Article ID: 265706
Article Last Modified on 10/26/2007
APPLIES TO
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Professional Edition
- Microsoft Windows 2000 Datacenter Server
This article was previously published under Q265706
SUMMARY
This article describes the functionality that has been added to the versions of the Domain Controller Diagnostics (Dcdiag.exe) and Network Diagnostics (Netdiag.exe) tools that are included in Windows 2000. For additional information about the latest service pack for Windows 2000, click the article number below to view the article in the Microsoft Knowledge Base:
260910 How to Obtain the Latest Windows 2000 Service Pack
MORE INFORMATION
The functionality that has been added to Dcdiag.exe and Netdiag.exe verifies that the Domain Name Service (DNS) infrastructure is sufficient for deploying the Windows 2000 Active Directory service. The updated Dcdiag.exe and Netdiag.exe tools in Windows 2000 provide the ability to test the Domain Name Service (DNS)infrastructure to:
- Verify that it can support the Active Directory.
- Determine if an Active Directory forest can be created.
- Verify that additional domain controllers can be added.
- Determine if a Windows 2000 computer can be joined to a domain.
To display the functionality for these tools, type the following at a command prompt:
file name
/h
or
file name
/?
where file name
is either dcdiag.exe or netdiag.exe
Dcdiag.exe Updates
Active Directory Installation Wizard
The Active Directory Installation Wizard tests the existing DNS infrastructure for promotion to domain controller. If the infrastructure is sufficient, you can promote the computer to domain controller in a domain specified in Active Directory Domain DNS Name
. It also reports whether any modifications to the existing DNS infrastructure are required.
Required argument: /DnsDomain:<Active_Directory_Domain_DNS_Name> One of the following arguments is required: /NewForest /NewTree /ChildDomain /ReplicaDC If NewTree is specified, then the ForestRoot argument is required: /ForestRoot:<Forest_Root_Domain_DNS_Name>
RegisterInDNS
RegisterInDNS tests whether this domain controller can register the Domain Controller Locator DNS records. These records must be present in DNS for other computers to locate this domain controller for the Active Directory Domain DNS Name
domain. It also reports whether you require any modifications to the existing DNS infrastructure.
Required argument: DnsDomain: <Active_Directory_Domain_DNS_Name> Dcdiag.exe Updates
DsGetDc
DsGetDc is the domain controller discovery test. This command existed in the earlier version, but new functionality has been added to the display text to help resolve DNS configuration problems.
The following examples provide the command-line arguments to for each of the new tests and sample output.
Creating the First Domain Controller in a New Active Directory Forest
The example below is a DNS query issued to locate the DNS servers and zones that are authoritative for the DNS records that this domain controller should register followed by a "prerequisite-only " request to perform a dynamic update that probes an ability of the authoritative DNS servers and zones to process the dynamic updates.
dcdiag /test:dcpromo /dnsdomain:example.microsoft.com /newforest Starting test: DcPromo Messages logged below this line indicate whether this domain controller will be able to dynamically register DNS records required for the location of this DC by other devices on the network. If any misconfiguration is detected, it might prevent dynamic DNS registration of some records, but does not prevent successful completion of the Active Directory Installation Wizard. However, we recommend fixing the reported problems now, unless you plan to manually update the DNS database. DNS configuration is sufficient to allow this domain controller to dynamically register the domain controller Locator records in DNS. ......................... RANDYMC1 passed test DcPromo
Adding a New Domain Tree to an Existing Active Directory Forest
In the following example, a DNS query is issued for the SRV records for the domain controllers in the forest root domain. A query is then issued for the Host records for each domain controller. A DNS query is issued to locate the DNS servers and zones that are authoritative for the DNS records that this domain controller should register followed by a "prerequisite-only " request to perform a dynamic update that probes the ability of the authoritative DNS servers and zones to process the dynamic updates.
dcdiag /test:dcpromo /dnsdomain:test.example.microsoft.com /newtree /forestroot:example.microsoft.com Starting test: DcPromo The DNS configuration is sufficient to allow this computer to be promoted as the first DC in the test.example.microsoft.com Active Directory domain. Messages logged below this line indicate whether this domain controller will be able to dynamically register DNS records required for the location of this DC by other devices on the network. If any misconfiguration is detected, it might prevent dynamic DNS registration of some records, but does not prevent successful completion of the Active Directory Installation Wizard. However, we recommend fixing the reported problems now, unless you plan to manually update the DNS database. DNS configuration is sufficient to allow this domain controller to dynamically register the domain controller Locator records in DNS. ......................... RANDYMC1 passed test DcPromo
Adding a Child Domain to a Tree Within an Existing Active Directory Forest
In the following example, a DNS query is issued for the SRV records of the domain controllers hosting parent Active Directory domain of the DNS domain name that is provided. A query is then issued for the Host records for each parent domain controller returned. A DNS query is issued to locate the DNS servers and zones that are authoritative for the DNS records that this domain controller should register followed by a prerequisite-only " request to perform a dynamic update that probes the ability of the authoritative DNS servers and zones to process the dynamic updates.
