AD DS: This domain controller must be able to reach a DNS server and retrieve DNS records that are associated with this domain controller

Updated: August 31, 2012

Applies To: Windows Server 2008 R2, Windows Server 2012

This topic is intended to address a specific issue identified by a Best Practices Analyzer scan. You should apply the information in this topic only to computers that have had the Active Directory Domain Services Best Practices Analyzer run against them and are experiencing the issue addressed by this topic. For more information about best practices and scans, see Best Practices Analyzer (

Operating System

Windows Server 2008 R2

Windows Server 2012


Active Directory Domain Services (AD DS)






The Active Directory Domain Services Best Practice Analyzer (AD DS BPA) cannot retrieve information from the Domain Name System (DNS) server for this domain controller. DNS controls how this domain controller is located by the other member computers and domain controllers in the domain or forest.


The AD DS BPA cannot collect data and validate the configuration for the domain controller locator (DC Locator) (Netlogon) records that are registered in DNS.


Troubleshoot DNS client and DNS server issues to determine the root cause of the problem.

Troubleshoot the DNS Client service on the local computer. In Server Manager, click View Network Connections. Right-click the local area network connection and click Properties. Click Internet Protocol Version 4 (TCP/IPv4) and then click Properties. Click Use the following DNS server addresses and verify that a valid IP address is listed for Preferred DNS server. Make sure that this server is not pointing to itself as Preferred DNS server.

Use the Ping command to verify connectivity between this server and the Preferred DNS server.

If the registration problems are not identified and resolved, troubleshoot the DNS server or servers to which the DNS client settings point.

Additional references

For more information, see Troubleshooting DNS clients ( and Troubleshooting DNS Servers (