Domain Controller list test failed

Archived from groups: microsoft.public.win2000.dns (More info?)

Hello guys.

I have installed a Win2K server in my site. This is the configuration.

The server will hold files, share printers and control the access only
authorized accounts will log into the server.
Actually we have a ADSL connection, which must be shared as well via DHCP.
The equipments connected are:
Speedtouch ADSL modem, connected to a Linksys Wi-Fi router, from the router
is attached a cable to a Switch, the server connects via hub, the server
room is not finished yet. So I have plugged a cable from the wall to a hub
in order to continue the network segment.

The Internal server address / (the one configured via TCP/IP properties is
192.168.70.1) full class C, no subnetting
The Linksys router internal address is: 192.168.70.50, full class C, no
subnetting
The ADSL modem IP address : 200.109.233.200 / 22 (or 255.255.252.0)

I can ping the server and the linksys each other. I can surf the web from
the server and the desktops who are connected to the same hub segment.

The problem is when I try to include a desktop or laptop to the domain, I
have decided to run a NetDiag in order to check what is wrong, as you can
see the Domain Controller list test failed. How I can fix this? Thank you
very much in advance! Pablo

full class C, no subnetting


Computer Name: CCS-SRV-001
DNS Host Name: ccs-srv-001.s4biz.com
System info : Windows 2000 Server (Build 2195)
Processor : x86 Family 15 Model 0 Stepping 7, GenuineIntel
List of installed hotfixes :
Q147222


Netcard queries test . . . . . . . : Passed
GetStats failed for 'Paralelo directo'. [ERROR_NOT_SUPPORTED]
GetStats failed for 'Minipuerto WAN (PPTP)'. [ERROR_GEN_FAILURE]
[WARNING] The net card 'Minipuerto WAN (IP)' may not be working because
it has not received any packets.
[WARNING] The net card 'Minipuerto WAN (Monitor de red)' may not be
working because it has not received any packets.
[WARNING] The net card 'Minipuerto WAN (AppleTalk)' may not be working
because it has not received any packets.
GetStats failed for 'Minipuerto WAN (L2TP)'. [ERROR_NOT_SUPPORTED]


Per interface results:

Adapter : Conexión de área local

Netcard queries test . . . : Passed

Host Name. . . . . . . . . : ccs-srv-001
IP Address . . . . . . . . : 192.168.70.1
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 192.168.70.50
Dns Servers. . . . . . . . : 200.44.32.12
200.44.32.13


AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Passed

NetBT name test. . . . . . : Passed
No remote names have been found.

WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{B86201C9-44E7-4EDA-B4B2-33677DAC56C6}
1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
[FATAL] Could not open file H:\WINNT\system32\config\netlogon.dns for
reading.
[FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Passed
List of NetBt transports currently bound to the Redir
NetBT_Tcpip_{B86201C9-44E7-4EDA-B4B2-33677DAC56C6}
The redir is bound to 1 NetBt transport.

List of NetBt transports currently bound to the browser
NetBT_Tcpip_{B86201C9-44E7-4EDA-B4B2-33677DAC56C6}
The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Failed
Failed to enumerate DCs by using the browser.
[NERR_BadTransactConfig]


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Passed
IPSec policy service is active, but no policy is assigned.


