DsGetDcName failed: Status = 1355 0x54b ERROR_NO_SUCH_DOMAIN

Discussion in 'File Systems' started by Edward Ray, Jul 20, 2005.

  1. Edward Ray

    Edward Ray Guest

    This is the result I get when I run "nltest /dsgetdc:xyz"

    netdiag tests pass, except two of my domain controllers get the follwoing
    errors:

    "Cannot test Secure Channel for domain 'xxxxx' to DC 'xyz'.
    [ERROR_SERVICE_NOT_ACTIVE]


    dcdiag on the domain controller in question passes all tests except for the
    following error:

    Starting test: Advertising
    Warning: DsGetDcName returned information for
    \\bigdogmedina.mmicmanhomenet.local, when we were trying to reach xyz
    Server is not responding or is not considered suitable.
    The DC xyz is advertising itself as a DC and having a DS.
    The DC xyz is advertising as an LDAP server
    The DC xyz is advertising as having a writeable directory
    The DC xyz is advertising as a Key Distribution Center
    The DC xyz is advertising as a time server
    The DS xyz is advertising as a GC.
    ......................... xyz failed test Advertising


    These are Windows 2003 Enterprsie domain controllers operating in a Windows
    2003 native active directory domain/forest. All FSMO roles are held by the
    domain controller 'xyz' except for PDC. PDC is
    'bigdogmedina.mmicmanhomenet.local'

    Any idea how to resolve this issue?
     
    Edward Ray, Jul 20, 2005
    #1
    1. Advertisements

  2. I don't think this is really a DFS or FRS issue, but I'll throw a suggestion
    or two your way...

    This sounds like the secure channel secret password is out of sync. You can
    test this with NLTEST /SC_QUERY:domain-name.com or NLTEST /SC_VERIFY:<domain
    name>

    If it is, you will need to reset the secure channel. You can do this with
    NLTEST, NETDOM, VB Script or the GUI.

    If the [secure] channel is down, communication with the DC will fail and
    therefore so will the advertising tests in DCDIAG.
     
    Paul Williams [MVP], Jul 20, 2005
    #2
    1. Advertisements

  3. I have had no luck resetting the secure channel. I have tried using nltest
    and netdom. :

    E:\Documents and Settings\root>netdom reset blackdog.mmicmanhomenet.local
    /Domain:mmicmanhomenet.local /Server:xyz /UserO:root /PasswordO:1234xxx
    The secure channel from BLACKDOG.MMICMANHOMENET.LOCAL to
    MMICMANHOMENET.LOCAL was not reset.

    The service has not been started.

    The service has not been started.

    The command failed to complete successfully.

    only one of my three Dcs works:

    E:\Documents and Settings\root>netdom reset blackdog.mmicmanhomenet.local
    /Domain:mmicmanhomenet.local /Server:bigdogmedina /UserO:root /PasswordO:
    The secure channel from BLACKDOG.MMICMANHOMENET.LOCAL to the domain
    MMICMANHOMENET.LOCAL has been reset. The connection is
    with the machine \\BIGDOGMEDINA.MMICMANHOMENET.LOCAL.



    Stopping and restarting netlogon on the affected domain controllers caused
    teh sysvol and netlogon shares to be removed. I have to manually go back in
    and reset the folder permissions.


    I am at wits end with this problem.
     
    Edward W. Ray, Jul 21, 2005
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.