Error code 0x0000232b rcode name error

What I have is a Client Windows 10 Pro Ver 1803 all patched with a Windows server 2012 R2 domain controller

when trying to join the domain I get the error (I have changed some of the text for security reasons)

The domain name «XXXXXX» might be a NetBIOS domain name. If this is the case, verify that the domain name is properly registered with WINS.

If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain «XXXXXX»:

The error was: «DNS name does not exist.»
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.XXXXXX

Common causes of this error include the following:

— The DNS SRV records required to locate a AD DC for the domain are not registered in DNS.

These records are registered with a DNS server automatically when a AD DC is added to a domain.

They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:

192.168.XXX.XXX
192.168.XXX.XXX
192.168.XXX.XXX

— One or more of the following zones do not include delegation to its child zone:

XXXXXX
. (the root zone)

Like I said above this is a windows 10 Pro client updated to the 1803 version.

I can ping the DNS server. I can do a nslookup on the DNS server and both work fine. I can ping and nslookup on other servers and they work fine

I can type in the path to a folder on a server in the search box on the task bar and it opens the folder.

I have put the DNS server IP directly into the network properties on the client and it did not help.

I disabled the IPV6 and this did not help.

This is the 3rd client this has happened to me. So far the only thing I have been able to do is RE-Install windows 10 and at the 1703 version join the domain (Which it does with no problems) and then update the system to the 1803 Version.

Does anybody have an Idea what is wrong with the 1803 Version that it will not join a domain.

Thanks

Joel

Just an update. I did a revert back to previous version and set it back to version 1709.

with out doing anything else. I then tried to join the domain and it worked with NO ERROR. There is something wrong with the 1803 version that it will not join my domain. Some setting that Microsoft has changed.

Thanks

Joel

Edited by

Tuesday, July 24, 2018 4:19 PM

Источник

A DNS query (also known as a DNS request) is a demand for information sent from a user’s computer (DNS client) to a DNS server. When prompted with the following error as show below “The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DS) for domain: Error code 0x0000232B RCODE_NAME_ERROR”.

This is a DNS issue, no doubt! Use this guide for the different types of DNS records. When you search on the internet, you may find conflicting tips. In my environment, here are some tips I followed to resolve this issue.

Here are my recommendations below
1: Ensure the client(s) IP parameters (preferred DNS Server) set on the client machine points to the DNS points to internal DNS servers as DNS servers. See a similar error “The following errors occurred attempting to join the domain: The specified domain either does not exist or could not be contacted“.

As you can see, it was pointing to a wrong IP Address (gateway).

Therefore, I will have to corrected the information.

2: Ensure the DNS server has the right IP address of itself populated for all zones and records. A similar idea was used in resolving this issue “How to fix nslookup unknown: cannot find non-existent domain“.

After ensuring the above two recommendations are met, flush the DNS cache and registered the DNS again using the command below on the DNS server and restart the DNS and netlogon service. You can optionally restart your DNS server. for other DNS troubleshooting parameters, see this link.

ipconfig /registerdns
net stop netlogon
net start netlogon

Now, you should e able to join your device to the domain as shown below. For how to set up a domain, see the following link. Also for how to add a second DC, see the following link. For how to join a PC to a Domain, see the following link.

Note: You will be prompted to restart your device as shown below. Proceed and have it restarted.

I hope you found this blog post helpful. If you have any questions, please let me know in the comment session.

Источник

Many people encountered the “DNS Name Does Not Exist” error message in Windows 10. We are able to have access to the current world system from nearly anyplace on the world and even on the far side. Also, several daily activities area unit betting on the net. So, the association should work properly. However, this can be not always the case, and users from everywhere the planet area may encountering connection problems.

From our review and based on Microsoft Tech Community this error appears on Microsoft Edge and not on different browsers. But also this is a generic error they may appear during Windows activation in the Virtual Desktop or when you try to join a computer into domain. In our today article we will explain both scenarios. This is a serious issue that blocks web surfing on internet and we are going to show you what to try and do to resolve this issue.

Fix 1: Change from HTTP to HTTPS

This may seems for you like the simple and easy way to do it but most of the users reported that they have changed from HTTP to HTTPS and the problem has been solved.

If during the navigation on internet you encounter the following error, try to change the URL on top of the bar from https://www.exampledomain.com/ to http://www.exampledomain.com/ and press enter.

