[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Strange issue with communication with the domain

Posted on 2012-09-06
24
Medium Priority
?
1,024 Views
Last Modified: 2012-09-26
It all started with the Login script failing to run on some of our computers but not all of them. I was able to connect to the domain and download the login scrip onto the computer to run manually. Once I ran the script everything seemed fine as the users were able to connect to all the network drives. I thought it was a GP issue so I ran “gpupdate /force” successfully and I was able to logoff and log back on without an issue. Users started to complain that the issue kept coming back after a reboot of the machine. The computer also started taking an excessive amount of time to start up and get past the login screen in windows.

Checked the Event log on the computers:
Event ID: 1054 - Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted). Group Policy processing aborted.
Event ID: 15 - Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b).  The specified domain either does not exist or could not be contacted.

I could not find any events on the Domain Controller that indicated an issue. I ran Netdiag on the computer and the DC and everything passed. Both computer and DC were pingable, I flushed the DNS, and I made sure the Sysvol was accessible. I checked the DNS server and everything looks normal. After looking around I found the userenv.log info and set the registry on one computer to show the full logs but I have issues understanding it.

Log Attached

I logged into the DC and reset the machine account and that stopped anyone from logging into that computer. It kept giving an error saying the domain was not able to be reached. I tried removing the computer from the domain, deleting the computer account from the DC and reading the computer to the domain. Now everything seems to run well on that computer but there are still a bunch of computers in the network that are failing. Any suggestions on how to resolve this issue without removing and adding the computers back to the domain?

Windows server 2003
Window XP SP3
userenv.log
0
Comment
Question by:bdpcpa
  • 12
  • 7
  • 4
  • +1
24 Comments
 
LVL 39

Assisted Solution

by:Krzysztof Pytko
Krzysztof Pytko earned 300 total points
ID: 38371965
Try to reset secure channel between domain member and domain using netdom
http://technet.microsoft.com/en-us/library/cc788073%28v=ws.10%29.aspx

or try to use nltest to change password
http://technet.microsoft.com/en-us/library/cc731935%28v=ws.10%29.aspx

Regards,
Krzysztof
0
 
LVL 4

Expert Comment

by:argh226
ID: 38371989
Was the computer offline prior to this issue?
0
 
LVL 15

Assisted Solution

by:JBond2010
JBond2010 earned 600 total points
ID: 38372053
Can you please also run dcdiag from the command prompt and please upload the results.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:bdpcpa
ID: 38372295
These computer have been running daily for months.
DCdiag out put has been attached.

>>nltest /dsgetdc:neba-miami0.local

           DC: \\T1-732177-13.neba-miami0.local
      Address: \\192.168.1.20
     Dom Guid: 6da554b3-a37d-4ca8-b114-88b2763535a7
     Dom Name: neba-miami0.local
  Forest Name: neba-miami0.local
 Dc Site Name: Default-First-Site-Name
Our Site Name: Default-First-Site-Name
        Flags: PDC GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST
 CLOSE_SITE
The command completed successfully

>>nltest /sc_query:neba-miami0.local
I_NetLogonControl failed: Status = 1355 0x54b ERROR_NO_SUCH_DOMAIN

>>nltest /query
Flags: 0
Connection Status = 0 0x0 NERR_Success
The command completed successfully

>>nltest /sc_reset:neba-miami0.local /server:T1-732177-13
I_NetLogonControl failed: Status = 1355 0x54b ERROR_NO_SUCH_DOMAIN

>>nltest /server:T1-732177-13 /sc_reset:neba-miami0.local
I_NetLogonControl failed: Status = 1355 0x54b ERROR_NO_SUCH_DOMAIN
dcdiag.txt
0
 
LVL 4

Assisted Solution

by:argh226
argh226 earned 600 total points
ID: 38372337
To me, it could be because of the computer account in the domain that has been expired...
0
 

Assisted Solution

by:bdpcpa
bdpcpa earned 0 total points
ID: 38372415
other than removeing and adding the computer to the domain, how else can i reset a computer account?
0
 
LVL 4

Assisted Solution

by:argh226
argh226 earned 600 total points
ID: 38372503
0
 
LVL 15

Expert Comment

by:JBond2010
ID: 38372504
From the DCdiag reports you are missing DNS records for the DC! Please see the details below that I extracted from the DCdiag report!


