Solved

nltest /dsgetdc:domainname.local report old information.

Posted on 2011-09-13
11
3,999 Views
Last Modified: 2012-05-12
I'm having problemes with a domain controller and DNS. In an attempt to solve these problemes I came across an article that sugested running nltest /dsgetdc:domainname to test connection to the DC. The result referred to an old DC no longer in operation. Where do I correct this? I looked through DNS on the server and it has no reference to the old server anywhere. Is there anywhere else this information can come from?
0
Comment
Question by:MJespersen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
11 Comments
 
LVL 10

Expert Comment

by:abhijitwaikar
ID: 36532432
nltest /dsgetdc:domainname.local queries the Domain Name System (DNS) server for a list of domain controllers and their corresponding IP addresses.  

How did you remove old DC from AD? gracefuly or forcefuly?

Check if there are any failed DC objects in AD,ADUC, DNS and AD sites using NTDSUTIL.
Delete Failed DCs from Active Directory- http://www.petri.co.il/delete_failed_dcs_from_ad.htm
0
 

Author Comment

by:MJespersen
ID: 36532460
Update : I was checking systax on the nltest command and found that I could use the /force command to make sure I wasn't getting old cached information. When I ran the nltest command with /force I got "Getting DC name failed: status = 1355 0x54b ERROR_NO_SUCH_DOMAIN"
What's missing?
0
 
LVL 10

Expert Comment

by:abhijitwaikar
ID: 36532508
Hi,

When you run nltest with /dsgetdc it shows you what it is using currently. When you specify /force it forces system to go and find another DC in network.

So again question is same, did you perform metadatacleanup? Do you have proper GC site?

Post ipconfig /all and dcdiag /q result .
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:MJespersen
ID: 36532854
I have performed metadatacleanup, and removed the old server (it was present).

Ipconfig :

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Server64
   Primary Dns Suffix  . . . . . . . : advokater.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : advokater.local

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
   Physical Address. . . . . . . . . : 00-0C-29-D3-7D-9C
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.239(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 127.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

PPP adapter RAS (Dial In) Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : RAS (Dial In) Interface
   Physical Address. . . . . . . . . :
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.31(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Disabled


dcdiag /q :

         An Error Event occurred.  EventID: 0xC0000466
            Time Generated: 09/13/2011   23:33:57
            EvtFormatMessage failed, error 15100 Win32 Error 15100.
            (Event String (event log = Directory Service) could not be
            retrieved, error 0x3afc)
         ......................... SERVER64 failed test KccEvent
         Unable to connect to the NETLOGON share! (\\SERVER64\netlogon)
         [SERVER64] An net use or LsaPolicy operation failed with error 67,
         Win32 Error 67.
         ......................... SERVER64 failed test NetLogons
         An Error Event occurred.  EventID: 0x0000041E
            Time Generated: 09/13/2011   22:58:25
            EvtFormatMessage failed, error 15100 Win32 Error 15100.
            (Event String (event log = System) could not be retrieved, error
            0x3afc)
         An Error Event occurred.  EventID: 0x0000041E
            Time Generated: 09/13/2011   23:03:27
            EvtFormatMessage failed, error 15100 Win32 Error 15100.
            (Event String (event log = System) could not be retrieved, error
            0x3afc)
         An Error Event occurred.  EventID: 0x0000041E
            Time Generated: 09/13/2011   23:08:29
            EvtFormatMessage failed, error 15100 Win32 Error 15100.
            (Event String (event log = System) could not be retrieved, error
            0x3afc)
         An Error Event occurred.  EventID: 0x00000422
            Time Generated: 09/13/2011   23:13:34
            EvtFormatMessage failed, error 15100 Win32 Error 15100.
            (Event String (event log = System) could not be retrieved, error
            0x3afc)
         An Error Event occurred.  EventID: 0xC0003AAD
            Time Generated: 09/13/2011   23:19:09
            EvtFormatMessage failed, error 1815 Win32 Error 1815.
            (Event String (event log = System) could not be retrieved, error
            0x717)
         An Error Event occurred.  EventID: 0x00000469
            Time Generated: 09/13/2011   23:20:06
            EvtFormatMessage failed, error 15100 Win32 Error 15100.
            (Event String (event log = System) could not be retrieved, error
            0x3afc)
         An Error Event occurred.  EventID: 0x00000423
            Time Generated: 09/13/2011   23:20:13
            EvtFormatMessage failed, error 15100 Win32 Error 15100.
            (Event String (event log = System) could not be retrieved, error
            0x3afc)
         An Error Event occurred.  EventID: 0x00000423
            Time Generated: 09/13/2011   23:20:28
            EvtFormatMessage failed, error 15100 Win32 Error 15100.
            (Event String (event log = System) could not be retrieved, error
            0x3afc)
         An Error Event occurred.  EventID: 0xC0000021
            Time Generated: 09/13/2011   23:21:59
            EvtFormatMessage failed, error 15100 Win32 Error 15100.
            (Event String (event log = System) could not be retrieved, error
            0x3afc)
         An Error Event occurred.  EventID: 0xC0000021
            Time Generated: 09/13/2011   23:21:59
            EvtFormatMessage failed, error 15100 Win32 Error 15100.
            (Event String (event log = System) could not be retrieved, error
            0x3afc)
         An Error Event occurred.  EventID: 0xC0001B6E
            Time Generated: 09/13/2011   23:25:39
            EvtFormatMessage failed, error 15100 Win32 Error 15100.
            (Event String (event log = System) could not be retrieved, error
            0x3afc)
         An Error Event occurred.  EventID: 0xC0001B72
            Time Generated: 09/13/2011   23:25:39
            EvtFormatMessage failed, error 15100 Win32 Error 15100.
            (Event String (event log = System) could not be retrieved, error
            0x3afc)
         An Error Event occurred.  EventID: 0x00000018
            Time Generated: 09/13/2011   23:29:33
            EvtFormatMessage failed, error 15100 Win32 Error 15100.
            (Event String (event log = System) could not be retrieved, error
            0x3afc)
         An Error Event occurred.  EventID: 0x00000422
            Time Generated: 09/13/2011   23:29:50
            EvtFormatMessage failed, error 15100 Win32 Error 15100.
            (Event String (event log = System) could not be retrieved, error
            0x3afc)
         An Error Event occurred.  EventID: 0x00000406
            Time Generated: 09/13/2011   23:30:15
            EvtFormatMessage failed, error 15100 Win32 Error 15100.
            (Event String (event log = System) could not be retrieved, error
            0x3afc)
         An Error Event occurred.  EventID: 0x00000406
            Time Generated: 09/13/2011   23:35:22
            EvtFormatMessage failed, error 15100 Win32 Error 15100.
            (Event String (event log = System) could not be retrieved, error
            0x3afc)
         ......................... SERVER64 failed test SystemLog
         Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
         A Global Catalog Server could not be located - All GC's are down.
         Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
         A Time Server could not be located.
         The server holding the PDC role is down.
         Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error
         1355
         A Good Time Server could not be located.
         Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
         A KDC could not be located - All the KDCs are down.
         ......................... advokater.local failed test LocatorCheck