DNS Name Does Not Exist

Fix 2: Use Another Browser

As we’ve got earlier spoke at the start of the article, this error page seems solely on the Microsoft edge then this is an issue of the past, you can simply change and surf the web through another browser. Either you’ll use Google Chrome, Mozilla Firefox, or the other browser.

Fix 3: Disable the IPv6

Internet protocol version 6 is that the most up-to-date version of the net protocol and therefore the communication protocol that provides the identification and site system for the pc on the desired network and route the traffic across the net. This IPv6 is developed to touch upon the long-anticipated drawback of IPv4. Thus disabling the IPv6 options may assist you to repair the DNS server isn’t responding error code. The easiest way to disable IPv6 on the Windows operating system is via Network Sharing Center.

1. Click the bottom-left Start button to open the Start Menu, type control panel in the search box and select Control Panel in the results.

Control Panel

1. Click View network status and task which reside under the Network and Internet
2. Click on the Connection ie Ethernet. Thereafter in your Connection Status Window click on the Properties

Ethernet Properties

1. In your Connection Properties Window first find the IPv6 and then unmark the checkbox to disable it. Click on the OK button to save changes and lookout that will this procedure has solved your problem or not.

Disable IPv6-DNS Name Does Not Exist

Fix 4: Uses of Google DNS Server

Sometimes your web service supplier DNS server may be the issue behind for generating DNS Name Does Not Exist error code. Therefore you’ve got to use Google’s public DNS in place of ISP DNS.

Follow the below steps to change the ISP DNS to Google DNS.

Open the Network Sharing Center and locate your connection by following the same steps mentioned above.
Select Internet Protocol version 4 TCP/IPv4 and then open properties.
Select use of the following DNS server address and set 8.8.8.8 as the preferred DNS server and 8.8.4.4 as the alternate DNS Server and once you are done with this click on OK.

Google DNS Server – Fix DNS Name Does Not Exist error message

In the alternatively, some users are suggesting to use 208.67.222.222 as the preferred DNS server and 208.67.222.220 as the alternate DNS Server.

DNS Name Does Not Exist error message – Join Computer to a Domain

When you are going to join any computer from domain controller the following error will be appeared on your computer screen:

Note: This information is intended for a network administrator.  If you are not your network’s administrator, notify the administrator that you received this information, which has been recorded in the file C:Windowsdebugdcdiag.txt.
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller for domain saqibullah.com:

The error was: “DNS name does not exist.”
(error code 0x0000232B RCODE_NAME_ERROR)

This error means that your computer was unable to find the Active Directory Domain Controller, so you need to tell your computer where it find the DNS server.

You need to open Network and Sharing Center from the control panel and follow the steps mentioned on Fix 4 in order add the internal DNS Server of your company.

Windows security screen will appear in which type domain user name and password. After inserting the credentials a restart of workstation is required. Now your computer is a part of your company domain. Check out also error code 105 “err_name_not_resolved chrome” in google chrome.

Conclusions for DNS Name Does Not Exist Error message

In our today article we reviewed various resolutions in order to help you fix DNS Name does not exist error message in Windows 10. We hope you will find this method helpful. Have you managed to solve it? Please let us know in the comments below.

Источник

Every IT admin managing machines in an Active Directory environment has been there. You try to add a computer to an Active Directory (AD) domain and get the dreaded “An Active Directory Domain Controller Could not be Contacted” error. In this article, learn the steps to diagnose (and solve) this problem for good.

Discover, report and prevent insecure Active Directory account passwords in your environment with Specops’ completely free Password Auditor Pro. Download it today!

An Active Directory Domain Controller Could not be Contacted

This error is DNS-related. The main problem is that the computer has failed to find an appropriate SRV DNS record it needs to join the AD domain.

I’ve put together a few steps for you to follow to fix this error and get your computer joined to your domain.

Ensure You’re Using the Right DNS Servers

Before you get too far down a rabbit hole, first ensure you’re using the right DNS servers in the first place.

Active Directory and DNS have a special relationship. Domain controllers register specific records in DNS servers they know about. These live in the _ldap._tcp.dc.msdcs.<domainname> zone and help AD-joined devices find resources such as domain controllers. SRV records won’t exist in DNS servers that aren’t AD-integrated.

