Solved

DCDIAG Fault on SBS2008

Posted on 2010-09-15
5
722 Views
Last Modified: 2012-05-10
Hi,

I am having problems with the DNS setup of a small SBS2008 installation. THere are around 15 workstations and a single server.

I am having some issues with network connectivity and want to resolve DNS errors I am seeing in the event viewer. Typical (and regularly repeated) errors are:

"Process STORE.EXE (PID=2308). Exchange Active Directory Provider failed to obtain DNS records for forest DC=eurotech,DC=local. DNS Priority and Weight for the Global Catalog servers in this forest will be set to the default values 0 (priority) and 100 (weight). "

Event IDs: 2106, 2105

Also if I run DCDiag I get the following error (have replaced server details etc with generic names)

Doing initial required tests -
Active Directory LDAP Services Check:
The host "long-unique-id._msdcs.domainname.local" could not be resolved to an IP address.
"ServerName" failed test connectivity

I have tried DCIDAG /v /fix but without success, error remains. I have also followed advice in some other similar questions but was unable to resolve it.

There is advice that seems to relate to 2003SBS but I am FAR from a DNS expert and could really do with some hand holding here!

Generally the network seems to function well but we have some applications (like sage) that are running the database files etc from the server and it is these that are crashing etc, I am concerned they are losing connectivity for brief moments because of DNS issues.

Even if not I would like to get rid of these errors

Many thanks in advance.
0
Comment
Question by:FutureOak
  • 2
  • 2
5 Comments
 
LVL 3

Accepted Solution

by:
novaspoonman earned 500 total points
ID: 33681507
What about netdiag or dcdiag /test:dns?

Is this server pointing to itself as a DNS server in its NIC settings?
0
 
LVL 11

Expert Comment

by:kaskhedikar_tushar
ID: 33681759
Hello,

Check with DNS server.Please check the Forward lookup zone & Reverse lookup zone.

Please run the nslookup command & check the server status if it is unknown.Then it is the problem of reverse lookup zone.

Also check the Host (A) records in the reverse lookup zone.

Regards,
Tushar Kaskhedikar


 
0
 

Author Comment

by:FutureOak
ID: 33683261
Hi Nova,

Thanks for your update. I ran the test you suggested and it revealed a fault. Something I neglected to mention,

THe server uses Himanchi (VPN product from logmein.com). This creates a VPN via logmein.com servers and creates a VPN when users are out of the office without them needing to log into anything other than the laptop.

Hamanchi create a network bridge using the MAC Bridge Miniport. This was incorrectly configured to look to the router for DNS. I changed this to be the DC and it resolved some of the lookup issues.

The server now passes the first test (that failed during the initial question I posed). However I now get a couple of different warnings

- Access is denied during Netlogons/Replications/Services tests
- Computer is using dynamic IPv6 addresses which should be made static (not sure what the IPv6 equivilent to 10.0.0.2 actually is?)

Running dcdiag /test:dns tells me I am missing the approriate AAAA record for the miniport bridge adaptor.

Sorry if this is a bit like pulling teeth, as mentioned this is certainly not my specialism!

Cheers

0
 
LVL 3

Expert Comment

by:novaspoonman
ID: 33691941
I would focus on the netlogon/replication/services tests. You needn't worry about IPv6 for now, unless your infrastructure actually uses it, in which case you can uncheck that box in the properties of the network adapter.

Check the system and application event logs for anything relevant concerning DNS or netlogon.
0
 

Author Closing Comment

by:FutureOak
ID: 33716663
Eventually got to the bottom of this one. After running the test suggested here it showed me an abvious error message that one adaptor wasn't correctly configured for the right DNS server.

However the other tests continued to fail. I eventually realised that this was just a UAC thing. If I opened the CMD prompt in admin mode the permissions errors all dissapeared.

SO apart from IPv6 (which I dont need) the DC is now passing DNS tests.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now