The A record for this DC was not found
                  [Error details: 9003 (Type: Win32 - Description: DNS name does not exist.) - neba-miami0.local]
                  The SOA record for the Active Directory zone was not found
                  The Active Directory zone on this DC/DNS server was found (primary)
                  Root zone on this DC/DNS server was not found
                 
               TEST: Forwarders/Root hints (Forw)
                  Recursion is enabled
                  Forwarders are not configured on this DNS server
                  Root hint Information:
                     Name: a.root-servers.net. IP: 198.41.0.4 [Valid]
                     Name: b.root-servers.net. IP: 128.9.0.107 [Invalid (unreachable)]
                     Name: b.root-servers.net. IP: 192.228.79.201 [Valid]
                     Name: c.root-servers.net. IP: 192.33.4.12 [Valid]
                     Name: d.root-servers.net. IP: 128.8.10.90 [Valid]
                     Name: e.root-servers.net. IP: 192.203.230.10 [Valid]
                     Name: f.root-servers.net. IP: 192.5.5.241 [Valid]
                     Name: g.root-servers.net. IP: 192.112.36.4 [Valid]
                     Name: h.root-servers.net. IP: 128.63.2.53 [Valid]
                     Name: i.root-servers.net. IP: 192.36.148.17 [Invalid (unreachable)]
                     Name: j.root-servers.net. IP: 192.58.128.30 [Valid]
                     Name: k.root-servers.net. IP: 193.0.14.129 [Valid]
                     Name: l.root-servers.net. IP: 198.32.64.12 [Invalid (unreachable)]
                     Name: m.root-servers.net. IP: 202.12.27.33 [Valid]
                 
               TEST: Delegations (Del)
                  Delegation information for the zone: neba-miami0.local.
                     Delegated domain name: _msdcs.neba-miami0.local.
                        DNS server: t1-732177-13.neba-miami0.local. IP:192.168.1.20 [Valid]
                 
               TEST: Dynamic update (Dyn)
                  Dynamic update is enabled on the zone neba-miami0.local.
                  Test record _dcdiag_test_record added successfully in zone neba-miami0.local.
                  Test record _dcdiag_test_record deleted successfully in zone neba-miami0.local.
                 
               TEST: Records registration (RReg)
                  Network Adapter [00000012] Broadcom BCM5716C NetXtreme II GigE (NDIS VBD Client):
                     Matching A record found at DNS server 192.168.1.20:
                     T1-732177-13.neba-miami0.local

                     Matching CNAME record found at DNS server 192.168.1.20:
                     df4d201e-5862-49bc-85ff-e8470b17c8a8._msdcs.neba-miami0.local

                     Matching DC SRV record found at DNS server 192.168.1.20:
                     _ldap._tcp.dc._msdcs.neba-miami0.local

                     Matching GC SRV record found at DNS server 192.168.1.20:
                     _ldap._tcp.gc._msdcs.neba-miami0.local

                     Matching PDC SRV record found at DNS server 192.168.1.20:
                     _ldap._tcp.pdc._msdcs.neba-miami0.local

                     Error: Missing A record at DNS server 12.127.16.67 :
                     T1-732177-13.neba-miami0.local
                     [Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]
                     
                     Error: Missing CNAME record at DNS server 12.127.16.67 :
                     df4d201e-5862-49bc-85ff-e8470b17c8a8._msdcs.neba-miami0.local
                     [Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]
                     
                     Error: Missing DC SRV record at DNS server 12.127.16.67 :
                     _ldap._tcp.dc._msdcs.neba-miami0.local
                     [Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]
                     
                     Error: Missing GC SRV record at DNS server 12.127.16.67 :
                     _ldap._tcp.gc._msdcs.neba-miami0.local
                     [Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]
                     
                     Error: Missing PDC SRV record at DNS server 12.127.16.67 :
                     _ldap._tcp.pdc._msdcs.neba-miami0.local
                     [Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]
                     
               Error: Record registrations cannot be found for all the network adapters
               Total query time:0 min. 37 sec.. Total RPC connection time:0 min. 0 sec.
               Total WMI connection time:0 min. 42 sec. Total Netuse connection time:0 min. 0 sec.
         
