locked
AD DC for Domain could not be contacted RRS feed

  • Question

  • I get this error trying to join a 2012R2 server to a W2K3 SBS domain. The server "FS1" is on the network and operational.

    DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain "cassconstruction":

    The query was for the SRV record for _ldap._tcp.dc._msdcs.cassconstruction

    The following domain controllers were identified by the query:
    fs1.cassconstruction


    However no domain controllers could be contacted.

    Common causes of this error include:

    - Host (A) or (AAAA) records that map the names of the domain controllers to their IP addresses are missing or contain incorrect addresses.

    - Domain controllers registered in DNS are not connected to the network or are not running.

     

    Saturday, March 28, 2015 12:20 AM

Answers

  • Well, I decided to move on and add additional roles and features to the 2012 R2 server. For whatever reason, when that process was complete, I was able to join the server to the Server 2003 domain. Thanks all..
    • Marked as answer by cykaiser Tuesday, March 31, 2015 12:31 AM
    Tuesday, March 31, 2015 12:31 AM

All replies

  • Test using, nltest /dsgetdc:example.local and DCdiag on Domain controller.

    Based on the results, we can filiter the issue.

    Regards

    Biju Kurup

    Saturday, March 28, 2015 9:35 AM
  • Please make sure that the name resolution of fs1.casconstruction points to the correct IP address of your server. This could be achieved using NSlookup: http://social.technet.microsoft.com/wiki/contents/articles/29184.nslookup-for-beginners.aspx

    Please also check that required ports are not blocked or filtered using PortQryUI from your 2012 R2 server: https://technet.microsoft.com/en-us/library/dd772723%28v=ws.10%29.aspx

    You can also try to temporary disable security software on your SBS server. Do not forget to check the connectivity using Ping: http://social.technet.microsoft.com/wiki/contents/articles/30110.ping-for-beginners.aspx

    For SBS questions, you can consider asking them here: https://social.technet.microsoft.com/Forums/windowsserver/en-US/home?forum=smallbusinessserver&filter=alltypes&sort=lastpostdesc


    This posting is provided AS IS with no warranties or guarantees , and confers no rights.

    Ahmed MALEK

    My Website Link

    My Linkedin Profile

    My MVP Profile


    • Edited by Mr XMVP Saturday, March 28, 2015 9:11 PM
    Saturday, March 28, 2015 9:10 PM
  • C:\Documents and Settings\Administrator.FS1>nltest /dsgetdc:cassconstruction
               DC: \\fs1.cassconstruction
          Address: \\192.168.0.252
         Dom Guid: a5fd0829-bbc4-4119-be3c-c74e0d0b2c2e
         Dom Name: cassconstruction
      Forest Name: cassconstruction
     Dc Site Name: Default-First-Site-Name
    Our Site Name: Default-First-Site-Name
            Flags: PDC GC DS LDAP KDC TIMESERV GTIMESERV WRITABLE DNS_DC DNS_DOMAIN
    DNS_FOREST CLOSE_SITE
    The command completed successfully