To resolve this issue, you need to be using either:

An AD-integrated DNS server
A DNS server that replicates records from an AD aware DNS server
A DNS server that has forwarding set up to query either an AD-integrated DNS server or a DNS server with replicated records

To check that the DNS server you are using is one of the above, run the following command in a PowerShell session on an existing domain joined computer:

PS C:> Get-DnsClientServerAddress

InterfaceAlias               Interface Address ServerAddresses
                             Index     Family
--------------               --------- ------- ---------------
Ethernet                             9 IPv4    {10.0.0.101}
Ethernet                             9 IPv6    {}
Loopback Pseudo-Interface 1          1 IPv4    {}
Loopback Pseudo-Interface 1          1 IPv6    {fec0:0:0:ffff::1, fec0:0:0:ffff::2, fec0:0:0:ffff::3}

The responses you get under the ServerAddesses column are the DNS servers being used by that computer. If you don’t have another domain client to check, you will need to contact your network team for this information.

You can either use PowerShell’s Set-DnsClientServerAddress cmdlet to change the computer’s DNS client settings or via the IPv4 Properties dialog box for the network card of the computer. This is reached by going to Control Panel –> Network –> Internet –> Network Connections.

Once in the Network Connections window, right-click on the network card, choose Properties, choose Internet Protocol Version 4 (TCP/IPv4) and then click on Properties.

IPv4 properties dialog

If the network uses Dynamic Host Configuration Protocol (DHCP), ensure the Obtain an IP address automatically and Obtain DNS server address automatically options are selected.

If your network doesn’t use DHCP then update the Preferred DNS server and Alternative DNS server values to the correct ones you obtained earlier.

Find the True Error

If you’ve confirmed your computer has the correct DNS servers then it’s time to jump in a little further.

When you attempt to join a computer to a domain, the error “An Active Directory Domain Controller Could not be Contacted” comes up but it’s not the “true” error message. You need to dive a little deeper.

You’ll notice in the error dialog a Details >> button. Click that. This will return more granular information allowing you to troubleshoot this error better.

Expanded details view of the error dialog

You can select the contents of the text box to copy and paste into a text viewer, or you can find the same information in the C:windowsdebugdcdiag.txt file on that machine. This file is created by the Windows when the error occurs.

The error text contains some key pieces of information. I’ve marked numbered and bolded each of these in the example below:

The domain name the machine thinks you’ve asked it to join (1)
The error code (2)
The DNS query that was made (3)
The DNS server(s) the machine queried (if any) (4)

Note: This information is intended for a network administrator. If you are not your network’s administrator, notify the administrator that you have received this information, which has been recorded in the file C:windowsdebugdcdiag.txt.

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain “carisbrookelabs.local”(1):

The error was: “DNS name does not exist.”
(error code 0x0000232B RCODE_NAME_ERROR) (2)

The query was for the SRV record for _ldap._tcp.dc._msdcs.carisbrookelabs.local (3)

Common causes of this error include the following:

The DNS SRV records required to locate an AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when an AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:

8.8.4.4
8.8.8.8 (4)

One or more of the following zones do not include delegation to its child zone: carisbrookelabs.local

local
. (the root zone)

0x0000267C DNS_ERROR_NO_DNS_SERVER

This error indicates that the DNS server could not be found to even attempt the query. It didn’t even get a chance. This is typically due to no network connectivity to the DNS server.

Note that you can join a computer without a network connection known as an offline domain join, but that is outside of the scope of this article.

Troubleshoot Your Network Connection

If you see this error message, you’ll need to start doing some network troubleshooting.

Check that your network adapter is enabled and you can connect to other network resources.
Check that you have an IP address and DNS servers configured.

You can check for an IP address and DNS servers by running ipconfig /all.

If you have an IP address and can reach other network resources, you’ll need to test your connection between the computer and the DNS server.

To do so, you can use ping and PowerShell’s Test-Connection cmdlet. Test connectivity to the DNS server(s) using either of these two utilities. If Internet Control Message Protocol (ICMP) traffic is allowed on the network, you should get a response. If there’s an error or time-out, you most likely have some sort of networking issue, such as routing. Talk to your networking team to resolve the issue, then try the join again.

Check DNS connectivity

If you’ve confirmed your network connection is working, you’ll next need to ensure your computer can connect via TCP/53 to the DNS server.

