Windows 2012 Domain Controller NETLOGON errorWindows Server 2012 cannot connect to local domain...
Why didn't the Space Shuttle bounce back into space as many times as possible so as to lose a lot of kinetic energy up there?
Size of electromagnet needed to replicate Earth's magnetic field
What's the polite way to say "I need to urinate"?
Re-entry to Germany after vacation using blue card
Implications of cigar-shaped bodies having rings?
How to stop co-workers from teasing me because I know Russian?
Minor Revision with suggestion of an alternative proof by reviewer
What's the name of these pliers?
How exactly does Hawking radiation decrease the mass of black holes?
555 timer FM transmitter
Rivers without rain
How to denote matrix elements succinctly?
If a planet has 3 moons, is it possible to have triple Full/New Moons at once?
Do I have an "anti-research" personality?
How much cash can I safely carry into the USA and avoid civil forfeiture?
Extension of 2-adic valuation to the real numbers
Why did C use the -> operator instead of reusing the . operator?
How do I deal with a coworker that keeps asking to make small superficial changes to a report, and it is seriously triggering my anxiety?
As an international instructor, should I openly talk about my accent?
How to not starve gigantic beasts
Can we say “you can pay when the order gets ready”?
Critique of timeline aesthetic
What does ゆーか mean?
What is causing the white spot to appear in some of my pictures
Windows 2012 Domain Controller NETLOGON error
Windows Server 2012 cannot connect to local domain controllerAuto-registered dns record on windows server 2012How do I add a Microsoft account user to Windows Server 2012?Domain Controller Target Principle Name is Incorrect?Can't Add Server to a Domain ControllerCreate Vagrant Windows Server 2012 box with Active Directory + Forest breaking WinRMUnable to join windows server 2012 r2 domainDetect user login in Windows Domain ControllerIs pointing DNS to Domain Controller required for GPOs to work?FRITZ!Box as a DNS for a Domain Controller?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}
We have Sonicwall firewall user authentication System active since last two months.
We have Windows 2012 Active directory server setup with around 1400 user account created.
These accounts were created by using following PowerShell scripts
Import-Module ActiveDirectory
#Import CSV
$csv = @()
$csv = Import-Csv -Path C:UsersAdministratorDesktop"College User Ac Password Details"FEcivil.csv
FOREACH ($Person in $csv) {
$name = $Person.UserName
$displayname = $Person.Name
$path = "OU=here,DC=comp,DC=com"
$password = $Person.Password
$enabled = $True
$changePW = $False
$description="CIVIL"
new-ADUser -SamAccountName $name -Name $name -Description $description -DisplayName $displayname -Path $path -AccountPassword (ConvertTo-SecureString $password -AsPlainText -force) -Enabled $enabled -ChangePasswordAtLogon $changePW -PassThru
}
Above script reads an CSV file with username and passwords and create user accounts on Active Directory.
But since today we are facing issue during authentication process.
We are unable to logon to Directory server. When Sonicwall firewall tries to authenticate an user, it logged-out same user.
When I checked Event logger on Windows Active Directory server it shows following message.
The dynamic registration of the DNS record 'ForestDnsZones.comp.com. 600
IN A 192.168.0.12' failed on the following DNS server:
DNS server IP address: (removed)
Returned Response Code (RCODE): 5
Returned Status Code: 9017
For computers and users to locate this domain controller, this record must be registered in DNS.
USER ACTION
Determine what might have caused this failure, resolve the problem, and initiate
registration of the DNS records by the domain controller. To determine what might have
caused this failure, run DCDiag.exe. To learn more about DCDiag.exe, see Help and
Support Center. To initiate registration of the DNS records by this domain
controller, run 'nltest.exe /dsregdns' from the command prompt on the domain
controller or restart Net Logon service. Or, you can manually add this record to DNS,
but it is not recommended.
ADDITIONAL DATA
Error Value: DNS bad key.
Above log entry talks about DNS issue. But I did non configured any DNS server on this machine.Authentication was working fine for last two months , but suddenly from today we are facing above issue.
Kindly help me out in resolving this issue.
EDIT1
Getting following warning in DNS Server Log
The DNS server is waiting for Active Directory Domain Services (AD DS) to signal that the initial synchronization of the directory has been completed. The DNS server service cannot start until the initial synchronization is complete because critical DNS data might not yet be replicated onto this domain controller. If events in the AD DS event log indicate that there is a problem with DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet Protocol properties of this computer. This event will be logged every two minutes until AD DS has signaled that the initial synchronization has successfully completed.
dns powershell active-directory windows-server-2012 active-directory-explorer
asked Apr 30 '14 at 12:30
user2201980user2201980
112
bumped to the homepage by Community♦ yesterday
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
|
show 3 more comments
We have Sonicwall firewall user authentication System active since last two months.
We have Windows 2012 Active directory server setup with around 1400 user account created.
These accounts were created by using following PowerShell scripts
Import-Module ActiveDirectory
#Import CSV
$csv = @()
$csv = Import-Csv -Path C:UsersAdministratorDesktop"College User Ac Password Details"FEcivil.csv
FOREACH ($Person in $csv) {
$name = $Person.UserName
$displayname = $Person.Name
$path = "OU=here,DC=comp,DC=com"
$password = $Person.Password
$enabled = $True
$changePW = $False
$description="CIVIL"
new-ADUser -SamAccountName $name -Name $name -Description $description -DisplayName $displayname -Path $path -AccountPassword (ConvertTo-SecureString $password -AsPlainText -force) -Enabled $enabled -ChangePasswordAtLogon $changePW -PassThru
}
Above script reads an CSV file with username and passwords and create user accounts on Active Directory.
But since today we are facing issue during authentication process.
We are unable to logon to Directory server. When Sonicwall firewall tries to authenticate an user, it logged-out same user.
When I checked Event logger on Windows Active Directory server it shows following message.
The dynamic registration of the DNS record 'ForestDnsZones.comp.com. 600
IN A 192.168.0.12' failed on the following DNS server:
DNS server IP address: (removed)
Returned Response Code (RCODE): 5
Returned Status Code: 9017
For computers and users to locate this domain controller, this record must be registered in DNS.
USER ACTION
Determine what might have caused this failure, resolve the problem, and initiate
registration of the DNS records by the domain controller. To determine what might have
caused this failure, run DCDiag.exe. To learn more about DCDiag.exe, see Help and
Support Center. To initiate registration of the DNS records by this domain
controller, run 'nltest.exe /dsregdns' from the command prompt on the domain
controller or restart Net Logon service. Or, you can manually add this record to DNS,
but it is not recommended.
ADDITIONAL DATA
Error Value: DNS bad key.
Above log entry talks about DNS issue. But I did non configured any DNS server on this machine.Authentication was working fine for last two months , but suddenly from today we are facing above issue.
Kindly help me out in resolving this issue.
EDIT1
Getting following warning in DNS Server Log
The DNS server is waiting for Active Directory Domain Services (AD DS) to signal that the initial synchronization of the directory has been completed. The DNS server service cannot start until the initial synchronization is complete because critical DNS data might not yet be replicated onto this domain controller. If events in the AD DS event log indicate that there is a problem with DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet Protocol properties of this computer. This event will be logged every two minutes until AD DS has signaled that the initial synchronization has successfully completed.
dns powershell active-directory windows-server-2012 active-directory-explorer
asked Apr 30 '14 at 12:30
user2201980user2201980
112
bumped to the homepage by Community♦ yesterday
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
Run this command and check the outputdcdiag /test:dns
– Colyn1337
Apr 30 '14 at 12:39
Output is copied to ur1.ca/h7rs8
– user2201980
Apr 30 '14 at 12:50
Based on the output, do you have a firewall running on that box?
– Colyn1337
Apr 30 '14 at 12:54
I had stopped DNS client and DNS server services . Windows firewall is running.
– user2201980
Apr 30 '14 at 12:59
Can you join the chat? Also, just for clarification, I was asking if you had a firewall running on the DC.
– Colyn1337
Apr 30 '14 at 13:02
|
show 3 more comments
We have Sonicwall firewall user authentication System active since last two months.
We have Windows 2012 Active directory server setup with around 1400 user account created.
These accounts were created by using following PowerShell scripts
Import-Module ActiveDirectory
#Import CSV
$csv = @()
$csv = Import-Csv -Path C:UsersAdministratorDesktop"College User Ac Password Details"FEcivil.csv
FOREACH ($Person in $csv) {
$name = $Person.UserName
$displayname = $Person.Name
$path = "OU=here,DC=comp,DC=com"
$password = $Person.Password
$enabled = $True
$changePW = $False
$description="CIVIL"
new-ADUser -SamAccountName $name -Name $name -Description $description -DisplayName $displayname -Path $path -AccountPassword (ConvertTo-SecureString $password -AsPlainText -force) -Enabled $enabled -ChangePasswordAtLogon $changePW -PassThru
}
Above script reads an CSV file with username and passwords and create user accounts on Active Directory.
But since today we are facing issue during authentication process.
We are unable to logon to Directory server. When Sonicwall firewall tries to authenticate an user, it logged-out same user.
When I checked Event logger on Windows Active Directory server it shows following message.