The command completed successfully
6 answers Last reply
More about domain controller list test failed
  1. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:un6ULFqzEHA.3936@TK2MSFTNGP10.phx.gbl,
    Pablo Fernandez <pefl@cantv.net> made a post then I commented below
    > Hello guys.
    >
    > I have installed a Win2K server in my site. This is the configuration.
    >
    > The server will hold files, share printers and control the access only
    > authorized accounts will log into the server.
    > Actually we have a ADSL connection, which must be shared as well via
    > DHCP. The equipments connected are:
    > Speedtouch ADSL modem, connected to a Linksys Wi-Fi router, from the
    > router is attached a cable to a Switch, the server connects via hub,
    > the server room is not finished yet. So I have plugged a cable from
    > the wall to a hub in order to continue the network segment.
    >
    > The Internal server address / (the one configured via TCP/IP
    > properties is 192.168.70.1) full class C, no subnetting
    > The Linksys router internal address is: 192.168.70.50, full class C,
    > no subnetting
    > The ADSL modem IP address : 200.109.233.200 / 22 (or 255.255.252.0)
    >
    > I can ping the server and the linksys each other. I can surf the web
    > from the server and the desktops who are connected to the same hub
    > segment.
    >
    > The problem is when I try to include a desktop or laptop to the
    > domain, I have decided to run a NetDiag in order to check what is
    > wrong, as you can see the Domain Controller list test failed. How I
    > can fix this? Thank you very much in advance! Pablo
    >
    > full class C, no subnetting
    >
    <snip>
    >
    > Host Name. . . . . . . . . : ccs-srv-001
    > IP Address . . . . . . . . : 192.168.70.1
    > Subnet Mask. . . . . . . . : 255.255.255.0
    > Default Gateway. . . . . . : 192.168.70.50
    > Dns Servers. . . . . . . . : 200.44.32.12
    > 200.44.32.13
    >
    <snip>

    This is a classic problem of not using the internal DNS server. In any AD
    installation, the internal server MUST be the only one referenced in ALL
    machines. This includes the domain controller, member servers, and clients.
    Otherwise, numerous issues WILL result from the misconfiguration. Here is a
    repost of a snippet I've posted in the past that may help you in regards to
    understanding how AD relies on DNS:

    _________________________
    AD & DNS:
    If you have your ISP's DNS addresses in your IP configuration (DCs and
    clients), they need to be REMOVED. This is what is causing the whole
    problem.

    Just a little background: AD uses DNS. DNS stores AD's resource and service
    locations in the form of SRV records, hence how everything that is part of
    the domain will find resources in the domain. If the ISP's DNS is configured
    in the any of the internal AD member machines' IP properties, (including all
    client machines and DCs), the machines will be asking the ISP's DNS 'where
    is the domain controller for my domain?", whenever it needs to perform a
    function, (such as a logon request, replication request, querying and
    applying GPOs, etc). Unfortunately, the ISP's DNS does not have that info.

    If this is the current scenario, it is highly suggested and recommended to
    only use the internal DNS servers on the network that is hosting the AD zone
    name. This applies to all machines, (DCs and clients). Believe me, Internet
    resolution will still work with the use of the Root hints (as long as the
    root zone doesn't exist).

    However, for more effcient Internet resolution, it's HIGHLY recommended to
    configure a forwarder. If the forwarding option is grayed out, delete the
    Root zone (looks like a period). If not sure how to preform these two tasks,
    please follow one of the two articles listed below, depending on your
    operating system. They show a step by step on how to perform these tasks:

    323380 - HOW TO Configure DNS for Internet Access in Windows Server 2003 :
    http://support.microsoft.com/?id=323380

    300202 - HOW TO Configure DNS for Internet Access in Windows Server 2000 :
    http://support.microsoft.com/?id=300202


    Some additional reading that may help:

    825036 - Best practices for DNS client settings in Windows 2000 Server and
    in Windows Server 2003:
    http://support.microsoft.com/default.aspx?scid=kb;en-us;825036

    DNS and AD (Windows 2000 & 2003) FAQ:
    http://support.microsoft.com/?id=291382

    Domain Controller's Domain Name System Suffix Does Not Match Domain Name:
    http://support.microsoft.com/?id=257623

    Clients cannot dynamically register DNS records in a single-label forward
    lookup zone:
    http://support.microsoft.com/?id=826743

    __________________________


    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services

    Security Is Like An Onion, It Has Layers
    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
  2. Archived from groups: microsoft.public.win2000.dns (More info?)

    Thank very much Ace.

    I performed many searches on the microsoft web site and could not find the
    right info, thanks for sending it, i will post results.

    Kindest regards.

