none
DNS server service is stopping automatically on the domain controller RRS feed

  • Question

  • Hi Everyone,

    I am facing a problem where DNS server service is stopping automatically after few seconds. I have done all the basic troubleshooting like enabling/disabling, installed windows update, restarted the server but no help. Due to this DNS is not working. This is a secondary domain controller on this site and few weeks ago the DNS was working. The server OS is 2008 R2 SP1. I have another ADC in the office and that is working absolutely fine. I have searched on the internet and seems like DNS was having an issue with AD services starting up and thus causing DNS to fail. I ran dcdiag to confirm AD is looking proper but dcdiag troubleshooter crashes in between. Please suggest a solution?


    Tuesday, January 17, 2017 6:54 AM

All replies

  • Hi,Share the event log details, what are the errors and warning before & when DNS fails ?

    point DNS configuration in problematic server network config to other working DNS servers & Restart AD services.observe DNS services then.

    Sumesh

    Tuesday, January 17, 2017 7:19 AM
  • I checked the event logs and found almost nothing bad and found only one warning event saying the same thing I assumed. Below are the event log screenshots.

    I put my other working DNS IP into problematic server as primary DNS and left the secondary blank and restarted the server but no help. Sorry not aware how to restart AD services.


     
    Tuesday, January 17, 2017 9:14 AM
  • Hi,

    It seems that you have a replication problem, to check active directory status please run the followings command :

    repadmin /showrepl
    
    dcdiag 
    
    dcdiag /test:dns
    
    #You can fore replication through the following command:
    
    repadmin /syncall /A

     
    Tuesday, January 17, 2017 11:07 AM
  • I ran the commands you gave me. Repadmin /showrepl ran successfully with no error but I got a lot of error in other commands. Below are the errors:

    C:\Users\admin>dcdiag

    Directory Server Diagnosis

    Performing initial setup:

       Trying to find home server...

       Home Server = abcdc01

       * Identified AD Forest.

       Done gathering initial info.

    Doing initial required tests

       Testing server: India\ABCDC01

          Starting test: Connectivity

             ......................... ABCDC01 passed test Connectivity

    Doing primary tests

       Testing server: India\ABCDC01

          Starting test: Advertising

             ......................... ABCDC01 passed test Advertising

          Starting test: FrsEvent

             ......................... ABCDC01 passed test FrsEvent

          Starting test: DFSREvent

             ......................... ABCDC01 passed test DFSREvent

          Starting test: SysVolCheck

             ......................... ABCDC01 passed test SysVolCheck

          Starting test: KccEvent

             ......................... ABCDC01 passed test KccEvent

          Starting test: KnowsOfRoleHolders

             ......................... ABCDC01 passed test KnowsOfRoleHolders

          Starting test: MachineAccount

             ......................... ABCDC01 passed test MachineAccount

          Starting test: NCSecDesc

             Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have

                Replicating Directory Changes In Filtered Set

             access rights for the naming context:

             DC=ForestDnsZones,DC=abc,DC=org

             ......................... ABCDC01 failed test NCSecDesc

          Starting test: NetLogons

             ......................... ABCDC01 passed test NetLogons

          Starting test: ObjectsReplicated

             ......................... ABCDC01 passed test ObjectsReplicated

          Starting test: Replications

             ......................... ABCDC01 passed test Replications

          Starting test: RidManager

             ......................... ABCDC01 passed test RidManager

          Starting test: Services

             ......................... ABCDC01 passed test Services

          Starting test: SystemLog

             An error event occurred.  EventID: 0x000003F8

                Time Generated: 01/18/2017   09:21:30

                Event String:

                The DHCP service encountered the following error when backing up the

     database:

             An error event occurred.  EventID: 0x000003F8

                Time Generated: 01/18/2017   09:21:56

                Event String:

                The DHCP service encountered the following error when backing up the

     database:

             An error event occurred.  EventID: 0x000003F2

                Time Generated: 01/18/2017   09:21:56

                Event String:

                The DHCP service encountered the following error while cleaning up t

    he database:

             An error event occurred.  EventID: 0xC0002719

                Time Generated: 01/18/2017   09:25:11

                Event String:

                DCOM was unable to communicate with the computer INCOMP00494 using a

    ny of the configured protocols.

             A warning event occurred.  EventID: 0x80003BC4

                Time Generated: 01/18/2017   09:30:01

                Event String:

                SSL Certificate Settings deleted for Port : 0.0.0.0:50106 .

             A warning event occurred.  EventID: 0x80003BC5

                Time Generated: 01/18/2017   09:30:01

                Event String:

                SSL Certificate Settings created by an admin process for Port : 0.0.

    0.0:50106 .

             An error event occurred.  EventID: 0x00000457

                Time Generated: 01/18/2017   09:39:32

                Event String:

                Driver Canon iR-ADV 4225/4235 UFR II required for printer iR-ADV 423

    5 is unknown. Contact the administrator to install the driver before you log in

    again.

             An error event occurred.  EventID: 0x00000457

                Time Generated: 01/18/2017   09:39:33

                Event String:

                Driver Microsoft Print To PDF required for printer Microsoft Print t

    o PDF is unknown. Contact the administrator to install the driver before you log

     in again.

             An error event occurred.  EventID: 0x00000457

                Time Generated: 01/18/2017   09:39:33

                Event String:

                Driver Microsoft XPS Document Writer v4 required for printer Microso

    ft XPS Document Writer is unknown. Contact the administrator to install the driv

    er before you log in again.

             An error event occurred.  EventID: 0x00000457

                Time Generated: 01/18/2017   09:39:36

                Event String:

                Driver Adobe PDF Converter required for printer Adobe PDF is unknown

    . Contact the administrator to install the driver before you log in again.

             An error event occurred.  EventID: 0x00000457

                Time Generated: 01/18/2017   09:39:37

                Event String:

                Driver Send to Microsoft OneNote 16 Driver required for printer Send

     To OneNote 2016 is unknown. Contact the administrator to install the driver bef

    ore you log in again.

             ......................... ABCDC01 failed test SystemLog

          Starting test: VerifyReferences

             ......................... ABCDC01 passed test VerifyReferences

       Running partition tests on : DomainDnsZones

          Starting test: CheckSDRefDom

             ......................... DomainDnsZones passed test CheckSDRefDom

          Starting test: CrossRefValidation

             ......................... DomainDnsZones passed test

             CrossRefValidation

       Running partition tests on : ForestDnsZones

          Starting test: CheckSDRefDom

             ......................... ForestDnsZones passed test CheckSDRefDom

          Starting test: CrossRefValidation

             ......................... ForestDnsZones passed test

             CrossRefValidation

       Running partition tests on : us

          Starting test: CheckSDRefDom

             ......................... us passed test CheckSDRefDom

          Starting test: CrossRefValidation

             ......................... us passed test CrossRefValidation

       Running partition tests on : Schema

          Starting test: CheckSDRefDom

             ......................... Schema passed test CheckSDRefDom

          Starting test: CrossRefValidation

             ......................... Schema passed test CrossRefValidation

       Running partition tests on : Configuration

          Starting test: CheckSDRefDom

             ......................... Configuration passed test CheckSDRefDom

          Starting test: CrossRefValidation

             ......................... Configuration passed test CrossRefValidation

       Running enterprise tests on : abc.org

          Starting test: LocatorCheck

             ......................... abc.org passed test LocatorCheck

          Starting test: Intersite

             ......................... abc.org passed test Intersite

    C:\Users\admin>dcdiag /test:dns

    Directory Server Diagnosis

    Performing initial setup:

       Trying to find home server...

       Home Server = abcdc01

       * Identified AD Forest.

       Done gathering initial info.

    Doing initial required tests

       Testing server: India\ABCDC01

          Starting test: Connectivity

             ......................... ABCDC01 passed test Connectivity

    Doing primary tests

       Testing server: India\ABCDC01

          Starting test: DNS

             DNS Tests are running and not hung. Please wait a few minutes...

             DNS Service is stopped on [ABCDC01]

             ......................... ABCDC01 failed test DNS

       Running partition tests on : DomainDnsZones

       Running partition tests on : ForestDnsZones

       Running partition tests on : us

       Running partition tests on : Schema

       Running partition tests on : Configuration

       Running enterprise tests on : abc.org

          Starting test: DNS

             Test results for domain controllers:

                DC: abcdc01.us.abc.org

                Domain: us.abc.org

                   TEST: Basic (Basc)

                      Error: DNS service is not running

                      Warning: no DNS RPC connectivity (error or non Microsoft DNS s

    erver is running)

             Summary of DNS test results:

                                                Auth Basc Forw Del  Dyn  RReg Ext

                _________________________________________________________________

                Domain: us.abc.org

                   abcdc01                  PASS FAIL n/a  n/a  n/a  n/a  n/a

             ......................... abc.org failed test DNS

    C:\Users\admin>repadmin /syncall /A

    Syncing all NC's held on abcdc01.

    Syncing partition: DC=DomainDnsZones,DC=us,DC=abc,DC=org

    CALLBACK MESSAGE: The following replication is in progress:

        From: 2592c89b-1e85-4894-b4bf-5dfa6ed80656._msdcs.abc.org

        To  : 0f442649-2d1a-458a-a10b-e11d28c36f85._msdcs.abc.org

    CALLBACK MESSAGE: The following replication completed successfully:

        From: 2592c89b-1e85-4894-b4bf-5dfa6ed80656._msdcs.abc.org

        To  : 0f442649-2d1a-458a-a10b-e11d28c36f85._msdcs.abc.org

    CALLBACK MESSAGE: SyncAll Finished.

