Netdiag DNS test error

Discussion in 'Active Directory' started by NetAdmin_UK, Jun 21, 2007.

  1. NetAdmin_UK

    NetAdmin_UK Guest

    Hi
    I have created a new forest with a number of domains and trees.
    When I run the netdiag utility to test everything is setup correctly I
    receive the following error:

    DNS test . . . . . . . . . . . . . : Failed
    [WARNING] The DNS entries for this DC cannot be verified right now on
    DNS
    server 10.40.1.1, ERROR_TIMEOUT.
    [WARNING] The DNS entries for this DC cannot be verified right now on
    DNS
    server 10.10.1.1, ERROR_TIMEOUT.
    [FATAL] No DNS servers have the DNS records for this DC registered.

    The DC I run this on points to itself as the preferred DNS server. I have
    checked the DNS MMC and it appears that all the correct records are there.
    Also when I run dcdiag /test:dsgetdc command it completes successfully. Does
    anyone know why this might be failing. Or what test netdiag is actualy
    performing to get this result?
    Thanks for your help.

    C:\>netdiag /test:dsgetdc /d:xeta.com /v

    Gathering IPX configuration information.
    Querying status of the Netcard drivers... Passed
    Testing Domain membership... Passed
    Gathering NetBT configuration information.
    Testing DC discovery.
    Looking for a DC
    Looking for a PDC emulator
    Looking for a Windows 2000 DC

    Tests complete.


    Computer Name: DCX
    DNS Host Name: DCX.xeta.com
    DNS Domain Name: xeta.com
    System info : Windows 2000 Server (Build 3790)
    Processor : x86 Family 15 Model 3 Stepping 4, GenuineIntel
    Hotfixes :
    Installed? Name
    Yes Q147222


    Netcard queries test . . . . . . . : Passed

    Information of Netcard drivers:


    ---------------------------------------------------------------------------
    Description: Intel 21140-Based PCI Fast Ethernet Adapter (Generic)
    Device: \DEVICE\{6B3154F1-1EAF-43DB-8A19-00F3EEFCE2E2}

    Media State: Connected

    Device State: Connected
    Connect Time: 21:53:00
    Media Speed: 100 Mbps

    Packets Sent: 7755
    Bytes Sent (Optional): 2984124

    Packets Received: 6645
    Directed Pkts Recd (Optional): 5962
    Bytes Received (Optional): 1429358
    Directed Bytes Recd (Optional): 1429358


    ---------------------------------------------------------------------------
    [PASS] - At least one netcard is in the 'Connected' state.



    Per interface results:

    Adapter : Local Area Connection
    Adapter ID . . . . . . . . : {6B3154F1-1EAF-43DB-8A19-00F3EEFCE2E2}

    Netcard queries test . . . : Passed


    Global results:


    Domain membership test . . . . . . : Passed
    Machine is a . . . . . . . . . : Primary Domain Controller Emulator
    Netbios Domain name. . . . . . : XETA
    Dns domain name. . . . . . . . : xeta.com
    Dns forest name. . . . . . . . : alpha.com
    Domain Guid. . . . . . . . . . : {4D13687C-0E6C-427F-9D5E-33C7FE040E6E}
    Domain Sid . . . . . . . . . . : S-1-5-21-1452378094-1062453204-767547091
    Logon User . . . . . . . . . . : Administrator
    Logon Domain . . . . . . . . . : XETA


    NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
    NetBT_Tcpip_{6B3154F1-1EAF-43DB-8A19-00F3EEFCE2E2}
    1 NetBt transport currently configured.


    DC discovery test. . . . . . . . . : Passed

    Find DC in domain 'XETA':
    Found this DC in domain 'XETA':
    DC. . . . . . . . . . . : \\DCX.xeta.com
    Address . . . . . . . . : \\10.40.1.1
    Domain Guid . . . . . . : {4D13687C-0E6C-427F-9D5E-33C7FE040E6E}
    Domain Name . . . . . . : xeta.com
    Forest Name . . . . . . : alpha.com
    DC Site Name. . . . . . : HUB
    Our Site Name . . . . . : HUB
    Flags . . . . . . . . . : PDC emulator DS KDC TIMESERV WRITABLE
    DNS_DC D
    NS_DOMAIN DNS_FOREST CLOSE_SITE 0x8

    Find PDC emulator in domain 'XETA':
    Found this PDC emulator in domain 'XETA':
    DC. . . . . . . . . . . : \\DCX.xeta.com
    Address . . . . . . . . : \\10.40.1.1
    Domain Guid . . . . . . : {4D13687C-0E6C-427F-9D5E-33C7FE040E6E}
    Domain Name . . . . . . : xeta.com
    Forest Name . . . . . . : alpha.com
    DC Site Name. . . . . . : HUB
    Our Site Name . . . . . : HUB
    Flags . . . . . . . . . : PDC emulator DS KDC TIMESERV WRITABLE
    DNS_DC D
    NS_DOMAIN DNS_FOREST CLOSE_SITE 0x8

    Find Windows 2000 DC in domain 'XETA':
    Found this Windows 2000 DC in domain 'XETA':
    DC. . . . . . . . . . . : \\DCX.xeta.com
    Address . . . . . . . . : \\10.40.1.1
    Domain Guid . . . . . . : {4D13687C-0E6C-427F-9D5E-33C7FE040E6E}
    Domain Name . . . . . . : xeta.com
    Forest Name . . . . . . : alpha.com
    DC Site Name. . . . . . : HUB
    Our Site Name . . . . . : HUB
    Flags . . . . . . . . . : PDC emulator DS KDC TIMESERV WRITABLE
    DNS_DC D
    NS_DOMAIN DNS_FOREST CLOSE_SITE 0x8


    The command completed successfully
     
    NetAdmin_UK, Jun 21, 2007
    #1
    1. Advertisements

  2. NetAdmin_UK

    Herb Martin Guest

    All computers and thus all internal DNS servers must be able to resolve
    EVERY domain of the forest, using some combination of Delegation
    (parent to child only), (conditional) forwarding, holding the actual zones
    for one zone/domain on the DNS servers or the other domains.

    If NetDiag fails you can trivially try "NetDiag /fix" just to see if there
    is
    no underlying problem -- fix can't solve DESIGN problems but it can
    put back the records if the DNS is reachable and dynamic.

     
    Herb Martin, Jun 21, 2007
    #2
    1. Advertisements

  3. NetAdmin_UK

    NetAdmin_UK Guest

    Hi Herb

    I've tried this but makes no difference.

     
    NetAdmin_UK, Jun 21, 2007
    #3
  4. NetAdmin_UK

    Herb Martin Guest

    You tried making sure that every DNS Server (and therefore DNS Client)
    can find all of the Zones/Domains of your forest?

    Then make sure that every Zone is dynamic and the Primary/Master is online
    and reachable.

    Generally you are better with "DCDiag /C" for DC problems than using
    NetDiag,
    but the latter is useful also.


    --
    Herb Martin, MCSE, MVP
    http://www.LearnQuick.Com
    (phone on web site)
     
    Herb Martin, Jun 21, 2007
    #4
  5. NetAdmin_UK

    NetAdmin_UK Guest

    I've found the problem so thought I'd post in case is of any use to anyone:

    The Forest Route DC had once been part of a different domain. I think it was
    demoted and then promted to the current domain. The SOA DNS record on this
    server was set to 'hostmaster.<olddomainname>'. I changed it back to the
    default which is just 'hostmaster.' and straight away the NETDIAG /test:DNS
    Passed.

    Thanks for your help.

     
    NetAdmin_UK, Jun 21, 2007
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.