         Summary of test results for DNS servers used by the above domain controllers:

            DNS server: 12.127.16.67 (<name unavailable>)
               1 test failure on this DNS server
               This is a valid DNS server
               Name resolution is not functional. _ldap._tcp.neba-miami0.local. failed on the DNS server 12.127.16.67
               [Error details: 9003 (Type: Win32 - Description: DNS name does not exist.)]
               Total query time:0 min. 0 sec., Total WMI connection time:0 min. 41 sec.
               
            DNS server: 128.9.0.107 (b.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.9.0.107
               [Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
               Total query time:0 min. 12 sec., Total WMI connection time:0 min. 0 sec.
               
            DNS server: 192.36.148.17 (i.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.36.148.17
               [Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
               Total query time:0 min. 12 sec., Total WMI connection time:0 min. 0 sec.
               
            DNS server: 198.32.64.12 (l.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 198.32.64.12
               [Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
               Total query time:0 min. 12 sec., Total WMI connection time:0 min. 0 sec.
               
            DNS server: 128.63.2.53 (h.root-servers.net.)
               All tests passed on this DNS server
               This is a valid DNS server
               Total query time:0 min. 0 sec., Total WMI connection time:0 min. 0 sec.
               
            DNS server: 128.8.10.90 (d.root-servers.net.)
               All tests passed on this DNS server
               This is a valid DNS server
               Total query time:0 min. 0 sec., Total WMI connection time:0 min. 0 sec.
               
            DNS server: 192.112.36.4 (g.root-servers.net.)
               All tests passed on this DNS server
               This is a valid DNS server
               Total query time:0 min. 0 sec., Total WMI connection time:0 min. 0 sec.
               
            DNS server: 192.168.1.20 (t1-732177-13.neba-miami0.local.)
               All tests passed on this DNS server
               This is a valid DNS server
               Name resolution is funtional. _ldap._tcp SRV record for the forest root domain is registered
               Delegation to the domain _msdcs.neba-miami0.local. is operational
               Total query time:0 min. 0 sec., Total WMI connection time:0 min. 0 sec.
               
            DNS server: 192.203.230.10 (e.root-servers.net.)
               All tests passed on this DNS server
               This is a valid DNS server
               Total query time:0 min. 0 sec., Total WMI connection time:0 min. 0 sec.
               
            DNS server: 192.228.79.201 (b.root-servers.net.)
               All tests passed on this DNS server
               This is a valid DNS server
               Total query time:0 min. 0 sec., Total WMI connection time:0 min. 0 sec.
               
            DNS server: 192.33.4.12 (c.root-servers.net.)
               All tests passed on this DNS server
               This is a valid DNS server
               Total query time:0 min. 0 sec., Total WMI connection time:0 min. 0 sec.
               
            DNS server: 192.5.5.241 (f.root-servers.net.)
               All tests passed on this DNS server
               This is a valid DNS server
               Total query time:0 min. 0 sec., Total WMI connection time:0 min. 0 sec.
               
            DNS server: 192.58.128.30 (j.root-servers.net.)
               All tests passed on this DNS server
               This is a valid DNS server
               Total query time:0 min. 0 sec., Total WMI connection time:0 min. 0 sec.
               
            DNS server: 193.0.14.129 (k.root-servers.net.)
               All tests passed on this DNS server
               This is a valid DNS server
               Total query time:0 min. 0 sec., Total WMI connection time:0 min. 0 sec.
               
            DNS server: 198.41.0.4 (a.root-servers.net.)
               All tests passed on this DNS server
               This is a valid DNS server
               Total query time:0 min. 0 sec., Total WMI connection time:0 min. 0 sec.
               
            DNS server: 202.12.27.33 (m.root-servers.net.)
               All tests passed on this DNS server
               This is a valid DNS server
               Total query time:0 min. 0 sec., Total WMI connection time:0 min. 0 sec.
               
