Link to home
Create AccountLog in
Avatar of rajiv bh
rajiv bh

asked on

Connectivity Test failed because Could not confirm the identity of this serve

It seems to be an issue with the DNS not registered with the server.

Also the server has Red X on the network Icon,

I ran Dc Diag.exe and it did this...

C:\Users\htsuser4.SYED>dcdiag.exe

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = SERVER
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\SERVER
      Starting test: Connectivity
         The host f8e87b26-40a5-44db-acd2-349596073ec2._msdcs.syed.local could
         not be resolved to an IP address. Check the DNS server, DHCP, server
         name, etc.
         Got error while checking LDAP and RPC connectivity. Please check your
         firewall settings.
         ......................... SERVER failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\SERVER
      Skipping all tests, because server SERVER is not responding to directory
      service requests.


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : syed
      Starting test: CheckSDRefDom
         ......................... syed passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... syed passed test CrossRefValidation

   Running enterprise tests on : syed.local
      Starting test: LocatorCheck
         ......................... syed.local passed test LocatorCheck
      Starting test: Intersite
         ......................... syed.local passed test Intersite
Avatar of Patrick Bogers
Patrick Bogers
Flag of Netherlands image

Hi,

Does this server Ping neighbor servers or workstations? Does it have internet?
Did the domain controller and dns work before?
What has changed?

If it did not work before, what can be found in event logging after a fresh boot?

Cheers
> Also the server has Red X on the network Icon

this issue should be addressed first otherwise nothing can troubleshoot further.

is it a VM or physical machine?
Avatar of rajiv bh
rajiv bh

ASKER

Nothing has changed, It can ping the workstation. There is also internet access on the server. this is not a VM, it is a physical machine
Ok, Windows sometimes Isnt sure if its network is functioning or not.

Did you run dcdiag in elevated prompt?

In server manager -> dns, are there errors shown?
There is no such errors in server manager > dns.

Just ran the dcdiag in elevated prompt

C:\Windows\system32>dcdiag.exe

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = SERVER
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\SERVER
      Starting test: Connectivity
         ......................... SERVER passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\SERVER
      Starting test: Advertising
         ......................... SERVER passed test Advertising
      Starting test: FrsEvent
         ......................... SERVER passed test FrsEvent
      Starting test: DFSREvent
         ......................... SERVER passed test DFSREvent
      Starting test: SysVolCheck
         ......................... SERVER passed test SysVolCheck
      Starting test: KccEvent
         ......................... SERVER passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... SERVER passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... SERVER passed test MachineAccount
      Starting test: NCSecDesc
         ......................... SERVER passed test NCSecDesc
      Starting test: NetLogons
         ......................... SERVER passed test NetLogons
      Starting test: ObjectsReplicated
         ......................... SERVER passed test ObjectsReplicated
      Starting test: Replications
         ......................... SERVER passed test Replications
      Starting test: RidManager
         ......................... SERVER passed test RidManager
      Starting test: Services
         ......................... SERVER passed test Services
      Starting test: SystemLog
         ......................... SERVER passed test SystemLog
      Starting test: VerifyReferences
         ......................... SERVER passed test VerifyReferences


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : syed
      Starting test: CheckSDRefDom
         ......................... syed passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... syed passed test CrossRefValidation

   Running enterprise tests on : syed.local
      Starting test: LocatorCheck
         ......................... syed.local passed test LocatorCheck
      Starting test: Intersite
         ......................... syed.local passed test Intersite
can you please post the IPCONFIG /ALL and ROUTE PRINT results?
C:\Windows\system32>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : SERVER
   Primary Dns Suffix  . . . . . . . : syed.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : syed.local

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) 82574L Gigabit Network Connectio
n
   Physical Address. . . . . . . . . :
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.10(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DNS Servers . . . . . . . . . . . : 192.168.1.10
                                       127.0.0.1
                                       8.8.8.8
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{7ADD410A-61E1-41B7-A5F5-0D0CCE72000D}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes


C:\Windows\system32>route print -4
===========================================================================
Interface List
 11...00 25 90 d4 1b 8a ......Intel(R) 82574L Gigabit Network Connection
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.10    276
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.10    276
     192.168.1.10  255.255.255.255         On-link      192.168.1.10    276
    192.168.1.255  255.255.255.255         On-link      192.168.1.10    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.10    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.10    276
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0      192.168.1.1  Default
          0.0.0.0          0.0.0.0      192.168.1.1  Default
===========================================================================
So dcdiag has no errors in elevated prompt means no domain issues.
No dns errors in server manager.

What is the problem?
Log Name:      DNS Server
Source:        Microsoft-Windows-DNS-Server-Service
Date:          4/5/2017 8:53:39 AM
Event ID:      5504
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      SERVER.syed.local
Description:
The DNS server encountered an invalid domain name in a packet from 173.254.179.200. The packet will be rejected. The event data contains the DNS packet.
the IPCONFIG ALL and ROUTE PRINT results look good for me. is it the only DC on your LAN?

> There is also internet access on the server.

is the server also accessible from the internet via the router at 192.168.1.1, by port forwarding enabled against the server?

> 173.254.179.200

it is an IP on the internet in California. is it an known IP or source for you or your business?
If your dns server is open to the internet/vpn i trust this is a branch office?

If so, inspect the event data, are you suppose to answer to the domain requested?
ASKER CERTIFIED SOLUTION
Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I have recommended this question be closed as follows:

Accept: David Johnson CD MVP (https:#a42080852)

If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.

seth2740
Experts-Exchange Cleanup Volunteer
to be honest, i don't think the accepted comment would help if the author does have his own internal DNS server in place. of course, the comment is suggested as it is a way to optimise the settings (not to fix the facing problem).