AD integrated DNS having issues

-

dear all,

i having serious issues ad , dns. unable open ad administrative center nor dns snap in. have copied results from:

1. dcdiag 

2. ipconfig

3. nltest /test:dns

please see results down here. grateful help.


windows ip configuration

   host name . . . . . . . . . . . . : domain-ad1
   primary dns suffix  . . . . . . . : domain.local
   node type . . . . . . . . . . . . : hybrid
   ip routing enabled. . . . . . . . : no
   wins proxy enabled. . . . . . . . : no
   dns suffix search list. . . . . . : domain.local

ethernet adapter ethernet 2:

   connection-specific dns suffix  . : 
   description . . . . . . . . . . . : broadcom bcm5709c netxtreme ii gige (ndis vbd client) #38
   physical address. . . . . . . . . : 00-10-18-ec-98-94
   dhcp enabled. . . . . . . . . . . : no
   autoconfiguration enabled . . . . : yes
   ipv4 address. . . . . . . . . . . : 10.102.148.3(preferred) 
   subnet mask . . . . . . . . . . . : 255.255.254.0
   default gateway . . . . . . . . . : 10.102.148.1
   dns servers . . . . . . . . . . . : 10.102.148.3
   netbios on tcpip. . . . . . . . : enabled

tunnel adapter isatap.{35892b4b-2b34-4f3b-bb90-402ff05a2070}:

   media state . . . . . . . . . . . : media disconnected
   connection-specific dns suffix  . : 
   description . . . . . . . . . . . : microsoft isatap adapter
   physical address. . . . . . . . . : 00-00-00-00-00-00-00-e0
   dhcp enabled. . . . . . . . . . . : no
   autoconfiguration enabled . . . . : yes

tunnel adapter teredo tunneling pseudo-interface:

   media state . . . . . . . . . . . : media disconnected
   connection-specific dns suffix  . : 
   description . . . . . . . . . . . : teredo tunneling pseudo-interface
   physical address. . . . . . . . . : 00-00-00-00-00-00-00-e0
   dhcp enabled. . . . . . . . . . . : no
   autoconfiguration enabled . . . . : yes

---------------------------

dcdiag test
------------


directory server diagnosis 

performing initial setup: 
   trying find home server... 
   home server = domain-ad1 
   * identified ad forest. 
   done gathering initial info. 

doing initial required tests 
   
   testing server: default-first-site-name\domain-ad1 
      starting test: connectivity 
         ......................... domain-ad1 passed test connectivity 
 
