The dreaded "The specified domain either does not exist or could not be contacted" error

Here's the scenario.

Host machine running Windows 2012 Server R2, all updates installed. Workgroup. Hyper-V installed.

1st Hyper-V machine

Windows 2012 R2 Server. Set as domain controller.
Roles installed
Active Directory Domain Services
DNS Server
File and Storage Services.

System is the DC and hosts user files. Also hosts Quickbooks data file.

2nd Hyper-V machine
Windows Server 2012R2 All updates installed.

Roles  installed
Remote Desktop Services
File and Storage services
Web Server (IIS)

Increasingly when user attempt to log into the TServer they'll get the  "The specified domain either does not exist or could not be contacted". error. Restarting DNS services on the DC and Tserver seems to resolve the issue temporarily. Ultimately the issue seems to self heal but not after disallowing log on for an unreasonable amount of time. 15 minutes or more. The issue has been occurring with greater frequency.

I'm not a DNS guru. The only resolutions I've found online to this point pertain to Server 2000 and 2003. Not much regarding this issue in 2012R2.

Thank you
Who is Participating?

Improve company productivity with a Business Account.Sign Up

gulfcoastnetworkingConnect With a Mentor Author Commented:
Thanks lionelmm, I removed the reference to outside DNS from both the DC and the TS yesterday. Most clients are connecting from outside the facility so DNS of their machines should be irrelevant. There was also a service related to an old piece of monitoring software that was still running. I disabled that as well.

So far the issue has not reappeared, at least they haven't called to complain. Unfortunately I won't know if either of those were the issue for a couple of days. Generally the issue appears at least once a day. definitely a number of times per week.

Fingers crossed.
Will SzymkowskiSenior Solution ArchitectCommented:
When this issue happens have you tried to check the secure channel of the Terminal Server?
netdom verify <machinename> / /UserO:username /PasswordO:*

"the * will allow you to enter the password once you press enter and characters are not shown on screen.

Verify the trust of the machine when the issue happens.

Also another good thing to check would be errors/warnings in the Event viewer on the Terminal server itself.

gulfcoastnetworkingAuthor Commented:
Thanks I will try that when the issue arises. I'd run a DCDIAG  /test:DNS test in the past and it passed.

The most recent error on the TS was 5719 NETLOGON source, Essentially saying the machine was not able to setup a secure session with the domain controller in domain "abc" due to the following. No Logon servers were available to service the logon request.

Checking the DC I found no errors that indicated it not being available around the time stamp of the TS error.
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Will SzymkowskiSenior Solution ArchitectCommented:
Netlogon services need to be running in order to login to the domain successfully. If this service is having issues and it is stopping / restarting randomly this could be the issue to your probelm.

As you have already pointed out you have errors in the event log regarding the netlogon service as well.

I would start there.

Lionel MMSmall Business IT ConsultantCommented:
What are the ipconfig setting of your clients--are there DNS servers just the DC or also those of their ISP? If ISP too try removing those and see if that resolves the issue.
Lionel MMSmall Business IT ConsultantCommented:
Most clients are connecting from outside the facility so DNS of their machines should be irrelevant.
It has been my experience that many times client systems cannot join to a domain (domain server not found) or that it takes a VERY long time to find the DC if client PCs have DNS servers other than the domain DNS they wish to connect to--thus my suggestion may be worthwhile trying if the issue re-appears on some systems
Lionel MMSmall Business IT ConsultantCommented:
but you have not given credit--you have chosen to delete giving only credit to your final comment--I assume you did this by mistake?
gulfcoastnetworkingAuthor Commented:
I'm giving credit for this solution because it was at least partially the ultimate solution. Thank you.
Lionel MMSmall Business IT ConsultantCommented:
but you are only giving credit to your own comments and to none of the others, in affect awarding 0 point to yourself only--is this what you want to do?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.