Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Our Primary DC offline- server.domain.local  can't find nl: non-existent domain

Posted on 2012-03-28
7
Medium Priority
?
448 Views
Last Modified: 2012-08-13
Good Evening All,

During routine server updates our primary DC became unreachable.
We tried rebooting various servers and our ISA server, but that did not solve the problem.
An old DC that has been shut off for 6-9 months was still listed.
While this may have not been the smartest move, we forced the removal of the old dc and seized the Schema master and the Domain naming master FSMO roles.
We went through DNS and manually removed every entry of the old DC to try and resolve the problem.  Through various support sites and offsite help we have attempted many things and it partially seems worse than before.
Unfortunately we do have a functioning backup to restore to.

We need a fresh approach and a fresh set of eyes for this problem.  Thank you for you help.

Also please let me know what diagnostic information you might need.
0
Comment
Question by:tclark777
  • 5
  • 2
7 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37779523
Where did you seize the roles to?  Did you seize them to the DC that had been shut off for 9 months?

Did you cleanup the dead DC (metadata cleanup)  http://www.petri.co.il/delete_failed_dcs_from_ad.htm

Are you currently running with only 1 DC now?

When you say things have gotten worse what do you mean?  This might be one that if you don't get help you may want to open a ticket with Microsoft to get your business back up.  

Experts will be around, but I'm going home, and have to eat and spend some time with the family so I'll be on and off.

Thanks

Mike
0
 

Author Comment

by:tclark777
ID: 37779541
We seized the roles to the current DC that has been and is operational and we are only running 1 DC now.

We will try the cleanup the dead DC (metadata cleanup)  http://www.petri.co.il/delete_failed_dcs_from_ad.htm

I say it is worse because now when we try to open AD Users and Computers we receive an error.  Fortunately if I open Active Directory Domains and Trusts I am able to Right click and select Manage to open the users and computers.

Have a great night with your family.
I hope to see mine tonight.

Brian
0
 

Author Comment

by:tclark777
ID: 37779636
When I run netdiag I receive the following report.

Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : DCComputerName
        IP Address . . . . . . . . : 192.168.0.220
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.0.2
        Dns Servers. . . . . . . . : 192.168.0.220


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenge
r Service', <20> 'WINS' names is missing.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.

 


Global results:


Domain membership test . . . . . . : Failed
    [WARNING] Ths system volume has not been completely replicated to the local
machine. This machine is not working properly as a DC.


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{8D776DD4-26A9-497D-8F5E-F7EF43EA1431}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed
    [WARNING] You don't have a single interface with the <00> 'WorkStation Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Passed
    PASS - All the DNS entries for DC are registered on DNS server '192.168.0.220'
and other DCs also have some of the names registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{8D776DD4-26A9-497D-8F5E-F7EF43EA1431}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{8D776DD4-26A9-497D-8F5E-F7EF43EA1431}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Failed
        [FATAL] Cannot find DC in domain 'Domain'. [ERROR_NO_SUCH_DOMAIN]


DC list test . . . . . . . . . . . : Failed
        'Domain': Cannot find DC to get DC list from [test skipped].


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Skipped
        'Domain': Cannot find DC to get DC list from [test skipped].


LDAP test. . . . . . . . . . . . . : Failed
    Cannot find DC to run LDAP tests on. The error occurred was: The specified d
omain either does not exist or could not be contacted.

        [WARNING] Cannot find DC in domain 'Domain'. [ERROR_NO_SUCH_DOMAIN]



Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Accepted Solution

by:
tclark777 earned 0 total points
ID: 37780138
The problem has been solved.
Its difficult to say what the complete solution was, but we made a registry edit followed by a reboot and it was finally solved.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37780144
What was the registry edit?   Was it a burflag entry?

Glad you are up...tomorrow get a second DC up

Thanks

Mike
0
 

Author Comment

by:tclark777
ID: 37782764
The final solution is listed below and found at http://support.microsoft.com/kb/290762
Its difficult to say if this would have resolved the problem from the beginning, but I think that the multiple steps we took trying to solve this brought about the final the solution.

Thank you again.

To complete an authoritative restore, stop the FRS service, configure the
BurFlags
 registry key, and then restart the FRS service. To do so: 1.Click Start, and then click Run.
2.In the Open box, type cmd and then press ENTER.
3.In the Command box, type net stop ntfrs.
4.Click Start, and then click Run.
5.In the Open box, type regedit and then press ENTER.
6.Locate the following subkey in the registry:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup

7.In the right pane, double click BurFlags.
8.In the Edit DWORD Value dialog box, type D4 and then click OK.
9.Quit Registry Editor, and then switch to the Command box.
10.In the Command box, type net start ntfrs.
11.Quit the Command box.
0
 

Author Closing Comment

by:tclark777
ID: 37795236
Personally found a solution outside of Experts Exchange
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

783 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question