... and that is nothing but errors.

One of the first errors i this is a missing notlogon share.
I can confirm that the netlogon share is missing.

Any advice?
How is that recreated?
0
 
LVL 10

Expert Comment

by:abhijitwaikar
ID: 36532908
Follow this:
How to rebuild the SYSVOL tree and its content in a domain- http://support.microsoft.com/kb/315457

Also I noticed in ipconfig that Server64 is a multi-homed DC and it is not supported.  How many DC's are in network?

Please do take a SYSVOL folder backup before performing the KB steps.
0
 

Author Comment

by:MJespersen
ID: 36532969
There is only one DC in the network.
Is this still the way to go?

What do you mean by multi-homed?
(I'm affraid my english is missing that term)
0
 
LVL 10

Expert Comment

by:abhijitwaikar
ID: 36533162
There is only one DC in the network, Is this still the way to go? - Yes.

What do you mean by multi-homed?
Is the PPP adapter RAS (Dial In) adapter attached to an external network?  

Multihomed means more than one NIC adapters are present and one of the network adapters is attached to an external network (such as the Internet).  

multi-homed domain controllers have all kinds of problems, and as a general rule it is not a good idea to run a
multihomed DC, especially with both adapters on the same subnet.

272294 Active Directory Communication Fails on Multihomed Domain Controllers
http://support.microsoft.com/?id=272294

191611 Symptoms of Multihomed Browsers
http://support.microsoft.com/?id=191611

325641 Cannot Connect in the Active Directory Users and Computers Tool
http://support.microsoft.com/?id=325641

292822 Name Resolution and Connectivity Issues on Windows 2000 Domain
http://support.microsoft.com/?id=292822

These are just of few of the articles that describe issues that arise and some of the things that can be done to get around some of them. But the bottom line is multihomed DCs can be a real pain.


0
 

Author Comment

by:MJespersen
ID: 36533172
There is only one physical NIC in this server.
It is not multihomed.
0
 
LVL 10

Accepted Solution

by:
abhijitwaikar earned 250 total points
ID: 36533201
Then you are good to go with the burflag steps.
0
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 36534446
It seems that you have configured the DNS IP address as 127.0.0.1 on the server, if this is the case remove the same and enter the IP address of the server.

Check the FRS log and see if the FRS is in journal Wrap error state that is event id 13568 will log.
In the event itself you would found that you need to Enable Journal Wrap Automatic Restore and set the value to 1 and restart the FRS service.

If this is not the case check the sysvol folder ,policies and script folder should be present.Take the backup of sysvol folder and do autharative restore as only single DC is present in the network and restart the FRS service.http://support.microsoft.com/kb/316790
Once the sysvol and netlogon share are available the server will start advertiing as DC.

Note :Before proceeding take the backup of polices and script folder present in sysvol.
0
 

Author Comment

by:MJespersen
ID: 36534922
Problem seems to be solved. Doing metadata cleanup, setting burflags and recreating sysvol and netlogon shares as described by abhijitwaikar solved the problem.

Help has been greatly appreciated !
Thank you.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question