W2008R2 Server und Domänenaccounts

Hallo zusammen


Vorne weg, ich habe nicht wirklich sehr viel Erfahrung mit Windows Server Umgebungen und ich gebe mir alle Mühe, die ganze Situation verständlich zu schildern. Es ist nicht meine erste Umgebung, die ich aufsetze aber meine erste produktive Umgebung.


Ich habe einen Domain Controller w2008 x64 R2 installiert und DNS aufgesetzt mit dcpromo usw. hat auch alles funktioniert. Der Server hat eine statische IP Adresse und DNS fix auf Loopback Interface und auf den Router der dann auch für DHCP und die Clients verantwortlich ist.


Mein Problem ist, dass ich mich mit den Clients zwar anmelden kann, also das Anbinden an die Domäne hat funktioniert und auch das Anmelden mit dem Benutzerkonto ABER wenn ich mit den Clients ins Internet will startet zwar der IE mit Google und ich kann einen Suchbegriff eingeben und dieser wird auch gefunden (also nicht im Cache oder so). Klicke ich nun aber auf einen Link, dann stürtzt der IE ab während des Ladens oder kurz danach. Google und andere Webseiten kann ich pingen, auch die Clients den Server und umgekehrt. Das Internet scheint schon zu funktionieren aber nur für paar Sekunden, dann eben gibt es einen Absturz. Dasselbe Problem auf dem Server, wenn ich mich mit einem Domänenadminaccount anmelde. Melde ich mich jedoch LOKAL an den Clients oder am Server an funktioniert alles. Nur mit Domänenaccounts nicht!



Es wäre sehr nett, wenn mir jemand helfen könnte.



Statische Serverkonfiguration:


Server IP Adresse:

Subnetzmaske: /24

Gateway: meinen Router


DNS2: meinen Router







Eventlog Einträge:


  • The DFS Namespace service could not initialize cross forest trust information on this domain controller, but it will periodically retry the operation. The return code is in the record data.


  • Dynamic registration or deletion of one or more DNS records associated with DNS domain 'DomainDnsZones.burgerarchitektur.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).

    Possible causes of failure include:

    - TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers

    - Specified preferred and alternate DNS servers are not running

    - DNS server(s) primary for the records to be registered is not running

    - Preferred or alternate DNS servers are configured with wrong root hints

    - Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration


    Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt on the domain controller or by restarting Net Logon service on the domain controller.

der DNS muss beim DC auf sich selber zeigen. D.h. erster DNS in den Netzwerkeinstellungen muss lauten. Meiner Meinung nach hat hier die IP des Routers nix verloren. Router = Gateway.


Du machst dann im DNS eine Weiterleitung auf die externen DNS deines Provider, somit können "externe" Adressen auch aufgelöst werden. Bei den Clients kommt als DNS der Server rein.


Wieso nicht den DC als DHCP Server?



Danke für deine schnelle Hilfe:


Habe die Server Konfig nun so geändert wie du gesagt hast:



IP Adresse:

Subnetzmaske: /24

Gateway: meinen Router


DNS2: leer


habe nun im DNS Manager unter Forwarders eine IP Adresse eingetragen nämlich die meines Routers Ist das richtig so. Und der Haken bei "use root hints if no forwarders are available" ist gesetzt.


Also, ich habe diese Einstellungen mal vorgenommen. Immer noch dasselbe Problem. Wenn ich mich lokal anmelde funktioniert das Internet wenn ich mich mit domänenaccounts am server oder an clients anmelde, dann stürtzt der Browser ab. Suchergebnisse auf google werden zwar noch angezeigt, aber beim Klick auf einen Link stürtzt der IE ab.



Weitere Fehlermeldungen im Eventlog:




  • Time Provider NtpClient: No valid response has been received from manually configured peer srvdc01,0x8, after 8 attempts to contact it. This peer will be discarded as a time source and NtpClient will attempt to discover a new peer with this DNS name. The error was: The peer is unreachable.

  • The WinRM service failed to create the following SPNs: WSMAN/srvdc01.firma.local; WSMAN/srvdc01.

    Additional Data

    The error received was 8344: %%8344.