Try using the Resolve-DNSName PowerShell cmdlet with the FQDN of the domain you are trying to join. This should return one or more DNS server records:

PS C:> Resolve-DNSName carisbrookelabs.local


Name                                           Type   TTL   Section	IPAddress
----                                       	----   ---   -------	---------
carisbrookelabs.local                      	A  	600   Answer 	10.0.0.103
carisbrookelabs.local                      	A  	600   Answer 	10.0.0.102
carisbrookelabs.local                      	A  	600   Answer 	10.0.0.101

If you get an error, then it is worth checking that there’s nothing blocking IP traffic on port 53 (the port used for DNS traffic) between your machine and the DNS servers.

You can do a simple check for connectivity on port 53 using the Test-NetConnection cmdlet (not to be confused with the Test-Connection cmdlet):

PS C:> Test-NetConnection -Port 53 -ComputerName <DNSSERVERHERE>
True

You will get a response of True if the connection succeeds, or False if it fails. A failure could be due to a network or host-based firewall on the DNS server.

0x0000232B RCODE_NAME_ERROR

This error means it was able to find the DNS server but the SRV record wasn’t found. This error requires a little more troubleshooting.

Ensure You’re Using the Domain FQDN

It seems simple, but verify that the name you typed matches the fully qualified domain name (FQDN) of the domain you are trying to join. This should only be a domain name, not a server name. For example, use carisbrookelabs.local and not WIN-3467RQTHJH5.carisbrookelabs.local.

If there’s any doubt, check the domain name of an existing domain client. You can find the appropriate domain name by running this PowerShell command on an existing domain client.

PS51> (Get-CimInstance Win32_ComputerSystem).Domain
carisbrookelabs.local

If you attempt to use the NETBIOS name (contoso) vs. the FQDN (contoso.local), the computer might find the domain but Windows will treat the name as an FQDN anyway.

If you type a NETBIOS name and don’t have a WINS infrastructure in place you will get the error we’re trying to fix. Always use a FQDN rather than a NETBIOS name.

Typing an FQDN in the Computer/Domain Changes dialog

Check DNS records

For this step you are going to use Resolve-DNSName again. This time using the exact DNS record that was not retrieved when you tried to join your machine to the domain. Copy and paste it from the dcdiag.txt file mentioned in the introduction, or the copy of the error text you took earlier. This will avoid any typos with underscores and dashes.

Your command should look something like this:

PS C:> Resolve-DNSName _ldap._tcp.dc._msdcs.carisbrookelabs.local


Name                    	Type TTL   Section	PrimaryServer           	NameAdministrator       	SerialNumber
----                    	---- ---   -------	-------------           	-----------------       	------------
_msdcs.carisbrookelabs.loca SOA  3600  Authority  WIN-3467RQTHJH5.carisbrooke hostmaster.carisbrookelabs. 419
l                                             	labs.local              	local

Want to quickly check your Active Directory for leaked passwords? Specops has a tool that does so for free and generates a nice report as well.

If you get DNS name does not exist as the response to this command, then your issue is with DNS.

Ensure you’re using the correct DNS server
Ensure the relevant records have not been deleted

If you get a positive response to Resolve-DNSName _msdcs.<domainname> but get a DNS name does not exist from Resolve-DNSName _ldap._tcp.dc._msdcs.<domainname>, then the records are missing.

Re-register your domain controller’s DNS records using the command ipconfig /registerdns on each DC. It may take a few minutes for the records to appear.

Once you can confirm the presence of the required DNS record(s) using Resolve-DNSName then you should be good to go.

Summary

In this article, you’ve learned some steps to try when troubleshooting the error “An Active Directory Domain Controller Could not be Contacted”. It’s impossible to cover every single scenario in an article like this, but I hope the process works for you and gets you on the right path!

Active Directory Domain Controller Could Not Be Contacted Error: What Does It Looks Like?

A user or an administrator tries to join a new Windows workstation/server to a domain. To do this, open the System Properties on the workstation, and press Change settings > Change. Enter a new computer name, and select that this computer should be a member of a specified domain. Enter your AD domain FQDN name. After clicking on the OK button, you may receive an error:

An Active Directory Domain Controller (AD DC) for the domain “theitbros.com” could not be contacted.

Ensure that the domain name is typed correctly.

If the name is correct, click Details for troubleshooting information.

How to Fix AD Domain Controller Could Not Be Connected Error?

Here are some basic steps that should help you fix the domain controller connection error:

Check your IP address and DNS settings;
Check the Active Directory domain controller connectivity;
Check DC Health (SRV DNS records, Netlogon, and Sysvol folders).

Let’s look at each of these steps in more detail.

