none
lack of network connectivity to a domain controller

    Question

  • I get the following error when trying to run gpupdate /force:

    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

    C:\Windows\system32>gpupdate /force
    Updating Policy...

    "User Policy update has completed successfully.
    Computer policy could not be updated successfully. The following errors were enc
    ountered:

    The processing of Group Policy failed because of lack of network connectivity to
     a domain controller. This may be a transient condition. A success message would
     be generated once the machine gets connected to the domain controller and Group
     Policy has succesfully processed. If you do not see a success message for sever
    al hours, then contact your administrator.

    To diagnose the failure, review the event log or run GPRESULT /H GPReport.html f
    rom the command line to access information about Group Policy results."

    my tapology is as follows:

    FIOS ROUTER --> MIKROTIK ROUTER --> VIRTUAL SERVER (esxi, serv. 08 r2) --> client

    I have stopped the pass through of the fios router IP's and am using the MIKROTIK as my DHCP and not my server.

    I am running 2 routers so that I could create a sandbox that won't effect other users in my house. different subnets

    No errors are appearing in Roles on the server for DNS

    Any help greatly appreciated

    Saturday, September 28, 2013 12:31 PM

Answers

  • That part is Ok, just need to make the other changes. Multi-homing refers  to having two or more active network connections on a domain controller.

    Change local DNS server to have own address as primary and 127.0.0.1 as secondary (assuming only one DNS server) in network connection properties. Put public DNS addresses as forwarders only on local DNS server. If using router for DHCP then change router DHCP to hand out ip address of local DNS server only. Also DC/DNS server must have a static address outside of range of DHCP scope.

     

     

     


    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows]

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.



    Saturday, September 28, 2013 6:47 PM

All replies

  • Diagnose your systém with dcdiag, restart and see what is logs you obtained as well as resulting GPO. This may be the transient phenomenon.

    If problém persists, analyze your intention to change the GPO. Chances are that you asked something that the systém cannot accept easily.

    Rgds

    Milos

    Saturday, September 28, 2013 4:47 PM
  • Milos,

    So you don't believe it has anything to do with the way I have my routers set up?

    Saturday, September 28, 2013 5:02 PM
  • Please post unedited ipconfig /all of domain controller and problem machine.

     

     

     


    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows]

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Saturday, September 28, 2013 5:10 PM
  • C:\Users\Administrator.08Leo87>ipconfig /all
    Windows IP Configuration
       Host Name . . . . . . . . . .  : 08Leo87
       Primary Dns Suffix  . . . . .  : myhome.local
       Node Type . . . . . . . . . .  : Hybrid
       IP Routing Enabled. . . . . .  : No
       WINS Proxy Enabled. . . . . . .: No
       DNS Suffix Search List. . . . . . : myhome.local
    Ethernet adapter Local Area Connection:
       Connection-specific DNS Suffix
       Description . . . . . . . . . .: Realtek PCIe GBE Family Controller
       Physical Address. . . . . . . .: 94-DE-80-28-AA-72
       DHCP Enabled. . . . . . . . . .: Yes
       Autoconfiguration Enabled . . .: Yes
       Link-local IPv6 Address . . . .: fe80::a85f:51a3:4a37:584f%10(Preferred)
       IPv4 Address. . . . . . . . . .: 192.168.88.69(Preferred)
       Subnet Mask . . . . . . . . . .: 255.255.255.0
       Lease Obtained. . . . . . . . .: Saturday, September 28, 2013 2:05:20 AM
       Lease Expires . . . . . . . . .: Tuesday, October 01, 2013 2:05:20 AM
       Default Gateway . . . . . . . .: 192.168.88.1
       DHCP Server . . . . . . . . . .: 192.168.88.1
       DHCPv6 IAID . . . . . . . . . .: 244637312
       DHCPv6 Client DUID. . . . . . .: 00-01-00-01-19-83-86-C0-94-DE-80-28-AA-72
       DNS Servers . . . . . . . . . .: 192.168.88.1
       NetBIOS over Tcpip. . . . . . .: Enabled
    Tunnel adapter isatap.{B8E3D88A-DE6B-42B7-898C-FF6275A3EA23}:
       Media State . . . . . . . . . .: Media disconnected
       Connection-specific DNS Suffix
       Description . . . . . . . . . : Microsoft ISATAP Adapter
       Physical Address. . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
    Tunnel adapter Teredo Tunneling Pseudo-Interface:
       Connection-specific DNS Suffix
       Description . . . . . . . . . .: Teredo Tunneling Pseudo-Interface
       Physical Address. . . . . . . .: 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . .: No
       Autoconfiguration Enabled . . .: Yes
       IPv6 Address. . . . . . . . . .: 2001:0:9d38:6ab8:3cdb:2f57:3f57:a7ba(Pref
    erred)
       Link-local IPv6 Address . . . .: fe80::3cdb:2f57:3f57:a7ba%11(Preferred)
       Default Gateway . . . . . . . .: ::
       NetBIOS over Tcpip. . . . . . .: Disabled

    Saturday, September 28, 2013 6:09 PM
  • Make sure local DNS server has own address as primary and 127.0.0.1 as secondary (assuming only one DNS server) in network connection properties and is not multi-homed. Also put public DNS addresses as forwarders only on local DNS server. Client should have local DNS address ONLY so client can find and logon to domain. Forwarders are so clients can find and resolve internet queries.

     

     

     


    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows]

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Saturday, September 28, 2013 6:12 PM
  • sorry, i'm still new to this, what do you mean by multi-homed? and how can i check this?
    Saturday, September 28, 2013 6:20 PM
  • That part is Ok, just need to make the other changes. Multi-homing refers  to having two or more active network connections on a domain controller.

    Change local DNS server to have own address as primary and 127.0.0.1 as secondary (assuming only one DNS server) in network connection properties. Put public DNS addresses as forwarders only on local DNS server. If using router for DHCP then change router DHCP to hand out ip address of local DNS server only. Also DC/DNS server must have a static address outside of range of DHCP scope.

     

     

     


    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows]

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.



    Saturday, September 28, 2013 6:47 PM