Help please, hear me out. I have implemented an Active Directory and DNS. I am trying to push a group policy to several client XP PCs. The clients can resolve host names of fellow client PCs, so I know the DNS is working somewhat. However, often when I try to ping the server by hostname, the client does not reach it because it is not looking for the correct IP address. I discovered that if I go the Server Manager console and go to the DNS server mydomainname.local zone and then open the Name Server properties, it lists myservername.mydomainname.local as the FQDN but the IP address is "UNKNOWN". If I click EDIT>RESOLVE, it will pick up 2 validated IP addresses : the correct server address and "::1" the IPV6 loopback I guess. After this resolve manuever, the client will be able to ping the server by host name. My first question: how do I get this to always resolve without having to go in and manually resolve this every time? Second, when I go to group policy manager and check the GROUP POLICY RESULTS WIZARD, I browse for the client host name but it is not able to process the query. It reports "RPC service is unavailable." At one point, I was able to get results using this process, so something is intermittent, similar to the resolve issue above. Upon further investigation, I noticed from the event viewer that the DNS server is reporting 3 Event ID 800 errors 5 minutes after restarting the DNS server. (The zone mydomainname.local is configured to accept updates but the A record for the primary server in the zone's SOA record is not available on this DNS server). I have grappled with this and tried to pinpoint the source of the problem. I ran dcdiag /c and receive a failure "The host (GUID)._msdcs.mydomainname.local could not be resolved to an IP address". Searching the internet has returned few tips. Running dcdiag /fix does not help. If I fix this will it resolve my DNS/Group policy issues? I need some guidance, I am not very familiar with servers. I can get you text prints of ipconfig and dcdiag on Monday. -Kyle

HI Please disable IPv6 and could please post here a result of ipconfig /all and Dcdiag /test:DNS /v /e /f:LogFileName

Hello, at the moment it sounds like DNS issues, please post the requested outputs from sameh.khairy, so we can have a look into it. For event id 800 see the following also: http://technet.microsoft.com/en-us/library/cc735774(WS.10).aspxBest regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.

Thanks for acknowledging my post. I have the outputs of ipconfig /all and dcdiag. Regarding event id 800, I have read the description and can't understand the problem - my server has a host record in both the _msdcs and mydomainname.local zones. Is the way you define the server name case-sensitive? My host record for my server is lower case but it shows up as all caps when defined by windows server 2008 as the DNS server. dcdiag: Directory Server Diagnosis Performing initial setup: Trying to find home server... * Verifying that the local machine myservername, is a Directory Server. Home Server = myservername * Connecting to directory service on server myservername. * Identified AD Forest. Collecting AD specific global data * Collecting site info. Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=mydomainname,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),....... The previous call succeeded Iterating through the sites Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomainname,DC=local Getting ISTG and options for the site * Identifying all servers. Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=mydomainname,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),....... The previous call succeeded.... The previous call succeeded Iterating through the list of servers Getting information for the server CN=NTDS Settings,CN=MYSERVERNAME,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomainname,DC=local objectGuid obtained InvocationID obtained dnsHostname obtained site info obtained All the info for the server collected * Identifying all NC cross-refs. * Found 1 DC(s). Testing 1 of them. Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\MYSERVERNAME Starting test: Connectivity * Active Directory LDAP Services Check The host f66f35a6-3e21-4ec6-abc2-c2f92745490b._msdcs.mydomainname.local could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc. ......................... MYSERVERNAME failed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\MYSERVERNAME Test omitted by user request: Advertising Test omitted by user request: CheckSecurityError Test omitted by user request: CutoffServers Test omitted by user request: FrsEvent Test omitted by user request: DFSREvent Test omitted by user request: SysVolCheck Test omitted by user request: KccEvent Test omitted by user request: KnowsOfRoleHolders Test omitted by user request: MachineAccount Test omitted by user request: NCSecDesc Test omitted by user request: NetLogons Test omitted by user request: ObjectsReplicated Test omitted by user request: OutboundSecureChannels Test omitted by user request: Replications