If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.
DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain "blah.co.uk":
The query was for the SRV record for _ldap._tcp.dc._msdcs.blah.co.uk
The following domain controllers were identified by the query:
dc1.blah.co.uk
However no domain controllers could be contacted.
Common causes of this error include:
- Host (A) or (AAAA) records that map the names of the domain controllers to their IP addresses are missing or contain incorrect addresses.
- Domain controllers registered in DNS are not connected to the network or are not running.
The DNS server was unable to add or write an update of domain name Sales7 in zone blah.co.uk to the Active Directory. Check that the Active Directory is functioning properly and add or update this domain name using the DNS console. The extended error debug information (which may be empty) is "". The event data contains the error.
The dynamic registration of the DNS record '422bc67f-c55f-461d-8f86-22d452011ec6._msdcs.blah.co.uk. 600 IN CNAME dc1.blah.co.uk.' failed on the following DNS server:
DNS server IP address: 213.143.3.4
Returned Response Code (RCODE): 5
Returned Status Code: 9017
For computers and users to locate this domain controller, this record must be registered in DNS.
USER ACTION
Determine what might have caused this failure, resolve the problem, and initiate registration of the DNS records by the domain controller. To determine what might have caused this failure, run DCDiag.exe. You can find this program on the Windows Server 2003 installation CD in Support\Tools\support.cab. To learn more about DCDiag.exe, see Help and Support Center. To initiate registration of the DNS records by this domain controller, run 'nltest.exe /dsregdns' from the command prompt on the domain controller or restart Net Logon service. Nltest.exe is available in the Microsoft Windows Server Resource Kit CD.
Or, you can manually add this record to DNS, but it is not recommended.
ADDITIONAL DATA
Error Value: DNS bad key.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Join the community of 500,000 technology professionals and ask your questions.