binding order is setup correctly.
    LVL 7

    Expert Comment

    I saw this as well:
    [FATAL] Could not open file C:\WINDOWS\system32\config\netlogon.dns for reading.

    Do this :

    1. Stop DNS service. (Net Stop DNS)
    2. Stop Netlogon Service (Net Stop NEtlogon)
    3. Rename the file above file netlogon.dns along with netlogon.dnb (put .OLD after their names to remember easily later on).
    4. Start DNS Service (Net Start DNS)
    5. Start Netlogon Service (Net Stat Netlogon).

    Netlogon Service create Netlogon.dns and Netlogon.dnb files automatically which contain the information of the Zones. Including the GUID and SRV records of the DCs.


    LVL 59

    Expert Comment

    by:Darius Ghassem
    Usually the Error descriped here is because of using the wrong verison of netdiag [FATAL] Could not open file C:\WINDOWS\system32\config\netlogon.dns for reading.

    Make sure you are using the correct verison of netdiag and dcdiag for your server since this will give you false information like the above error.
    LVL 1

    Assisted Solution

    1. Run below string from  command prompt

    net stop dns & net stop dnscache & net stop netlogon & ipconfig/flushdns & ipconfig/registerdns &  net start dns & net start dnscache & net start netlogon & net stop ntfrs & net start ntfrs

    2. start -> run -> ncpa.cpl ->  advance menu -> advanced settings
    check bind order. Adapter : LAN should be at first
    if it still not work then
    3. stop dns and netlogon service, go to "system32\config" and rename netlogon.dns and netlogon.dnb to netlogon.dns_ and netlogon.dnb_. and then start both stopped services.
    restart windows time service once.
    ipconfig/flushdns and ipconfig /registerdns

    at last check netdiag /q

    LVL 1

    Assisted Solution

    server is running 64 bit windows then check file version for netdiag .exe
    netdiag 32 bit version = 5.2.3790.3959
    netdiag 64 bit version = 5.2.3790.1830

    and replace netdiag .exe with  64 bit version

    Author Closing Comment

    Excellent solutions posted by experts

    Featured Post

    Enabling OSINT in Activity Based Intelligence

    Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

    Join & Write a Comment

    Do you have users whose passwords are expiring and they are constantly calling you?  Well I sure did and needed a way to put an end to this.  We have a lot of remote users which would not be notified that their passwords were expiring since they wer…
    Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now