Test omitted by user request: RidManager Test omitted by user request: Services Test omitted by user request: SystemLog Test omitted by user request: Topology Test omitted by user request: VerifyEnterpriseReferences Test omitted by user request: VerifyReferences Test omitted by user request: VerifyReplicas Starting test: DNS DNS Tests are running and not hung. Please wait a few minutes... See DNS test in enterprise tests section for results ......................... MYSERVERNAME failed test DNS Running partition tests on : ForestDnsZones Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running partition tests on : DomainDnsZones Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running partition tests on : Schema Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running partition tests on : Configuration Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running partition tests on : mydomainname Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running enterprise tests on : mydomainname.local Starting test: DNS Test results for domain controllers: DC: myservername.mydomainname.local Domain: mydomainname.local TEST: Authentication (Auth) Authentication test: Successfully completed TEST: Basic (Basc) Error: No LDAP connectivity Microsoftr Windows Serverr 2008 Standard (Service Pack level: 1.0) is supported NETLOGON service is running kdc service is running DNSCACHE service is running DNS service is running DC is a DNS server Network adapters information: Adapter [00000006] Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client): MAC address is 00:24:E8:4D:F6:9E IP Address is static IP address: 169.254.63.4 DNS servers: 169.254.63.4 (MYSERVERNAME) [Valid] No host records (A or AAAA) were found for this DC The SOA record for the Active Directory zone was found Warning: no DNS RPC connectivity (error or non Microsoft DNS server is running) [Error details: 5 (Type: Win32 - Description: Access is denied.)] Summary of test results for DNS servers used by the above domain controllers: DNS server: 169.254.63.4 (MYSERVERNAME) All tests passed on this DNS server Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered Summary of DNS test results: Auth Basc Forw Del Dyn RReg Ext _________________________________________________________________ Domain: mydomainname.local myservername PASS FAIL n/a n/a n/a n/a n/a ......................... mydomainname.local failed test DNS Test omitted by user request: LocatorCheck Test omitted by user request: Intersite ipconfig /all:Microsoft Windows [Version 6.0.6001]Copyright (c) 2006 Microsoft Corporation. All rights reserved. C:\Users\Administrator>ipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . . : myservername Primary Dns Suffix . . . . . . . : mydomainname.local Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : mydomainname.local Ethernet adapter Local Area Connection 2: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client) #2 Physical Address. . . . . . . . . : 00-24-E8-4D-F6-A0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client) Physical Address. . . . . . . . . : 00-24-E8-4D-F6-9E DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 169.254.63.4(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . : DNS Servers . . . . . . . . . . . : 169.254.63.4 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter Local Area Connection* 8: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft ISATAP Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 9: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 02-00-54-55-4E-01 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 11: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : isatap.{96C0FD07-BD4C-4605-BCA6-D836DC510DFE} Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes -Kyle

Hello, don't work with the APIPA address range 169.254.x.x, this is especially built for failure resolution and clients will using it when no ifixed one is used or DHCP servers aren't reachable. Change to one of the private ip ranges: 10.0.0.0 – 10.255.255.255 172.16.0.0 – 172.31.255.255 192.168.0.0 – 192.168.255.255Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.

But I'm using fixed ip addresses. Is that really going to make any difference? It would take a significant amount of time to go in and change all the static ip addresses to one of those private ranges.

Hi As Meinolf Weber mention you should use static IPs for all DCs and member servers in your environment especially for domain controllers and I can understand from your post that don’t have DHCP configured correctly you should configure it to use one of the private ranges provided by Meinolf and configure subnet that match your needs and number of machines you have Please provide us with little info about your DHCP configuration

I'm not using DHCP - look at ipconfig, it says DHCP enabled: no. I've set all my clients to use static ip addresses. I've set up my server to use ip address 169.254.63.4. I don't see how this addresses the problem of "No host records (A or AAAA) were found for this DC" that came up during dcdiag.

