[Today’s post comes to us courtesy of Wayne McIntyre]
During the data collection phase of the IT Health Scanner, you may receive an error as shown below.
“A list of servers could not be collected from Active Directory Domain Services (AD DS). Ensure that your network is functioning correctly and that this computer can access AD DS.”
This issue can occur if you have a server object in AD with a blank (null) DNS hostname.
To resolve this issue you need to locate the server with the blank (null) DNS hostname value, and remove the object if it is stale, or add the DNSHostname Attribute with its correct value.
The following methods will assist you in finding the server object(s) with a blank (null) DNS hostname:
Method 1: Using the IT Heath Scanner Log.
1. Open the WEBS.BPA.Console.log file located in C:\Microsoft IT Environment Health Scanner\Wizard\Logs
2. Do a find (ctrl-F) on “Failed to retrieve server information” and look above that error to see the last object it was processing. Sample below
,"2009/09/22 10:06:34.652","ServerInfoCollector","Information","processing object: CN=TESTMACHINE,CN=Computers,DC=contoso,DC=local"
,"2009/09/22 10:06:34.652","ServerInfoCollector","Information","operatingSystemVersion: 6.0 (6001)"
,"2009/09/22 10:06:34.652","ServerInfoCollector","Information","operatingSystem: Windows Server® 2008 Enterprise"
,"2009/09/22 10:06:34.892","ServerInfoCollector","Error","Failed to retrieve server information System.NullReferenceException: Object reference not set to an instance of an object.
,"2009/09/22 10:06:34.927","WEBSBPA_Engine","Error","Microsoft.WEBS.BPA.Engine.DataCollectionException: A list of servers could not be collected from Active Directory Domain Services (AD DS). Ensure that your network is functioning correctly and that this computer can access AD DS.
Method 2: Using DSQuery
1. Launch an elevated command prompt.
2. Run the following dsquery command
dsquery * domainroot -filter "(&(&(sAMAccountType=805306369)(objectCategory=computer)(objectClass=computer)(operatingSystem=*Server*)))" -attr cn DNSHostname
The output is a 2 column table displaying the cn attribute of the server and it’s DNSHostname. In this case TestMachine has a blank (null) DNSHostname Attribute.
I have another problem. The scanner stopps in my EBS environment reclaiming that he can not reach the Security Server due to WMI-restrictions and he cannot contact the Exchange server on my security server. Is this by design or is something wrong with my configurstion at my security server? Thanks for your help.
Your issue is going to be Strict RPC Checking. There are two ways to work around this:
1. Easy, but stops all traffic: net stop fweng /y on Security Server. This stops all TMG services. "Net start fwsrv" to restart
2. Edit all "allow all" access policies, all RPC rules, as well as the Active Diretory System Policy in TMG to temporarily disable 'enforce strict RPC compliance'
I get the error message:
The specified domain controller doesn't appear in ServerTable: <servername>
The scan stops after this error.
I get the same thing: "The specified domain controller doesn't appear in ServerTable: DCname"
DCDiag does not show any issues on that DC
Erik and Nolan,
Do you have R2 DCs? If so, it's probably this issue: