Solved

DCDIAG Fault on SBS2008

Posted on 2010-09-15
5
725 Views
Last Modified: 2012-05-10
Hi,

I am having problems with the DNS setup of a small SBS2008 installation. THere are around 15 workstations and a single server.

I am having some issues with network connectivity and want to resolve DNS errors I am seeing in the event viewer. Typical (and regularly repeated) errors are:

"Process STORE.EXE (PID=2308). Exchange Active Directory Provider failed to obtain DNS records for forest DC=eurotech,DC=local. DNS Priority and Weight for the Global Catalog servers in this forest will be set to the default values 0 (priority) and 100 (weight). "

Event IDs: 2106, 2105

Also if I run DCDiag I get the following error (have replaced server details etc with generic names)

Doing initial required tests -
Active Directory LDAP Services Check:
The host "long-unique-id._msdcs.domainname.local" could not be resolved to an IP address.
"ServerName" failed test connectivity

I have tried DCIDAG /v /fix but without success, error remains. I have also followed advice in some other similar questions but was unable to resolve it.

There is advice that seems to relate to 2003SBS but I am FAR from a DNS expert and could really do with some hand holding here!

Generally the network seems to function well but we have some applications (like sage) that are running the database files etc from the server and it is these that are crashing etc, I am concerned they are losing connectivity for brief moments because of DNS issues.

Even if not I would like to get rid of these errors

Many thanks in advance.
0
Comment
Question by:FutureOak
  • 2
  • 2
5 Comments
 
LVL 3

Accepted Solution

by:
novaspoonman earned 500 total points
ID: 33681507
What about netdiag or dcdiag /test:dns?

Is this server pointing to itself as a DNS server in its NIC settings?
0
 
LVL 11

Expert Comment

by:kaskhedikar_tushar
ID: 33681759
Hello,

Check with DNS server.Please check the Forward lookup zone & Reverse lookup zone.

Please run the nslookup command & check the server status if it is unknown.Then it is the problem of reverse lookup zone.

Also check the Host (A) records in the reverse lookup zone.

Regards,
Tushar Kaskhedikar


 
0
 

Author Comment

by:FutureOak
ID: 33683261
Hi Nova,

Thanks for your update. I ran the test you suggested and it revealed a fault. Something I neglected to mention,

THe server uses Himanchi (VPN product from logmein.com). This creates a VPN via logmein.com servers and creates a VPN when users are out of the office without them needing to log into anything other than the laptop.

Hamanchi create a network bridge using the MAC Bridge Miniport. This was incorrectly configured to look to the router for DNS. I changed this to be the DC and it resolved some of the lookup issues.

The server now passes the first test (that failed during the initial question I posed). However I now get a couple of different warnings

- Access is denied during Netlogons/Replications/Services tests
- Computer is using dynamic IPv6 addresses which should be made static (not sure what the IPv6 equivilent to 10.0.0.2 actually is?)

Running dcdiag /test:dns tells me I am missing the approriate AAAA record for the miniport bridge adaptor.

Sorry if this is a bit like pulling teeth, as mentioned this is certainly not my specialism!

Cheers

0
 
LVL 3

Expert Comment

by:novaspoonman
ID: 33691941
I would focus on the netlogon/replication/services tests. You needn't worry about IPv6 for now, unless your infrastructure actually uses it, in which case you can uncheck that box in the properties of the network adapter.

Check the system and application event logs for anything relevant concerning DNS or netlogon.
0
 

Author Closing Comment

by:FutureOak
ID: 33716663
Eventually got to the bottom of this one. After running the test suggested here it showed me an abvious error message that one adaptor wasn't correctly configured for the right DNS server.

However the other tests continued to fail. I eventually realised that this was just a UAC thing. If I opened the CMD prompt in admin mode the permissions errors all dissapeared.

SO apart from IPv6 (which I dont need) the DC is now passing DNS tests.
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question