    ------------------

             * Security Permissions Check for
               DC=DomainDnsZones,DC=cassconstruction
                (NDNC,Version 2)
             * Security Permissions Check for
               CN=Schema,CN=Configuration,DC=cassconstruction
                (Schema,Version 2)
             * Security Permissions Check for
               CN=Configuration,DC=cassconstruction
                (Configuration,Version 2)
             * Security Permissions Check for
               DC=cassconstruction
                (Domain,Version 2)
             ......................... FS1 passed test NCSecDesc
          Starting test: NetLogons
             * Network Logons Privileges Check
             Verified share \\FS1\netlogon
             Verified share \\FS1\sysvol
             ......................... FS1 passed test NetLogons
          Starting test: Advertising
             The DC FS1 is advertising itself as a DC and having a DS.
             The DC FS1 is advertising as an LDAP server
             The DC FS1 is advertising as having a writeable directory
             The DC FS1 is advertising as a Key Distribution Center
             The DC FS1 is advertising as a time server
             The DS FS1 is advertising as a GC.
             ......................... FS1 passed test Advertising
          Starting test: KnowsOfRoleHolders
             Role Schema Owner = CN=NTDS Settings,CN=FS1,CN=Servers,CN=Default-First
    -Site-Name,CN=Sites,CN=Configuration,DC=cassconstruction
             Role Domain Owner = CN=NTDS Settings,CN=FS1,CN=Servers,CN=Default-First
    -Site-Name,CN=Sites,CN=Configuration,DC=cassconstruction
             Role PDC Owner = CN=NTDS Settings,CN=FS1,CN=Servers,CN=Default-First-Si
    te-Name,CN=Sites,CN=Configuration,DC=cassconstruction
             Role Rid Owner = CN=NTDS Settings,CN=FS1,CN=Servers,CN=Default-First-Si
    te-Name,CN=Sites,CN=Configuration,DC=cassconstruction
             Role Infrastructure Update Owner = CN=NTDS Settings,CN=FS1,CN=Servers,C
    N=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=cassconstruction
             ......................... FS1 passed test KnowsOfRoleHolders
          Starting test: RidManager
             * Available RID Pool for the Domain is 4603 to 1073741823
             * fs1.cassconstruction is the RID Master
             * DsBind with RID Master was successful
             * rIDAllocationPool is 4103 to 4602
             * rIDPreviousAllocationPool is 4103 to 4602
             * rIDNextRID: 4130
             ......................... FS1 passed test RidManager
          Starting test: MachineAccount
             Checking machine account for DC FS1 on DC FS1.
             * SPN found :LDAP/fs1.cassconstruction/cassconstruction
             * SPN found :LDAP/fs1.cassconstruction
             * SPN found :LDAP/FS1
             * SPN found :LDAP/fs1.cassconstruction/CASSCONSTRUCTIO
             * SPN found :LDAP/e1f70bac-8e04-4a00-86f4-59875afb749f._msdcs.cassconst
    ruction
             * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/e1f70bac-8e04-4a00-86
    f4-59875afb749f/cassconstruction
             * SPN found :HOST/fs1.cassconstruction/cassconstruction
             * SPN found :HOST/fs1.cassconstruction
             * SPN found :HOST/FS1
             * SPN found :HOST/fs1.cassconstruction/CASSCONSTRUCTIO
             * SPN found :GC/fs1.cassconstruction/cassconstruction
             ......................... FS1 passed test MachineAccount
          Starting test: Services
             * Checking Service: Dnscache
             * Checking Service: NtFrs
             * Checking Service: IsmServ
                IsmServ Service is stopped on [FS1]
             * Checking Service: kdc
             * Checking Service: SamSs
             * Checking Service: LanmanServer
             * Checking Service: LanmanWorkstation
             * Checking Service: RpcSs
             * Checking Service: w32time
             * Checking Service: NETLOGON
             ......................... FS1 failed test Services
          Starting test: OutboundSecureChannels
             * The Outbound Secure Channels test
             ** Did not run Outbound Secure Channels test
             because /testdomain: was not entered
             ......................... FS1 passed test OutboundSecureChannels
          Starting test: ObjectsReplicated
             FS1 is in domain DC=cassconstruction
             Checking for CN=FS1,OU=Domain Controllers,DC=cassconstruction in domain
     DC=cassconstruction on 1 servers
                Object is up-to-date on all servers.
             Checking for CN=NTDS Settings,CN=FS1,CN=Servers,CN=Default-First-Site-N
    ame,CN=Sites,CN=Configuration,DC=cassconstruction in domain CN=Configuration,DC=
    cassconstruction on 1 servers
                Object is up-to-date on all servers.
             ......................... FS1 passed test ObjectsReplicated
          Starting test: frssysvol
             * The File Replication Service SYSVOL ready test
             File Replication Service's SYSVOL is ready
             ......................... FS1 passed test frssysvol
          Starting test: frsevent
             * The File Replication Service Event log test
             ......................... FS1 passed test frsevent
          Starting test: kccevent
             * The KCC Event log test
             Found no KCC errors in Directory Service Event log in the last 15 minut
    es.
             ......................... FS1 passed test kccevent
          Starting test: systemlog
             * The System Event log test
             An Error Event occured.  EventID: 0xC0002715
                Time Generated: 03/30/2015   08:20:11
                (Event String could not be retrieved)
             ......................... FS1 failed test systemlog
          Starting test: VerifyReplicas
             ......................... FS1 passed test VerifyReplicas
          Starting test: VerifyReferences
             The system object reference (serverReference)
             CN=FS1,OU=Domain Controllers,DC=cassconstruction and backlink on
             CN=FS1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,
    DC=cassconstruction
             are correct.
             The system object reference (frsComputerReferenceBL)
             CN=FS1,CN=Domain System Volume (SYSVOL share),CN=File Replication Servi
    ce,CN=System,DC=cassconstruction
             and backlink on CN=FS1,OU=Domain Controllers,DC=cassconstruction are
             correct.
             The system object reference (serverReferenceBL)
             CN=FS1,CN=Domain System Volume (SYSVOL share),CN=File Replication Servi
    ce,CN=System,DC=cassconstruction
             and backlink on
             CN=NTDS Settings,CN=FS1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,
    CN=Configuration,DC=cassconstruction
             are correct.
             ......................... FS1 passed test VerifyReferences
          Starting test: VerifyEnterpriseReferences
             ......................... FS1 passed test VerifyEnterpriseReferences
          Starting test: CheckSecurityError
             * Dr Auth:  Beginning security errors check!
             Found KDC FS1 for domain cassconstruction in site Default-First-Site-Na
    me
             Checking machine account for DC FS1 on DC FS1.
             * SPN found :LDAP/fs1.cassconstruction/cassconstruction
             * SPN found :LDAP/fs1.cassconstruction
             * SPN found :LDAP/FS1
             * SPN found :LDAP/fs1.cassconstruction/CASSCONSTRUCTIO
             * SPN found :LDAP/e1f70bac-8e04-4a00-86f4-59875afb749f._msdcs.cassconst
    ruction
             * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/e1f70bac-8e04-4a00-86
    f4-59875afb749f/cassconstruction
             * SPN found :HOST/fs1.cassconstruction/cassconstruction
             * SPN found :HOST/fs1.cassconstruction
             * SPN found :HOST/FS1
             * SPN found :HOST/fs1.cassconstruction/CASSCONSTRUCTIO
             * SPN found :GC/fs1.cassconstruction/cassconstruction
             [FS1] No security related replication errors were found on this DC!  To
     target the connection to a specific source DC use /ReplSource:<DC>.
             ......................... FS1 passed test CheckSecurityError