doing primary tests 
   
   testing server: default-first-site-name\domain-ad1 
      starting test: advertising 
         ......................... domain-ad1 passed test advertising 
      starting test: frsevent 
         there warning or error events within last 24 hours after the 
         sysvol has been shared.  failing sysvol replication problems may cause 
         group policy problems. 
         ......................... domain-ad1 passed test frsevent 
      starting test: dfsrevent 
         ......................... domain-ad1 passed test dfsrevent 
      starting test: sysvolcheck 
         ......................... domain-ad1 passed test sysvolcheck 
      starting test: kccevent 
         ......................... domain-ad1 passed test kccevent 
      starting test: knowsofroleholders 
         ......................... domain-ad1 passed test knowsofroleholders 
      starting test: machineaccount 
         ......................... domain-ad1 passed test machineaccount 
      starting test: ncsecdesc 
         ......................... domain-ad1 passed test ncsecdesc 
      starting test: netlogons 
         ......................... domain-ad1 passed test netlogons 
      starting test: objectsreplicated 
         ......................... domain-ad1 passed test objectsreplicated 
      starting test: replications 
         ......................... domain-ad1 passed test replications 
      starting test: ridmanager 
         ......................... domain-ad1 passed test ridmanager 
      starting test: services 
         ......................... domain-ad1 passed test services 
      starting test: systemlog 
         an error event occurred.  eventid: 0x0000041f 
            time generated: 02/26/2013   16:47:29 
            event string: 
            processing of group policy failed. windows not resolve computer name. caused 1 of more of following:   
         an error event occurred.  eventid: 0x0000041f 
            time generated: 02/26/2013   16:52:31 
            event string: 
            processing of group policy failed. windows not resolve computer name. caused 1 of more of following:   
         a warning event occurred.  eventid: 0x000003f6 
            time generated: 02/26/2013   16:54:16 
            event string: 
            name resolution name isatap timed out after none of configured dns servers responded. 
         a warning event occurred.  eventid: 0x00001695 
            time generated: 02/26/2013   16:54:43 
            event string: 
            dynamic registration or deletion of 1 or more dns records associated dns domain 'domain.local.' failed.  these records used other computers locate server domain controller (if specified domain active directory domain) or ldap server (if specified domain application partition).    
         a warning event occurred.  eventid: 0x00001695 
            time generated: 02/26/2013   16:55:34 
            event string: 
            dynamic registration or deletion of 1 or more dns records associated dns domain 'domain.local.' failed.  these records used other computers locate server domain controller (if specified domain active directory domain) or ldap server (if specified domain application partition).    
         a warning event occurred.  eventid: 0x00001695 
            time generated: 02/26/2013   16:55:36 
            event string: 
            dynamic registration or deletion of 1 or more dns records associated dns domain 'domaindnszones.domain.local.' failed.  these records used other computers locate server domain controller (if specified domain active directory domain) or ldap server (if specified domain application partition).    
         a warning event occurred.  eventid: 0x00001695 
            time generated: 02/26/2013   16:55:37 
            event string: 
            dynamic registration or deletion of 1 or more dns records associated dns domain 'forestdnszones.domain.local.' failed.  these records used other computers locate server domain controller (if specified domain active directory domain) or ldap server (if specified domain application partition).    
         an error event occurred.  eventid: 0x0000041f 
            time generated: 02/26/2013   16:57:32 
            event string: 
            processing of group policy failed. windows not resolve computer name. caused 1 of more of following:   
         an error event occurred.  eventid: 0x0000041f 
            time generated: 02/26/2013   17:02:34 
            event string: 
            processing of group policy failed. windows not resolve computer name. caused 1 of more of following:   
         a warning event occurred.  eventid: 0x0000a000 
            time generated: 02/26/2013   17:06:22 
            event string: 
            security system detected authentication error server ldap/domain-ad1.domain.local. failure code authentication protocol kerberos "  (0x80080341)". 
         an error event occurred.  eventid: 0x0000041f 
            time generated: 02/26/2013   17:07:35 
            event string: 
            processing of group policy failed. windows not resolve computer name. caused 1 of more of following:   
         an error event occurred.  eventid: 0x0000041f 
            time generated: 02/26/2013   17:12:37 
            event string: 
            processing of group policy failed. windows not resolve computer name. caused 1 of more of following:   
         a warning event occurred.  eventid: 0x0000a000 
            time generated: 02/26/2013   17:15:38 
            event string: 
            security system detected authentication error server cifs/domain-ad1.domain.local. failure code authentication protocol kerberos "  (0x80080341)". 
         a warning event occurred.  eventid: 0x0000a000 
            time generated: 02/26/2013   17:17:37 
            event string: 
            security system detected authentication error server ldap/domain-ad1.domain.local/domain.local@domain.local. failure code authentication protocol kerberos "  (0x80080341)". 
         an error event occurred.  eventid: 0x0000041f 
            time generated: 02/26/2013   17:17:38 
            event string: 
            processing of group policy failed. windows not resolve computer name. caused 1 of more of following:   
         an error event occurred.  eventid: 0x0000041f 
            time generated: 02/26/2013   17:22:40 
            event string: 
            processing of group policy failed. windows not resolve computer name. caused 1 of more of following:   
         an error event occurred.  eventid: 0x0000041f 
            time generated: 02/26/2013   17:27:41 
            event string: 
            processing of group policy failed. windows not resolve computer name. caused 1 of more of following:   
         an error event occurred.  eventid: 0xc000001a 
            time generated: 02/26/2013   17:28:39 
            event string: 
            while processing request target service krbtgt/domain, account amwa did not have suitable key generating kerberos ticket (the missing key has id of 3). requested etypes 18  17  23  24  -135  3. accounts available etypes 23  -133  -128  18  17  3  -140. 
         a warning event occurred.  eventid: 0x0000a000 
            time generated: 02/26/2013   17:29:49 
            event string: 
            security system detected authentication error server ldap/domain-ad1. failure code authentication protocol kerberos "  (0x80080341)". 
         an error event occurred.  eventid: 0x0000041f 
            time generated: 02/26/2013   17:32:43 
            event string: 
            processing of group policy failed. windows not resolve computer name. caused 1 of more of following:   
         an error event occurred.  eventid: 0x0000041f 
            time generated: 02/26/2013   17:37:45 
            event string: 
            processing of group policy failed. windows not resolve computer name. caused 1 of more of following:   
         a warning event occurred.  eventid: 0x0000a000 
            time generated: 02/26/2013   17:39:02 
            event string: 
            security system detected authentication error server dns/prisoner.iana.org. failure code authentication protocol kerberos "  (0x80080341)". 
         a warning event occurred.  eventid: 0x0000a000 
            time generated: 02/26/2013   17:39:32 
            event string: 
            security system detected authentication error server ldap/domain-ad1.domain.local/domain.local@domain.local. failure code authentication protocol kerberos "  (0x80080341)". 
         an error event occurred.  eventid: 0xc000001a 
            time generated: 02/26/2013   17:40:25 
            event string: 
            while processing request target service krbtgt/domain, account mofat did not have suitable key generating kerberos ticket (the missing key has id of 3). requested etypes 18  17  23  24  -135  3. accounts available etypes 23  -133  -128  18  17  3  -140. 
         an error event occurred.  eventid: 0x0000041f 
            time generated: 02/26/2013   17:42:46 
            event string: 
            processing of group policy failed. windows not resolve computer name. caused 1 of more of following:   
         an error event occurred.  eventid: 0xc000001a 
            time generated: 02/26/2013   17:44:38 
            event string: 
            while processing request target service krbtgt/domain, account bmna did not have suitable key generating kerberos ticket (the missing key has id of 3). requested etypes 18  17  23  24  -135  3. accounts available etypes 23  -133  -128  18  17  3  -140. 
         ......................... domain-ad1 failed test systemlog 
      starting test: verifyreferences 
         ......................... domain-ad1 passed test verifyreferences 
   
   
   running partition tests on : forestdnszones 
      starting test: checksdrefdom 
         ......................... forestdnszones passed test checksdrefdom 
      starting test: crossrefvalidation 
         ......................... forestdnszones passed test 
         crossrefvalidation 
   
   running partition tests on : domaindnszones 
      starting test: checksdrefdom 
         ......................... domaindnszones passed test checksdrefdom 
      starting test: crossrefvalidation 
         ......................... domaindnszones passed test 
         crossrefvalidation 
   
   running partition tests on : schema 
      starting test: checksdrefdom 
         ......................... schema passed test checksdrefdom 
      starting test: crossrefvalidation 
         ......................... schema passed test crossrefvalidation 
   
   running partition tests on : configuration 
      starting test: checksdrefdom 
         ......................... configuration passed test checksdrefdom 
      starting test: crossrefvalidation 
         ......................... configuration passed test crossrefvalidation 
   
   running partition tests on : domain 
      starting test: checksdrefdom 
         ......................... domain passed test checksdrefdom 
      starting test: crossrefvalidation 
         ......................... domain passed test crossrefvalidation 
   
   running enterprise tests on : domain.local 
      starting test: locatorcheck 
         ......................... domain.local passed test locatorcheck 
      starting test: intersite 
         ......................... domain.local passed test intersite 


-------------------------

nltest /test:dns
----------------


directory server diagnosis 

performing initial setup: 
   trying find home server... 
   home server = domain-ad1 
   * identified ad forest. 
   done gathering initial info. 

doing initial required tests 
   
   testing server: default-first-site-name\domain-ad1 
      starting test: connectivity 
         the host a5faff4d-b533-410d-bd67-f39184eaa30a._msdcs.domain.local could 
         not resolved ip address. check dns server, dhcp, server 
         name, etc. 
         got error while checking ldap , rpc connectivity. please check your 
         firewall settings. 
         ......................... domain-ad1 failed test connectivity 
 
doing primary tests 
   
   testing server: default-first-site-name\domain-ad1 
   
      starting test: dns 
          
         dns tests running , not hung. please wait few minutes... 
         ......................... domain-ad1 failed test dns 
   
   running partition tests on : forestdnszones 
   
   running partition tests on : domaindnszones 
   
   running partition tests on : schema 
   
   running partition tests on : configuration 
   
   running partition tests on : domain 
   
   running enterprise tests on : domain.local 
      starting test: dns 
         test results domain controllers: 
            
            dc: domain-ad1.domain.local 
            domain: domain.local 
             
                  
               test: basic (basc)
                  error: no ldap connectivity
                  warning: adapter 
                  [00000011] broadcom bcm5709c netxtreme ii gige (ndis vbd client) 
                  has invalid dns server: 10.102.148.3 (domain-ad1) 
                  error: dns servers invalid 
                  no host records (a or aaaa) found dc 
                  warning: no dns rpc connectivity (error or non microsoft dns server running)
         
         summary of test results dns servers used above domain 
         controllers: 
          
            dns server: 10.102.148.3 (domain-ad1) 
               1 test failure on dns server 
               name resolution not functional. _ldap._tcp.domain.local. failed on dns server 10.102.148.3
               
         summary of dns test results: 
         
                                            auth basc forw del  dyn  rreg ext
            _________________________________________________________________
            domain: domain.local 
               domain-ad1                       pass fail n/a  n/a  n/a  n/a  n/a  
         
         ......................... domain.local failed test dns 

hi,

just add have searched similar posts not find working solution.

regards

ginno



Windows Server  >  Windows Server 2012 General



Comments

Post a Comment

Popular posts from this blog

Azure MFA with Azure AD and RDS

-
i have setup following lab in azure , need help. a server (domain controller) , remote desktop services. and server multi factor authentication server. i have setup following one http://www.rdsgurus.com/uncategorized/step-by-step-using-windows-server-2012-r2-rd-gateway-with-azure-multifactor-authentication/ and when im connecting got following error. the user "domain\username", on client computer "xxx.xxx.xxx.xxx", did not meet connection authorization policy requirements , therefore not authorized access rd gateway server. authentication method used was: "ntlm" , connection protocol used: "rpc-http". following error occurred: "23003". also on security log i've got following authentication details: connection request policy name: ts gateway authorization policy network policy name: - authentication provider: radius proxy authentication server: test.test.local authenticati...
Read more

Failed to delete the test record dcdiag-test-record in zone test.com

-
ps c:\users\administrator.test> dcdiag /test:dns directory server diagnosis performing initial setup:    trying find home server...    home server = dc02    * identified ad forest.    done gathering initial info. doing initial required tests    testing server: default-first-site-name\dc02       starting test: connectivity          ......................... dc02 passed test connectivity doing primary tests    testing server: default-first-site-name\dc02       starting test: dns          dns tests running , not hung. please wait few minutes...          ......................... dc02 passed test dns    running partition tests on : forestdnszones    running partition tests on : domaindnszones    running partition tests on : schema ...
Read more

Failed to setup initiator portal. Error status is given in the dump data.

-
hi team, server configured boot san  after booting  facing issue windows server 2008 r2 system logs continuously generating iscsi port error event id 5 failed setup initiator portal. error status given in dump data. eventdata \device\raidport1 000004000100000000000000050000c0000000000000000000000000000000000000000000000000070200c0 binary data: in words 0000: 00040000 00000001 00000000 c0000005 0008: 00000000 00000000 00000000 00000000 0010: 00000000 00000000 c0000207 in bytes 0000: 00 00 04 00 01 00 00 00 ........ 0008: 00 00 00 00 05 00 00 c0 .......À 0010: 00 00 00 00 00 00 00 00 ........ 0018: 00 00 00 00 00 00 00 00 ........ 0020: 00 00 00 00 00 00 00 00 ........ 0028: 07 02 00 c0 ...À hi, please read through article below troubleshoot issue: error event id 5 logged in system log on computer uses iscsi software initiator connect iscsi target device http://suppo...
Read more