MJespersen
asked on
nltest /dsgetdc:domainname.local report old information.
I'm having problemes with a domain controller and DNS. In an attempt to solve these problemes I came across an article that sugested running nltest /dsgetdc:domainname to test connection to the DC. The result referred to an old DC no longer in operation. Where do I correct this? I looked through DNS on the server and it has no reference to the old server anywhere. Is there anywhere else this information can come from?
ASKER
Update : I was checking systax on the nltest command and found that I could use the /force command to make sure I wasn't getting old cached information. When I ran the nltest command with /force I got "Getting DC name failed: status = 1355 0x54b ERROR_NO_SUCH_DOMAIN"
What's missing?
What's missing?
Hi,
When you run nltest with /dsgetdc it shows you what it is using currently. When you specify /force it forces system to go and find another DC in network.
So again question is same, did you perform metadatacleanup? Do you have proper GC site?
Post ipconfig /all and dcdiag /q result .
When you run nltest with /dsgetdc it shows you what it is using currently. When you specify /force it forces system to go and find another DC in network.
So again question is same, did you perform metadatacleanup? Do you have proper GC site?
Post ipconfig /all and dcdiag /q result .
ASKER
I have performed metadatacleanup, and removed the old server (it was present).
Ipconfig :
Windows IP Configuration
Host Name . . . . . . . . . . . . : Server64
Primary Dns Suffix . . . . . . . : advokater.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : advokater.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-0C-29-D3-7D-9C
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.1.239(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
PPP adapter RAS (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : RAS (Dial In) Interface
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.1.31(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
dcdiag /q :
An Error Event occurred. EventID: 0xC0000466
Time Generated: 09/13/2011 23:33:57
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = Directory Service) could not be
retrieved, error 0x3afc)
......................... SERVER64 failed test KccEvent
Unable to connect to the NETLOGON share! (\\SERVER64\netlogon)
[SERVER64] An net use or LsaPolicy operation failed with error 67,
Win32 Error 67.
......................... SERVER64 failed test NetLogons
An Error Event occurred. EventID: 0x0000041E
Time Generated: 09/13/2011 22:58:25
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x0000041E
Time Generated: 09/13/2011 23:03:27
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x0000041E
Time Generated: 09/13/2011 23:08:29
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x00000422
Time Generated: 09/13/2011 23:13:34
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0xC0003AAD
Time Generated: 09/13/2011 23:19:09
EvtFormatMessage failed, error 1815 Win32 Error 1815.
(Event String (event log = System) could not be retrieved, error
0x717)
An Error Event occurred. EventID: 0x00000469
Time Generated: 09/13/2011 23:20:06
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x00000423
Time Generated: 09/13/2011 23:20:13
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x00000423
Time Generated: 09/13/2011 23:20:28
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0xC0000021
Time Generated: 09/13/2011 23:21:59
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0xC0000021
Time Generated: 09/13/2011 23:21:59
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0xC0001B6E
Time Generated: 09/13/2011 23:25:39
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0xC0001B72
Time Generated: 09/13/2011 23:25:39
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x00000018
Time Generated: 09/13/2011 23:29:33
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x00000422
Time Generated: 09/13/2011 23:29:50
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x00000406
Time Generated: 09/13/2011 23:30:15
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x00000406
Time Generated: 09/13/2011 23:35:22
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
......................... SERVER64 failed test SystemLog
Warning: DcGetDcName(GC_SERVER_REQU
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERV
1355
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... advokater.local failed test LocatorCheck
... and that is nothing but errors.
One of the first errors i this is a missing notlogon share.
I can confirm that the netlogon share is missing.
Any advice?
How is that recreated?
Ipconfig :
Windows IP Configuration
Host Name . . . . . . . . . . . . : Server64
Primary Dns Suffix . . . . . . . : advokater.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : advokater.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
Physical Address. . . . . . . . . : 00-0C-29-D3-7D-9C
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.1.239(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
PPP adapter RAS (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : RAS (Dial In) Interface
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.1.31(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
dcdiag /q :
An Error Event occurred. EventID: 0xC0000466
Time Generated: 09/13/2011 23:33:57
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = Directory Service) could not be
retrieved, error 0x3afc)
......................... SERVER64 failed test KccEvent
Unable to connect to the NETLOGON share! (\\SERVER64\netlogon)
[SERVER64] An net use or LsaPolicy operation failed with error 67,
Win32 Error 67.
......................... SERVER64 failed test NetLogons
An Error Event occurred. EventID: 0x0000041E
Time Generated: 09/13/2011 22:58:25
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x0000041E
Time Generated: 09/13/2011 23:03:27
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x0000041E
Time Generated: 09/13/2011 23:08:29
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x00000422
Time Generated: 09/13/2011 23:13:34
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0xC0003AAD
Time Generated: 09/13/2011 23:19:09
EvtFormatMessage failed, error 1815 Win32 Error 1815.
(Event String (event log = System) could not be retrieved, error
0x717)
An Error Event occurred. EventID: 0x00000469
Time Generated: 09/13/2011 23:20:06
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x00000423
Time Generated: 09/13/2011 23:20:13
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x00000423
Time Generated: 09/13/2011 23:20:28
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0xC0000021
Time Generated: 09/13/2011 23:21:59
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0xC0000021
Time Generated: 09/13/2011 23:21:59
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0xC0001B6E
Time Generated: 09/13/2011 23:25:39
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0xC0001B72
Time Generated: 09/13/2011 23:25:39
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x00000018
Time Generated: 09/13/2011 23:29:33
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x00000422
Time Generated: 09/13/2011 23:29:50
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x00000406
Time Generated: 09/13/2011 23:30:15
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
An Error Event occurred. EventID: 0x00000406
Time Generated: 09/13/2011 23:35:22
EvtFormatMessage failed, error 15100 Win32 Error 15100.
