Solved

DNS issue on Domain Controller

Posted on 2014-04-15
2
568 Views
Last Modified: 2014-04-16
My DC within a site can't synchronize within these few day. Check and seem like it is related to DNS issue but I have no idea how to fix it. Any advise ?

"* Active Directory LDAP Services Check
         The host a192b72c-096a-46da-aa96-b76901e845e4._msdcs.abc.com.hk could n
ot be resolved to an"



C:\SUPPORT\TOOLS>dcdiag /test:dns /v

Domain Controller Diagnosis

Performing initial setup:
   * Verifying that the local machine DC02, is a DC.
   * Connecting to directory service on server DC02.
   * Collecting site info.
   * Identifying all servers.
   * Identifying all NC cross-refs.
   * Found 4 DC(s). Testing 1 of them.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\DC02
      Starting test: Connectivity
         * Active Directory LDAP Services Check
         The host a192b72c-096a-46da-aa96-b76901e845e4._msdcs.abc.com.hk could n
ot be resolved to an
         IP address.  Check the DNS server, DHCP, server name, etc
         Although the Guid DNS name
         (a192b72c-096a-46da-aa96-b76901e845e4._msdcs.abc.com.hk) couldn't be
         resolved, the server name (DC02.abc.com.hk) resolved to the IP address
         (10.0.23.30) and was pingable.  Check that the IP address is
         registered correctly with the DNS server.
         ......................... DC02 failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\DC02
      Test omitted by user request: Replications
      Test omitted by user request: Topology
      Test omitted by user request: CutoffServers
      Test omitted by user request: NCSecDesc
      Test omitted by user request: NetLogons
      Test omitted by user request: Advertising
      Test omitted by user request: KnowsOfRoleHolders
      Test omitted by user request: RidManager
      Test omitted by user request: MachineAccount
      Test omitted by user request: Services
      Test omitted by user request: OutboundSecureChannels
      Test omitted by user request: ObjectsReplicated
      Test omitted by user request: frssysvol
      Test omitted by user request: frsevent
      Test omitted by user request: kccevent
      Test omitted by user request: systemlog
      Test omitted by user request: VerifyReplicas
      Test omitted by user request: VerifyReferences
      Test omitted by user request: VerifyEnterpriseReferences
      Test omitted by user request: CheckSecurityError

DNS Tests are running and not hung. Please wait a few minutes...

   Running partition tests on : ForestDnsZones
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running partition tests on : Schema
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running partition tests on : Configuration
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running partition tests on : abc
      Test omitted by user request: CrossRefValidation
      Test omitted by user request: CheckSDRefDom

   Running enterprise tests on : abc.com.hk
      Test omitted by user request: Intersite
      Test omitted by user request: FsmoCheck
      Starting test: DNS
         Test results for domain controllers:

            DC: DC02.abc.com.hk
            Domain: abc.com.hk


               TEST: Authentication (Auth)
                  Authentication test: Successfully completed

               TEST: Basic (Basc)
                  Error: No LDAP connectivity
                   Microsoft Windows Server 2008 R2 Standard  (Service Pack leve
l: 1.0) is supported
                  NETLOGON service is running
                  kdc service is running
                  DNSCACHE service is running
                  DNS service is running
                  DC is a DNS server
                  Network adapters information:
                  Adapter [00000012] Intel(R) PRO/1000 MT Network Connection:
                     MAC address is 00:50:56:B6:B0:89
                     IP address is static
                     IP address: 10.0.23.30, fe80::c9a1:35b3:f811:c54e
                     DNS servers:
                        10.0.23.20 (<name unavailable>) [Valid]
                        Warning: 127.0.0.1 (<name unavailable>) [Invalid]
                  The A record for this DC was found
                  The SOA record for the Active Directory zone was found
                  Warning: no DNS RPC connectivity (error or non Microsoft DNS s
erver is running)
                  [Error details: 5 (Type: Win32 - Description: Access is denied
.)]

         Summary of test results for DNS servers used by the above domain contro
llers:

            DNS server: 10.0.23.30 (<name unavailable>)
               1 test failure on this DNS server
               This is a valid DNS server
               Name resolution is not functional. _ldap._tcp.abc.com.hk. failed
on the DNS server 10.0.23.30
               [Error details: 9003 (Type: Win32 - Description: DNS name does no
t exist.)]

            DNS server: 10.0.23.20 (<name unavailable>)
               All tests passed on this DNS server
               This is a valid DNS server
               Name resolution is funtional. _ldap._tcp SRV record for the fores
t root domain is registered

         Summary of DNS test results:

                                            Auth Basc Forw Del  Dyn  RReg Ext
               ________________________________________________________________
            Domain: abc.com.hk
               DC02                         PASS FAIL n/a  n/a  n/a  n/a  n/a

         ......................... abc.com.hk failed test DNS

C:\SUPPORT\TOOLS>
0
Comment
Question by:AXISHK
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 13

Accepted Solution

by:
Santosh Gupta earned 500 total points
ID: 40003788
Hi,

please check if "a192b72c-096a-46da-aa96-b76901e845e4" SRV recored is exist under msdcs.abc.com.hk in DNS.

if not then rename the netlogon.dns and netlogon.dnb under systemroot%\System32\Config folder.

then perform below.... it may take some time.

ipconfig /flushdns
net stop netlogon
net stop dns
net start dns
net start netlogon
ipconfig /registerdns
0
 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 40003802
Also make sure that below setting is enabled, in AD LAN properties --> dns

dns1
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question