         Summary of DNS test results:
         
                                            Auth Basc Forw Del  Dyn  RReg Ext  
               ________________________________________________________________
            Domain: neba-miami0.local
               T1-732177-13                 PASS FAIL PASS PASS PASS FAIL n/a  
         
         Total Time taken to test all the DCs:1 min. 20 sec.
         ......................... neba-miami0.local failed test DNS


You must correct these DNS issues. Should you have any queries please do not hesitate in letting me know.
0
 

Author Comment

by:bdpcpa
ID: 38373440
Our DNS looks good; the errors from the dcdiag are from public root server. Our domain is private so it won’t be listed on those servers.

I will try the NETDOM as soon as i have a troubleshooting window.
0
 

Author Comment

by:bdpcpa
ID: 38374221
netdom reset u1-50-30 /domain:neba-miami0.local
The command failed to complete successfully.

(computer with the issue)
>>netdom verify /d::neba-miami0.local u1-50-50
The secure channel from U1-50-50 to NEBA-MIAMI0.LOCAL is invalid.
There are currently no logon servers available to service the logon request.
There are currently no logon servers available to service the logon request.
The command failed to complete successfully.

(computer not having the issue)
>>netdom verify /d::neba-miami0.local u1-50-10
The secure channel from U1-50-10 to the domain NEBA-MIAMI0.LOCAL has been verified.  
The connection is with the machine \\T1-732177-13.NEBA-MIAMI0.LOCAL.
The command completed successfully.
0
 

Author Comment

by:bdpcpa
ID: 38374349
It seems to be somthing going on with some of the computer accounts. Can accounts expire in active directory even though the computers are being used every day?
0
 
LVL 15

Assisted Solution

by:JBond2010
JBond2010 earned 600 total points
ID: 38376051
Please run dcdiag /test:DNS  from your DC and upload the results.


Regards,

JBond2010
0
 

Author Comment

by:bdpcpa
ID: 38376532
C:\Program Files\Support Tools>dcdiag /test:DNS

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\T1-732177-13
      Starting test: Connectivity
         ......................... T1-732177-13 passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\T1-732177-13

DNS Tests are running and not hung. Please wait a few minutes...

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : neba-miami0

   Running enterprise tests on : neba-miami0.local
      Starting test: DNS
         Test results for domain controllers:

            DC: T1-732177-13.neba-miami0.local
            Domain: neba-miami0.local


               TEST: Basic (Basc)
                  Warning: adapter [00000012] Broadcom BCM5716C NetXtreme II GigE (NDIS VBD Client) has invalid DNS server: 12.127.16.67 (<name unavailable>)
                  Error: The A record for this DC was not found

               TEST: Forwarders/Root hints (Forw)
                  Error: Root hints list has invalid root hint server: b.root-servers.net. (128.9.0.107)
                  Error: Root hints list has invalid root hint server: i.root-servers.net. (192.36.148.17)
                  Error: Root hints list has invalid root hint server: l.root-servers.net. (198.32.64.12)

               TEST: Records registration (RReg)
                  Network Adapter [00000012] Broadcom BCM5716C NetXtreme II GigE
 (NDIS VBD Client):
                     Error: Missing A record at DNS server 12.127.16.67 :
                     T1-732177-13.neba-miami0.local

                     Error: Missing CNAME record at DNS server 12.127.16.67 :
                     df4d201e-5862-49bc-85ff-e8470b17c8a8._msdcs.neba-miami0.local

                     Error: Missing DC SRV record at DNS server 12.127.16.67 :
                     _ldap._tcp.dc._msdcs.neba-miami0.local

                     Error: Missing GC SRV record at DNS server 12.127.16.67 :
                     _ldap._tcp.gc._msdcs.neba-miami0.local

                     Error: Missing PDC SRV record at DNS server 12.127.16.67 :
                     _ldap._tcp.pdc._msdcs.neba-miami0.local

               Error: Record registrations cannot be found for all the network a
dapters

         Summary of test results for DNS servers used by the above domain contro
llers:

            DNS server: 12.127.16.67 (<name unavailable>)
               1 test failure on this DNS server
               Name resolution is not functional. _ldap._tcp.neba-miami0.local.failed on the DNS server 12.127.16.67