    DNS Tests are running and not hung. Please wait a few minutes...

       Running partition tests on : ForestDnsZones
          Starting test: CrossRefValidation
             ......................... ForestDnsZones passed test CrossRefValidation

          Starting test: CheckSDRefDom
             ......................... ForestDnsZones passed test CheckSDRefDom

       Running partition tests on : DomainDnsZones
          Starting test: CrossRefValidation
             ......................... DomainDnsZones passed test CrossRefValidation

          Starting test: CheckSDRefDom
             ......................... DomainDnsZones passed test CheckSDRefDom

       Running partition tests on : Schema
          Starting test: CrossRefValidation
             ......................... Schema passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... Schema passed test CheckSDRefDom

       Running partition tests on : Configuration
          Starting test: CrossRefValidation
             ......................... Configuration passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... Configuration passed test CheckSDRefDom

       Running partition tests on : cassconstruction
          Starting test: CrossRefValidation
             ......................... cassconstruction passed test CrossRefValidati
    on
          Starting test: CheckSDRefDom
             ......................... cassconstruction passed test CheckSDRefDom

       Running enterprise tests on : cassconstruction
          Starting test: Intersite
             Skipping site Default-First-Site-Name, this site is outside the scope
             provided by the command line arguments provided.
             ......................... cassconstruction passed test Intersite
          Starting test: FsmoCheck
             GC Name: \\fs1.cassconstruction
             Locator Flags: 0xe00003fd
             PDC Name: \\fs1.cassconstruction
             Locator Flags: 0xe00003fd
             Time Server Name: \\fs1.cassconstruction
             Locator Flags: 0xe00003fd
             Preferred Time Server Name: \\fs1.cassconstruction
             Locator Flags: 0xe00003fd
             KDC Name: \\fs1.cassconstruction
             Locator Flags: 0xe00003fd
             ......................... cassconstruction passed test FsmoCheck
          Starting test: DNS
             Test results for domain controllers:

                DC: fs1.cassconstruction
                Domain: cassconstruction


                   TEST: Authentication (Auth)
                      Authentication test: Successfully completed

                   TEST: Basic (Basc)
                       Microsoft(R) Windows(R) Server 2003 for Small Business Server
     (Service Pack level: 2.0) is supported
                      NETLOGON service is running
                      kdc service is running
                      DNSCACHE service is running
                      DNS service is running
                      DC is a DNS server
                      Network adapters information:
                      Adapter [00000007] Broadcom BCM5708C NetXtreme II GigE (NDIS V
    BD Client):
                         MAC address is 00:1A:64:C7:74:FC
                         IP address is static
                         IP address: 192.168.0.252
                         DNS servers:
                            192.168.0.252 (<name unavailable>) [Valid]
                      The A record for this DC was found
                      The SOA record for the Active Directory zone was found
                      The Active Directory zone on this DC/DNS server was found (pri
    mary)
                      Root zone on this DC/DNS server was not found

                   TEST: Forwarders/Root hints (Forw)
                      Recursion is enabled
                      Forwarders Information:
                         68.105.28.16 (<name unavailable>) [Valid]
                         68.105.29.16 (<name unavailable>) [Valid]

                   TEST: Delegations (Del)
                      No delegations were found in this zone on this DNS server

                   TEST: Dynamic update (Dyn)
                      Dynamic update is enabled on the zone cassconstruction.
                      Test record _dcdiag_test_record added successfully in zone cas
    sconstruction.
                      Test record _dcdiag_test_record deleted successfully in zone c
    assconstruction.

                   TEST: Records registration (RReg)
                      Network Adapter [00000007] Broadcom BCM5708C NetXtreme II GigE
     (NDIS VBD Client):
                         Matching A record found at DNS server 192.168.0.252:
                         fs1.cassconstruction

                         Matching CNAME record found at DNS server 192.168.0.252:
                         e1f70bac-8e04-4a00-86f4-59875afb749f._msdcs.cassconstructio
    n

                         Matching DC SRV record found at DNS server 192.168.0.252:
                         _ldap._tcp.dc._msdcs.cassconstruction

                         Matching GC SRV record found at DNS server 192.168.0.252:
                         _ldap._tcp.gc._msdcs.cassconstruction

                         Matching PDC SRV record found at DNS server 192.168.0.252:
                         _ldap._tcp.pdc._msdcs.cassconstruction


             Summary of test results for DNS servers used by the above domain contro
    llers:

                DNS server: 192.168.0.252 (<name unavailable>)
                   All tests passed on this DNS server
                   This is a valid DNS server.
                   Name resolution is funtional. _ldap._tcp SRV record for the fores
    t root domain is registered

                DNS server: 68.105.28.16 (<name unavailable>)
                   All tests passed on this DNS server
                   This is a valid DNS server.

                DNS server: 68.105.29.16 (<name unavailable>)
                   All tests passed on this DNS server
                   This is a valid DNS server.

             Summary of DNS test results:

                                                Auth Basc Forw Del  Dyn  RReg Ext
                   ________________________________________________________________
                Domain: cassconstruction
                   fs1                          PASS PASS PASS PASS PASS PASS n/a

             ......................... cassconstruction passed test DNS

    C:\Documents and Settings\Administrator.FS1>

    Monday, March 30, 2015 3:43 PM
  • Well, I decided to move on and add additional roles and features to the 2012 R2 server. For whatever reason, when that process was complete, I was able to join the server to the Server 2003 domain. Thanks all..
    • Marked as answer by cykaiser Tuesday, March 31, 2015 12:31 AM
    Tuesday, March 31, 2015 12:31 AM