(Event String (event log = System) could not be retrieved, error
0x3afc)
......................... SERVER64 failed test SystemLog
Warning: DcGetDcName(GC_SERVER_REQU
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERV
1355
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... advokater.local failed test LocatorCheck
... and that is nothing but errors.
One of the first errors i this is a missing notlogon share.
I can confirm that the netlogon share is missing.
Any advice?
How is that recreated?
Follow this:
How to rebuild the SYSVOL tree and its content in a domain- http://support.microsoft.com/kb/315457
Also I noticed in ipconfig that Server64 is a multi-homed DC and it is not supported. How many DC's are in network?
Please do take a SYSVOL folder backup before performing the KB steps.
How to rebuild the SYSVOL tree and its content in a domain- http://support.microsoft.com/kb/315457
Also I noticed in ipconfig that Server64 is a multi-homed DC and it is not supported. How many DC's are in network?
Please do take a SYSVOL folder backup before performing the KB steps.
ASKER
There is only one DC in the network.
Is this still the way to go?
What do you mean by multi-homed?
(I'm affraid my english is missing that term)
Is this still the way to go?
What do you mean by multi-homed?
(I'm affraid my english is missing that term)
There is only one DC in the network, Is this still the way to go? - Yes.
What do you mean by multi-homed?
Is the PPP adapter RAS (Dial In) adapter attached to an external network?
Multihomed means more than one NIC adapters are present and one of the network adapters is attached to an external network (such as the Internet).
multi-homed domain controllers have all kinds of problems, and as a general rule it is not a good idea to run a
multihomed DC, especially with both adapters on the same subnet.
272294 Active Directory Communication Fails on Multihomed Domain Controllers
http://support.microsoft.com/?id=272294
191611 Symptoms of Multihomed Browsers
http://support.microsoft.com/?id=191611
325641 Cannot Connect in the Active Directory Users and Computers Tool
http://support.microsoft.com/?id=325641
292822 Name Resolution and Connectivity Issues on Windows 2000 Domain
http://support.microsoft.com/?id=292822
These are just of few of the articles that describe issues that arise and some of the things that can be done to get around some of them. But the bottom line is multihomed DCs can be a real pain.
What do you mean by multi-homed?
Is the PPP adapter RAS (Dial In) adapter attached to an external network?
Multihomed means more than one NIC adapters are present and one of the network adapters is attached to an external network (such as the Internet).
multi-homed domain controllers have all kinds of problems, and as a general rule it is not a good idea to run a
multihomed DC, especially with both adapters on the same subnet.
272294 Active Directory Communication Fails on Multihomed Domain Controllers
http://support.microsoft.com/?id=272294
191611 Symptoms of Multihomed Browsers
http://support.microsoft.com/?id=191611
325641 Cannot Connect in the Active Directory Users and Computers Tool
http://support.microsoft.com/?id=325641
292822 Name Resolution and Connectivity Issues on Windows 2000 Domain
http://support.microsoft.com/?id=292822
These are just of few of the articles that describe issues that arise and some of the things that can be done to get around some of them. But the bottom line is multihomed DCs can be a real pain.
ASKER
There is only one physical NIC in this server.
It is not multihomed.
It is not multihomed.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It seems that you have configured the DNS IP address as 127.0.0.1 on the server, if this is the case remove the same and enter the IP address of the server.
Check the FRS log and see if the FRS is in journal Wrap error state that is event id 13568 will log.
In the event itself you would found that you need to Enable Journal Wrap Automatic Restore and set the value to 1 and restart the FRS service.
If this is not the case check the sysvol folder ,policies and script folder should be present.Take the backup of sysvol folder and do autharative restore as only single DC is present in the network and restart the FRS service.http://support.microsoft.com/kb/316790
Once the sysvol and netlogon share are available the server will start advertiing as DC.
Note :Before proceeding take the backup of polices and script folder present in sysvol.
Check the FRS log and see if the FRS is in journal Wrap error state that is event id 13568 will log.
In the event itself you would found that you need to Enable Journal Wrap Automatic Restore and set the value to 1 and restart the FRS service.
If this is not the case check the sysvol folder ,policies and script folder should be present.Take the backup of sysvol folder and do autharative restore as only single DC is present in the network and restart the FRS service.http://support.microsoft.com/kb/316790
Once the sysvol and netlogon share are available the server will start advertiing as DC.
Note :Before proceeding take the backup of polices and script folder present in sysvol.
ASKER
Problem seems to be solved. Doing metadata cleanup, setting burflags and recreating sysvol and netlogon shares as described by abhijitwaikar solved the problem.
Help has been greatly appreciated !
Thank you.
Help has been greatly appreciated !
Thank you.
How did you remove old DC from AD? gracefuly or forcefuly?
Check if there are any failed DC objects in AD,ADUC, DNS and AD sites using NTDSUTIL.
Delete Failed DCs from Active Directory- http://www.petri.co.il/delete_failed_dcs_from_ad.htm