Check the IP Settings and DNS Settings on Your Computer

Most often, this problem is related to the wrong IP or DNS settings on your computer.

Check IP Address

First, check if your computer has the correct IP address on the primary network interface. The IP address can be obtained from a DHCP server, or manually specified in the network adapter settings. You can view the current network settings of the computer using the command:

ipconfig /all

Make sure your computer’s IP address matches the network it’s on. Try to manually set a static IP address, or vice versa, get the correct address from the DHCP server (select Obtain IP address automatically in the properties of your network adapter).

Check DNS Client Settings

Make sure your network adapter’s IP settings are set to your internal DNS servers. You can display the current DNS servers for your adapter using PowerShell:

DnsClientServerAddress

If the DNS server address is incorrect, change it manually or get settings from DHCP.

Make sure the DNS Client service is running using Get-Service cmdlet:

Get-Service dnscache

Open the hosts file (C:WindowsSystem32Driversetchosts) on the computer using notepad.exe or another text editor, and make sure there are no entries for your domain or domain controller names. If such entries exist, delete them.

You can display the contents of the hosts file with the command:

get-content C:WindowsSystem32Driversetchosts

Then clear the DNS cache, and restart the service from the elevated command prompt:

ipconfig /flushdns

net stop dnscache && net start dnscache

Check if your computer can resolve the domain name to the correct IP address of the domain controller. Use the Resolve-DNSName cmdlet with the FQDN of your domain to which you are trying to join your workstation:

Resolve-DNSName theitbros.com

The command should return one or more records of DNS servers.

Verify the Domain Controller Connectivity

Next, check if the domain controller is accessible from the client. Open a command prompt, and run the following commands:

ping your_domain_name.com

And:

tracert your_domain_name.com

Make sure your domain controller is responding and reachable.

Note. In addition, it’s recommended to check the availability of the domain controller from other workstations on the same IP network.

If the DC is reachable, try to add the received IP address as a DNS server in the Advanced TCP/IP settings of your network connection.

Open Control Panel > Network and Internet > Network and Sharing Center > Change adapter settings;
Select a network adapter that is connected to your corporate network, right-click on it, and select Properties;
Select Internet Protocol Version 4 (TCP/IPv4), and click Properties;
Press the Advanced button, and go to the DNS tab;
On the DNS tab press Add, and enter the IP address of your DNS server (domain controller). Don’t use Public DNS IPs in preferred and alternative fields, like 8.8.8.8 (google) or 1.1.1.1 (cloudflare);
Click OK (if several IP addresses are listed in the DNS server list, move the IP address of your DC to the top of the list);
Save the changes and restart the workstation;
Try to join your workstation to the AD domain.

Check If the Domain Controller Connections Aren’t Blocked By the Firewall

Verify if the access to the DNS service on the domain controller is not blocked by firewalls. The easiest way to check the availability of port 53 on a DC is to use PowerShell:

Test-Netconnection 192.168.1.11 -port 53

In our example, TcpTestSucceeded: True means that the DNS service on the DC is accessible.

Also, make sure the computer can contact the DNS server that hosts the DNS zone or can resolve DNS names in that domain. Make sure the correct DNS server is configured on this client as preferred and the client is connected to this server. Confirm you can find a domain and access the domain controller from the computer using the command:

nltest /dsgetdc:theitbros.com

If your computer successfully discovered the domain and domain controller, the command should return information about the domain, Active Directory sites and services running on the DC:

DC: \DC01.theitbros.com

Address: \192.168.1.15

Dom Guid: 4216f343-2949-21c3-8caa-6d7cbcdb1690

Dom Name: theitbros.com

Forest Name: theitbros.com

Dc Site Name: NY

Our Site Name: NY

Flags: PDC GC DS LDAP KDC TIMESERV GTIMESERV WRITABLE DNS_DC DNS_DOMAIN DNS_FOREST CLOSE_SITE FULL_SECRET WS

The command completed successfully.

Hint. Another helpful guide that can help you troubleshoot DC connectivity over RPC is “1722 The RPC server is unavailable”.

Also, try to temporarily disable the built-in Windows Firewall, and all third-party applications with antivirus/firewalls modules (Symantec, MacAfee, Windows Defender, etc.), that can block network ports to access the domain controller. After disabling the firewalls, try to join the computer to the domain.