dcdiag /test:dcpromo /dnsdomain:test.example.microsoft.com /childdomain Starting test: DcPromo The DNS configuration is sufficient to allow this computer to be promoted as the first DC in the example.microsoft.com Active Directory domain. Messages logged below this line indicate whether this domain controller will be able to dynamically register DNS records required for the location of this DC by other devices on the network. If any misconfiguration is detected, it might prevent dynamic DNS registration of some records, but does not prevent successful completion of the Active Directory Installation Wizard. However, we recommend fixing the reported problems now, unless you plan to manually update the DNS database. DNS configuration is sufficient to allow this domain controller to dynamically register the domain controller Locator records in DNS. ......................... RANDYMC1 passed test DcPromo
Adding an Additional Domain Controller to an Existing Domain
In the following example, a DNS query is issued for the SRV records for the DCs in the dnsdomain. A query is then issued for the Host records for each domain controller. A DNS query is issued to locate the DNS servers and zones that are authoritative for the DNS records that this domain controller should register followed by a "prerequisite-only " request to perform a dynamic update that probes the ability of the authoritative DNS servers and zones to process the dynamic updates.
dcdiag /test:dcpromo /dnsdomain:example.microsoft.com /replicadc Starting test: DcPromo The DNS configuration is sufficient to allow this computer to be promoted as a replica domain controller in the example.microsoft.com domain. Messages logged below this line indicate whether this domain controller will be able to dynamically register DNS records required for the location of this DC by other devices on the network. If any misconfiguration is detected, it might prevent dynamic DNS registration of some records, but does not prevent successful completion of the Active Directory Installation Wizard. However, we recommend fixing the reported problems now, unless you plan to manually update the DNS database. DNS configuration is sufficient to allow this domain controller to dynamically register the domain controller Locator records in DNS. ......................... RANDYMC1 passed test DcPromo
Testing Dynamic DNS Registration (DDNS)
NOTE: The following procedure is useful to resolve the following event in the System Event log: Netlogon 5774 - Registration of the DNS record record name and DNS information failed.
In the example below, a DNS query is issued to locate the DNS servers and zones authoritative for the DNS records that this domain controller should register followed by a "prerequisite-only " request to perform a dynamic update that probes an ability of the authoritative DNS servers and zones to process the dynamic updates.
dcdiag /test:registerindns /dnsdomain:example.microsoft.com Starting test: RegisterInDNS DNS configuration is sufficient to allow this domain controller to dynamically register the domain controller Locator records in DNS. ......................... RANDYMC1 passed test RegisterInDNS
Netdiag.exe Enhanced Error Messages when using the DSGetDC Test for Connectivity to Domain Controllers
An additional error message has been added to Netdiag.exe. Netdiag always tests the domain of which the computer is a member and the domain that you specify by using the /d switch when you perform the DSGetDC test. If the test passes for one of the domains, you do not receive the error message. To make sure that you receive the new error message, use the /v (verbose) or debug switch.
If the DSGetDC test does not contact a DNS server, you receive the following error message:
If a domain controller, Windows 2000 DC, or PDC Emulator cannot be located when the /dsgetdc test is performed, you receive the following error message:
Steps to Resolve Common Configuration Problems
To configure the DNS client with a preferred and alternate DNS server:
- Click Start, point to Settings, and then click Control Panel.
- Double-click Network and Dial-up Connections.
- Right-click Local Area Connection, and then click Properties.
- Click Internet Protocol (TCP/IP), click Properties, and then click to select the Use the following DNS server addresses check box.
- In the Preferred DNS server box, specify the IP address of the DNS server to which you want this computer to send DNS queries. Usually this is an existing DNS server in the same site. If this computer sends queries to the DNS server that is running on this computer, specify the IP address of this computer. Alternatively, in the Alternate DNS server box, specify an IP address of another DNS server to which you want this computer to send the queries if the Preferred DNS server does not respond.
- If a DNS server is running (or will run) on this computer, Microsoft recommends that you configure a computer with static IP address. To do so, select the Use following IP address option, and then specify the static IP address, subnet mask, and default gateway IP address in the appropriate boxes.
- Click OK to close the Advanced TCP/IP Settings properties.
- Click OK to accept the changes to your TCP/IP configuration.
- Click OK to close the Local Area Connections properties.
To configure a DNS zone to allow dynamic updates:
- Click Start, point to Programs, point to Administrative Tools, and then click DNS.
- In DNS Console, expand the DNS Server that contains the authoritative zone, and then expand the Forward Lookup Zones folder.
- Right-click the zone you want, and then click Properties.
- On the General tab, click to select the Secure only (recommended) or the Yes Allow Dynamic Update? menu, and then click OK to accept the change.
To use DNS console to enumerate the records in a zone:
- Click Start, point to Programs, point to Administrative Tools, and then click DNS.
- In DNS Console, expand the DNS Server that contains the zone that you want to view, and then expand the Forward Lookup Zones folder.
- Expand the zone you want. The right pane contains those records of the zone that have the name that is the immediate subdomain of the DNS zone name. For example, "child.reskit.com" is the immediate subdomain of the reskit.com zone, while "grandchild.child.reskit.com" is not an immediate subdomain of the reskit.com zone.
- If the record that you are looking for is not an immediate subdomain of the zone, expand the folder that has the name that matches the label of the record name that follows the name of the zone. In the previous example, the name of the folder is "child". Continue to expand the folders that correspond to the following labels of the name of the record until you find the record or determine that the records do not exist.
The following files are available for download from the Microsoft Download Center:
Netdiag.exe
Dcdiag.exe
For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file. The DCDiag and NetDiag tests can be performed manually.
Additional query words: DRDNS Dr. DNS
Keywords: kbproductlink kbdownload kbgraphxlinkcritical kbhowto KB265706