Hi Please note that this range of IPs named APIPA and its not recommended to be used with DCs , please change it and resrat the netlogin service then use ipconfig /registerdns and dcdiag again

Wow, I am interested that changing the ip address range actually helped. Check out dcdiag results below. I am still experiencing the error of "RPC service is unavailable" when I try to look at the results of Group Policy Wizard. It seems to be related to the errors/warnings I made bold below. Results of some tests say "access is denied", even though I am logged in as the Administrator/Domain Admin. Directory Server Diagnosis Performing initial setup: Trying to find home server... Home Server = myservername * Identified AD Forest. Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\MYSERVERNAME Starting test: Connectivity ......................... MYSERVERNAME passed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\MYSERVERNAME Starting test: DNS DNS Tests are running and not hung. Please wait a few minutes... ......................... MYSERVERNAME failed test DNS Running partition tests on : ForestDnsZones Running partition tests on : DomainDnsZones Running partition tests on : Schema Running partition tests on : Configuration Running partition tests on : mydomainname Running enterprise tests on : mydomainname.local Starting test: DNS Test results for domain controllers: DC: myservername.mydomainname.local Domain: mydomainname.local TEST: Basic (Basc) Warning: The AAAA record for this DC was not found Warning: no DNS RPC connectivity (error or non Microsoft DNS server is running) myservername PASS WARN n/a n/a n/a n/a n/a ......................... mydomainname.local passed test DNS Directory Server Diagnosis Performing initial setup: Trying to find home server... * Verifying that the local machine myservername, is a Directory Server. Home Server = myservername * Connecting to directory service on server myservername. * Identified AD Forest. Collecting AD specific global data * Collecting site info. Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=mydomainname,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),....... The previous call succeeded Iterating through the sites Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomainname,DC=local Getting ISTG and options for the site * Identifying all servers. Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=mydomainname,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),....... The previous call succeeded.... The previous call succeeded Iterating through the list of servers Getting information for the server CN=NTDS Settings,CN=MYSERVERNAME,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomainname,DC=local objectGuid obtained InvocationID obtained dnsHostname obtained site info obtained All the info for the server collected * Identifying all NC cross-refs. * Found 1 DC(s). Testing 1 of them. Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\MYSERVERNAME Starting test: Connectivity * Active Directory LDAP Services Check Determining IP4 connectivity Determining IP6 connectivity * Active Directory RPC Services Check ......................... MYSERVERNAME passed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\MYSERVERNAME Test omitted by user request: Advertising Test omitted by user request: CheckSecurityError Test omitted by user request: CutoffServers Test omitted by user request: FrsEvent Test omitted by user request: DFSREvent Test omitted by user request: SysVolCheck Test omitted by user request: KccEvent Test omitted by user request: KnowsOfRoleHolders Test omitted by user request: MachineAccount Test omitted by user request: NCSecDesc Test omitted by user request: NetLogons Test omitted by user request: ObjectsReplicated Test omitted by user request: OutboundSecureChannels Test omitted by user request: Replications Test omitted by user request: RidManager Test omitted by user request: Services Test omitted by user request: SystemLog Test omitted by user request: Topology Test omitted by user request: VerifyEnterpriseReferences Test omitted by user request: VerifyReferences Test omitted by user request: VerifyReplicas Starting test: DNS DNS Tests are running and not hung. Please wait a few minutes... See DNS test in enterprise tests section for results ......................... MYSERVERNAME failed test DNS Running partition tests on : ForestDnsZones Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running partition tests on : DomainDnsZones Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running partition tests on : Schema Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running partition tests on : Configuration Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running partition tests on : mydomainname Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running enterprise tests on : mydomainname.local Starting test: DNS Test results for domain controllers: DC: myservername.mydomainname.local Domain: mydomainname.local TEST: Authentication (Auth) Authentication test: Successfully completed TEST: Basic (Basc) Microsoftr Windows