Interpreting NetDiag results

  • Thread starter Thread starter paulsmith5
  • Start date Start date
P

paulsmith5

Hi all,

In an attempt to resolve a continuing network problem whereby I cannot
string to, or from a particular server on my network I installed the
Windows 2000 support tools and ran the NetDiag utility. Below is an
extract of the output.

DC List Test - Failed. Failed to enumerate DCs by using the browser.
[ERROR_NO_SUCH_PACKAGE]
Trust Relationship Test - Failed. [FATAL] Secure channel to
'MY_DOMAIN_NAME' is broken. [ERROR_NO_LOGON_SERVERS]

Could somebody perhaps explain to me what these mean and how I may go
about trying to fix the problem. I can ping the server from everyhwere
in the network, however I can only map a network drive from certain
PCs.

Thanks,

Paul
 
How's your DNS infrastructure? AD must have a solid DNS platform running,
and all clients should be using ONLY the domain DNS server for name
resolution.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm
 
Hi Richard,

They are part of a domain. I've checked the Internet Protocol (TCP/IP)
properties and both have the same Default gateway, Preferred DNS
server, DNS and WINS settings.

Paul
 
Okay, that's good as far as it goes. Is DNS running on at least one domain
controller, is that controller set to use an outside DNS (either your ISP or
root hints) to resolve names, and are all clients configured to use only the
domain DNS controller to resolve names?

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm
 
Hi Richard,

Yes DNS is running on one domain controller. Not sure how to check that
all clients are configured to use only the domain DNS controller to
resolve names. All have same DNS and WINS settings (see previous post)
though.

Paul
 
Hi Richard,

All clients are configured to use only the domain DNS controller to
resolve names.

Paul
 
Okay, and are we sure that DNS is working properly? You might want to
consider removing your current AD-integrated DNS zone (assuming this is what
you have set up - if you don't then you definitely want to remove the
current zone) and re-create the zone to ensure that all references are
correct.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm
 
Hi Richard,

Apologies for not getting back to you sooner. Examined some logs more
closely and saw a problem with lsass.exe (Local Security Authentication
Server), kinda figured it may be related, installed a couple of updates
(MS04-007 & MS04-011) and have been problem free for a day so far...so
fingers crossed.

Thanks for you help along the way.

Paul
 
Glad to hear that things seem to be clearing up. If not - let us know and
we'll work on it some more.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm
 
Hi Richard,

Still problem free so I reckon thats fixed it. Thanks again for all
your help along the way.

Paul
 
Back
Top