Solved

DCDIAG Fault on SBS2008

Posted on 2010-09-15
5
726 Views
Last Modified: 2012-05-10
Hi,

I am having problems with the DNS setup of a small SBS2008 installation. THere are around 15 workstations and a single server.

I am having some issues with network connectivity and want to resolve DNS errors I am seeing in the event viewer. Typical (and regularly repeated) errors are:

"Process STORE.EXE (PID=2308). Exchange Active Directory Provider failed to obtain DNS records for forest DC=eurotech,DC=local. DNS Priority and Weight for the Global Catalog servers in this forest will be set to the default values 0 (priority) and 100 (weight). "

Event IDs: 2106, 2105

Also if I run DCDiag I get the following error (have replaced server details etc with generic names)

Doing initial required tests -
Active Directory LDAP Services Check:
The host "long-unique-id._msdcs.domainname.local" could not be resolved to an IP address.
"ServerName" failed test connectivity

I have tried DCIDAG /v /fix but without success, error remains. I have also followed advice in some other similar questions but was unable to resolve it.

There is advice that seems to relate to 2003SBS but I am FAR from a DNS expert and could really do with some hand holding here!

Generally the network seems to function well but we have some applications (like sage) that are running the database files etc from the server and it is these that are crashing etc, I am concerned they are losing connectivity for brief moments because of DNS issues.

Even if not I would like to get rid of these errors

Many thanks in advance.
0
Comment
Question by:FutureOak
  • 2
  • 2
5 Comments
 
LVL 3

Accepted Solution

by:
novaspoonman earned 500 total points
ID: 33681507
What about netdiag or dcdiag /test:dns?

Is this server pointing to itself as a DNS server in its NIC settings?
0
 
LVL 11

Expert Comment

by:kaskhedikar_tushar
ID: 33681759
Hello,

Check with DNS server.Please check the Forward lookup zone & Reverse lookup zone.

Please run the nslookup command & check the server status if it is unknown.Then it is the problem of reverse lookup zone.

Also check the Host (A) records in the reverse lookup zone.

Regards,
Tushar Kaskhedikar


 
0
 

Author Comment

by:FutureOak
ID: 33683261
Hi Nova,

Thanks for your update. I ran the test you suggested and it revealed a fault. Something I neglected to mention,

THe server uses Himanchi (VPN product from logmein.com). This creates a VPN via logmein.com servers and creates a VPN when users are out of the office without them needing to log into anything other than the laptop.

Hamanchi create a network bridge using the MAC Bridge Miniport. This was incorrectly configured to look to the router for DNS. I changed this to be the DC and it resolved some of the lookup issues.

The server now passes the first test (that failed during the initial question I posed). However I now get a couple of different warnings

- Access is denied during Netlogons/Replications/Services tests
- Computer is using dynamic IPv6 addresses which should be made static (not sure what the IPv6 equivilent to 10.0.0.2 actually is?)

Running dcdiag /test:dns tells me I am missing the approriate AAAA record for the miniport bridge adaptor.

Sorry if this is a bit like pulling teeth, as mentioned this is certainly not my specialism!

Cheers

0
 
LVL 3

Expert Comment

by:novaspoonman
ID: 33691941
I would focus on the netlogon/replication/services tests. You needn't worry about IPv6 for now, unless your infrastructure actually uses it, in which case you can uncheck that box in the properties of the network adapter.

Check the system and application event logs for anything relevant concerning DNS or netlogon.
0
 

Author Closing Comment

by:FutureOak
ID: 33716663
Eventually got to the bottom of this one. After running the test suggested here it showed me an abvious error message that one adaptor wasn't correctly configured for the right DNS server.

However the other tests continued to fail. I eventually realised that this was just a UAC thing. If I opened the CMD prompt in admin mode the permissions errors all dissapeared.

SO apart from IPv6 (which I dont need) the DC is now passing DNS tests.
0

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question