No announcement yet.

Server 2003 Active Directory Fails dcdiag advertising test

  • Filter
  • Time
  • Show
Clear All
new posts

  • Server 2003 Active Directory Fails dcdiag advertising test

    I have the following environment:

    Server 1: W2k03 Sp2, Exchange PDC This was an existing server when I came into the client. Was also the only server in the domain.

    Server 2: W2k03 Sp2. New server I added to become the domain controller. DCPROMO ran fine, added the server. Made it the PDC/RID/etc master. Some weeks later I was looking at a problem and ran dcdiag on server 2 with the following results:

    Starting test: NetLogons
    Unable to connect to the NETLOGON share! (\\Server2\netlogon)
    [Server2] An net use or LsaPolicy operation failed with error 1203, No network provider accepted the given network path..
    ......................... Server2 failed test NetLogons
    Starting test: Advertising
    Warning: DsGetDcName returned information for \\server1.gso.local, when we were trying to reach Server2.
    Server is not responding or is not considered suitable.
    ......................... Server2 failed test Advertising

    Dcdiag on Server1 runs clean. I have gone through the microsoft article on troubleshooting this. The Netlogon share and Sysvol share are not there on Server2 and nothing I do seems to fix that. I have tried creating the directories on Server2 & Changing the BurFlags key and restarting netlogon/ntfrs. I have also tried a few other things based on articles I found on the MSoft site to no avail.

    Name resolution works fine from every direction I have tested.

    At this point I'm pretty stumped. I am thinking that I need to dcpromo server2 out of the ring, make sure AD is clean and try to dcpromo it again.

    Does anyone have any suggestions?

  • #2
    Re: Server 2003 Active Directory Fails dcdiag advertising test

    I found the problem but I'm not sure how to fix it for good. Both servers are DNS servers and both servers were looking up against Server1 first. The names resolve correctly forwards and backwards but when I set them both to resolve against Server2 instead, the problem cleared up.

    So... What do I do with that? I am not getting any errors in the DNS logs, I can resolve correctly everything in the zone on Server1. iow, I can't get it to throw an error which is directly related to DNS on Server1 but when the servers look up against it first, NTFRS is unable to resolve names properly. I should re-state that only the NTFRS is unable to resolve properly; everything else seems fine.

    Is there a utility I can run against the zone on that server? Is it possible for AD integrated zones to become corrupt?


    • #3
      Re: Server 2003 Active Directory Fails dcdiag advertising test

      Run netdiag /fix on both servers.
      Make sure that both DC's are looking to themselfs
      Make sure that the replication of DNS does work.
      Technical Consultant

      MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
      "No matter how secure, there is always the human factor."

      "Enjoy life today, tomorrow may never come."
      "If you're going through hell, keep going. ~Winston Churchill"