The dynamic registration of the DNS record 'ForestDnsZones.comp.com. 600
IN A 192.168.0.12' failed on the following DNS server:
DNS server IP address: (removed)
Returned Response Code (RCODE): 5
Returned Status Code: 9017
For computers and users to locate this domain controller, this record must be registered in DNS.
USER ACTION
Determine what might have caused this failure, resolve the problem, and initiate
registration of the DNS records by the domain controller. To determine what might have
caused this failure, run DCDiag.exe. To learn more about DCDiag.exe, see Help and
Support Center. To initiate registration of the DNS records by this domain
controller, run 'nltest.exe /dsregdns' from the command prompt on the domain
controller or restart Net Logon service. Or, you can manually add this record to DNS,
but it is not recommended.
ADDITIONAL DATA
Error Value: DNS bad key.
Above log entry talks about DNS issue. But I did non configured any DNS server on this machine.Authentication was working fine for last two months , but suddenly from today we are facing above issue.
Kindly help me out in resolving this issue.
EDIT1
Getting following warning in DNS Server Log
The DNS server is waiting for Active Directory Domain Services (AD DS) to signal that the initial synchronization of the directory has been completed. The DNS server service cannot start until the initial synchronization is complete because critical DNS data might not yet be replicated onto this domain controller. If events in the AD DS event log indicate that there is a problem with DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet Protocol properties of this computer. This event will be logged every two minutes until AD DS has signaled that the initial synchronization has successfully completed.
dns powershell active-directory windows-server-2012 active-directory-explorer
asked Apr 30 '14 at 12:30
user2201980user2201980
112
We have Sonicwall firewall user authentication System active since last two months.
We have Windows 2012 Active directory server setup with around 1400 user account created.
These accounts were created by using following PowerShell scripts
Import-Module ActiveDirectory
#Import CSV
$csv = @()
$csv = Import-Csv -Path C:UsersAdministratorDesktop"College User Ac Password Details"FEcivil.csv
FOREACH ($Person in $csv) {
$name = $Person.UserName
$displayname = $Person.Name
$path = "OU=here,DC=comp,DC=com"
$password = $Person.Password
$enabled = $True
$changePW = $False
$description="CIVIL"
new-ADUser -SamAccountName $name -Name $name -Description $description -DisplayName $displayname -Path $path -AccountPassword (ConvertTo-SecureString $password -AsPlainText -force) -Enabled $enabled -ChangePasswordAtLogon $changePW -PassThru
}
Above script reads an CSV file with username and passwords and create user accounts on Active Directory.
But since today we are facing issue during authentication process.
We are unable to logon to Directory server. When Sonicwall firewall tries to authenticate an user, it logged-out same user.
When I checked Event logger on Windows Active Directory server it shows following message.
The dynamic registration of the DNS record 'ForestDnsZones.comp.com. 600
IN A 192.168.0.12' failed on the following DNS server:
DNS server IP address: (removed)
Returned Response Code (RCODE): 5
Returned Status Code: 9017
For computers and users to locate this domain controller, this record must be registered in DNS.
USER ACTION
Determine what might have caused this failure, resolve the problem, and initiate
registration of the DNS records by the domain controller. To determine what might have
caused this failure, run DCDiag.exe. To learn more about DCDiag.exe, see Help and
Support Center. To initiate registration of the DNS records by this domain
controller, run 'nltest.exe /dsregdns' from the command prompt on the domain
controller or restart Net Logon service. Or, you can manually add this record to DNS,
but it is not recommended.
ADDITIONAL DATA
Error Value: DNS bad key.
Above log entry talks about DNS issue. But I did non configured any DNS server on this machine.Authentication was working fine for last two months , but suddenly from today we are facing above issue.
Kindly help me out in resolving this issue.
EDIT1
Getting following warning in DNS Server Log
The DNS server is waiting for Active Directory Domain Services (AD DS) to signal that the initial synchronization of the directory has been completed. The DNS server service cannot start until the initial synchronization is complete because critical DNS data might not yet be replicated onto this domain controller. If events in the AD DS event log indicate that there is a problem with DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet Protocol properties of this computer. This event will be logged every two minutes until AD DS has signaled that the initial synchronization has successfully completed.
dns powershell active-directory windows-server-2012 active-directory-explorer
dns powershell active-directory windows-server-2012 active-directory-explorer
asked Apr 30 '14 at 12:30
user2201980user2201980
112
asked Apr 30 '14 at 12:30
user2201980user2201980
112
edited May 1 '14 at 9:04
user2201980
asked Apr 30 '14 at 12:30
user2201980user2201980
112
asked Apr 30 '14 at 12:30
user2201980user2201980
112
asked Apr 30 '14 at 12:30
user2201980user2201980
112
112
bumped to the homepage by Community♦ yesterday
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
bumped to the homepage by Community♦ yesterday
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
Run this command and check the outputdcdiag /test:dns
– Colyn1337
Apr 30 '14 at 12:39
Output is copied to ur1.ca/h7rs8
– user2201980
Apr 30 '14 at 12:50
Based on the output, do you have a firewall running on that box?
