H
harcom5262
Guest
I have 13 computers on a local AD DC that are logging on to the domain. I am trying to join a new computer to the domain and keep getting the non-existent domain error. When I do an nslookup on the server it returns the correct server name and IP address. the server Primary DNS IP points to itself and the workstations all point to the same IP as the primary DNS server with no secondary DNS server listed. The DNS on the server has forwarders for the ISP and a reverse lookup for the IP. I have flushed and registered the DNS cache multiple times and stopped and started the netlogon service multiple times.
I have turned off NIC teaming as well and nothing has changed.
Also early on I turned off the AT&T gateway router in case that was an issue. It wasn't.
On the same computer that I can't join the domain nor logon to the DC server, I am able to see all the domain computers including DC server. I can access the server shares and can even map a network drive to the server.
I keep finding references to verifying SRV records but nowhere is there step by step directions as to where in the DNS tree exactly to look for each of the records.
Any help resolving this issue would be greatly appreciated.
John Harrington
Here is a copy of the nslookup query.
C:\Windows\system32>nslookup
Default Server: server2012.mydomain.local
Address: 192.168.0.10
> set q=srv
> _ldap._tcp.dc._msdcs.mydomain.local
Server: server2012.mydomain.local
Address: 192.168.0.10
*** server2012.mydomain.local can't find _ldap._tcp.dc._msdcs.mydomain.local: Non-exi
stent domain
>
Here is a copy of the DCDIAG results.
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = SERVER2012
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SERVER2012
Starting test: Connectivity
......................... SERVER2012 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SERVER2012
Starting test: Advertising
......................... SERVER2012 passed test Advertising
Starting test: FrsEvent
......................... SERVER2012 passed test FrsEvent
Starting test: DFSREvent
......................... SERVER2012 passed test DFSREvent
Starting test: SysVolCheck
......................... SERVER2012 passed test SysVolCheck
Starting test: KccEvent
......................... SERVER2012 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... SERVER2012 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... SERVER2012 passed test MachineAccount
Starting test: NCSecDesc
......................... SERVER2012 passed test NCSecDesc
Starting test: NetLogons
......................... SERVER2012 passed test NetLogons
Starting test: ObjectsReplicated
......................... SERVER2012 passed test ObjectsReplicated
Starting test: Replications
......................... SERVER2012 passed test Replications
Starting test: RidManager
......................... SERVER2012 passed test RidManager
Starting test: Services
......................... SERVER2012 passed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0x000003F6
Time Generated: 05/27/2016 20:45:23
Event String:
Name resolution for the name yourdomain.com timed out after none of the configured DNS servers responded.
A warning event occurred. EventID: 0x000727A5
Time Generated: 05/27/2016 21:10:01
Event String:
The WinRM service is not listening for WS-Management requests.
An error event occurred. EventID: 0x0000271A
Time Generated: 05/27/2016 21:10:00
Event String:
The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
A warning event occurred. EventID: 0xA004001B
Time Generated: 05/27/2016 21:11:00
EvtFormatMessage failed, error 15027 the message resource is present but the message is not found in the string/message table.
(Event String (event log = System) could not be retrieved, error 0x3ab3)
A warning event occurred. EventID: 0xA004001B
Time Generated: 05/27/2016 21:11:02
Event String: Intel(R) Ethernet Server Adapter I210-T1
A warning event occurred. EventID: 0x000003F6
Time Generated: 05/27/2016 21:11:27
Event String:
Name resolution for the name _ldap._tcp.pdc._msdcs.MYDOMAIN.LOCAL. timed out after none of the configured DNS servers responded.
A warning event occurred. EventID: 0x0000000C
Time Generated: 05/27/2016 21:11:48
Event String:
Time Provider NtpClient: This machine is configured to use the domain hierarchy to determine its time source, but it is the AD PDC emulator for the domain at the root of the forest, so there is no machine above it in the domain hierarchy to use as a time source. It is recommended that you either configure a reliable time service in the root domain, or manually configure the AD PDC to synchronize with an external time source. Otherwise, this machine will function as the authoritative time source in the domain hierarchy. If an external time source is not configured or used for this computer, you may choose to disable the NtpClient.
A warning event occurred. EventID: 0x000727AA
Time Generated: 05/27/2016 21:11:49
Event String:
The WinRM service failed to create the following SPNs: WSMAN/MYDOMAIN.LOCAL; WSMAN/SERVER2012.
A warning event occurred. EventID: 0x000003F6
Time Generated: 05/27/2016 21:11:52
Event String:
Name resolution for the name wpad timed out after none of the configured DNS servers responded.