Serverr 2008 Standard (Service Pack level: 1.0) is supported NETLOGON service is running kdc service is running DNSCACHE service is running DNS service is running DC is a DNS server Network adapters information: Adapter [00000006] Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client): MAC address is 00:24:E8:4D:F6:9E IP Address is static IP address: 192.168.0.1 DNS servers: 192.168.0.1 (MYSERVERNAME) [Valid] The A host record(s) for this DC was found Warning: The AAAA record for this DC was not found [Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.) - mydomainname.local] The SOA record for the Active Directory zone was found Warning: no DNS RPC connectivity (error or non Microsoft DNS server is running) [Error details: 5 (Type: Win32 - Description: Access is denied.)] Summary of test results for DNS servers used by the above domain controllers: DNS server: 192.168.0.1 (MYSERVERNAME) All tests passed on this DNS server Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered Summary of DNS test results: Auth Basc Forw Del Dyn RReg Ext _________________________________________________________________ Domain: mydomainname.local myservername PASS WARN n/a n/a n/a n/a n/a ......................... mydomainname.local passed test DNS Test omitted by user request: LocatorCheck Test omitted by user request: Intersite Directory Server Diagnosis Performing initial setup: Trying to find home server... * Verifying that the local machine myservername, is a Directory Server. Home Server = myservername * Connecting to directory service on server myservername. * Identified AD Forest. Collecting AD specific global data * Collecting site info. Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=mydomainname,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),....... The previous call succeeded Iterating through the sites Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomainname,DC=local Getting ISTG and options for the site * Identifying all servers. Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=mydomainname,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),....... The previous call succeeded.... The previous call succeeded Iterating through the list of servers Getting information for the server CN=NTDS Settings,CN=MYSERVERNAME,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomainname,DC=local objectGuid obtained InvocationID obtained dnsHostname obtained site info obtained All the info for the server collected * Identifying all NC cross-refs. * Found 1 DC(s). Testing 1 of them. Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\MYSERVERNAME Starting test: Connectivity * Active Directory LDAP Services Check Determining IP4 connectivity Determining IP6 connectivity * Active Directory RPC Services Check ......................... MYSERVERNAME passed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\MYSERVERNAME Starting test: Advertising The DC MYSERVERNAME is advertising itself as a DC and having a DS. The DC MYSERVERNAME is advertising as an LDAP server The DC MYSERVERNAME is advertising as having a writeable directory The DC MYSERVERNAME is advertising as a Key Distribution Center The DC MYSERVERNAME is advertising as a time server The DS MYSERVERNAME is advertising as a GC. ......................... MYSERVERNAME passed test Advertising Test omitted by user request: CheckSecurityError Test omitted by user request: CutoffServers Starting test: FrsEvent * The File Replication Service Event log test Skip the test because the event log File Replication Service does not exist. ......................... MYSERVERNAME passed test FrsEvent Starting test: DFSREvent The DFS Replication Event Log. ......................... MYSERVERNAME passed test DFSREvent Starting test: SysVolCheck * The File Replication Service SYSVOL ready test File Replication Service's SYSVOL is ready ......................... MYSERVERNAME passed test SysVolCheck Starting test: KccEvent * The KCC Event log test Found no KCC errors in "Directory Service" Event log in the last 15 minutes. ......................... MYSERVERNAME passed test KccEvent Starting test: KnowsOfRoleHolders Role Schema Owner = CN=NTDS Settings,CN=MYSERVERNAME,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomainname,DC=local Role Domain Owner = CN=NTDS Settings,CN=MYSERVERNAME,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomainname,DC=local Role PDC Owner = CN=NTDS Settings,CN=MYSERVERNAME,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomainname,DC=local Role Rid Owner = CN=NTDS Settings,CN=MYSERVERNAME,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomainname,DC=local Role Infrastructure Update Owner = CN=NTDS Settings,CN=MYSERVERNAME,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomainname,DC=local ......................... MYSERVERNAME passed test KnowsOfRoleHolders Starting test: MachineAccount Checking machine account for DC MYSERVERNAME on DC MYSERVERNAME. * SPN found :LDAP/myservername.mydomainname.local/mydomainname.local * SPN found :LDAP/myservername.mydomainname.local * SPN found :LDAP/MYSERVERNAME * SPN found :LDAP/myservername.mydomainname.local/MUELAB * SPN found :LDAP/f66f35a6-3e21-4ec6-abc2-c2f92745490b._msdcs.mydomainname.local * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/f66f35a6-3e21-4ec6-abc2-c2f92745490b/mydomainname.local * SPN found :HOST/myservername.mydomainname.local/mydomainname.local * SPN found :HOST/myservername.mydomainname.local * SPN found :HOST/MYSERVERNAME * SPN found :HOST/myservername.mydomainname.local/MUELAB * SPN found :GC/myservername.mydomainname.local/mydomainname.local ......................... MYSERVERNAME passed test MachineAccount Starting test: NCSecDesc * Security Permissions check for all NC's on DC MYSERVERNAME. * Security Permissions Check for DC=ForestDnsZones,DC=mydomainname,DC=local (NDNC,Version 3) * Security Permissions Check for DC=DomainDnsZones,DC=mydomainname,DC=local (NDNC,Version 3) * Security Permissions Check for CN=Schema,CN=Configuration,DC=mydomainname,DC=local (Schema,Version 3) * Security Permissions Check for CN=Configuration,DC=mydomainname,DC=local (Configuration,Version 3) * Security Permissions Check for DC=mydomainname,DC=local (Domain,Version 3) ......................... MYSERVERNAME passed test NCSecDesc Starting test: NetLogons * Network Logons Privileges Check Verified share \\MYSERVERNAME\netlogon Verified share \\MYSERVERNAME\sysvol [MYSERVERNAME] User credentials does not have permission to perform this operation. The account used for this test must have network logon privileges for this machine's domain. ......................... MYSERVERNAME failed test NetLogons Starting test: ObjectsReplicated MYSERVERNAME is in domain DC=mydomainname,DC=local Checking for CN=MYSERVERNAME,OU=Domain Controllers,DC=mydomainname,DC=local in domain DC=mydomainname,DC=local on 1 servers Object is up-to-date on all servers. Checking for CN=NTDS Settings,CN=MYSERVERNAME,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomainname,DC=local in domain CN=Configuration,DC=mydomainname,DC=local on 1 servers Object is up-to-date on all servers. ......................... MYSERVERNAME passed test ObjectsReplicated Test omitted by user request: OutboundSecureChannels Starting test: Replications * Replications Check [Replications Check,MYSERVERNAME] DsReplicaGetInfo(PENDING_OPS, NULL) failed, error 0x2105 "Replication access was denied." ......................... MYSERVERNAME failed test Replications

rest of dcdiag results: Starting test: RidManager * Available RID Pool for the Domain is 1600 to 1073741823 * myservername.mydomainname.local is the RID Master * DsBind with RID Master was successful * rIDAllocationPool is 1100 to 1599 * rIDPreviousAllocationPool is 1100 to 1599 * rIDNextRID: 1159 ......................... MYSERVERNAME passed test RidManager Starting test: Services * Checking Service: EventSystem * Checking Service: RpcSs * Checking Service: NTDS Could not open NTDS Service on MYSERVERNAME, error 0x5 "Access is denied." * Checking Service: DnsCache * Checking Service: DFSR * Checking Service: IsmServ * Checking Service: kdc * Checking Service: SamSs * Checking Service: LanmanServer * Checking Service: LanmanWorkstation * Checking Service: w32time * Checking Service: NETLOGON ......................... MYSERVERNAME failed test Services Starting test: SystemLog * The System Event log test An Warning Event occurred. EventID: 0x00001696 Time Generated: 04/06/2010 08:37:55 Event String: Dynamic registration or deregistration of one or more DNS records failed with the following error: No DNS servers configured for local system. An Warning Event occurred. EventID: 0x00001695 Time Generated: 04/06/2010 08:37:58 Event String: Dynamic registration or deletion of one or more DNS records associated with DNS domain 'mydomainname.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition). Possible causes of failure include: - TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers - Specified preferred and alternate DNS servers are not running - DNS server(s) primary for the records to be registered is not running - Preferred or alternate DNS servers are configured with wrong root hints - Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration USER ACTION Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt on the domain controller or by restarting Net Logon service on the domain controller. An Warning Event occurred. EventID: 0x00001695 Time Generated: 04/06/2010 08:37:58 Event String: Dynamic registration or deletion of one or more DNS records associated with DNS domain 'DomainDnsZones.mydomainname.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition). Possible causes of failure include: - TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers - Specified preferred and alternate DNS servers are not running - DNS server(s) primary for the records to be registered is not running - Preferred or alternate DNS servers are configured with wrong root hints - Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration USER ACTION Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt on the domain controller or by restarting Net Logon service on the domain controller. An Warning Event occurred. EventID: 0x00001695 Time Generated: 04/06/2010 08:37:58 Event String: Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.mydomainname.