    Pablo


    "Ace Fekay [MVP]"
    <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> escribió en el
    mensaje news:eAjkG7qzEHA.2568@TK2MSFTNGP10.phx.gbl...
    > In news:un6ULFqzEHA.3936@TK2MSFTNGP10.phx.gbl,
    > Pablo Fernandez <pefl@cantv.net> made a post then I commented below
    > > Hello guys.
    > >
    > > I have installed a Win2K server in my site. This is the configuration.
    > >
    > > The server will hold files, share printers and control the access only
    > > authorized accounts will log into the server.
    > > Actually we have a ADSL connection, which must be shared as well via
    > > DHCP. The equipments connected are:
    > > Speedtouch ADSL modem, connected to a Linksys Wi-Fi router, from the
    > > router is attached a cable to a Switch, the server connects via hub,
    > > the server room is not finished yet. So I have plugged a cable from
    > > the wall to a hub in order to continue the network segment.
    > >
    > > The Internal server address / (the one configured via TCP/IP
    > > properties is 192.168.70.1) full class C, no subnetting
    > > The Linksys router internal address is: 192.168.70.50, full class C,
    > > no subnetting
    > > The ADSL modem IP address : 200.109.233.200 / 22 (or 255.255.252.0)
    > >
    > > I can ping the server and the linksys each other. I can surf the web
    > > from the server and the desktops who are connected to the same hub
    > > segment.
    > >
    > > The problem is when I try to include a desktop or laptop to the
    > > domain, I have decided to run a NetDiag in order to check what is
    > > wrong, as you can see the Domain Controller list test failed. How I
    > > can fix this? Thank you very much in advance! Pablo
    > >
    > > full class C, no subnetting
    > >
    > <snip>
    > >
    > > Host Name. . . . . . . . . : ccs-srv-001
    > > IP Address . . . . . . . . : 192.168.70.1
    > > Subnet Mask. . . . . . . . : 255.255.255.0
    > > Default Gateway. . . . . . : 192.168.70.50
    > > Dns Servers. . . . . . . . : 200.44.32.12
    > > 200.44.32.13
    > >
    > <snip>
    >
    > This is a classic problem of not using the internal DNS server. In any AD
    > installation, the internal server MUST be the only one referenced in ALL
    > machines. This includes the domain controller, member servers, and
    clients.
    > Otherwise, numerous issues WILL result from the misconfiguration. Here is
    a
    > repost of a snippet I've posted in the past that may help you in regards
    to
    > understanding how AD relies on DNS:
    >
    > _________________________
    > AD & DNS:
    > If you have your ISP's DNS addresses in your IP configuration (DCs and
    > clients), they need to be REMOVED. This is what is causing the whole
    > problem.
    >
    > Just a little background: AD uses DNS. DNS stores AD's resource and
    service
    > locations in the form of SRV records, hence how everything that is part of
    > the domain will find resources in the domain. If the ISP's DNS is
    configured
    > in the any of the internal AD member machines' IP properties, (including
    all
    > client machines and DCs), the machines will be asking the ISP's DNS 'where
    > is the domain controller for my domain?", whenever it needs to perform a
    > function, (such as a logon request, replication request, querying and
    > applying GPOs, etc). Unfortunately, the ISP's DNS does not have that info.
    >
    > If this is the current scenario, it is highly suggested and recommended to
    > only use the internal DNS servers on the network that is hosting the AD
    zone
    > name. This applies to all machines, (DCs and clients). Believe me,
    Internet
    > resolution will still work with the use of the Root hints (as long as the
    > root zone doesn't exist).
    >
    > However, for more effcient Internet resolution, it's HIGHLY recommended to
    > configure a forwarder. If the forwarding option is grayed out, delete the
    > Root zone (looks like a period). If not sure how to preform these two
    tasks,
    > please follow one of the two articles listed below, depending on your
    > operating system. They show a step by step on how to perform these tasks:
    >
    > 323380 - HOW TO Configure DNS for Internet Access in Windows Server 2003 :
    > http://support.microsoft.com/?id=323380
    >
    > 300202 - HOW TO Configure DNS for Internet Access in Windows Server 2000 :
    > http://support.microsoft.com/?id=300202
    >
    >
    > Some additional reading that may help:
    >
    > 825036 - Best practices for DNS client settings in Windows 2000 Server and
    > in Windows Server 2003:
    > http://support.microsoft.com/default.aspx?scid=kb;en-us;825036
    >
    > DNS and AD (Windows 2000 & 2003) FAQ:
    > http://support.microsoft.com/?id=291382
    >
    > Domain Controller's Domain Name System Suffix Does Not Match Domain Name:
    > http://support.microsoft.com/?id=257623
    >
    > Clients cannot dynamically register DNS records in a single-label forward
    > lookup zone:
    > http://support.microsoft.com/?id=826743
    >
    > __________________________
    >
    >
    > --
    > Regards,
    > Ace
    >
    > Please direct all replies ONLY to the Microsoft public newsgroups
    > so all can benefit.
    >
    > This posting is provided "AS-IS" with no warranties or guarantees
    > and confers no rights.
    >
    > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > Microsoft Windows MVP - Windows Server - Directory Services
    >
    > Security Is Like An Onion, It Has Layers
    > HAM AND EGGS: A day's work for a chicken;
    > A lifetime commitment for a pig.
    > --
    > =================================
    >
    >
  3. Archived from groups: microsoft.public.win2000.dns (More info?)

    Hello good afternoon to everyone,

    I was wondering if it will be a best practice to delete the AD created that
    is not correctly working because my Domain Controller list failed and follow
    the instructions and create it again? just using the "dcpromo.exe" from the
    Run prompt.

    Where i can find more documentation? Thank you very much in advance,

    Pablo


    "Pablo Fernandez" <pefl@cantv.net> escribió en el mensaje
    news:eETmnLwzEHA.2040@tk2msftngp13.phx.gbl...
    > Thank very much Ace.
    >
    > I performed many searches on the microsoft web site and could not find the
    > right info, thanks for sending it, i will post results.
    >
    > Kindest regards.
    >
    > Pablo
    >
    >
    > "Ace Fekay [MVP]"
    > <PleaseSubstituteMyActualFirstName&LastNameHere@hotmail.com> escribió en
    el
    > mensaje news:eAjkG7qzEHA.2568@TK2MSFTNGP10.phx.gbl...
    > > In news:un6ULFqzEHA.3936@TK2MSFTNGP10.phx.gbl,
    > > Pablo Fernandez <pefl@cantv.net> made a post then I commented below
    > > > Hello guys.
    > > >
    > > > I have installed a Win2K server in my site. This is the configuration.
    > > >
    > > > The server will hold files, share printers and control the access only
    > > > authorized accounts will log into the server.
    > > > Actually we have a ADSL connection, which must be shared as well via
    > > > DHCP. The equipments connected are:
    > > > Speedtouch ADSL modem, connected to a Linksys Wi-Fi router, from the
    > > > router is attached a cable to a Switch, the server connects via hub,
    > > > the server room is not finished yet. So I have plugged a cable from
    > > > the wall to a hub in order to continue the network segment.
    > > >
    > > > The Internal server address / (the one configured via TCP/IP
    > > > properties is 192.168.70.1) full class C, no subnetting
    > > > The Linksys router internal address is: 192.168.70.50, full class C,
    > > > no subnetting
    > > > The ADSL modem IP address : 200.109.233.200 / 22 (or 255.255.252.0)
    > > >
    > > > I can ping the server and the linksys each other. I can surf the web
    > > > from the server and the desktops who are connected to the same hub
    > > > segment.
    > > >
    > > > The problem is when I try to include a desktop or laptop to the
    > > > domain, I have decided to run a NetDiag in order to check what is
    > > > wrong, as you can see the Domain Controller list test failed. How I
    > > > can fix this? Thank you very much in advance! Pablo
    > > >
    > > > full class C, no subnetting
    > > >
    > > <snip>
    > > >
    > > > Host Name. . . . . . . . . : ccs-srv-001
    > > > IP Address . . . . . . . . : 192.168.70.1
    > > > Subnet Mask. . . . . . . . : 255.255.255.0
    > > > Default Gateway. . . . . . : 192.168.70.50
    > > > Dns Servers. . . . . . . . : 200.44.32.12
    > > > 200.44.32.13
    > > >
    > > <snip>
    > >
    > > This is a classic problem of not using the internal DNS server. In any
    AD
    > > installation, the internal server MUST be the only one referenced in ALL
    > > machines. This includes the domain controller, member servers, and
    > clients.
    > > Otherwise, numerous issues WILL result from the misconfiguration. Here
    is
    > a
    > > repost of a snippet I've posted in the past that may help you in regards
    > to
    > > understanding how AD relies on DNS:
    > >
    > > _________________________
    > > AD & DNS:
    > > If you have your ISP's DNS addresses in your IP configuration (DCs and
    > > clients), they need to be REMOVED. This is what is causing the whole
    > > problem.
    > >
    > > Just a little background: AD uses DNS. DNS stores AD's resource and
    > service
    > > locations in the form of SRV records, hence how everything that is part
    of
    > > the domain will find resources in the domain. If the ISP's DNS is
    > configured
    > > in the any of the internal AD member machines' IP properties, (including
    > all
    > > client machines and DCs), the machines will be asking the ISP's DNS
    'where
    > > is the domain controller for my domain?", whenever it needs to perform a
    > > function, (such as a logon request, replication request, querying and
    > > applying GPOs, etc). Unfortunately, the ISP's DNS does not have that
    info.
    > >
    > > If this is the current scenario, it is highly suggested and recommended
    to
    > > only use the internal DNS servers on the network that is hosting the AD
    > zone
    > > name. This applies to all machines, (DCs and clients). Believe me,
    > Internet
    > > resolution will still work with the use of the Root hints (as long as
    the
    > > root zone doesn't exist).
    > >
    > > However, for more effcient Internet resolution, it's HIGHLY recommended
    to
    > > configure a forwarder. If the forwarding option is grayed out, delete
    the
    > > Root zone (looks like a period). If not sure how to preform these two
    > tasks,
    > > please follow one of the two articles listed below, depending on your
    > > operating system. They show a step by step on how to perform these
    tasks:
    > >
    > > 323380 - HOW TO Configure DNS for Internet Access in Windows Server 2003
    :
    > > http://support.microsoft.com/?id=323380
    > >
    > > 300202 - HOW TO Configure DNS for Internet Access in Windows Server 2000
    :
    > > http://support.microsoft.com/?id=300202
    > >
    > >
    > > Some additional reading that may help:
    > >
    > > 825036 - Best practices for DNS client settings in Windows 2000 Server
    and
    > > in Windows Server 2003:
    > > http://support.microsoft.com/default.aspx?scid=kb;en-us;825036
    > >
    > > DNS and AD (Windows 2000 & 2003) FAQ:
    > > http://support.microsoft.com/?id=291382
    > >
    > > Domain Controller's Domain Name System Suffix Does Not Match Domain
    Name:
    > > http://support.microsoft.com/?id=257623
    > >
    > > Clients cannot dynamically register DNS records in a single-label
    forward
    > > lookup zone:
    > > http://support.microsoft.com/?id=826743
    > >
    > > __________________________
    > >
    > >
    > > --
    > > Regards,
    > > Ace
    > >
    > > Please direct all replies ONLY to the Microsoft public newsgroups
    > > so all can benefit.
    > >
    > > This posting is provided "AS-IS" with no warranties or guarantees
    > > and confers no rights.
    > >
    > > Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    > > Microsoft Windows MVP - Windows Server - Directory Services
    > >
    > > Security Is Like An Onion, It Has Layers
    > > HAM AND EGGS: A day's work for a chicken;
    > > A lifetime commitment for a pig.
    > > --
    > > =================================
    > >
    > >
    >
    >
  4. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:e3viq9A0EHA.3972@TK2MSFTNGP12.phx.gbl,
    Pablo Fernandez <pefl@cantv.net> made a post then I commented below
    > Hello good afternoon to everyone,
    >
    > I was wondering if it will be a best practice to delete the AD
    > created that is not correctly working because my Domain Controller
    > list failed and follow the instructions and create it again? just
    > using the "dcpromo.exe" from the Run prompt.
    >
    > Where i can find more documentation? Thank you very much in advance,
    >
    > Pablo
    >

    There's not much documentation on this. There is one about multihomed DCs
    (which I posted below), but it does not have enough information in it to
    address the issues you are receiving. Believe me, you'll have to take my
    word on it. It's wiser to purchase an inexpensive router to handle NAT
    functions. Other responses may chime in stating the same fact.

    272294 - Active Directory Communication Fails on Multihomed Domain
    Controllers:
    http://support.microsoft.com/?id=272294

    Ace
  5. Archived from groups: microsoft.public.win2000.dns (More info?)

    Hello Ace and everyone.
    I have followed the documentation. The workstations still cannot log into
    the domain. Here is the update of netgiag.


    Computer Name: CCS-SRV-001
    DNS Host Name: ccs-srv-001.s4b.com
    System info : Windows 2000 Server (Build 2195)
    Processor : x86 Family 15 Model 0 Stepping 7, GenuineIntel
    List of installed hotfixes :
    Q147222


    Netcard queries test . . . . . . . : Passed
    GetStats failed for 'Paralelo directo'. [ERROR_NOT_SUPPORTED]
    GetStats failed for 'Minipuerto WAN (PPTP)'. [ERROR_GEN_FAILURE]
    [WARNING] The net card 'Minipuerto WAN (IP)' may not be working because
    it has not received any packets.
    [WARNING] The net card 'Minipuerto WAN (Monitor de red)' may not be
    working because it has not received any packets.
    [WARNING] The net card 'Minipuerto WAN (AppleTalk)' may not be working
    because it has not received any packets.
    GetStats failed for 'Minipuerto WAN (L2TP)'. [ERROR_NOT_SUPPORTED]


    Per interface results:

    Adapter : Conexión de área local

    Netcard queries test . . . : Passed

    Host Name. . . . . . . . . : ccs-srv-001.s4biz.com
    IP Address . . . . . . . . : 192.168.70.10
    Subnet Mask. . . . . . . . : 255.255.255.0
    Default Gateway. . . . . . : 192.168.70.1
    Dns Servers. . . . . . . . : 127.0.0.1
    192.168.70.10
    200.44.32.12


    AutoConfiguration results. . . . . . : Passed

    Default gateway test . . . : Passed

    NetBT name test. . . . . . : Passed
    No remote names have been found.

    WINS service test. . . . . : Skipped
    There are no WINS servers configured for this interface.


    Global results:


    Domain membership test . . . . . . : Passed


    NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
    NetBT_Tcpip_{B86201C9-44E7-4EDA-B4B2-33677DAC56C6}
    1 NetBt transport currently configured.


    Autonet address test . . . . . . . : Passed


    IP loopback ping test. . . . . . . : Passed


    Default gateway test . . . . . . . : Passed


    NetBT name test. . . . . . . . . . : Passed


    Winsock test . . . . . . . . . . . : Passed


    DNS test . . . . . . . . . . . . . : Passed
    PASS - All the DNS entries for DC are registered on DNS server
    '127.0.0.1'.
    PASS - All the DNS entries for DC are registered on DNS server
    '192.168.70.10'.
    [WARNING] The DNS entries for this DC are not registered correctly on
    DNS server '200.44.32.12'. Please wait for 30 minutes for DNS server
    replication.


    Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
    NetBT_Tcpip_{B86201C9-44E7-4EDA-B4B2-33677DAC56C6}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
    NetBT_Tcpip_{B86201C9-44E7-4EDA-B4B2-33677DAC56C6}
    The browser is bound to 1 NetBt transport.


