Announcement

Collapse
No announcement yet.

Server failed DCDIAG DNS test

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Server failed DCDIAG DNS test

    Hi

    I don't know if this is a problem or not. I don't think it is, but just in case I would appreciate some help.

    We have a Windows 2008 Active Directory Domain. Single site, single subnet 192.168.0.x. Two domain controllers - Win2008 (Phobos) with all FSMO roles, DNS and WINS, and Win2003 (Titan) with DNS, DHCP, WINS. Functional level is Win2003. 35 clients: Win2000, XP, Vista and 7

    When going through the Directory Service log on the Win2003 DC Titan there is an NTDS Replication warning 2088:

    Event Type: Warning
    Event Source: NTDS Replication
    Event Category: DS RPC Client
    Event ID: 2088
    Date: 13/10/2010
    Time: 19:17:26
    User: NT AUTHORITY\ANONYMOUS LOGON
    Computer: TITAN
    Description:
    Active Directory could not use DNS to resolve the IP address of the source domain controller listed below. To maintain the consistency of Security groups, group policy, users and computers and their passwords, Active Directory successfully replicated using the NetBIOS or fully qualified computer name of the source domain controller.

    .....

    Alternate server name:
    Phobos
    Failing DNS host name:
    038232b3-e982-4fe4-8e1e-a48be74457b7._msdcs.htlincs.local


    .....

    Additional Data
    Error value:
    11004 The requested name is valid, but no data of the requested type was found.


    This is followed by

    Event Type: Information
    Event Source: NTDS General
    Event Category: Service Control
    Event ID: 1394
    Date: 13/10/2010
    Time: 19:17:28
    User: NT AUTHORITY\ANONYMOUS LOGON
    Computer: TITAN
    Description:
    All problems preventing updates to the Active Directory Database have been cleared. New updates to the Active Directory database are succeeding. The Net Logon service has restarted.

    These warnings are logged during a reboot of the Win2003 server.

    However, I ran DCDIAG /TestNS as recommended, just in case, and it reported several failures related to invalid root hints (see attached file)

    Now, as I understand it, I only need to worry about this if the server is being used as a gateway. We have a router installed and the entire domain uses that as the gateway. I've never had to work with root hints before but as I am not familiar with this I do not know if this problem might have a knock-on effect elsewhere.

    Do I need to be concerned about this or can I safely ignore it? As ever, any comments and advice are welcome.

    Thanks!
    Attached Files
    A recent poll suggests that 6 out of 7 dwarfs are not happy

  • #2
    Re: Server failed DCDIAG DNS test

    Hi,

    Can you ping this 038232b3-e982-4fe4-8e1e-a48be74457b7._msdcs.htlincs.local and check to which IP address does it resolve. It shud be ur DC and that's no is guid of ur dc.

    also can you provide, IPConfig /all from titan and phobos.
    also provide out of netdiag

    ####################

    Additional if nothing fancy has been done with the setup, if it's pretty much default setting then try creating a host a record for your localhost with 127.0.0.1 address and then try
    Last edited by v-2nas; 15th October 2010, 12:31.
    Thanks & Regards
    v-2nas

    MCTS 2008, MCTIP, MCSE 2003, MCSA+Messaging E2K3, MCP, E2K7
    Sr. Wintel Eng. (Investment Bank)
    Independent IT Consultant and Architect
    Blog: http://www.exchadtech.blogspot.com

    Show your appreciation for my help by giving reputation points

    Comment


    • #3
      Re: Server failed DCDIAG DNS test

      Hi, v-2nas

      Thanks for your reply.

      Connectivity between the domain controllers is fine. I can ping Phobos using that address without any problems.

      I have attached a text file with the ipconfig /all results, netdiag from the Win2003 and DCdiag from the Win2008 server.

      A number of errors have been reported in the DCdiag results. I'll be looking into these when I have time later. In the meantime, if anyone can spot anything untoward, please let me know.

      Thanks!
      Attached Files
      A recent poll suggests that 6 out of 7 dwarfs are not happy

      Comment


      • #4
        Re: Server failed DCDIAG DNS test

        Hi,

        just wanted to check with you have you tried creating a localhost A record as mentioned earlier
        Thanks & Regards
        v-2nas

        MCTS 2008, MCTIP, MCSE 2003, MCSA+Messaging E2K3, MCP, E2K7
        Sr. Wintel Eng. (Investment Bank)
        Independent IT Consultant and Architect
        Blog: http://www.exchadtech.blogspot.com

        Show your appreciation for my help by giving reputation points

        Comment


        • #5
          Re: Server failed DCDIAG DNS test

          Hi

          Thanks again for responding.

          No, I've not done this yet. I wanted to wait and see if there was anything in particular that would be suggested that would explain either why this intermittent error is appearing or provide a solution that would negate the need to create the A record.
          A recent poll suggests that 6 out of 7 dwarfs are not happy

          Comment


          • #6
            Re: Server failed DCDIAG DNS test

            First of all your dc's have only one DNS record in network configurations.
            What about dns zones, are they integrated?

            For example
            Titan
            ip
            mask
            gw

            TItan dns
            Phobos dns

            Comment


            • #7
              Re: Server failed DCDIAG DNS test

              Thanks for replying.

              I was under the impression that it was best practice to have a domain controller that hosts DNS to point to itself and to not have a secondary DNS server listed, which is how the clients are configured via DHCP.

              DNS on both servers is configured as AD Integrated and both are set to receive secure updates only.
              A recent poll suggests that 6 out of 7 dwarfs are not happy

              Comment


              • #8
                Re: Server failed DCDIAG DNS test

                Any way try one time. After repadmin /replicate you can return back to single dns.
                I have experience close to you situation.

                Comment


                • #9
                  Re: Server failed DCDIAG DNS test

                  I appreciate the advice, but the problem is not with replication. As I stated, the events show that the problem clears itself. The replication events have not been logged for 8 days, now. Since the last event that was logged, the log only contains information events concerning backup and defrag of ntds.dit and .log files.

                  My concern was with the results of the dns test and the errors reported which highlight problems with the root hints.

                  However, as I said, we do not use this DC as a gateway but instead use a router, so the root hints are superflous. However, because I am not used to dealing with root hints, I do not know if this is symptomatic of an underlying problem or whether it could have a knock-on effect elsewhere.

                  Thanks.
                  A recent poll suggests that 6 out of 7 dwarfs are not happy

                  Comment

                  Working...
                  X