Solved

DNS issue on Domain Controller

Posted on 2014-04-15
2
518 Views
Last Modified: 2014-04-16
My DC within a site can't synchronize within these few day. Check and seem like it is related to DNS issue but I have no idea how to fix it. Any advise ?

"* Active Directory LDAP Services Check
         The host a192b72c-096a-46da-aa96-b76901e845e4._msdcs.abc.com.hk could n
ot be resolved to an"



C:\SUPPORT\TOOLS>dcdiag /test:dns /v

Domain Controller Diagnosis

Performing initial setup:
   * Verifying that the local machine DC02, is a DC.
   * Connecting to directory service on server DC02.
   * Collecting site info.
   * Identifying all servers.
   * Identifying all NC cross-refs.
   * Found 4 DC(s). Testing 1 of them.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\DC02
      Starting test: Connectivity
         * Active Directory LDAP Services Check
         The host a192b72c-096a-46da-aa96-b76901e845e4._msdcs.abc.com.hk could n
ot be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name
         (a192b72c-096a-46da-aa96-b76901e845e4._msdcs.abc.com.hk) couldn't be
         resolved, the server name (DC02.abc.com.hk) resolved to the IP address
         (10.0.23.30) and was pingable.  Check that the IP address is
         registered correctly with the DNS server.
         ......................... DC02 failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\DC02
      Test omitted by user request: Replications
      Test omitted by user request: Topology
      Test omitted by user request: CutoffServers
      Test omitted by user request: NCSecDesc
      Test omitted by user request: NetLogons
      Test omitted by user request: Advertising
      Test omitted by user request: KnowsOfRoleHolders
      Test omitted by user request: RidManager
      Test omitted by user request: MachineAccount
      Test omitted by user request: Services
      Test omitted by user request: OutboundSecureChannels
      Test omitted by user request: ObjectsReplicated
      Test omitted by user request: frssysvol
      Test omitted by user request: frsevent
      Test omitted by user request: kccevent
      Test omitted by user request: systemlog
      Test omitted by user request: VerifyReplicas
      Test omitted by user request: VerifyReferences
      Test omitted by user request: VerifyEnterpriseReferences
      Test omitted by user request: CheckSecurityError

DNS Tests are running and not hung. Please wait a few minutes...

   Running partition tests on : ForestDnsZones
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running partition tests on : Schema
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running partition tests on : Configuration
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running partition tests on : abc
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running enterprise tests on : abc.com.hk
      Test omitted by user request: Intersite
      Test omitted by user request: FsmoCheck
      Starting test: DNS
         Test results for domain controllers:

            DC: DC02.abc.com.hk
            Domain: abc.com.hk


               TEST: Authentication (Auth)
                  Authentication test: Successfully completed

               TEST: Basic (Basc)
                  Error: No LDAP connectivity
                   Microsoft Windows Server 2008 R2 Standard  (Service Pack leve
l: 1.0) is supported
                  NETLOGON service is running
                  kdc service is running
                  DNSCACHE service is running
                  DNS service is running
                  DC is a DNS server
                  Network adapters information:
                  Adapter [00000012] Intel(R) PRO/1000 MT Network Connection:
                     MAC address is 00:50:56:B6:B0:89
                     IP address is static
                     IP address: 10.0.23.30, fe80::c9a1:35b3:f811:c54e
                     DNS servers:
                        10.0.23.20 (<name unavailable>) [Valid]
                        Warning: 127.0.0.1 (<name unavailable>) [Invalid]
                  The A record for this DC was found
                  The SOA record for the Active Directory zone was found
                  Warning: no DNS RPC connectivity (error or non Microsoft DNS s
erver is running)
                  [Error details: 5 (Type: Win32 - Description: Access is denied
.)]

         Summary of test results for DNS servers used by the above domain contro
llers:

            DNS server: 10.0.23.30 (<name unavailable>)
               1 test failure on this DNS server
               This is a valid DNS server
               Name resolution is not functional. _ldap._tcp.abc.com.hk. failed
on the DNS server 10.0.23.30
               [Error details: 9003 (Type: Win32 - Description: DNS name does no
t exist.)]

            DNS server: 10.0.23.20 (<name unavailable>)
               All tests passed on this DNS server
               This is a valid DNS server
               Name resolution is funtional. _ldap._tcp SRV record for the fores
t root domain is registered

         Summary of DNS test results:

                                            Auth Basc Forw Del  Dyn  RReg Ext
               ________________________________________________________________
            Domain: abc.com.hk
               DC02                         PASS FAIL n/a  n/a  n/a  n/a  n/a

         ......................... abc.com.hk failed test DNS

C:\SUPPORT\TOOLS>
0
Comment
Question by:AXISHK
  • 2
2 Comments
 
LVL 13

Accepted Solution

by:
Santosh Gupta earned 500 total points
ID: 40003788
Hi,

please check if "a192b72c-096a-46da-aa96-b76901e845e4" SRV recored is exist under msdcs.abc.com.hk in DNS.

if not then rename the netlogon.dns and netlogon.dnb under systemroot%\System32\Config folder.

then perform below.... it may take some time.

ipconfig /flushdns
net stop netlogon
net stop dns
net start dns
net start netlogon
ipconfig /registerdns
0
 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 40003802
Also make sure that below setting is enabled, in AD LAN properties --> dns

dns1
0

Featured Post

Active Directory Webinar

We all know we need to protect and secure our privileges, but where to start? Join Experts Exchange and ManageEngine on Tuesday, April 11, 2017 10:00 AM PDT to learn how to track and secure privileged users in Active Directory.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question