    User Action

    The SPNs can be created by an administrator using setspn.exe utility.

ich glaube nicht, dass die Eventlogeinträge sich auf dein Problem beziehen.



habe nun im DNS Manager unter Forwarders eine IP Adresse eingetragen nämlich die meines Routers


gib hier besser die DNS deines Provider ein.

Danach auf dem DC und auf dem Client ein ipconfig /flushdns in der Kommandozeile.


Lies dir das das bitte durch und checke deinen Server mal damit: http://www.faq-o-matic.net/2006/08/14/domaenencontroller-mit-dcdiag-pruefen/


Danach versuche mittels nslookup

a.) deinen Clientnamen aufzulösen / die IP zu FQDN aufzulösen

b.) irgend eine externe Website aufzulösen zb www.mcseboard.de, oder google.de


Wenn das klappt, würde ich mir noch mittels tracert eine Routenverfolgung anschauen. Eventuell auch zu www.google.at


Gibt es auf den Clients irgendwelche Eventlogeinträge zu dem Crash oder sonstige Auffälligkeiten?


Stürzt auch der Firefox ab?



Ok werde ich mal machen:


Eventlog DNS:

  • The DNS server could not bind a User Datagram Protocol (UDP) socket to The event data is the error code. Restart the DNS server or reboot your computer.


  • The DNS server could not open socket for address

    Verify that this is a valid IP address for the server computer. If it is NOT valid use the Interfaces dialog under Server Properties in the DNS Manager to remove it from the list of IP interfaces. Then stop and restart the DNS server. (If this was the only IP interface on this machine and the DNS server may not have started as a result of this error. In that case remove the DNS\Parameters\ ListenAddress value in the services section of the registry and restart.)


    The DNS server could not bind a Transmission Control Protocol (TCP) socket to address The event data is the error code. An IP address of can indicate a valid "any address" configuration in which all configured IP addresses on the computer are available for use.

    Restart the DNS server or reboot the computer.

Server schonmal durchgestartet?

Alle Updates auf der Maschine?


Sind die entsprechenden Zoneneinträge für den Server im DNS vorhanden?

Läuft sonst etwas auf dem Server, dass eventuell den Start von DNS behindern könnte? (UDP Port 53)

Server habe ich mehrmals durchgestartet und auch dns service gestoppt und wieder gestartet. updates ebenfalls drauf, denn der server wurde von mir neu aufgesetzt.


In der Forward Lookup zone sind drin:


schoflerarchitektur.local und dort drin sind records:


  • srvdc01.schoflerarchitektur.local, hostmaster.schoflerarchitektur.local
  • same as parent folder) NS srvdc01.schoflerarchitektur.local
  • (same as parent folder) host A
  • srcvdc01 host a static
  • wsbb



Also hier mal dxdiag:


Directory Server Diagnosis

Performing initial setup:
   * Connecting to directory service on server DC-Name.
   Ldap search capabality attribute search failed on server DC-Name, return
   value = 81
   The host DC-Name could not be resolved to an IP address. Check the DNS
   server, DHCP, server name, etc.

Directory Server Diagnosis

Performing initial setup:
   * Connecting to directory service on server srvdc01.
   * Identified AD Forest.
   Collecting AD specific global data
   * Collecting site info.
   Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
   The previous call succeeded
   Iterating through the sites
   Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local
   Getting ISTG and options for the site
   * Identifying all servers.
   Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
   The previous call succeeded....
   The previous call succeeded
   Iterating through the list of servers
   Getting information for the server CN=NTDS Settings,CN=SRVDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local
   objectGuid obtained
   InvocationID obtained
   dnsHostname obtained
   site info obtained
   All the info for the server collected
   * Identifying all NC cross-refs.
   * Found 1 DC(s). Testing 1 of them.
   Done gathering initial info.

Doing initial required tests
   Testing server: Default-First-Site-Name\SRVDC01
      Starting test: Connectivity
         * Active Directory LDAP Services Check
         Determining IP4 connectivity
         * Active Directory RPC Services Check
         ......................... SRVDC01 passed test Connectivity
Doing primary tests
   Testing server: Default-First-Site-Name\SRVDC01
      Starting test: Advertising
         The DC SRVDC01 is advertising itself as a DC and having a DS.
         The DC SRVDC01 is advertising as an LDAP server
         The DC SRVDC01 is advertising as having a writeable directory
         The DC SRVDC01 is advertising as a Key Distribution Center
         The DC SRVDC01 is advertising as a time server
         The DS SRVDC01 is advertising as a GC.
         ......................... SRVDC01 passed test Advertising
      Starting test: CheckSecurityError
         * Dr Auth:  Beginning security errors check!
         Found KDC SRVDC01 for domain schoflerarchitektur.local in site Default-First-Site-Name
         Checking machine account for DC SRVDC01 on DC SRVDC01.
         * SPN found :LDAP/srvdc01.schoflerarchitektur.local/schoflerarchitektur.local
         * SPN found :LDAP/srvdc01.schoflerarchitektur.local
         * SPN found :LDAP/SRVDC01
         * SPN found :LDAP/srvdc01.schoflerarchitektur.local/SCHOFLERARCHITEKT
         * SPN found :LDAP/1a1846c5-15c0-431c-b3d1-6e09b0d69d07._msdcs.schoflerarchitektur.local
         * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/1a1846c5-15c0-431c-b3d1-6e09b0d69d07/schoflerarchitektur.local
         * SPN found :HOST/srvdc01.schoflerarchitektur.local/schoflerarchitektur.local
         * SPN found :HOST/srvdc01.schoflerarchitektur.local
         * SPN found :HOST/SRVDC01
         * SPN found :HOST/srvdc01.schoflerarchitektur.local/SCHOFLERARCHITEKT
         * SPN found :GC/srvdc01.schoflerarchitektur.local/schoflerarchitektur.local
            [sRVDC01] DsReplicaGetInfo(KCC_DS_CONNECT_FAILURES) failed with
            error 8453,
            Replication access was denied..
            [sRVDC01] Unable to query the list of KCC connection failures.
         [sRVDC01] No security related replication errors were found on this
         DC!  To target the connection to a specific source DC use
         ......................... SRVDC01 passed test CheckSecurityError
      Starting test: CutoffServers
         * Configuration Topology Aliveness Check
         * Analyzing the alive system replication topology for DC=ForestDnsZones,DC=schoflerarchitektur,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         * Analyzing the alive system replication topology for DC=DomainDnsZones,DC=schoflerarchitektur,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         * Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=schoflerarchitektur,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         * Analyzing the alive system replication topology for CN=Configuration,DC=schoflerarchitektur,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         * Analyzing the alive system replication topology for DC=schoflerarchitektur,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         ......................... SRVDC01 passed test CutoffServers
      Starting test: FrsEvent
         * The File Replication Service Event log test
         Skip the test because the server is running DFSR.
         ......................... SRVDC01 passed test FrsEvent
      Starting test: DFSREvent
         The DFS Replication Event Log.
         ......................... SRVDC01 passed test DFSREvent
      Starting test: SysVolCheck
         * The File Replication Service SYSVOL ready test
         File Replication Service's SYSVOL is ready
         ......................... SRVDC01 passed test SysVolCheck
      Starting test: FrsSysVol
         * The File Replication Service SYSVOL ready test
         File Replication Service's SYSVOL is ready
         ......................... SRVDC01 passed test FrsSysVol
      Starting test: KccEvent
         * The KCC Event log test
         Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
         ......................... SRVDC01 passed test KccEvent
      Starting test: KnowsOfRoleHolders
         Role Schema Owner = CN=NTDS Settings,CN=SRVDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local
         Role Domain Owner = CN=NTDS Settings,CN=SRVDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local
         Role PDC Owner = CN=NTDS Settings,CN=SRVDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local
         Role Rid Owner = CN=NTDS Settings,CN=SRVDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local
         Role Infrastructure Update Owner = CN=NTDS Settings,CN=SRVDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local
         ......................... SRVDC01 passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         Checking machine account for DC SRVDC01 on DC SRVDC01.
         * SPN found :LDAP/srvdc01.schoflerarchitektur.local/schoflerarchitektur.local
         * SPN found :LDAP/srvdc01.schoflerarchitektur.local
         * SPN found :LDAP/SRVDC01
         * SPN found :LDAP/srvdc01.schoflerarchitektur.local/SCHOFLERARCHITEKT
         * SPN found :LDAP/1a1846c5-15c0-431c-b3d1-6e09b0d69d07._msdcs.schoflerarchitektur.local
         * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/1a1846c5-15c0-431c-b3d1-6e09b0d69d07/schoflerarchitektur.local
         * SPN found :HOST/srvdc01.schoflerarchitektur.local/schoflerarchitektur.local
         * SPN found :HOST/srvdc01.schoflerarchitektur.local
         * SPN found :HOST/SRVDC01
         * SPN found :HOST/srvdc01.schoflerarchitektur.local/SCHOFLERARCHITEKT
         * SPN found :GC/srvdc01.schoflerarchitektur.local/schoflerarchitektur.local
         ......................... SRVDC01 passed test MachineAccount
      Starting test: NCSecDesc
         * Security Permissions check for all NC's on DC SRVDC01.
         * Security Permissions Check for
            (NDNC,Version 3)
         * Security Permissions Check for
            (NDNC,Version 3)
         * Security Permissions Check for
            (Schema,Version 3)
         * Security Permissions Check for
            (Configuration,Version 3)
         * Security Permissions Check for
            (Domain,Version 3)
         ......................... SRVDC01 passed test NCSecDesc
      Starting test: NetLogons
         * Network Logons Privileges Check
         Verified share \\SRVDC01\netlogon
         Verified share \\SRVDC01\sysvol
         [sRVDC01] User credentials does not have permission to perform this
         The account used for this test must have network logon privileges
         for this machine's domain.
         ......................... SRVDC01 failed test NetLogons
      Starting test: ObjectsReplicated
         SRVDC01 is in domain DC=schoflerarchitektur,DC=local
         Checking for CN=SRVDC01,OU=Domain Controllers,DC=schoflerarchitektur,DC=local in domain DC=schoflerarchitektur,DC=local on 1 servers
            Object is up-to-date on all servers.
         Checking for CN=NTDS Settings,CN=SRVDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local in domain CN=Configuration,DC=schoflerarchitektur,DC=local on 1 servers
            Object is up-to-date on all servers.
         ......................... SRVDC01 passed test ObjectsReplicated
      Starting test: OutboundSecureChannels
         * The Outbound Secure Channels test
         ** Did not run Outbound Secure Channels test because /testdomain: was
         not entered
         ......................... SRVDC01 passed test OutboundSecureChannels
      Starting test: Replications
         * Replications Check
         [Replications Check,SRVDC01] DsReplicaGetInfo(PENDING_OPS, NULL)
         failed, error 0x2105 "Replication access was denied."
         ......................... SRVDC01 failed test Replications
      Starting test: RidManager
         * Available RID Pool for the Domain is 1600 to 1073741823
         * srvdc01.schoflerarchitektur.local is the RID Master
         * DsBind with RID Master was successful
         * rIDAllocationPool is 1100 to 1599
         * rIDPreviousAllocationPool is 1100 to 1599
         * rIDNextRID: 1116
         ......................... SRVDC01 passed test RidManager
      Starting test: Services
         * Checking Service: EventSystem
         * Checking Service: RpcSs
         * Checking Service: NTDS
            Could not open NTDS Service on SRVDC01, error 0x5
            "Access is denied."
         * Checking Service: DnsCache
         * Checking Service: DFSR
         * Checking Service: IsmServ
         * Checking Service: kdc
         * Checking Service: SamSs
         * Checking Service: LanmanServer
         * Checking Service: LanmanWorkstation
         * Checking Service: w32time
         * Checking Service: NETLOGON
         ......................... SRVDC01 failed test Services
      Starting test: SystemLog
         * The System Event log test
         A warning event occurred.  EventID: 0x0000002F
            Time Generated: 01/28/2013   18:55:59
            Event String:
            Time Provider NtpClient: No valid response has been received from manually configured peer srvdc01,0x8, after 8 attempts to contact it. This peer will be discarded as a time source and NtpClient will attempt to discover a new peer with this DNS name. The error was: The peer is unreachable. 
         A warning event occurred.  EventID: 0x8000001D
            Time Generated: 01/28/2013   19:08:48
            Event String:
            The Key Distribution Center (KDC) cannot find a suitable certificate to use for smart card logons, or the KDC certificate could not be verified. Smart card logon may not function correctly if this problem is not resolved. To correct this problem, either verify the existing KDC certificate using certutil.exe or enroll for a new KDC certificate.
         An error event occurred.  EventID: 0xC00038D6
            Time Generated: 01/28/2013   19:09:17
            Event String:
            The DFS Namespace service could not initialize cross forest trust information on this domain controller, but it will periodically retry the operation. The return code is in the record data.
         A warning event occurred.  EventID: 0x000003F6
            Time Generated: 01/28/2013   19:09:17
            Event String:
            Name resolution for the name _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.schoflerarchitektur.local timed out after none of the configured DNS servers responded.
         A warning event occurred.  EventID: 0x00000090
            Time Generated: 01/28/2013   19:09:21
            Event String:
            The time service has stopped advertising as a good time source.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:09:46
            Event String:
            Driver HP Color LaserJet CP3505 PCL 5c required for printer Automatisch HP Color LaserJet CP3505 PCL 5c auf ARCHOUTLOOK is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:09:46
            Event String:
            Driver Apple Color LW 12/660 PS required for printer Automatisch FreePDF XP auf BRUNOSCHOFLER is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:09:47
            Event String:
            Driver HP Color LaserJet CP3505 PCL 6 required for printer Automatisch HP Color LaserJet CP3505 PCL 6 auf WSFRANZISKA is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:09:47
            Event String:
            Driver HP Color LaserJet CP3525 PCL 6 required for printer Automatisch HP Color LaserJet CP3525 1OG auf serverarch is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:09:48
            Event String:
            Driver Amyuni Document Converter 2.51 required for printer Automatisch Roland Messerli PDF Writer auf BRUNOSCHOFLER is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:09:48
            Event String:
            Driver EPSON Stylus S20 Series required for printer EPSON Stylus S20 Series is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:09:49
            Event String:
            Driver Microsoft Office Document Image Writer Driver required for printer Microsoft Office Document Image Writer is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:09:50
            Event String:
            Driver Amyuni Document Converter 2.51 required for printer Roland Messerli PDF Writer is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:09:51
            Event String:
            Driver Amyuni Document Converter 400 required for printer Roland Messerli PDF Writer 4.00 is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:09:52
            Event String:
            Driver Canon iP5200 required for printer !!WSFRANZISKA!Canon iP5200 is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:09:52
            Event String:
            Driver HP Color LaserJet CP3525 PCL 6 required for printer !!serverarch!HP Color LaserJet CP3525 1OG is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0xC000271A
            Time Generated: 01/28/2013   19:10:45
            Event String:
            The server {73C9DFA0-750D-11E1-B0C4-0800200C9A66} did not register with DCOM within the required timeout.
         A warning event occurred.  EventID: 0x000727AA
            Time Generated: 01/28/2013   19:11:24
            Event String:
            The WinRM service failed to create the following SPNs: WSMAN/srvdc01.schoflerarchitektur.local; WSMAN/srvdc01. 
             Additional Data 
             The error received was 8344: %%8344.
             User Action 
             The SPNs can be created by an administrator using setspn.exe utility.
         A warning event occurred.  EventID: 0x0000002F
            Time Generated: 01/28/2013   19:12:51
            Event String:
            Time Provider NtpClient: No valid response has been received from manually configured peer srvdc01,0x8, after 8 attempts to contact it. This peer will be discarded as a time source and NtpClient will attempt to discover a new peer with this DNS name. The error was: The peer is unreachable. 
         A warning event occurred.  EventID: 0x00001695
            Time Generated: 01/28/2013   19:34:07
            Event String:
            Dynamic registration or deletion of one or more DNS records associated with DNS domain 'schoflerarchitektur.local.' failed.  These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).  
            Possible causes of failure include:  
            - TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers 
            - Specified preferred and alternate DNS servers are not running 
            - DNS server(s) primary for the records to be registered is not running 
            - Preferred or alternate DNS servers are configured with wrong root hints 
            - Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration  
            USER ACTION  
            Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt on the domain controller or by restarting Net Logon service on the domain controller.
         A warning event occurred.  EventID: 0x00001695
            Time Generated: 01/28/2013   19:34:07
            Event String:
            Dynamic registration or deletion of one or more DNS records associated with DNS domain 'DomainDnsZones.schoflerarchitektur.local.' failed.  These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).  
            Possible causes of failure include:  
            - TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers 
            - Specified preferred and alternate DNS servers are not running 
            - DNS server(s) primary for the records to be registered is not running 
            - Preferred or alternate DNS servers are configured with wrong root hints 
            - Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration  
            USER ACTION  
            Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt on the domain controller or by restarting Net Logon service on the domain controller.
         A warning event occurred.  EventID: 0x00001695
            Time Generated: 01/28/2013   19:34:07
            Event String:
            Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.schoflerarchitektur.local.' failed.  These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).  
            Possible causes of failure include:  
            - TCP/IP properties of the network connections of this computer contain wrong IP address(es) of the preferred and alternate DNS servers 
            - Specified preferred and alternate DNS servers are not running 
            - DNS server(s) primary for the records to be registered is not running 
            - Preferred or alternate DNS servers are configured with wrong root hints 
            - Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration  
            USER ACTION  
            Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt on the domain controller or by restarting Net Logon service on the domain controller.
         A warning event occurred.  EventID: 0x8000001D
            Time Generated: 01/28/2013   19:37:24
            Event String:
            The Key Distribution Center (KDC) cannot find a suitable certificate to use for smart card logons, or the KDC certificate could not be verified. Smart card logon may not function correctly if this problem is not resolved. To correct this problem, either verify the existing KDC certificate using certutil.exe or enroll for a new KDC certificate.
         An error event occurred.  EventID: 0xC00038D6
            Time Generated: 01/28/2013   19:37:53
            Event String:
            The DFS Namespace service could not initialize cross forest trust information on this domain controller, but it will periodically retry the operation. The return code is in the record data.
         A warning event occurred.  EventID: 0x000003F6
            Time Generated: 01/28/2013   19:37:53
            Event String:
            Name resolution for the name _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.schoflerarchitektur.local timed out after none of the configured DNS servers responded.
         A warning event occurred.  EventID: 0x00000090
            Time Generated: 01/28/2013   19:37:57
            Event String:
            The time service has stopped advertising as a good time source.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:38:27
            Event String:
            Driver HP Color LaserJet CP3505 PCL 6 required for printer Automatisch HP Color LaserJet CP3505 PCL 6 auf WSFRANZISKA is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:38:28
            Event String:
            Driver HP Color LaserJet CP3525 PCL 6 required for printer Automatisch HP Color LaserJet CP3525 1OG auf serverarch is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:38:28
            Event String:
            Driver Apple Color LW 12/660 PS required for printer Automatisch FreePDF XP auf BRUNOSCHOFLER is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:38:29
            Event String:
            Driver HP Color LaserJet CP3505 PCL 5c required for printer Automatisch HP Color LaserJet CP3505 PCL 5c auf ARCHOUTLOOK is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:38:29
            Event String:
            Driver Amyuni Document Converter 2.51 required for printer Automatisch Roland Messerli PDF Writer auf BRUNOSCHOFLER is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:38:30
            Event String:
            Driver Microsoft Office Document Image Writer Driver required for printer Microsoft Office Document Image Writer is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:38:30
            Event String:
            Driver EPSON Stylus S20 Series required for printer EPSON Stylus S20 Series is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:38:33
            Event String:
            Driver Amyuni Document Converter 2.51 required for printer Roland Messerli PDF Writer is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:38:35
            Event String:
            Driver Amyuni Document Converter 400 required for printer Roland Messerli PDF Writer 4.00 is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:38:35
            Event String:
            Driver Canon iP5200 required for printer !!WSFRANZISKA!Canon iP5200 is unknown. Contact the administrator to install the driver before you log in again.
         An error event occurred.  EventID: 0x00000457
            Time Generated: 01/28/2013   19:38:36
            Event String:
            Driver HP Color LaserJet CP3525 PCL 6 required for printer !!serverarch!HP Color LaserJet CP3525 1OG is unknown. Contact the administrator to install the driver before you log in again.
         A warning event occurred.  EventID: 0x000727AA
            Time Generated: 01/28/2013   19:40:00
            Event String:
            The WinRM service failed to create the following SPNs: WSMAN/srvdc01.schoflerarchitektur.local; WSMAN/srvdc01. 
             Additional Data 
             The error received was 8344: %%8344.
             User Action 
             The SPNs can be created by an administrator using setspn.exe utility.
         An error event occurred.  EventID: 0xC000271A
            Time Generated: 01/28/2013   19:40:22
            Event String:
            The server {73C9DFA0-750D-11E1-B0C4-0800200C9A66} did not register with DCOM within the required timeout.
         A warning event occurred.  EventID: 0x0000002F
            Time Generated: 01/28/2013   19:41:26
            Event String:
            Time Provider NtpClient: No valid response has been received from manually configured peer srvdc01,0x8, after 8 attempts to contact it. This peer will be discarded as a time source and NtpClient will attempt to discover a new peer with this DNS name. The error was: The peer is unreachable. 
         ......................... SRVDC01 failed test SystemLog
      Starting test: Topology
         * Configuration Topology Integrity Check
         * Analyzing the connection topology for DC=ForestDnsZones,DC=schoflerarchitektur,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         * Analyzing the connection topology for DC=DomainDnsZones,DC=schoflerarchitektur,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         * Analyzing the connection topology for CN=Schema,CN=Configuration,DC=schoflerarchitektur,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         * Analyzing the connection topology for CN=Configuration,DC=schoflerarchitektur,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         * Analyzing the connection topology for DC=schoflerarchitektur,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         ......................... SRVDC01 passed test Topology
      Starting test: VerifyEnterpriseReferences
         ......................... SRVDC01 passed test
      Starting test: VerifyReferences
         The system object reference (serverReference)
         CN=SRVDC01,OU=Domain Controllers,DC=schoflerarchitektur,DC=local and
         backlink on
         are correct.
         The system object reference (serverReferenceBL)
         CN=SRVDC01,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=schoflerarchitektur,DC=local
         and backlink on
         CN=NTDS Settings,CN=SRVDC01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=schoflerarchitektur,DC=local
         are correct.
         The system object reference (msDFSR-ComputerReferenceBL)
         CN=SRVDC01,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=schoflerarchitektur,DC=local
         and backlink on
         CN=SRVDC01,OU=Domain Controllers,DC=schoflerarchitektur,DC=local are
         ......................... SRVDC01 passed test VerifyReferences
      Starting test: VerifyReplicas
         ......................... SRVDC01 passed test VerifyReplicas
      Starting test: DNS
         DNS Tests are running and not hung. Please wait a few minutes...
         See DNS test in enterprise tests section for results
         ......................... SRVDC01 failed test DNS
   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
   Running partition tests on : schoflerarchitektur
      Starting test: CheckSDRefDom
         ......................... schoflerarchitektur passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... schoflerarchitektur passed test
   Running enterprise tests on : schoflerarchitektur.local
      Starting test: DNS
         Test results for domain controllers:
            DC: srvdc01.schoflerarchitektur.local
            Domain: schoflerarchitektur.local
               TEST: Authentication (Auth)
                  Authentication test: Successfully completed
               TEST: Basic (Basc)
                  The OS
                  Microsoft Windows Server 2008 R2 Enterprise  (Service Pack level: 1.0)
                  is supported.
                  NETLOGON service is running
                  kdc service is running
                  DNSCACHE service is running
                  DNS service is running
                  DC is a DNS server
                  Network adapters information:
                  Adapter [00000007] Broadcom NetXtreme Gigabit Ethernet:
                     MAC address is 3C:4A:92:49:13:41
                     IP Address is static
                     IP address:
                     DNS servers:
               (SRVDC01) [Valid]
                  The A host record(s) for this DC was found
                  The SOA record for the Active Directory zone was found
                  Warning: no DNS RPC connectivity (error or non Microsoft DNS server is running)
                  [Error details: 5 (Type: Win32 - Description: Access is denied.)]
         Summary of test results for DNS servers used by the above domain
            DNS server: (SRVDC01)
               All tests passed on this DNS server
               Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered
         Summary of DNS test results:
                                            Auth Basc Forw Del  Dyn  RReg Ext
            Domain: schoflerarchitektur.local
               srvdc01                      PASS WARN n/a  n/a  n/a  n/a  n/a 
         ......................... schoflerarchitektur.local passed test DNS
      Starting test: LocatorCheck
         GC Name: \\srvdc01.schoflerarchitektur.local
         Locator Flags: 0xe00031fd
         PDC Name: \\srvdc01.schoflerarchitektur.local
         Locator Flags: 0xe00031fd
         Time Server Name: \\srvdc01.schoflerarchitektur.local
         Locator Flags: 0xe00031fd
         Preferred Time Server Name: \\srvdc01.schoflerarchitektur.local
         Locator Flags: 0xe00031fd
         KDC Name: \\srvdc01.schoflerarchitektur.local
         Locator Flags: 0xe00031fd
         ......................... schoflerarchitektur.local passed test
      Starting test: FsmoCheck
         GC Name: \\srvdc01.schoflerarchitektur.local
         Locator Flags: 0xe00031fd
         PDC Name: \\srvdc01.schoflerarchitektur.local
         Locator Flags: 0xe00031fd
         Time Server Name: \\srvdc01.schoflerarchitektur.local
         Locator Flags: 0xe00031fd
         Preferred Time Server Name: \\srvdc01.schoflerarchitektur.local
         Locator Flags: 0xe00031fd
         KDC Name: \\srvdc01.schoflerarchitektur.local
         Locator Flags: 0xe00031fd
         ......................... schoflerarchitektur.local passed test
      Starting test: Intersite
         Skipping site Default-First-Site-Name, this site is outside the scope
         provided by the command line arguments provided.
         ......................... schoflerarchitektur.local passed test