    SyncAll terminated with no errors.

    Syncing partition: DC=ForestDnsZones,DC=abc,DC=org

    CALLBACK MESSAGE: The following replication is in progress:

        From: 2592c89b-1e85-4894-b4bf-5dfa6ed80656._msdcs.abc.org

        To  : 0f442649-2d1a-458a-a10b-e11d28c36f85._msdcs.abc.org

    CALLBACK MESSAGE: The following replication completed successfully:

        From: 2592c89b-1e85-4894-b4bf-5dfa6ed80656._msdcs.abc.org

        To  : 0f442649-2d1a-458a-a10b-e11d28c36f85._msdcs.abc.org

    CALLBACK MESSAGE: SyncAll Finished.

    SyncAll terminated with no errors.

    Syncing partition: DC=us,DC=abc,DC=org

    CALLBACK MESSAGE: The following replication is in progress:

        From: 2592c89b-1e85-4894-b4bf-5dfa6ed80656._msdcs.abc.org

        To  : 0f442649-2d1a-458a-a10b-e11d28c36f85._msdcs.abc.org

    CALLBACK MESSAGE: The following replication completed successfully:

        From: 2592c89b-1e85-4894-b4bf-5dfa6ed80656._msdcs.abc.org

        To  : 0f442649-2d1a-458a-a10b-e11d28c36f85._msdcs.abc.org

    CALLBACK MESSAGE: SyncAll Finished.

    SyncAll terminated with no errors.

    Syncing partition: CN=Schema,CN=Configuration,DC=abc,DC=org

    CALLBACK MESSAGE: The following replication is in progress:

        From: 2592c89b-1e85-4894-b4bf-5dfa6ed80656._msdcs.abc.org

        To  : 0f442649-2d1a-458a-a10b-e11d28c36f85._msdcs.abc.org

    CALLBACK MESSAGE: The following replication completed successfully:

        From: 2592c89b-1e85-4894-b4bf-5dfa6ed80656._msdcs.abc.org

        To  : 0f442649-2d1a-458a-a10b-e11d28c36f85._msdcs.abc.org

    CALLBACK MESSAGE: SyncAll Finished.

    SyncAll terminated with no errors.

    Syncing partition: CN=Configuration,DC=abc,DC=org

    CALLBACK MESSAGE: The following replication is in progress:

        From: 2592c89b-1e85-4894-b4bf-5dfa6ed80656._msdcs.abc.org

        To  : 0f442649-2d1a-458a-a10b-e11d28c36f85._msdcs.abc.org

    CALLBACK MESSAGE: The following replication completed successfully:

        From: 2592c89b-1e85-4894-b4bf-5dfa6ed80656._msdcs.abc.org

        To  : 0f442649-2d1a-458a-a10b-e11d28c36f85._msdcs.abc.org

    CALLBACK MESSAGE: SyncAll Finished.

    SyncAll terminated with no errors.

    Syncing partition: DC=abc,DC=org

    CALLBACK MESSAGE: The following replication is in progress:

        From: 2592c89b-1e85-4894-b4bf-5dfa6ed80656._msdcs.abc.org

        To  : 0f442649-2d1a-458a-a10b-e11d28c36f85._msdcs.abc.org

    CALLBACK MESSAGE: The following replication completed successfully:

        From: 2592c89b-1e85-4894-b4bf-5dfa6ed80656._msdcs.abc.org

        To  : 0f442649-2d1a-458a-a10b-e11d28c36f85._msdcs.abc.org

    CALLBACK MESSAGE: SyncAll Finished.

    SyncAll terminated with no errors.

    Wednesday, January 18, 2017 6:40 AM
  • Run Procmon trace till the time you get that issue re occur.
    Once Issue reoccurs, you can filter the Registry entries in the trace for DNS service.

    This will help you to understand if there is any extra registry key other than the default one in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services.


    Wednesday, January 18, 2017 8:17 AM
  • Hi,

    Dcdiag show the following error :

    Starting test: NCSecDesc

             Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have

                Replicating Directory Changes In Filtered Set

             access rights for the naming context:

             DC=ForestDnsZones,DC=abc,DC=org

             ......................... ABCDC01 failed test NCSecDesc

    *******************************

    You can get the error above , if you have installed a domain controller on Windows 2008 R2 , without running the command below to prepare active directory, so try run it now , wait for AD replication and let us know if your problem is fixed:

    adprep /rodcprep

    To get more details you can refer to the following link :

    Dcdiag fails for NCSecDesc test on Windows 2008 Domain Controllers

    Wednesday, January 18, 2017 5:00 PM
  • Hi Vinig,

    Just checking in to see if the information provided was helpful. Please let us know if you would like further assistance.

    Best Regards,

    John


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, January 31, 2017 8:13 AM