......................... SERVER2012 failed test SystemLog
Starting test: VerifyReferences
......................... SERVER2012 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : MYDOMAIN
Starting test: CheckSDRefDom
......................... MYDOMAIN passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... MYDOMAIN passed test CrossRefValidation
Running enterprise tests on : HJLAW.LOCAL
Starting test: LocatorCheck
......................... MYDOMAIN.LOCAL passed test LocatorCheck
Starting test: Intersite
......................... MYDOMAIN.LOCAL passed test Intersite
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = SERVER2012
* Identified AD Forest.
Done gathering initial info.
Doing initial required test
Testing server: Default-First-Site-Name\SERVER2012
Starting test: Connectivity
......................... SERVER2012 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SERVER2012
Starting test: Advertising
......................... SERVER2012 passed test Advertising
Starting test: FrsEvent
......................... SERVER2012 passed test FrsEvent
Starting test: DFSREvent
......................... SERVER2012 passed test DFSREvent
Starting test: SysVolCheck
......................... SERVER2012 passed test SysVolCheck
Starting test: KccEvent
......................... SERVER2012 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... SERVER2012 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... SERVER2012 passed test MachineAccount
Starting test: NCSecDesc
......................... SERVER2012 passed test NCSecDesc
Starting test: NetLogons
......................... SERVER2012 passed test NetLogons
Starting test: ObjectsReplicated
......................... SERVER2012 passed test ObjectsReplicated
Starting test: Replications
......................... SERVER2012 passed test Replications
Starting test: RidManager
......................... SERVER2012 passed test RidManager
Starting test: Services
......................... SERVER2012 passed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0x000003F6
Time Generated: 05/27/2016 20:45:23
Event String:
Name resolution for the name yourdomain.com timed out after none of the configured DNS servers responded.
A warning event occurred. EventID: 0x000727A5
Time Generated: 05/27/2016 21:10:01
Event String:
The WinRM service is not listening for WS-Management requests.
An error event occurred. EventID: 0x0000271A
Time Generated: 05/27/2016 21:10:00
Event String:
The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
A warning event occurred. EventID: 0xA004001B
Time Generated: 05/27/2016 21:11:00
EvtFormatMessage failed, error 15027 the message resource is present but the message is not found in the string/message table.
(Event String (event log = System) could not be retrieved, error 0x3ab3)
A warning event occurred. EventID: 0xA004001B
Time Generated: 05/27/2016 21:11:02
Event String: Intel(R) Ethernet Server Adapter I210-T1
A warning event occurred. EventID: 0x000003F6
Time Generated: 05/27/2016 21:11:27
Event String:
Name resolution for the name _ldap._tcp.pdc._msdcs.MYDOMAIN.LOCAL. timed out after none of the configured DNS servers responded.
A warning event occurred. EventID: 0x0000000C
Time Generated: 05/27/2016 21:11:48
Event String:
Time Provider NtpClient: This machine is configured to use the domain hierarchy to determine its time source, but it is the AD PDC emulator for the domain at the root of the forest, so there is no machine above it in the domain hierarchy to use as a time source. It is recommended that you either configure a reliable time service in the root domain, or manually configure the AD PDC to synchronize with an external time source. Otherwise, this machine will function as the authoritative time source in the domain hierarchy. If an external time source is not configured or used for this computer, you may choose to disable the NtpClient.
A warning event occurred. EventID: 0x000727AA
Time Generated: 05/27/2016 21:11:49
Event String:
The WinRM service failed to create the following SPNs: WSMAN/SERVER2012.MYDOMAIN.LOCAL; WSMAN/SERVER2012.
A warning event occurred. EventID: 0x000003F6
Time Generated: 05/27/2016 21:11:52
Event String:
Name resolution for the name wpad timed out after none of the configured DNS servers responded.
......................... SERVER2012 failed test SystemLog
Starting test: VerifyReferences
......................... SERVER2012 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : MYDOMAIN
Starting test: CheckSDRefDom
......................... MYDOMAIN passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... MYDOMAIN passed test CrossRefValidation
Running enterprise tests on : MYDOMAIN.LOCAL
Starting test: LocatorCheck
......................... MYDOMAIN.LOCAL passed test LocatorCheck
Starting test: Intersite
......................... MYDOMAIN.LOCAL passed test Intersite
C:\Windows\system32>dcdiag /test:registerindns /dnsdomain:MYDOMAIN.local /v
Starting test: RegisterInDNS
This domain controller cannot register domain controller Locator DNS
records. This is because it cannot locate a DNS server authoritative for
the zone MYDOMAIN.local. This is due to one of the following:
1. One or more DNS servers involved in the name resolution of the
hjhlaw.local name are not responding or contain incorrect delegation of
the DNS zones; or
2. The DNS server that this computer is configured with contains
incorrect root hints.
The list of such DNS servers might include the DNS servers with which
this computer is configured for name resolution and the DNS servers
responsible for the following zones: MYDOMAIN.local, local
Verify the correctness of the specified domain name and contact your
network/DNS administrator to fix the problem.