Here is the minimum list of network protocols, ports, and services that must not be blocked in firewalls between a client and a domain controller to successfully join a device to the Active Directory domain:

UDP 53 — DNS traffic;
TCP and UDP 88 — Kerberos authentication;
UDP 123 — Windows Sync time with Domain Controller;
TCP 135 — Remote Procedure Call RPC Locator;
TCP and UDP 139 — NetBIOS Session Service;
TCP and UDP 389 (LDAP, DC Locator, Net Logon) or TCP 636 (LDAP over SSL);
TCP 445 (SMB/CIFS, Net Logon);
TCP 49152-65535 — RPC ports, randomly allocated high TCP ports.

Check the DNS SRV Records on the Domain Controller

Check DNS Records on your DC

If the above method didn’t help, check if in the DNS zone of your domain controller there is an SRV record of the location of the DC.

Open an elevated Command prompt, and run the following commands:

nslookup

set type=all

_ldap._tcp.dc.msdcs.your_domain_name.com

Verify if the specified DNS server has an SRV record in the following form:

_ldap._tcp.dc._msdcs.your_domain_name.com SRV service location:

If the specified SRV record is missing, it means your computer is configured to use a DNS server that does not have a correct SRV record with the location of the domain controller.

Update/Re-Register DNS SRV Records on DC

If you can’t change the DNS settings on your computer, you can manually add two records (SRV and A) to your existing DNS server which help you to resolve the domain controller’s IP address:

_ldap._tcp.dc.msdcs.your_domain_name.com — is an SRV resource record that points to the domain controller that hosts the ADDS role;
Resource A record that identifies the IP address for the DC listed in the _ldap._tcp.dc.msdcs.your_domain_name.com SRV resource record.

Restart the Netlogon service on the domain controller with the command:

net stop netlogon && net start netlogon

(or simply try to reboot the DC)

On startup, it will try to register the necessary SRV records on the DNS server.

Also, you can re-register domain controller DNS records using the command:

ipconfig /registerdns

Wait for a while for the records to appear in DNS and replicate across the domain.

Also, make sure the dynamic updates are allowed in your Windows DNS zone settings.

Check the Domain Controller Health

Perform a health check on your domain controllers and replication according to the following guides:

How to check Active Directory health?
Check AD Replication using the Repadmin command.

It is also recommended to verify if the SYSVOL and NETLOGON network shared folders are created and accessible on the domain controller (run the net share command on the closest DC).

If the SYSVOL and NETLOGON directories are missing in the shares list:

Check the IP and DNS settings on your DC (the domain controller shouldn’t receive an IP address from a DHCP server, use only a static IP address);
Verify if the C:WindowsSYSVOL domain directory contains Policies and Scripts folders;
If you did not migrate Sysvol replication from FRS to DFS, to replicate Sysvol from PDC to all DCs in the domain, you need to stop the File Replication Service (net stop NtFrs). Then run the Regedit and go to the registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNtFrsParametersBackup/RestoreProcess at Startup, here change the value of BurFlags DWORD parameter to D4 (hex) on PDC, and to D2 (hex) on all additional domain controllers. After that, start the service:
```
net start NtFrs
```

And check if the directory DCName SYSVOL appears and is accessible on the problem DC.

Troubleshooting Error “an Active Directory Domain Controller Could not be Contacted”

If none of the above methods helped you to fix the problem, you need to move to more advanced troubleshooting. Note that the Details button is available in the error message.

Click the Details button for more information about the error. In most cases, there you will see an error “DNS name does not exist” or one of the following error codes 0x0000232B RCODE_NAME_ERROR, 0x0000267C DNS_ERROR_NO_DNS_SERVER, and 0x00002746 WSAECONNRESET).

For example:

The domain name “DOMAIN_NAME” might be a NetBIOS domain name. If this is the case, verify that the domain name is properly registered with WINS.

If you are certain that the name is not a NetBIOS domain name, then the following information can help you troubleshoot your DNS configuration.

The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain “DOMAIN_NAME”:

The error was: “DNS name does not exist.”

(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.DOMAIN_NAME

Common causes of this error include the following:

– The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses:

xx.xx.xx.xx

xx.xx.xx.xx

– One or more of the following zones do not include delegation to its child
zone:

Domain_name
local
.. (the root zone)

Open the text file C:windowsdebugdcdiag.txt on the user’s computer. Carefully study the latest errors in this file. Perhaps they will point you in the right direction.