NSLOOKUP und Tracert:




C:\Users\adm_ro>nslookup www.google.ch
Server:  UnKnown

Non-authoritative answer:
Name:    www.google.ch
Addresses:  2a00:1450:4001:c02::5e

C:\Users\adm_ro>tracert www.google.at

Tracing route to www.google.at []
over a maximum of 30 hops:

  1     1 ms    <1 ms    <1 ms
  2    14 ms    17 ms    15 ms  zhhia00p-adsl14.bluewin.ch []
  3    16 ms    16 ms    17 ms  45-0-186-195.bluewin.ch []
  4    49 ms    16 ms    14 ms  46-0-186-195.bluewin.ch []
  5    19 ms    19 ms    19 ms
  6    18 ms    15 ms    15 ms  i79inx-015-ae3.bb.ip-plus.net []

  7    92 ms    93 ms    95 ms
  8    22 ms    16 ms    16 ms
  9    17 ms    15 ms    16 ms

Trace complete.



auf UPD Port 53 läuft nur dns.

spontan war ich mal kurzerhand erschlagen von der Ausgabe die du hier rein gestellt hast ;-)


Hat der Server in der DNS MMC alle nötigen Einträge (Host A, Pointer). Schaut nämlich so aus, als würde da was fehlen. Dein Nslookup meint nämlich : Server:  UnKnown --> Hier sollte der FQDN deines Server stehen.



Wenn man keine Reverse Zone nutzt (nicht notwendig) dann steht da auch kein Name. ;)

Also das heisst jetzt, dass ich keine Reverse machen muss...ich habe so langsam das Gefühl, dass das Problem gar nicht bei DNS liegt?? Hat jemand von euch Lust per remote mir zu helfen hahahah :)