– Colyn1337
Apr 30 '14 at 12:54
I had stopped DNS client and DNS server services . Windows firewall is running.
– user2201980
Apr 30 '14 at 12:59
Can you join the chat? Also, just for clarification, I was asking if you had a firewall running on the DC.
– Colyn1337
Apr 30 '14 at 13:02
|
show 3 more comments
Run this command and check the outputdcdiag /test:dns
– Colyn1337
Apr 30 '14 at 12:39
Output is copied to ur1.ca/h7rs8
– user2201980
Apr 30 '14 at 12:50
Based on the output, do you have a firewall running on that box?
– Colyn1337
Apr 30 '14 at 12:54
I had stopped DNS client and DNS server services . Windows firewall is running.
– user2201980
Apr 30 '14 at 12:59
Can you join the chat? Also, just for clarification, I was asking if you had a firewall running on the DC.
– Colyn1337
Apr 30 '14 at 13:02
Run this command and check the output
dcdiag /test:dns– Colyn1337
Apr 30 '14 at 12:39
Run this command and check the output
dcdiag /test:dns– Colyn1337
Apr 30 '14 at 12:39
Output is copied to ur1.ca/h7rs8
– user2201980
Apr 30 '14 at 12:50
Output is copied to ur1.ca/h7rs8
– user2201980
Apr 30 '14 at 12:50
Based on the output, do you have a firewall running on that box?
– Colyn1337
Apr 30 '14 at 12:54
Based on the output, do you have a firewall running on that box?
– Colyn1337
Apr 30 '14 at 12:54
I had stopped DNS client and DNS server services . Windows firewall is running.
– user2201980
Apr 30 '14 at 12:59
I had stopped DNS client and DNS server services . Windows firewall is running.
– user2201980
Apr 30 '14 at 12:59
Can you join the chat? Also, just for clarification, I was asking if you had a firewall running on the DC.
– Colyn1337
Apr 30 '14 at 13:02
Can you join the chat? Also, just for clarification, I was asking if you had a firewall running on the DC.
– Colyn1337
Apr 30 '14 at 13:02
|
show 3 more comments
1 Answer
1
active
oldest
votes
There were two issues with this case
1) Domain Controllers's Primary DNS has to loop-back address.
2)Second issue was very trivial..
The users I was trying to logon got its passwords expired. :-)
Thanks Colyn1337 for your help.
answered May 2 '14 at 9:25
user2201980user2201980
112
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f747955%2fwindows-2012-domain-controller-netlogon-error%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
There were two issues with this case
1) Domain Controllers's Primary DNS has to loop-back address.
2)Second issue was very trivial..
The users I was trying to logon got its passwords expired. :-)
Thanks Colyn1337 for your help.
answered May 2 '14 at 9:25
user2201980user2201980
112
add a comment |
There were two issues with this case
1) Domain Controllers's Primary DNS has to loop-back address.
2)Second issue was very trivial..
The users I was trying to logon got its passwords expired. :-)
Thanks Colyn1337 for your help.
answered May 2 '14 at 9:25
user2201980user2201980
112
add a comment |
There were two issues with this case
1) Domain Controllers's Primary DNS has to loop-back address.
2)Second issue was very trivial..
The users I was trying to logon got its passwords expired. :-)
Thanks Colyn1337 for your help.
answered May 2 '14 at 9:25
user2201980user2201980
112
There were two issues with this case
1) Domain Controllers's Primary DNS has to loop-back address.
2)Second issue was very trivial..
The users I was trying to logon got its passwords expired. :-)
Thanks Colyn1337 for your help.
answered May 2 '14 at 9:25
user2201980user2201980
112
answered May 2 '14 at 9:25
user2201980user2201980
112
answered May 2 '14 at 9:25
user2201980user2201980
112
answered May 2 '14 at 9:25
user2201980user2201980
112
112
add a comment |
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f747955%2fwindows-2012-domain-controller-netlogon-error%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Run this command and check the output
dcdiag /test:dns– Colyn1337
Apr 30 '14 at 12:39
Output is copied to ur1.ca/h7rs8
– user2201980
Apr 30 '14 at 12:50
Based on the output, do you have a firewall running on that box?
– Colyn1337
Apr 30 '14 at 12:54
I had stopped DNS client and DNS server services . Windows firewall is running.
– user2201980
Apr 30 '14 at 12:59
Can you join the chat? Also, just for clarification, I was asking if you had a firewall running on the DC.
– Colyn1337
Apr 30 '14 at 13:02