Solved

DNS issue on Domain Controller

Posted on 2014-04-15
2
478 Views
Last Modified: 2014-04-16
My DC within a site can't synchronize within these few day. Check and seem like it is related to DNS issue but I have no idea how to fix it. Any advise ?

"* Active Directory LDAP Services Check
         The host a192b72c-096a-46da-aa96-b76901e845e4._msdcs.abc.com.hk could n
ot be resolved to an"



C:\SUPPORT\TOOLS>dcdiag /test:dns /v

Domain Controller Diagnosis

Performing initial setup:
   * Verifying that the local machine DC02, is a DC.
   * Connecting to directory service on server DC02.
   * Collecting site info.
   * Identifying all servers.
   * Identifying all NC cross-refs.
   * Found 4 DC(s). Testing 1 of them.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\DC02
      Starting test: Connectivity
         * Active Directory LDAP Services Check
         The host a192b72c-096a-46da-aa96-b76901e845e4._msdcs.abc.com.hk could n
ot be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name
         (a192b72c-096a-46da-aa96-b76901e845e4._msdcs.abc.com.hk) couldn't be
         resolved, the server name (DC02.abc.com.hk) resolved to the IP address
         (10.0.23.30) and was pingable.  Check that the IP address is
         registered correctly with the DNS server.
         ......................... DC02 failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\DC02
      Test omitted by user request: Replications
      Test omitted by user request: Topology
      Test omitted by user request: CutoffServers
      Test omitted by user request: NCSecDesc
      Test omitted by user request: NetLogons
      Test omitted by user request: Advertising
      Test omitted by user request: KnowsOfRoleHolders
      Test omitted by user request: RidManager
      Test omitted by user request: MachineAccount
      Test omitted by user request: Services
      Test omitted by user request: OutboundSecureChannels
      Test omitted by user request: ObjectsReplicated
      Test omitted by user request: frssysvol
      Test omitted by user request: frsevent
      Test omitted by user request: kccevent
      Test omitted by user request: systemlog
      Test omitted by user request: VerifyReplicas
      Test omitted by user request: VerifyReferences
      Test omitted by user request: VerifyEnterpriseReferences
      Test omitted by user request: CheckSecurityError

DNS Tests are running and not hung. Please wait a few minutes...

   Running partition tests on : ForestDnsZones
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running partition tests on : Schema
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running partition tests on : Configuration
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running partition tests on : abc
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running enterprise tests on : abc.com.hk
      Test omitted by user request: Intersite
      Test omitted by user request: FsmoCheck
      Starting test: DNS
         Test results for domain controllers:

            DC: DC02.abc.com.hk
            Domain: abc.com.hk


               TEST: Authentication (Auth)
                  Authentication test: Successfully completed

               TEST: Basic (Basc)
                  Error: No LDAP connectivity
                   Microsoft Windows Server 2008 R2 Standard  (Service Pack leve
l: 1.0) is supported
                  NETLOGON service is running
                  kdc service is running
                  DNSCACHE service is running
                  DNS service is running
                  DC is a DNS server
                  Network adapters information:
                  Adapter [00000012] Intel(R) PRO/1000 MT Network Connection:
                     MAC address is 00:50:56:B6:B0:89
                     IP address is static
                     IP address: 10.0.23.30, fe80::c9a1:35b3:f811:c54e
                     DNS servers:
                        10.0.23.20 (<name unavailable>) [Valid]
                        Warning: 127.0.0.1 (<name unavailable>) [Invalid]
                  The A record for this DC was found
                  The SOA record for the Active Directory zone was found
                  Warning: no DNS RPC connectivity (error or non Microsoft DNS s
erver is running)
                  [Error details: 5 (Type: Win32 - Description: Access is denied
.)]

         Summary of test results for DNS servers used by the above domain contro
llers:

            DNS server: 10.0.23.30 (<name unavailable>)
               1 test failure on this DNS server
               This is a valid DNS server
               Name resolution is not functional. _ldap._tcp.abc.com.hk. failed
on the DNS server 10.0.23.30
               [Error details: 9003 (Type: Win32 - Description: DNS name does no
t exist.)]

            DNS server: 10.0.23.20 (<name unavailable>)
               All tests passed on this DNS server
               This is a valid DNS server
               Name resolution is funtional. _ldap._tcp SRV record for the fores
t root domain is registered

         Summary of DNS test results:

                                            Auth Basc Forw Del  Dyn  RReg Ext
               ________________________________________________________________
            Domain: abc.com.hk
               DC02                         PASS FAIL n/a  n/a  n/a  n/a  n/a

         ......................... abc.com.hk failed test DNS

C:\SUPPORT\TOOLS>
0
Comment
Question by:AXISHK
  • 2
2 Comments
 
LVL 13

Accepted Solution

by:
Santosh Gupta earned 500 total points
ID: 40003788
Hi,

please check if "a192b72c-096a-46da-aa96-b76901e845e4" SRV recored is exist under msdcs.abc.com.hk in DNS.

if not then rename the netlogon.dns and netlogon.dnb under systemroot%\System32\Config folder.

then perform below.... it may take some time.

ipconfig /flushdns
net stop netlogon
net stop dns
net start dns
net start netlogon
ipconfig /registerdns
0
 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 40003802
Also make sure that below setting is enabled, in AD LAN properties --> dns

dns1
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

28 Experts available now in Live!

Get 1:1 Help Now