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition). Possible causes of failure include: - TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers - Specified preferred and alternate DNS servers are not running - DNS server(s) primary for the records to be registered is not running - Preferred or alternate DNS servers are configured with wrong root hints - Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration USER ACTION Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt on the domain controller or by restarting Net Logon service on the domain controller. An Warning Event occurred. EventID: 0x00001695 Time Generated: 04/06/2010 08:47:16 Event String: Dynamic registration or deletion of one or more DNS records associated with DNS domain 'mydomainname.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition). Possible causes of failure include: - TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers - Specified preferred and alternate DNS servers are not running - DNS server(s) primary for the records to be registered is not running - Preferred or alternate DNS servers are configured with wrong root hints - Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration USER ACTION Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt on the domain controller or by restarting Net Logon service on the domain controller. An Warning Event occurred. EventID: 0x00001695 Time Generated: 04/06/2010 08:47:16 Event String: Dynamic registration or deletion of one or more DNS records associated with DNS domain 'DomainDnsZones.mydomainname.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition). Possible causes of failure include: - TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers - Specified preferred and alternate DNS servers are not running - DNS server(s) primary for the records to be registered is not running - Preferred or alternate DNS servers are configured with wrong root hints - Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration USER ACTION Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt on the domain controller or by restarting Net Logon service on the domain controller. An Warning Event occurred. EventID: 0x00001695 Time Generated: 04/06/2010 08:47:16 Event String: Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.mydomainname.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition). Possible causes of failure include: - TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers - Specified preferred and alternate DNS servers are not running - DNS server(s) primary for the records to be registered is not running - Preferred or alternate DNS servers are configured with wrong root hints - Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration USER ACTION Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt on the domain controller or by restarting Net Logon service on the domain controller. Found no errors in "System" Event log in the last 60 minutes. ......................... MYSERVERNAME passed test SystemLog Test omitted by user request: Topology Test omitted by user request: VerifyEnterpriseReferences Starting test: VerifyReferences The system object reference (serverReference) CN=MYSERVERNAME,OU=Domain Controllers,DC=mydomainname,DC=local and backlink on CN=MYSERVERNAME,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomainname,DC=local are correct. The system object reference (serverReferenceBL) CN=MYSERVERNAME,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=mydomainname,DC=local and backlink on CN=NTDS Settings,CN=MYSERVERNAME,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomainname,DC=local are correct. ......................... MYSERVERNAME passed test VerifyReferences Test omitted by user request: VerifyReplicas Test omitted by user request: DNS Test omitted by user request: DNS Running partition tests on : ForestDnsZones Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Running partition tests on : DomainDnsZones Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Running partition tests on : Schema Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Running partition tests on : Configuration Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Running partition tests on : mydomainname Starting test: CheckSDRefDom ......................... mydomainname passed test CheckSDRefDom Starting test: CrossRefValidation ......................... mydomainname passed test CrossRefValidation Running enterprise tests on : mydomainname.local Test omitted by user request: DNS Test omitted by user request: DNS Starting test: LocatorCheck GC Name: \\myservername.mydomainname.local Locator Flags: 0xe00013fd PDC Name: \\myservername.mydomainname.local Locator Flags: 0xe00013fd Time Server Name: \\myservername.mydomainname.local Locator Flags: 0xe00013fd Preferred Time Server Name: \\myservername.mydomainname.local Locator Flags: 0xe00013fd KDC Name: \\myservername.mydomainname.local Locator Flags: 0xe00013fd ......................... mydomainname.local passed test LocatorCheck Starting test: Intersite Skipping site Default-First-Site-Name, this site is outside the scope provided by the command line arguments provided. ......................... mydomainname.local passed test Intersite Directory Server Diagnosis Performing initial setup: Trying to find home server... * Verifying that the local machine myservername, is a Directory Server. Home Server = myservername * Connecting to directory service on server myservername. * Identified AD Forest. Collecting AD specific global data * Collecting site info. Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=mydomainname,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),....... The previous call succeeded Iterating through the sites Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomainname,DC=local Getting ISTG and options for the site * Identifying all servers. Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=mydomainname,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),....... The previous call succeeded.... The previous call succeeded Iterating through the list of servers Getting information for the server CN=NTDS Settings,CN=MYSERVERNAME,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomainname,DC=local objectGuid obtained InvocationID obtained dnsHostname obtained site info obtained All the info for the server collected * Identifying all NC cross-refs. * Found 1 DC(s). Testing 1 of them. Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\MYSERVERNAME Starting test: Connectivity * Active Directory LDAP Services Check Determining IP4 connectivity Determining IP6 connectivity * Active Directory RPC Services Check ......................... MYSERVERNAME passed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\MYSERVERNAME Test omitted by user request: Advertising Test omitted by user request: CheckSecurityError Test omitted by user request: CutoffServers Test omitted by user request: FrsEvent Test omitted by user request: DFSREvent Test omitted by user request: SysVolCheck Test omitted by user request: KccEvent Test omitted by user request: KnowsOfRoleHolders Test omitted by user request: MachineAccount Test omitted by user request: NCSecDesc Test omitted by user request: NetLogons Test omitted by user request: ObjectsReplicated Test omitted by user request: OutboundSecureChannels Test omitted by user request: Replications Test omitted by user request: RidManager Test omitted by user request: Services Test omitted by user request: SystemLog Test omitted by user request: Topology Test omitted by user request: VerifyEnterpriseReferences Test omitted by user request: VerifyReferences Test omitted by user request: VerifyReplicas Starting test: DNS DNS Tests are running and not hung. Please wait a few minutes... See DNS test in enterprise tests section for results ......................... MYSERVERNAME failed test DNS Running partition tests on : ForestDnsZones Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running partition tests on : DomainDnsZones Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running partition tests on : Schema Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running partition tests on : Configuration Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running partition tests on : mydomainname Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running enterprise tests on : mydomainname.local Starting test: DNS Test results for domain controllers: DC: myservername.mydomainname.local Domain: mydomainname.local TEST: Authentication (Auth) Authentication test: Successfully completed TEST: Basic (Basc) Microsoftr Windows Serverr 2008 Standard (Service Pack level: 1.0) is supported NETLOGON service is running kdc service is running DNSCACHE service is running DNS service is running DC is a DNS server Network adapters information: Adapter [00000006] Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client): MAC address is 00:24:E8:4D:F6:9E IP Address is static IP address: 192.168.0.1 DNS servers: 192.168.0.1 (MYSERVERNAME) [Valid] The A host record(s) for this DC was found Warning: The AAAA record for this DC was not found [Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.) - mydomainname.local] The SOA record for the Active Directory zone was found Warning: no DNS RPC connectivity (error or non Microsoft DNS server is running) [Error details: 5 (Type: Win32 - Description: Access is denied.)] Summary of test results for DNS servers used by the above domain controllers: DNS server: 192.168.0.1 (MYSERVERNAME) All tests passed on this DNS server Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered Summary of DNS test results: Auth Basc Forw Del Dyn RReg Ext _________________________________________________________________ Domain: mydomainname.local myservername PASS WARN n/a n/a n/a n/a n/a ......................... mydomainname.local passed test DNS Test omitted by user request: LocatorCheck Test omitted by user request: Intersite Directory Server Diagnosis Performing initial setup: Trying to find home server... * Verifying that the local machine myservername, is a Directory Server. Home Server = myservername * Connecting to directory service on server myservername. * Identified AD Forest. Collecting AD specific global data * Collecting site info. Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=mydomainname,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),....... The previous call succeeded Iterating through the sites Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomainname,DC=local Getting ISTG and options for the site * Identifying all servers. Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=mydomainname,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),....... The previous call succeeded.... The previous call succeeded Iterating through the list of servers Getting information for the server CN=NTDS Settings,CN=MYSERVERNAME,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=mydomainname,DC=local objectGuid obtained InvocationID obtained dnsHostname obtained site info obtained All the info for the server collected * Identifying all NC cross-refs. * Found 1 DC(s). Testing 1 of them. Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\MYSERVERNAME Starting test: Connectivity * Active Directory LDAP Services Check Determining IP4 connectivity Determining IP6 connectivity * Active Directory RPC Services Check ......................... MYSERVERNAME passed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\MYSERVERNAME Test omitted by user request: Advertising Test omitted by user request: CheckSecurityError Test omitted by user request: CutoffServers Test omitted by user request: FrsEvent Test omitted by user request: DFSREvent Test omitted by user request: SysVolCheck Test omitted by user request: KccEvent Test omitted by user request: KnowsOfRoleHolders Test omitted by user request: MachineAccount Test omitted by user request: NCSecDesc Test omitted by user request: NetLogons Test omitted by user request: ObjectsReplicated Test omitted by user request: OutboundSecureChannels Test omitted by user request: Replications Test omitted by user request: RidManager Test omitted by user request: Services Test omitted by user request: SystemLog Test omitted by user request: Topology Test omitted by user request: VerifyEnterpriseReferences Test omitted by user request: VerifyReferences Test omitted by user request: VerifyReplicas Starting test: DNS DNS Tests are running and not hung. Please wait a few minutes... See DNS test in enterprise tests section for results ......................... MYSERVERNAME failed test DNS Running partition tests on : ForestDnsZones Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running partition tests on : DomainDnsZones Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running partition tests on : Schema Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running partition tests on : Configuration Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running partition tests on : mydomainname Test omitted by user request: CheckSDRefDom Test omitted by user request: CrossRefValidation Running enterprise tests on : mydomainname.local Starting test: DNS Test results for domain controllers: DC: myservername.mydomainname.local Domain: mydomainname.local TEST: Authentication (Auth) Authentication test: Successfully completed TEST: Basic (Basc) Microsoftr Windows Serverr 2008 Standard (Service Pack level: 1.0) is supported NETLOGON service is running kdc service is running DNSCACHE service is running DNS service is running DC is a DNS server Network adapters information: Adapter [00000006] Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client): MAC address is 00:24:E8:4D:F6:9E IP Address is static IP address: 192.168.0.1 DNS servers: 192.168.0.1 (MYSERVERNAME) [Valid] The A host record(s) for this DC was found Warning: The AAAA record for this DC was not found [Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.) - mydomainname.local] The SOA record for the Active Directory zone was found Warning: no DNS RPC connectivity (error or non Microsoft DNS server is running) [Error details: 5 (Type: Win32 - Description: Access is denied.)] Summary of test results for DNS servers used by the above domain controllers: DNS server: 192.168.0.1 (MYSERVERNAME) All tests passed on this DNS server Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered Summary of DNS test results: Auth Basc Forw Del Dyn RReg Ext _________________________________________________________________ Domain: mydomainname.local myservername PASS WARN n/a n/a n/a n/a n/a ......................... mydomainname.local passed test DNS Test omitted by user request: LocatorCheck Test omitted by user request: Intersite

HI Please refer to scenario 2 in the below article http://support.microsoft.com/kb/839499

As it turns out, the problem was the ip address range. I changed to 192.168.x.x. and everything works now. The RPC failure I was getting was because I had the ip address of the pc I was trying to request group policy info from mismatched from what was defined in my dns server. Thanks for your help. -Kyle