To open the file in Notepad, at the command prompt, type notepad dcdiagreport. If you placed the file in a different working directory, include the path to the file. For example, if you placed the file in c:reports, type notepad c:reportsdcdiagreport. Scroll to the Summary table near the bottom of the file. Note the names of all the domain controllers that report "Warn" or "Fail" status in the Summary table. Try to determine if there is a problem domain controller by finding the detailed breakout section by searching for the string "DC: DCName," where DCName is the actual name of the domain controller.
If you see obvious configuration changes that are required, make them, as appropriate. For example, if you notice that one of your domain controllers has an obviously incorrect IP address, you can correct it. Then, rerun the test. Try to restart the DNS Server service by entering the following at a command prompt on the server:. If the issue occurs when the service is running, the server might not be listening on the IP address that you used in your nslookup query. On the Interfaces tab of the server properties page in the DNS console, administrators can restrict a DNS server to listen on only selected addresses.
If the DNS server has been configured to limit service to a specific list of its configured IP addresses, it's possible that the IP address that's used to contact the DNS server is not in the list. You can try a different IP address in the list or add the IP address to the list. In rare cases, the DNS server might have an advanced security or firewall configuration.
If the server is located on another network that is reachable only through an intermediate host such as a packet filtering router or proxy server , the DNS server might use a non-standard port to listen for and receive client requests. Therefore, if the DNS server uses any other port, nslookup queries fail. If you think that this might be the problem, check whether an intermediate filter is intentionally used to block traffic on well-known DNS ports.
Check whether the server that returns the incorrect response is a primary server for the zone the standard primary server for the zone or a server that uses Active Directory integration to load the zone or a server that's hosting a secondary copy of the zone. The problem might be caused by user error when users enter data into the zone. Or, it might be caused by a problem that affects Active Directory replication or dynamic update. You can determine which server is the primary server by examining the properties of the secondary zone in the DNS console.
If the name is correct on the primary server, check whether the serial number on the primary server is less than or equal to the serial number on the secondary server.
If it is, modify either the primary server or the secondary server so that the serial number on the primary server is greater than than the serial number on the secondary server.
On the secondary server, force a zone transfer from within the DNS console or by running the following command:. For example, if the zone is corp. Examine the secondary server again to see whether the zone was transferred correctly. If not, you probably have a zone transfer problem.
For more information, see Zone Transfer Problems. It is also used to diagnose DNS servers, AD replication, and other critical domain services within your Active Directory infrastructure. These tests give you a brief overview of the overall health of your Active Directory Domain Controller. With this utility, you can perform up to 30 different tests of your Active Directory Domain Controller to check its health status and other major issues that could be happening without you even knowing!
In previous versions of Windows Server, you need to download and install the DCDiag utility from the following link:. Best Regards, Travis Please remember to mark the replies as an answers if they help. Friday, August 3, AM. Hi Dave, Please review logs from below one drive. Monday, August 6, PM. Delegation information for the zone: corp. Delegated domain name: corp. Warning: Delegation of DNS server blr-dc Tuesday, August 7, AM.
Remove 4. Hi, I have one more question, while migrating i have not raised forest level and domain level. Monday, August 13, PM. An issue?
0コメント