You can also manually add the records specified in the
%systemroot%\system32\config\netlogon.dns file.
......................... SERVER2012 failed test RegisterInDNS
Continue reading...
I have turned off NIC teaming as well and nothing has changed.
Also early on I turned off the AT&T gateway router in case that was an issue. It wasn't.
On the same computer that I can't join the domain nor logon to the DC server, I am able to see all the domain computers including DC server. I can access the server shares and can even map a network drive to the server.
I keep finding references to verifying SRV records but nowhere is there step by step directions as to where in the DNS tree exactly to look for each of the records.
Any help resolving this issue would be greatly appreciated.
John Harrington
Here is a copy of the nslookup query.
C:\Windows\system32>nslookup
Default Server: server2012.mydomain.local
Address: 192.168.0.10
> set q=srv
> _ldap._tcp.dc._msdcs.mydomain.local
Server: server2012.mydomain.local
Address: 192.168.0.10
*** server2012.mydomain.local can't find _ldap._tcp.dc._msdcs.mydomain.local: Non-exi
stent domain
>
Here is a copy of the DCDIAG results.
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = SERVER2012
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SERVER2012
Starting test: Connectivity
......................... SERVER2012 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SERVER2012
Starting test: Advertising
......................... SERVER2012 passed test Advertising
Starting test: FrsEvent
......................... SERVER2012 passed test FrsEvent
Starting test: DFSREvent
......................... SERVER2012 passed test DFSREvent
Starting test: SysVolCheck
......................... SERVER2012 passed test SysVolCheck
Starting test: KccEvent
......................... SERVER2012 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... SERVER2012 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... SERVER2012 passed test MachineAccount
Starting test: NCSecDesc
......................... SERVER2012 passed test NCSecDesc
Starting test: NetLogons
......................... SERVER2012 passed test NetLogons
Starting test: ObjectsReplicated
......................... SERVER2012 passed test ObjectsReplicated
Starting test: Replications
......................... SERVER2012 passed test Replications
Starting test: RidManager
......................... SERVER2012 passed test RidManager
Starting test: Services
......................... SERVER2012 passed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0x000003F6
Time Generated: 05/27/2016 20:45:23
Event String:
Name resolution for the name yourdomain.com timed out after none of the configured DNS servers responded.
A warning event occurred. EventID: 0x000727A5
Time Generated: 05/27/2016 21:10:01
Event String:
The WinRM service is not listening for WS-Management requests.
An error event occurred. EventID: 0x0000271A
Time Generated: 05/27/2016 21:10:00
Event String:
The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
A warning event occurred. EventID: 0xA004001B
Time Generated: 05/27/2016 21:11:00
EvtFormatMessage failed, error 15027 the message resource is present but the message is not found in the string/message table.
(Event String (event log = System) could not be retrieved, error 0x3ab3)
A warning event occurred. EventID: 0xA004001B
Time Generated: 05/27/2016 21:11:02
Event String: Intel(R) Ethernet Server Adapter I210-T1
A warning event occurred. EventID: 0x000003F6
Time Generated: 05/27/2016 21:11:27
Event String:
Name resolution for the name _ldap._tcp.pdc._msdcs.MYDOMAIN.LOCAL. timed out after none of the configured DNS servers responded.
A warning event occurred. EventID: 0x0000000C
Time Generated: 05/27/2016 21:11:48
Event String:
Time Provider NtpClient: This machine is configured to use the domain hierarchy to determine its time source, but it is the AD PDC emulator for the domain at the root of the forest, so there is no machine above it in the domain hierarchy to use as a time source. It is recommended that you either configure a reliable time service in the root domain, or manually configure the AD PDC to synchronize with an external time source. Otherwise, this machine will function as the authoritative time source in the domain hierarchy. If an external time source is not configured or used for this computer, you may choose to disable the NtpClient.
A warning event occurred. EventID: 0x000727AA
Time Generated: 05/27/2016 21:11:49
Event String:
The WinRM service failed to create the following SPNs: WSMAN/MYDOMAIN.LOCAL; WSMAN/SERVER2012.
A warning event occurred. EventID: 0x000003F6
Time Generated: 05/27/2016 21:11:52
Event String:
Name resolution for the name wpad timed out after none of the configured DNS servers responded.
......................... SERVER2012 failed test SystemLog
Starting test: VerifyReferences
......................... SERVER2012 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : MYDOMAIN
Starting test: CheckSDRefDom
......................... MYDOMAIN passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... MYDOMAIN passed test CrossRefValidation
Running enterprise tests on : HJLAW.LOCAL
Starting test: LocatorCheck
......................... MYDOMAIN.LOCAL passed test LocatorCheck
Starting test: Intersite
......................... MYDOMAIN.LOCAL passed test Intersite
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = SERVER2012
* Identified AD Forest.
