Forum Discussion
David_Bex
Sep 11, 2019Copper Contributor
Server 2016 Std DNS BPA Errors
I have three DNS errors and a large number of warnings which I cannot resolve. There is also a problem with Windows Time which cannot resolve the time server and defaults to the CMOS clock.
There is only one ethernet adaptor:
IPConfig/all gives:
Windows IP Configuration
Host Name . . . . . . . . . . . . : XXX-Server
Primary Dns Suffix . . . . . . . : XXX.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : XXX.local
Ethernet adapter Ethernet:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) I210 Gigabit Network Connection
Physical Address. . . . . . . . . : AC-1F-6B-6A-2F-F5
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f8db:3ccb:4fb6:a153%12(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Default Gateway . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 61611883
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-22-E0-CA-14-AC-1F-6B-6A-2F-F5
DNS Servers . . . . . . . . . . . : 10.0.0.100
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{7E07F518-866F-449E-8032-3F6AAF177C0F}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DCDiag /test:dns gives:
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = XXX-Server
* Identified AD Forest.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\XXX-Server
Starting test: Connectivity
......................... XXX-SERVER passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\XXX-SERVER
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
......................... XXX-SERVER passed test DNS
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : XXX
Running enterprise tests on : XXX.local
Starting test: DNS
Test results for domain controllers:
DC: XXX-Server.XXX.local
Domain: XXX.local
TEST: Dynamic update (Dyn)
Warning: Failed to delete the test record dcdiag-test-record in zone XXX.local
XXX-Server PASS PASS PASS PASS WARN PASS n/a
......................... XXX.local passed test DNS
Any help gratefully received.
There is only one ethernet adaptor:
If this were the PDC emulator then time would / should be sync'd to either a hardware clock or possibly an external known source.
w32tm /unregister net stop w32time w32tm /register net start w32time w32tm /config /manualpeerlist:xxx.xxx.xxx.xxx /syncfromflags:manual /reliable:yes /update net stop w32time net start w32time
then check
w32tm /query /source w32tm /query /configuration
(replace xxx.xxx.xxx.xxx with desired source)
https://tf.nist.gov/tf-cgi/servers.cgi
If you're using integration services Time synchronization box checked then this overrides NT5DS and makes the source come from the hypervisor host only.
All domain members should use NT5DS domain time. Desktops and member servers will sync with any domain controller. Domain controllers sync with PDC emulator, PDCe syncs with either a hardware clock or possibly an external source.
- David_BexCopper Contributor
Thanks very much Dave Patrick for your reply. Unfortunately the time sync didn't work. I think there is a slight sequence error in the commands. So I have changed the unregister command to be after the net stop command. I have changed the time server IP to 3.uk.pool.ntp.org which pings successfully.
The serious issue as I see it are the DNS errors. I suppose I can always set the CMOS clock accurately occasionally but any further assistance in resolving the NTP issue gratefully received..
Results below:
C:\Users\XXX-Admin>net stop w32time
The Windows Time service is stopping.
The Windows Time service was stopped successfully.
C:\Users\XXX-Admin>w32tm /unregister
W32Time successfully unregistered.C:\Users\XXX-Admin>w32tm /register
W32Time successfully registered.C:\Users\XXX-Admin>net start w32time
The Windows Time service is starting.
The Windows Time service was started successfully.
C:\Users\XXX-Admin>w32tm /config /manualpeerlist:85.199.214.100 /syncfromflags:manual /reliable:yes /update
The command completed successfully.C:\Users\XXX-Admin>net stop w32time
The Windows Time service is stopping.
The Windows Time service was stopped successfully.
C:\Users\XXX-Admin>net start w32time
The Windows Time service is starting.
The Windows Time service was started successfully.
C:\Users\XXX-Admin>w32tm /query /source
Local CMOS Clock
C:\Users\XXX-Admin>w32tm /query /configuration
[Configuration]EventLogFlags: 2 (Policy)
AnnounceFlags: 5 (Policy)
TimeJumpAuditOffset: 28800 (Local)
MinPollInterval: 6 (Policy)
MaxPollInterval: 10 (Policy)
MaxNegPhaseCorrection: 172800 (Policy)
MaxPosPhaseCorrection: 172800 (Policy)
MaxAllowedPhaseOffset: 300 (Policy)FrequencyCorrectRate: 4 (Policy)
PollAdjustFactor: 5 (Policy)
LargePhaseOffset: 50000000 (Policy)
SpikeWatchPeriod: 900 (Policy)
LocalClockDispersion: 2 (Policy)
HoldPeriod: 5 (Policy)
PhaseCorrectRate: 1 (Policy)
UpdateInterval: 100 (Policy)
[TimeProviders]NtpClient (Local)
DllName: C:\Windows\SYSTEM32\w32time.DLL (Local)
Enabled: 1 (Local)
InputProvider: 1 (Local)
CrossSiteSyncFlags: 2 (Policy)
AllowNonstandardModeCombinations: 1 (Local)
ResolvePeerBackoffMinutes: 15 (Policy)
ResolvePeerBackoffMaxTimes: 7 (Policy)
CompatibilityFlags: 2147483648 (Local)
EventLogFlags: 0 (Policy)
LargeSampleSkew: 3 (Local)
SpecialPollInterval: 3600 (Policy)
Type: NT5DS (Policy)NtpServer (Local)
DllName: C:\Windows\SYSTEM32\w32time.DLL (Local)
Enabled: 1 (Local)
InputProvider: 0 (Local)
AllowNonstandardModeCombinations: 1 (Local)No, the sequence is correct. You can ignore errors depending on the state of service. From the results above the time configuration is being overridden by a policy. However if you're moving on to other issues then please run;
- Dcdiag /v /c /d /e /s:%computername% >c:\dcdiag.log
- repadmin /showrepl >C:\repl.txt
- ipconfig /all > C:\dc1.txt
- ipconfig /all > C:\dc2.txt
- ipconfig /all > C:\dc3.txt
then put unzipped text files up on OneDrive and share a link.