    DC discovery test. . . . . . . . . : Passed


    DC list test . . . . . . . . . . . : Failed
    Failed to enumerate DCs by using the browser. [NERR_BadTransactConfig]


    Trust relationship test. . . . . . : Skipped


    Kerberos test. . . . . . . . . . . : Passed


    LDAP test. . . . . . . . . . . . . : Passed


    Bindings test. . . . . . . . . . . : Passed


    WAN configuration test . . . . . . : Skipped
    No active remote access connections.


    Modem diagnostics test . . . . . . : Passed

    IP Security test . . . . . . . . . : Passed
    IPSec policy service is active, but no policy is assigned.


    The command completed successfully


    The thing that still worries me is the " DC list test . . . . . . . . . . .
    : Failed
    Failed to enumerate DCs by using the browser.
    [NERR_BadTransactConfig]"

    How I can fix that? please check the ip's and DNS are right, what is the
    problem with the DC's?


    Thank you very much in advance,.

    Pablo
    "Ace Fekay [MVP]" wrote:

    > In news:e3viq9A0EHA.3972@TK2MSFTNGP12.phx.gbl,
    > Pablo Fernandez <pefl@cantv.net> made a post then I commented below
    > > Hello good afternoon to everyone,
    > >
    > > I was wondering if it will be a best practice to delete the AD
    > > created that is not correctly working because my Domain Controller
    > > list failed and follow the instructions and create it again? just
    > > using the "dcpromo.exe" from the Run prompt.
    > >
    > > Where i can find more documentation? Thank you very much in advance,
    > >
    > > Pablo
    > >
    >
    > There's not much documentation on this. There is one about multihomed DCs
    > (which I posted below), but it does not have enough information in it to
    > address the issues you are receiving. Believe me, you'll have to take my
    > word on it. It's wiser to purchase an inexpensive router to handle NAT
    > functions. Other responses may chime in stating the same fact.
    >
    > 272294 - Active Directory Communication Fails on Multihomed Domain
    > Controllers:
    > http://support.microsoft.com/?id=272294
    >
    > Ace
    >
    >
    >
  6. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:EFFC4CA7-4759-4341-AADF-B0815939FDF7@microsoft.com,
    Pablo <Pablo@discussions.microsoft.com> made a post then I commented below
    > Hello Ace and everyone.
    > I have followed the documentation. The workstations still cannot log
    > into the domain. Here is the update of netgiag.
    >
    <snip>
    >
    > Per interface results:
    >
    > Adapter : Conexión de área local
    >
    > Netcard queries test . . . : Passed
    >
    > Host Name. . . . . . . . . : ccs-srv-001.s4biz.com
    > IP Address . . . . . . . . : 192.168.70.10
    > Subnet Mask. . . . . . . . : 255.255.255.0
    > Default Gateway. . . . . . : 192.168.70.1
    > Dns Servers. . . . . . . . : 127.0.0.1
    > 192.168.70.10
    > 200.44.32.12
    >

    As I previously said, this is a classic DNS misconfigurtion.

    Pablo, you MUST remove any external DNS addresses FROM ALL OF YOUR MACHINES.
    This includes the 127.0.0.1 and the 200.44.32.12 addresses. If this is your
    only DNS server internally, then ALL machines (including domain controller,
    clients, member servers, etc) must **ONLY** use this this internal DNS
    server, whicih according to the output above, it must only show
    192.168.70.10 on ALL machines.

    If you would like efficient Internet access, follow my previous post on how
    to configure a forwarder.

    Once these changes I suggested have been performed on ALL machines (remove
    the external addresses too from your DHCP scope), restart the netlogon
    service on the DC, and please post back with an updated netdiag /v /fix.

    Please also post an unedited ipconfig /all from this DC and from a client
    too. I would like to take a closer look at your systems' configuration.

    Thanks,
    Ace
Ask a new question

Read More

Domain Controller Servers Windows