Done gathering initial info.
Doing initial required test
Testing server: Default-First-Site-Name\SERVER2012
Starting test: Connectivity
......................... SERVER2012 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SERVER2012
Starting test: Advertising
......................... SERVER2012 passed test Advertising
Starting test: FrsEvent
......................... SERVER2012 passed test FrsEvent
Starting test: DFSREvent
......................... SERVER2012 passed test DFSREvent
Starting test: SysVolCheck
......................... SERVER2012 passed test SysVolCheck
Starting test: KccEvent
......................... SERVER2012 passed test KccEvent
Starting test: KnowsOfRoleHolders
......................... SERVER2012 passed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... SERVER2012 passed test MachineAccount
Starting test: NCSecDesc
......................... SERVER2012 passed test NCSecDesc
Starting test: NetLogons
......................... SERVER2012 passed test NetLogons
Starting test: ObjectsReplicated
......................... SERVER2012 passed test ObjectsReplicated
Starting test: Replications
......................... SERVER2012 passed test Replications
Starting test: RidManager
......................... SERVER2012 passed test RidManager
Starting test: Services
......................... SERVER2012 passed test Services
Starting test: SystemLog
A warning event occurred. EventID: 0x000003F6
Time Generated: 05/27/2016 20:45:23
Event String:
Name resolution for the name yourdomain.com timed out after none of the configured DNS servers responded.
A warning event occurred. EventID: 0x000727A5
Time Generated: 05/27/2016 21:10:01
Event String:
The WinRM service is not listening for WS-Management requests.
An error event occurred. EventID: 0x0000271A
Time Generated: 05/27/2016 21:10:00
Event String:
The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
A warning event occurred. EventID: 0xA004001B
Time Generated: 05/27/2016 21:11:00
EvtFormatMessage failed, error 15027 the message resource is present but the message is not found in the string/message table.
(Event String (event log = System) could not be retrieved, error 0x3ab3)
A warning event occurred. EventID: 0xA004001B
Time Generated: 05/27/2016 21:11:02
Event String: Intel(R) Ethernet Server Adapter I210-T1
A warning event occurred. EventID: 0x000003F6
Time Generated: 05/27/2016 21:11:27
Event String:
Name resolution for the name _ldap._tcp.pdc._msdcs.MYDOMAIN.LOCAL. timed out after none of the configured DNS servers responded.
A warning event occurred. EventID: 0x0000000C
Time Generated: 05/27/2016 21:11:48
Event String:
Time Provider NtpClient: This machine is configured to use the domain hierarchy to determine its time source, but it is the AD PDC emulator for the domain at the root of the forest, so there is no machine above it in the domain hierarchy to use as a time source. It is recommended that you either configure a reliable time service in the root domain, or manually configure the AD PDC to synchronize with an external time source. Otherwise, this machine will function as the authoritative time source in the domain hierarchy. If an external time source is not configured or used for this computer, you may choose to disable the NtpClient.
A warning event occurred. EventID: 0x000727AA
Time Generated: 05/27/2016 21:11:49
Event String:
The WinRM service failed to create the following SPNs: WSMAN/SERVER2012.MYDOMAIN.LOCAL; WSMAN/SERVER2012.
A warning event occurred. EventID: 0x000003F6
Time Generated: 05/27/2016 21:11:52
Event String:
Name resolution for the name wpad timed out after none of the configured DNS servers responded.
......................... SERVER2012 failed test SystemLog
Starting test: VerifyReferences
......................... SERVER2012 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : MYDOMAIN
Starting test: CheckSDRefDom
......................... MYDOMAIN passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... MYDOMAIN passed test CrossRefValidation
Running enterprise tests on : MYDOMAIN.LOCAL
Starting test: LocatorCheck
......................... MYDOMAIN.LOCAL passed test LocatorCheck
Starting test: Intersite
......................... MYDOMAIN.LOCAL passed test Intersite
C:\Windows\system32>dcdiag /test:registerindns /dnsdomain:MYDOMAIN.local /v
Starting test: RegisterInDNS
This domain controller cannot register domain controller Locator DNS
records. This is because it cannot locate a DNS server authoritative for
the zone MYDOMAIN.local. This is due to one of the following:
1. One or more DNS servers involved in the name resolution of the
hjhlaw.local name are not responding or contain incorrect delegation of
the DNS zones; or
2. The DNS server that this computer is configured with contains
incorrect root hints.
The list of such DNS servers might include the DNS servers with which
this computer is configured for name resolution and the DNS servers
responsible for the following zones: MYDOMAIN.local, local
Verify the correctness of the specified domain name and contact your
network/DNS administrator to fix the problem.
You can also manually add the records specified in the
%systemroot%\system32\config\netlogon.dns file.
......................... SERVER2012 failed test RegisterInDNS
Continue reading...