The specified domain either does not exist or could not be contacted" error message in Windows Server  2008

jitendramehta
jitendramehta used Ask the Experts™
on
Hi,

We have windows 2008 server environment. the mian domain controler was 192.168.0.20 and other domain controllet is 192.168.0.40 for some reason 192.168.0.20 primary domain controller crashed we had installed Ad on 192.168.0.40 now when we try to go in to active directory useras and computers  we get this error message
Naming information cannot be located because: The specified domain either does not exist or could not be contacted. contact your administrator to verify that your doamin is properly configured and is currently online.

we do not have backup of 192.168.0.20

how can we reslove this problem. please help.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
DC2 was running with the AD DS role prior to DC1 crashing?
Top Expert 2013

Commented:
Did you run a metadata cleanup for the crashed box 192.168.0.20


http://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx

You also mentioned it was the "main" DC.  Does that mean it held the FSMO roles?

Were you able to transfer or seize (since it crashed) the roles.

Thanks

Mike

Author

Commented:
yes DC2 was running ADDS role before DC! crashed
11/26 Forrester Webinar: Savings for Enterprise

How can your organization benefit from savings just by replacing your legacy backup solutions with Acronis' #CyberProtection? Join Forrester's Joe Branca and Ryan Davis from Acronis live as they explain how you can too.

Author

Commented:
yes DC1 was running FSMo role. what is the command to clean my dc1 using ntdsutil metadata cleanup server ip address was 192.168.0.20

Author

Commented:
In my active directory users and computer, domain controller i don't see my DC1 i only see my DC! at present
Please provide the following output from DC2:

netdom query fsmo
Top Expert 2013

Commented:
use the link for the metadata cleanup (easier in 2008 which is nice)  seizing the roles is still done through command line   http://www.petri.co.il/seizing_fsmo_roles.htm

Thanks

Mike

Author

Commented:
C:\Users\administrator.NORTECPK>netdom query fsmo
Schema master               NORTECSERVER.NORTECPK.local.com
Domain naming master        Nortecserver4.NORTECPK.local.com
PDC                         Nortecserver4.NORTECPK.local.com
RID pool manager            Nortecserver4.NORTECPK.local.com
Infrastructure master       Nortecserver4.NORTECPK.local.com
The command completed successfully.

the first schema master server nortecserver.nortecpk.local.com is the one with ip address 192.168.0.20 which is crashed.

in my active directory site and services i see my old server with NTDS settings do you want me to delete that?
Top Expert 2013

Commented:
yes delete the old server and go through metadata again just to be sure.  It looks like someone has done some of it because most of your FSMO roles have been seized to Nortecserver4.

You can seize the schema master.

Thanks

Mike

Author

Commented:
norteserver4 is my DC2 which is currently running.

Please let me know what to next
No stop. Do not delete.

Your environment should still be able to service clients even with the schema master on the failed server.

Do you have failed DNS settings on each of your clients (DC1 and DC2 IP addresses)?

Here's how you seize the role from DC1.

ntdsutil
roles
connection
connect to server Nortecserver4
quit
seize schema master

As for metadata cleanup mentioned above, here's the official link from Microsoft:

http://go.microsoft.com/fwlink/?LinkId=80481

Author

Commented:
please let me know how to seize schema master role on my DC2
Top Expert 2013

Commented:
When said delete I meant delete the failed/crashed DC if it is still in AD > that is the metadata cleanup in 2008

steps to seize the schema master are here   http://www.petri.co.il/seizing_fsmo_roles.htm

Thanks

Mike

Author

Commented:
after running seize comminad  i am getting follwoing error.

fsmo maintenance: seize schema master
Attempting safe transfer of schema FSMO before seizure.
ldap_modify_sW error 0x34(52 (Unavailable).
Ldap extended error message is 000020AF: SvcErr: DSID-032103CB, problem 5002 (UN
AVAILABLE), data 4

Win32 error returned is 0x20af(The requested FSMO operation failed. The current
FSMO holder could not be contacted.)
)
Depending on the error code this may indicate a connection,
ldap, or role transfer error.
Transfer of schema FSMO failed, proceeding with seizure ...
Server "nortecserver4" knows about 5 roles
Schema - CN=NTDS Settings,CN=NORTECSERVER4,CN=Servers,CN=Default-First-Site-Name
,CN=Sites,CN=Configuration,DC=NORTECPK,DC=local,DC=com
Naming Master - CN=NTDS Settings,CN=NORTECSERVER4,CN=Servers,CN=Default-First-Si
te-Name,CN=Sites,CN=Configuration,DC=NORTECPK,DC=local,DC=com
PDC - CN=NTDS Settings,CN=NORTECSERVER4,CN=Servers,CN=Default-First-Site-Name,CN
=Sites,CN=Configuration,DC=NORTECPK,DC=local,DC=com
RID - CN=NTDS Settings,CN=NORTECSERVER4,CN=Servers,CN=Default-First-Site-Name,CN
=Sites,CN=Configuration,DC=NORTECPK,DC=local,DC=com
Infrastructure - CN=NTDS Settings,CN=NORTECSERVER4,CN=Servers,CN=Default-First-S
ite-Name,CN=Sites,CN=Configuration,DC=NORTECPK,DC=local,DC=com

Author

Commented:
do you want me to delete that server from activedirectory site and service and then run ntdsutil for seize schema master role?
Just to verify, run another results. Run netdom query fsmo again.