Most often, you can face such errors in the dcdiag.txt file:

0x0000232B — RCODE_NAME_ERROR (“DNS name does not exist”) – your computer cannot find the SRV record on the DNS server. Make sure your computer’s DNS settings are set to the IP address of your domain controller. Check SRV records on DC;
0x0000267C — DNS_ERROR_NO_DNS_SERVER (“No DNS Servers configured for local system”). In this case, it is recommended to check your IP and DNS settings, and network connectivity;
0x00002746 — WSAECONNRESET (“An existing connection was forcibly closed by the remote host”) — check the network connectivity and firewall rules. Try to restart the DNS service on the DC, or reboot the host completely.

Sometimes, in the Netsetup.log file, you can find useful information about errors in joining a computer to an Active Directory domain. It is Windows clients log the details of the domain join operation. This log can be found here %windir%debugNetsetup.log. Carefully examine the errors in the Netsetup.log file, they may help you in finding the problem of not being able to connect to the Active Directory domain.

The most typical errors are:

An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resolve DNS names in the target domain;
An operation was attempted on a nonexistent network connection — restart the computer, make sure that you type the DNS name and not the NetBIOS name;
Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again — reboot your device;
Network name cannot be found — make sure your computer can access the DNS server hosting the domain’s DNS zone;
No more connections can be made to this remote computer at this time because there are already as many connections as the computer can accept — remove all mapped drives and reboot the computer.

About
Latest Posts

I enjoy technology and developing websites. Since 2012 I’m running a few of my own websites, and share useful content on gadgets, PC administration and website promotion.

Источник

Our schools has two domain controllers running Server 2008. One DC experienced issues forcing us to demote the system. We are now trying to run DCPROMO and experience the below error.

The domain name CAMPUS might be a NetBIOS domain name. If this is the
case, verify that the domain name is properly registered with WINS.

If you are certain that the name is not a NetBIOS domain name, then
the following information can help you troubleshoot your DNS
configuration.

The following error occurred when DNS was queried for the service
location (SRV) resource record used to locate an Active Directory
Domain Controller for domain CAMPUS:

The error was: «DNS name does not exist.» (error code 0x0000232B
RCODE_NAME_ERROR)

The query was for the SRV record for _ldap._tcp.dc._msdcs.CAMPUS

Common causes of this error include the following:

The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server
automatically when a AD DC is added to a domain. They are updated by
the AD DC at set intervals. This computer is configured to use DNS
servers with the following IP addresses:

192.168.1.2

One or more of the following zones do not include delegation to its child zone:

CAMPUS . (the root zone)

For information about correcting this problem, click Help.

DNS on the NIC points directly to the working DNS, which also serves as our current DC (192.168.1.2).
When pinging the DNS by IP, we receive a reply. When pinging the DC computer name, we receive an IPV6 response, but the correct IP can be seen when adding -4 to the end of the ping.
Clients (more than 40) are using the DC just fine without any issues
We can ping campus.school.local and just campus on both servers. The working DC responds fine, along with clients. However, the other cannot resolve the domain.
We also tried adding our domain info to the DNS suffix for problem DC with no luck.
Rebuilding our domain just is not an option with hundreds of accounts at stake.

I look forward to any help here, I am stumped.

Источник

Fix 1: Change from HTTP to HTTPS

Fix 2: Use Another Browser

Fix 3: Disable the IPv6

Fix 4: Uses of Google DNS Server

DNS Name Does Not Exist error message – Join Computer to a Domain

Conclusions for DNS Name Does Not Exist Error message

Ensure You’re Using the Right DNS Servers

Find the True Error

0x0000267C DNS_ERROR_NO_DNS_SERVER

Troubleshoot Your Network Connection

Check DNS connectivity

0x0000232B RCODE_NAME_ERROR

Ensure You’re Using the Domain FQDN

Check DNS records

Summary

Further Reading

Active Directory Domain Controller Could Not Be Contacted Error: What Does It Looks Like?

How to Fix AD Domain Controller Could Not Be Connected Error?

Check the IP Settings and DNS Settings on Your Computer

Check IP Address

Check DNS Client Settings

Verify the Domain Controller Connectivity

Check If the Domain Controller Connections Aren’t Blocked By the Firewall

Check the DNS SRV Records on the Domain Controller

Check DNS Records on your DC

Update/Re-Register DNS SRV Records on DC

Troubleshooting Error “an Active Directory Domain Controller Could not be Contacted”

Читайте также: