question

Blake-4870 avatar image
0 Votes"
Blake-4870 asked ·

The local domain controller could not connect with the following domain controller hosting the following directory partition to resolve distinguished names.

I am trying to setup a Active Directory and cant seem to find the solution on my own. The network also has a firewall, but I dont think that is the issue since the domain controller and AD are on the same machine.

The local domain controller could not connect with the following domain controller hosting the following directory partition to resolve distinguished names.


Domain controller:


Directory partition:
redacted.com


Additional Data
Error value:
1355 The specified domain either does not exist or could not be contacted.
Internal ID:
3201395

Windows IP Configuration

Host Name . . . . . . . . . . . . : Redacted
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82574L Gigabit Network Connection #2
Physical Address. . . . . . . . . : D0-50-99-C1-EB-DC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e571:7b1d:c7a9:445c%6(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.168.65(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, August 14, 2020 12:54:44 PM
Lease Expires . . . . . . . . . . : Saturday, August 15, 2020 1:03:01 PM
Default Gateway . . . . . . . . . : 192.168.168.168
DHCP Server . . . . . . . . . . . : 192.168.168.168
DHCPv6 IAID . . . . . . . . . . . : 265310361
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-22-94-F3-A7-D0-50-99-C1-EB-DC
DNS Servers . . . . . . . . . . . : 127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{62CC7E69-5195-4C8B-9BE3-E02D07B12411}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:34f1:8072:c37:e1d1:b8f6:96ac(Preferred)
Link-local IPv6 Address . . . . . : fe80::c37:e1d1:b8f6:96ac%7(Preferred)
Default Gateway . . . . . . . . . : ::
DHCPv6 IAID . . . . . . . . . . . : 520093696
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-22-94-F3-A7-D0-50-99-C1-EB-DC
NetBIOS over Tcpip. . . . . . . . : Disabled

windows-active-directorywindows-server-2016windows-dhcp-dns
10 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
1 Vote"
DSPatrick answered ·

I'd also add the domain controller's own static ip address (192.168.168.168) listed for DNS then do ipconfig /flushdns, ipconfig /registerdns, restart the netlogon service



--please don't forget to Accept as answer if the reply is helpful--




10 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Blake-4870 avatar image
0 Votes"
Blake-4870 answered ·

Added and executed the commands and restarted. I am going to post the current errors I do have from DNS and AD DS.

AD DS Errors: Let me know what I need to Expand.

 6016    Warning    DFSR    DFS Replication    8/14/2020 1:26:46 PM
 1844    Warning    Microsoft-Windows-ActiveDirectory_DomainService    Directory Service    8/14/2020 1:22:00 PM
 1202    Error    ADWS    Active Directory Web Services    8/14/2020 1:21:45 PM
 1202    Error    DFSR    DFS Replication    8/14/2020 1:21:45 PM
 4013    Warning    Microsoft-Windows-DNS-Server-Service    DNS Server    8/14/2020 1:21:38 PM
 414    Warning    Microsoft-Windows-DNS-Server-Service    DNS Server    8/14/2020 1:21:33 PM
 1220    Warning    Microsoft-Windows-ActiveDirectory_DomainService    Directory Service    8/14/2020 1:21:28 PM
 3041    Warning    Microsoft-Windows-ActiveDirectory_DomainService    Directory Service    8/14/2020 1:21:26 PM
 2886    Warning    Microsoft-Windows-ActiveDirectory_DomainService    Directory Service    8/14/2020 1:21:26 PM
 1539    Warning    Microsoft-Windows-ActiveDirectory_DomainService    Directory Service    8/14/2020 1:21:15 PM




DNS Errors: Let me know what I need to Expand.

 414    Warning    Microsoft-Windows-DNS-Server-Service    DNS Server    8/14/2020 1:21:33 PM
    4013    Warning    Microsoft-Windows-DNS-Server-Service    DNS Server    8/14/2020 1:21:38 PM
· 1
10 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DNS

 4512    Warning    Microsoft-Windows-DNS-Server-Service    DNS Server    8/14/2020 1:30:05 PM


The DNS server was unable to create the built-in directory partition ForestDnsZones.XXXX.com. The error was 9906.


 4512    Warning    Microsoft-Windows-DNS-Server-Service    DNS Server    8/14/2020 1:30:05 PM


The DNS server was unable to create the built-in directory partition DomainDnsZones.XXXX.com. The error was 9906.




0 Votes 0 ·
DSPatrick avatar image
0 Votes"
DSPatrick answered ·

Please run;

  • Dcdiag /v /c /d /e /s:%computername% >c:\dcdiag.log

  • repadmin /showrepl >C:\repl.txt

  • ipconfig /all > C:\dc1.txt

  • ipconfig /all > C:\dc2.txt

  • (etc. as other DC's exist)

then put unzipped text files up on OneDrive and share a link.


· 11
10 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Here is the link for the logs retrieved Monday 8/17/2020.


https://1drv.ms/u/s!Ag5vgLnpw2mYcj1WdFtSLqbaSqM?e=2kK8aU

0 Votes 0 ·

The domain controller XXXX is DHCP assigned. A domain controller should always have a static ip address.

dcdiag is invalid, no need to edit the commands




0 Votes 0 ·

I have assigned a static IP and updated the files on OneDrive.

0 Votes 0 ·
Show more comments

Sorry, reuploaded with and did not edit dcdiag.

0 Votes 0 ·
Show more comments
Thameur-BOURBITA avatar image
0 Votes"
Thameur-BOURBITA answered ·

Hi,

To get more details about the DC health on each domain controller you can run the following command dcdiag

 Dcdiag 
 repadmin /showrepl


Check also the event viewer on each DC.



10 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

VickyWang-MFST avatar image
0 Votes"
VickyWang-MFST answered ·

Let's suppose that your Active Directory Domain Controller (and DNS Server) is a Windows Server 2016 machine and is responsible for the domain "wintips.local" and has the IP Address "192.168.1.10".

At this example, the IP and the Preferred DNS address on the Primary Domain Controller (Server 2016) must be the same, e.g.

Primary Domain Controller (Server 2016)
Computer Name: Server2k16
Domain Name: WINTIPS.LOCAL
IP Address (Static): 192.168.1.10
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.1.1
Preferred DNS Server: 192.168.1.10
Method 1. Set the Preferred DNS Server Address to match the Domain Controller's IP Address (on Client Workstation)
To resolve the "Specified Domain Does Not Exist or Could Not Be Contacted" error, you have to set the Preferred DNS IP to point to Primary Domain Controller's IP address, on each client workstation that you want to join in the domain. To do that:

  1. Open Network and Sharing Center.

  2. Right click on Local Area Connection and click Properties.

  3. Double click on Internet Protocol TCP/IPv4.

  4. Change the Preferred DNS server address to match the Primary Domain Controller's IP Address (e.g. "192.168.1.10" in this example).

  5. Click OK twice and close all windows.

6 Try to join the workstation in the Domain.

10 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Blake-4870 avatar image
0 Votes"
Blake-4870 answered ·

Directory Server Diagnosis

Performing initial setup:
Trying to find home server...
Home Server = AMADSERVER
* Identified AD Forest.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\AMADSERVER
Starting test: Connectivity
The host 960f30f9-e9d7-48fd-bd35-fe1741b18561._msdcs.amad.com could not be resolved to an IP address. Check
the DNS server, DHCP, server name, etc.
Got error while checking LDAP and RPC connectivity. Please check your firewall settings.
......................... AMADSERVER failed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\AMADSERVER
Skipping all tests, because server AMADSERVER is not responding to directory service requests.


Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation

Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation

Running partition tests on : amad
Starting test: CheckSDRefDom
......................... amad passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... amad passed test CrossRefValidation

Running enterprise tests on : amad.com
Starting test: LocatorCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1355
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... amad.com failed test LocatorCheck
Starting test: Intersite
......................... amad.com passed test Intersite

10 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.