You seized successfully. Make sure that DC never comes back online. You can delete from Site and Services if you choose.

Author

Commented:
please see attached file. the first one is nortecserver which is 192.168.0.20 you want me to delete that right?
Doc2.docx

Author

Commented:
you are right see the result below.

C:\Users\administrator.NORTECPK>netdom query fsmo
Schema master               Nortecserver4.NORTECPK.local.com
Domain naming master        Nortecserver4.NORTECPK.local.com
PDC                         Nortecserver4.NORTECPK.local.com
RID pool manager            Nortecserver4.NORTECPK.local.com
Infrastructure master       Nortecserver4.NORTECPK.local.com
The command completed successfully.

so now i am going in to activedirectory site and service and remove nortecserver (192.168.0.20) including NTDS settings right?
Right click on NTDS Settings (which is highlighted) and delete. I should remove cleanly.

Author

Commented:
I deleted. now what is the next step? do i need to restart my server?
You can just restart Active Directory.

net stop ntds & net start ntds

I would start working on establishing another DC as quickly as possible.

Author

Commented:
i will test and let you know.  so you recommend that i should add another domain controller in the AD?
Yes. Transfer the schema and domain naming master to your new server so you have a happy balance. Make sure you configure the next DC as a GC.

Good luck with everything!

Author

Commented:
my programmers are still testing the server i was connetd remotely to the server.

One last request. i do have another server in the network how do i add that and backupdomain controller or additional domain controller if you want i can open another question for that.
You can run dcpromo on the member server.

Author

Commented:
after DC promo how ai am going to Transfer the schema and domain naming master to your new server?
From you new DC run the following commands:

ntdsutil
roles
connection
connect to server <your new DC>
quit
transfer schema master
transfer naming master

Author

Commented:
in dns server i am getting this error see the attachment
Doc3.docx
Do you have a DNS entry for yourself?

127.0.0.1 or your IP address

Author

Commented:
now my remote engineer is telling me that we do have naother server which a=was installed primarly 192.168.0.10. so when i do netdom query fsmo i get follwoing result
C:\Users\m.amir-IT>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : NORTECSERVER
   Primary Dns Suffix  . . . . . . . : NORTECPK.local.com
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : NORTECPK.local.com

Ethernet adapter Local Area Connection 3:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetLink (TM) G

   Physical Address. . . . . . . . . : 84-2B-2B-90-52-1C
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.0.10(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.1
   DNS Servers . . . . . . . . . . . : 192.168.0.10
                                       192.168.0.40
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{BBC96C8F-FDA9-49C3-8CF6-61632FEA12B6}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapte
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

C:\Users\m.amir-IT>netdom query fsmo
Schema master               Nortecserver4.NORTECPK.local.com
Domain naming master        Nortecserver4.NORTECPK.local.com
PDC                         Nortecserver4.NORTECPK.local.com
RID pool manager            Nortecserver4.NORTECPK.local.com
Infrastructure master       Nortecserver4.NORTECPK.local.com
The command completed successfully.

so when any work station is trying to register in domain it is not taking 192.168.0.40 as primary domain controller ip address. what could be the problem see attachment for 192.168.0.10 active directory users and computers , domain controller it show both domain.
Doc4.docx
sorry for the wrong info in the starting since server are in asia i ma in usa what ever info i got from remote engineer i gave you the same.

so now what is happning that we have 192.168.0.10, 192.168.0.40 and when 192.168.0.10 is disconnected from net work and you go in to 192.168.0.40 and open active directory users and computer it give the same error

Naming information cannot be located because: The specified domain either does not exist or could not be contacted. contact your administrator to verify that your doamin is properly configured and is currently online

Author

Commented:
please let me know what is causing this problem

Author

Commented:
If you want i can open new question for this problem.

Please advice so i can accept the solution for this question and close thei open question.

thanks for your expert help yesterday

Author

Commented:
Very quick response to my all the questions
Sumit GuptaSystem and Virtualization Engineer

Commented:
it might also be your SYSVOL and NETLOGON shares are not available.
Please try to type in the addressbar of Windows Explorer: \\servername\SYSVOL\


My problem resolved by changing a  small registry entry change and a reboot of server.

http://support.microsoft.com/kb/947022/en-us

cheers!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial