I originally tried to rejoin a computer to a network which led to a "cannot find domain" error. The username/password box don't even come up.
Some tests I ran:
I can ping the server name.
I can't ping the server's FQD.N
I can't ping the domain name domain1.local
.
nslookup can't find the domain.
So I go to the DNS and run netdiag.exe and gives me this error:
DNS test . . . . . . . . . . . . . : Failed
[WARNING] Cannot find a primary authoritative DNS server for the name
'stmartinsrv.stmartin.local.'. [RCODE_SERVER_FAILURE]
The name 'srv.domain1.local.' may not be registered in DNS.
[WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '68.94.156.1'. Please wait for 30 minutes for DNS server replication.
[WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '68.94.157.1'. Please wait for 30 minutes for DNS server replication.
[FATAL] No DNS servers have the DNS records for this DC registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{04BB0F6B-06AE-4D60-80C8-2A7A24C1D87B}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{04BB0F6B-06AE-4D60-80C8-2A7A24C1D87B}
The browser is bound to 1 NetBt transport.
Then running dcdiag,
C:\Program Files\Support Tools>dcdiag
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SRV
Starting test: Connectivity
The host 1c99f63c-49ec-40db-b3d3-6265c00fbd3e._msdcs.domain1.local cou
ld not be resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(1c99f63c-49ec-40db-b3d3-6265c00fbd3e._msdcs.domain1.local) couldn't
be resolved, the server name (srv.domain1.local) resolved to
the IP address (192.168.1.21) and was pingable. Check that the IP
address is registered correctly with the DNS server.
......................... SRV failed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SRV
Skipping all tests, because server SRV is
not responding to directory service requests
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : domain1
Starting test: CrossRefValidation
......................... domain1 passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... domain1 passed test CheckSDRefDom
Running enterprise tests on : domain1.local
Starting test: Intersite
......................... domain1.local passed test Intersite
Starting test: FsmoCheck
......................... domain1.local passed test FsmoCheck
From previous postings, I've tried adding the domain suffix to the NIC IP properties to both the client machine and the domain controller server which didn't help.
Note: there is only one NIC on the server.
Any ideas?
UPDATE: I partially fixed the problem by removing the ISP DNS IP addresses from the local NIC card and just added the SRV server IP address (192.168.x.x) to the DNS tab of the IP properties of the NIC card. Now when I run nslookup on SRV, it resolves to the domain name locally.
When I run nslookup on domain1.local
, it resolves to the domain to the server IP address locally on the server. However when I try to do the same thing on the client machine, I still receive an unknown host response when I attempt to run nslookup domain1.local
and the FQDN.
UPDATE 2: I also manually set the DNS IP address on the client's NIC IP settings in the DNS tab which didn't work either. Yet I can still ping domain controller/DNS server
On the client when I run ipconfig and nslookup:
C:\Documents and Settings\Administrator>ping domain1.local
Ping request could not find host domain1.local. Please check the name and try a
gain.
C:\Documents and Settings\Administrator>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : CLIENT02
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain1.local
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : domain1.local
Description . . . . . . . . . . . : Intel(R) 82562V-2 10/100 Network Con
nection
Physical Address. . . . . . . . . : 00-1A-A0-8B-94-87
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.107
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.21
192.168.0.1
Lease Obtained. . . . . . . . . . : Sunday, April 11, 2010 8:45:15 PM
Lease Expires . . . . . . . . . . : Sunday, April 18, 2010 7:24:15 PM
C:\Documents and Settings\Administrator>nslookup
DNS request timed out.
timeout was 2 seconds.
*** Can't find server name for address 192.168.1.21: Timed out
*** Can't find server name for address 192.168.0.1: Non-existent domain
*** Default servers are not available
Default Server: UnKnown
Address: 192.168.1.21
> server 192.168.1.21
DNS request timed out.
timeout was 2 seconds.
Default Server: [192.168.1.21]
Address: 192.168.1.21
>
C:\Documents and Settings\Administrator>nslookup
DNS request timed out.
timeout was 2 seconds.
*** Can't find server name for address 192.168.1.21: Timed out
*** Can't find server name for address 192.168.0.1: Non-existent domain
*** Default servers are not available
Default Server: UnKnown
Address: 192.168.1.21
> ls domain1.local
ls: connect: No error
*** Can't list domain domain1.local: Unspecified error
>
and then I ran netdiag /d:domain1.local
...................................
Computer Name: CLIENT02
DNS Host Name: CLIENT02
System info : Windows 2000 Professional (Build 2600)
Processor : x86 Family 6 Model 15 Stepping 2, GenuineIntel
List of installed hotfixes :
KB835221WXP
KB888111WXPSP2
KB893803v2
Q147222
Netcard queries test . . . . . . . : Passed
GetStats failed for 'Intel(R) 82562V-2 10/100 Network Connection - AGN Filter Interface'. [ERROR_GEN_FAILURE]
Per interface results:
Adapter : Local Area Connection
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : CLIENT02.domain1.local
IP Address . . . . . . . . : 192.168.1.107
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.1
Dns Servers. . . . . . . . : 192.168.1.21
192.168.0.1
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Ipx configration
Network Number . . . . : 00000000
Node . . . . . . . . . : 001aa08b9487
Frame type . . . . . . : 802.2
Adapter : IPX Internal Interface
Netcard queries test . . . : Passed
Ipx configration
Network Number . . . . : 00000000
Node . . . . . . . . . : 000000000001
Frame type . . . . . . : Ethernet II
Adapter : IpxLoopbackAdapter
Netcard queries test . . . : Passed
Ipx configration
Network Number . . . . : 1234cdef
Node . . . . . . . . . : 000000000002
Frame type . . . . . . : 802.2
Adapter : NDISWANIPX
Netcard queries test . . . : Passed
Ipx configration
Network Number . . . . : 00000000
Node . . . . . . . . . : f6f220524153
Frame type . . . . . . : Ethernet II
Global results:
Domain membership test . . . . . . : Passed
Dns domain name is not specified.
Dns forest name is not specified.
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{3DF46308-913D-4B62-8F6A-AC1E076E3864}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{3DF46308-913D-4B62-8F6A-AC1E076E3864}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{3DF46308-913D-4B62-8F6A-AC1E076E3864}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Failed
This computer cannot be joined to the [domain1.local] domain because of one of the
following reasons.
1. The DNS SRV record for [domain1.local] is not registered in DNS; or
2. A zone from the following list of DNS zones does not include delegation
to its child zone.
Such zones can include [_ldap._tcp.dc._msdcs.domain1.local], and root zone.
Ask your network/DNS administrator to perform the following actions: To
find out why the SRV record for [domain1.local, local] is not registered in the DNS,
run the dcdiag command prompt tool with the command RegisterInDNS on the
domain controller that did not perform the registration.
[FATAL] Cannot find DC in domain 'domain1.local'. [ERROR_NO_SUCH_DOMAIN]
DC list test . . . . . . . . . . . : Failed
'domain1.local': Cannot find DC to get DC list from [test skipped].
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Skipped
LDAP test. . . . . . . . . . . . . : Failed
Cannot find DC to run LDAP tests on. The error occurred was: The specified domain either does not exist or could not be contacted.
This computer cannot be joined to the [domain1.local] domain because of one of the
following reasons.
1. The DNS SRV record for [domain1.local] is not registered in DNS; or
2. A zone from the following list of DNS zones does not include delegation
to its child zone.
Such zones can include [_ldap._tcp.dc._msdcs.domain1.local], and root zone.
Ask your network/DNS administrator to perform the following actions: To
find out why the SRV record for [domain1.local, local] is not registered in the DNS,
run the dcdiag command prompt tool with the command RegisterInDNS on the
domain controller that did not perform the registration.
[WARNING] Cannot find DC in domain 'domain1.local'. [ERROR_NO_SUCH_DOMAIN]
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
Netware configuration
You are not logged in to your preferred server .
Netware User Name. . . . . . . :
Netware Server Name. . . . . . :
Netware Tree Name. . . . . . . :
Netware Workstation Context. . :
IP Security test . . . . . . . . . : Passed
Service status is: Started
Service startup is: Automatic
IPSec service is available, but no policy is assigned or active
Note: run "ipseccmd /?" for more detailed information
The command completed successfully
On the server SRV
C:\Documents and Settings\Administrator>ipconfig
Windows IP Configuration
Ethernet adapter Local Area Connection 2:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.1.21
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
C:\Documents and Settings\Administrator>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : srv
Primary Dns Suffix . . . . . . . : domain1.local
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain1.local
Ethernet adapter Local Area Connection 2:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
Physical Address. . . . . . . . . : 00-21-70-16-F5-6E
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.1.21
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 192.168.1.21
C:\Documents and Settings\Administrator>nslookup domain1.local
Server: srv.domain1.local
Address: 192.168.1.21
Name: domain1.local
Address: 192.168.1.21
C:\Documents and Settings\Administrator>nslookup
Default Server: srv.domain1.local
Address: 192.168.1.21
> server 192.168.1.21
Default Server: srv.domain1.local
Address: 192.168.1.21
> ls domain1.local
[srv.domain1.local]
*** Can't list domain domain1.local: Query refused
The DNS server refused to transfer the zone domain1.local to your computer. If
this
is incorrect, check the zone transfer security settings for domain1.local on th
e DNS
server at IP address 192.168.1.21.
> ^C
C:\Documents and Settings\Administrator>ping domain1.local
Pinging domain1.local [192.168.1.21] with 32 bytes of data:
Reply from 192.168.1.21: bytes=32 time<1ms TTL=128
Reply from 192.168.1.21: bytes=32 time<1ms TTL=128
Ping statistics for 192.168.1.21:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
Control-C
^C
C:\Documents and Settings\Administrator>
Then running dcdiag.exe:
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SRV
Starting test: Connectivity
……………………. SRV passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SRV
Starting test: Replications
......................... SRV passed test Replications
Starting test: NCSecDesc
......................... SRV passed test NCSecDesc
Starting test: NetLogons
......................... SRV passed test NetLogons
Starting test: Advertising
......................... SRV passed test Advertising
Starting test: KnowsOfRoleHolders
......................... SRV passed test KnowsOfRoleHolders
Starting test: RidManager
......................... SRV passed test RidManager
Starting test: MachineAccount
......................... SRV passed test MachineAccount
Starting test: Services
......................... SRV passed test Services
Starting test: ObjectsReplicated
......................... SRV passed test ObjectsReplicated
Starting test: frssysvol
......................... SRV passed test frssysvol
Starting test: frsevent
There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause Group Policy problems.
......................... SRV failed test frsevent
Starting test: kccevent
......................... SRV passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0xC0002715
Time Generated: 04/12/2010 13:35:18
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0001B7A
Time Generated: 04/12/2010 13:45:27
(Event String could not be retrieved)
......................... SRV failed test systemlog
Starting test: VerifyReferences
......................... SRV passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : stmartin
Starting test: CrossRefValidation
......................... stmartin passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... stmartin passed test CheckSDRefDom
Running enterprise tests on : domain1.local
Starting test: Intersite
......................... domain1.local passed test Intersite
Starting test: FsmoCheck
......................... domain1.local passed test FsmoCheck
and then netdiag /d:domain1.local:
....................................
Computer Name: SRV
DNS Host Name: SRV.domain1.local
System info : Microsoft Windows Server 2003 (Build 3790)
Processor : x86 Family 15 Model 127 Stepping 2, AuthenticAMD
List of installed hotfixes :
KB923561
KB924667-v2
KB925398_WMP64
KB925902-v2
KB927891
KB929123
KB930178
KB932168
KB933854
KB938127
KB941569
KB943055
KB943460
KB944338-v2
KB944653
KB945553
KB946026
KB948496
KB950762
KB950974
KB951066
KB951748
KB952004
KB952069
KB952954
KB953298
KB954155
KB954550-v5
KB955069
KB955759
KB956572
KB956802
KB956803
KB956844
KB957097
KB958469
KB958644
KB958687
KB958869
KB959426
KB960225
KB960803
KB960859
KB961063
KB961118
KB961501
KB967715
KB967723
KB968389
KB968816
KB969059
KB969947
KB970238
KB970430
KB971032
KB971486
KB971557
KB971633
KB971657
KB971737
KB971961
KB972270
KB973037
KB973354
KB973507
KB973525
KB973540
KB973687
KB973815
KB973869
KB973904
KB974112
KB974318
KB974392
KB974571
KB975025
KB975467
KB976098-v2
KB976325
KB978207
Q147222
Netcard queries test . . . . . . . : Passed
[WARNING] The net card 'RAS Async Adapter' may not be working because it has not received any packets.
Per interface results:
Adapter : Local Area Connection 2
Netcard queries test . . . : Passed
Host Name. . . . . . . . . : SRV
IP Address . . . . . . . . : 192.168.1.21
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.1.1
Dns Servers. . . . . . . . : 192.168.1.21
AutoConfiguration results. . . . . . : Passed
Default gateway test . . . : Passed
NetBT name test. . . . . . : Passed
[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.
No remote names have been found.
WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.
Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{04BB0F6B-06AE-4D60-80C8-2A7A24C1D87B}
1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server '192.168.1.21' and other DCs also have some of the names registered.
Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{04BB0F6B-06AE-4D60-80C8-2A7A24C1D87B}
The redir is bound to 1 NetBt transport.
List of NetBt transports currently bound to the browser
NetBT_Tcpip_{04BB0F6B-06AE-4D60-80C8-2A7A24C1D87B}
The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped
Note: run "netsh ipsec dynamic show /?" for more detailed information
The command completed successfully
Best Answer
I think you'll find the key may lie here:
[WARNING] The DNS entries for this DC are not registered correctly on DNS server '68.94.156.1'. Please wait for 30 minutes for DNS server replication.
Is that your public ISP DNS server? If so, then this is the wrong DNS server to be using.
Your ISP's DNS server will not be used inside a normal AD network.
Edit: I just saw your update. You must have posted it while I was writing my answer. Ensure that Step 3 has been implemented as well.