            DNS server: 128.9.0.107 (b.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.9.0.107

            DNS server: 198.32.64.12 (l.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 198.32.64.12

            DNS server: 192.36.148.17 (i.root-servers.net.)
               1 test failure on this DNS server
               This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 192.36.148.17

         Summary of DNS test results:

                                            Auth Basc Forw Del  Dyn  RReg Ext
               ________________________________________________________________
            Domain: neba-miami0.local
               T1-732177-13                 PASS FAIL PASS PASS PASS FAIL n/a

         ......................... neba-miami0.local failed test DNS



Windows IP Configuration

   Host Name . . . . . . . . . . . . : T1-732177-13
   Primary Dns Suffix  . . . . . . . : neba-miami0.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : neba-miami0.local

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom BCM5716C NetXtreme II GigE (NDIS
 VBD Client) #2
   Physical Address. . . . . . . . . : 78-2B-CB-22-FA-FF
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.1.20
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 127.0.0.1
                                       12.127.16.67
0
 
LVL 4

Expert Comment

by:argh226
ID: 38376572
isn't uncommon to see its own machine as a DNS server?
Wouldn't be nice to add another DNS server too?

DNS Servers . . . . . . . . . . . : 127.0.0.1
                                       12.127.16.67
0
 

Assisted Solution

by:bdpcpa
bdpcpa earned 0 total points
ID: 38376663
Sorry if i sound ignorant but 12.127.16.67 is our DNS server for our ISP and i dont know why its looking for our domain on our ISP DNS. I have looked through our DNSmgmt and nothing is pointing there. _msdcs.neba-maimi0.local has all records pointing to the domain controler  t1-732177-13.neba-miami0.local.

i have tried
dcdiag /fix
netdiag /fix
ipconfig /flushdns
ipconfig /registerdns

but i havent had a window to reboot the the server.
0
 

Author Comment

by:bdpcpa
ID: 38376674
The Domain controler is the DNS server as well.
0
 
LVL 4

Expert Comment

by:argh226
ID: 38377235
Humm... if the server was the issue, you'd already know it.
Mind to compare the ipconfig /all between that PC and another working PC?
0
 

Author Comment

by:bdpcpa
ID: 38377341
Other than the ip address and the lease info working computers and non working computers are the same.

Windows IP Configuration

        Host Name . . . . . . . . . . . . : U1-50-30
        Primary Dns Suffix  . . . . . . . : neba-miami0.local
        Node Type . . . . . . . . . . . . : Unknown
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : neba-miami0.local

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :
        Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethern
et
        Physical Address. . . . . . . . . : 00-23-AE-64-F2-64
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.1.133
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.1.1
        DHCP Server . . . . . . . . . . . : 192.168.1.20
        DNS Servers . . . . . . . . . . . : 192.168.1.20
        Lease Obtained. . . . . . . . . . : Friday, September 07, 2012 1:17:51 P
M
        Lease Expires . . . . . . . . . . : Saturday, September 15, 2012 1:17:51
 PM
0
 

Author Comment

by:bdpcpa
ID: 38377353
Computers that I have manually removed and added back to the domain are again experiencing the same issues.
0
 
LVL 4

Expert Comment

by:argh226
ID: 38377355
I would point out the 192.168.1.20 as the DNS for both PC...

And I would certainly remove 127.0.0.1 as the dns server.
0
 
LVL 15

Expert Comment

by:JBond2010
ID: 38379515
DNS is the issue you are having! You need to make sure the Forward and Reverse lookup zones are congfigured properly and also make sure there are no problems with your IP Schemas! Perhaps check your Routers and Firewalls to check if everything is working fine.
0
 
LVL 4

Expert Comment

by:argh226
ID: 38379826
It appears that the dhcp server has been modified?
0
 

Accepted Solution

by:
bdpcpa earned 0 total points
ID: 38423028
It is our anti-virus Blink, thier new update is stoping network traffic during startup until it has loaded.
0
 

Author Closing Comment

by:bdpcpa
ID: 38435941
I did find some issues with double entries in out DNS but the cause was the antivirus
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question