Share via

DNS Server - Access was denied

Question

Wednesday, November 23, 2016 9:48 PM

While using remote desktop into my server I cannot access DNS. It says "access denied".

Ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Server4
   Primary Dns Suffix  . . . . . . . : healthrr.int
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : healthrr.int

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : QLogic BCM5716C Gigabit Ethernet (NDIS VB
D Client) #41
   Physical Address. . . . . . . . . : 84-2B-2B-5C-5E-E1
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::ad45:e26c:533a:c521%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.123(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 310651691
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-5F-CD-52-84-2B-2B-5C-5E-E1

   DNS Servers . . . . . . . . . . . : ::1
                                       192.168.1.123
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:27:7bd:3f57:fe84(Preferr
ed)
   Link-local IPv6 Address . . . . . : fe80::27:7bd:3f57:fe84%15(Preferred)
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 402653184
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-5F-CD-52-84-2B-2B-5C-5E-E1

   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{0CEEC144-61E6-43EB-A1BB-B01AE5DF3277}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

DCDIAG

Performing initial setup:
   Trying to find home server...
   Home Server = Server4
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\SERVER4
      Starting test: Connectivity
         The host c7a1492c-870d-4ff0-9d89-a39e104ca246._msdcs.healthrr.int
         could not be resolved to an IP address. Check the DNS server, DHCP,
         server name, etc.
         Got error while checking LDAP and RPC connectivity. Please check your
         firewall settings.
         ......................... SERVER4 failed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\SERVER4
      Skipping all tests, because server SERVER4 is not responding to directory
      service requests.

   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test
         CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test
         CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : healthrr
      Starting test: CheckSDRefDom
         ......................... healthrr passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... healthrr passed test CrossRefValidation

   Running enterprise tests on : healthrr.int
      Starting test: LocatorCheck
         ......................... healthrr.int passed test LocatorCheck
      Starting test: Intersite
         ......................... healthrr.int passed test Intersite

Server4 = Server 2012 R2 has DNS,DHCP,Active Directory,GDC

Server 2 - Server 2008 is PD

Please help :(

All replies (2)

Wednesday, November 23, 2016 9:51 PM

Sorry. Server2 is Server 2003.

Thursday, November 24, 2016 4:05 AM

I've seen this before, where the DNS management console can't manage a DNS server on an up-level or down-level OS.  The workaround is to manage the DNS server from a management console running the same version of OS that the DNS server itself is running on.  Alternatively, check out this thread which mentions checking permissions issues or MMC snap-in corruption:  DNS - Access Denied

Best Regards, Todd Heron | Active Directory Consultant