Download Netdiag

[Zoraida]

Ineed to troubleshoot some DNS issues on a Windows 2008 domain controller, but I see that NETDIAG isn't supplied or supported anymore. I could just copy it from a Server 2003 DC, but it looks like the output wouldn't be reliable. Everywhere I look online, people quickly say "It's not supported anymore" without giving a replacement for the functionality.

Seems like the relevant tests that were part of netdiag were moved to other diagnostics components. I know dcdiag does a set of DNS tests specific to necessary functionality on domain controllers. Other tools like ping, nslookup, ipconfig, etc. may help with the other things netdiag did in its all encompassing diagnostics check.

netdiag is a powerful, network-testing utility that performs a variety of network diagnostic tests that can help you to pinpoint a networking problem. The output listing below shows the output from a typical execution of the Netdiag command. You can scan this listing to see the types of tests that the netdiag command performs.

Netdiag.exe is a Windows 2000 and 2003 Server command line tool that can be used to effectively test the network connectivity of a computer, and provides valuable insight to the overall health of your network. Netdiag can help you solve any number of network issues including:

Properly using netdiag involves a number of command line switches that need to be entered in a certain order. Not all of the switches are required, but the correct full syntax if you were to use them all is as follows:

You can specifiy multiple tests by using multiple instances of the /test:test_namecommand, each separated with a space. So, for example, if you wanted to run three tests: DNS, IPSec, and WINS, a typical Netdiag command line would look like this:

I have some errors in my event viewer. Windows Help and Support center says that I need to run "netdiag" and make notes of errors. These errors need to be corrected before the problem can be fixed. However, windows says it doesn't recognize netdiag as an internal or external command. Where do i get it?

Sleew

Compaq & Microsoft TS

sl...@infosky.net RE: Event ID 1000 in Event Log gbiello (TechnicalUser)21 Sep 01 08:32Did you run NetDiag with the /fix switch? This should repair the errors it finds. If that does not work. I would remove Active Directory by running DCPromo from the server as well as DNS. Reboot, the reinstall them.

You may want to do a bit of research, as sleew suggests. The only time I've had a major problem with DNS, netdiag /fix took care of it.

-gbiello RE: Event ID 1000 in Event Log NYR (MIS)(OP)21 Sep 01 10:30Yeah, I ran the Netdiag tool and I got DNS fixed, I think I had a closed port on the router. When Netdiag is ran, DNS is passing, but I get this error/warning in the DNS section

DNS_ERROR_NON_RFC_NAME....

And I am still getting the error 1000 in the event log... RE: Event ID 1000 in Event Log crayone (TechnicalUser)26 Sep 01 09:11If you are going to remove DNS... dont forget to empty the DNS-folder in WINNT\system32\dns... if you dont empty this folder... all your dns configuration will still be there... you need to configure the revers lookup zone... otherwise you cant enable reverse lookup queries... if this dosent work, try to disable and enable the NIC... to get get a new ip-configuration... you also need to have a A record, PTR record and CNAME record in the DNS sever.

To refresh all DHCP leases and re-register DNS names for computers, use the ipconfig /registerdns command. RE: Event ID 1000 in Event Log WiredToad (IS/IT--Management)26 Sep 01 10:44 Sounds like you have nice little problem there. I have had my share of chasing DNS with 2k. There are a couple of good aritcles on DNS at www.microsoft.con/technet just do a little search. It sounds like you just have one thing awry and its mucking up your works. Sorry I didn't have any direct input. RE: Event ID 1000 in Event Log NYR (MIS)(OP)26 Sep 01 10:55It seems all is well for the time being. After a OS re-install becasue for some strange reason, I couldn't "demote" the server. I got the DNS side running and netdiag is coming back clean. As far as the event ID error 1000 on the work stations. I was grabbing DHCP from another server with different DNS setting while trying to log into the new DC. All desktops that tried would get that event id 1000 error. Once I entered the new DNS server in the DHCP options, the error went away....

Hope this helps any others with this issue....until next time..thanks all RE: Event ID 1000 in Event Log NYR (MIS)(OP)26 Sep 01 11:23Lastly. All the workstations are getting out to the internet fine and DNS seems to be fine. But when I do a NSLOOKUP from the workstation, I get:

DNS request timed out

timeout was 2 seconds

Can't find server name for address 192.x.x.x

Default servers are not available

Default server: Unknown

Address: 192.x.x.x

Is this normal? Should it find the DNS server?? RE: Event ID 1000 in Event Log NYR (MIS)(OP)26 Sep 01 14:27I got it. PTR googletag.cmd.push(function() googletag.display('div-gpt-ad-1406030581151-2'); ); Red Flag This PostPlease let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

CancelRed Flag SubmittedThank you for helping keep Tek-Tips Forums free from inappropriate posts.

The Tek-Tips staff will check this out and take appropriate action.

The netdiag utility performs a variety of networkconnectivity tests, including a DNS test. The netdiag/test:DNS command iterates over each active networkadapter and checks whether the hostname has an A record in the domainspecified by the domain suffix for the adapter. If you receive anerror message for the DNS test, you should runnetdiag /test:DNS /debug, which will produce verbose output andhelp pinpoint the cause of the failure.

If you run netdiag /test:DNS on a domain controller and receiveerrors, you can run it again with the /fixoption to force all the records in thenetlogon.dns file to be refreshed in DNS. SeeChapter 8 for more details on thenetlogon.dns file.

I needed to upgrade our our company servers from Windows 2000 to Windows 2003. I created a new Windows 2003 server and transferred the FSMO roles from the Windows 2000 server to the new windows 2003 server and encountered SYSVOL and NETLOGON share errors.

I tried running dcdiag /fix and netdiag /fix and restarting the netlogon service.

I've tried changing the Primary and Secondary DNS addresses on the interfaces, demoting the new server and rejoining it to the domain. couldn't get the errors to go away.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Backup\Restore\Process at Startup

the global BurFlags registry key contains REG_DWORD values and needs to be changed to D4.

LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

In the distant past there was a useful client side tool for checking connectivity between clients and domain controllers (netdiag.exe). According to Microsoft's command line reference guide, it is available in windows 8 and 2012, but in reality the command does not exist on any windows machine I have checked beyond 2003. Trying to run an older version won't work either due to some incompatibility. So, alternatives are required to do checks. One thing you would typically want to check between a client and a domain controller is port connectivity. Below, I will show a simple script that tests most of the ports. Some may not be open in your environment (like 636,3269 for Ldaps). Some ports are dynamic, so I haven't included trying to check these.

To begin with, you should know what domain controller your workstation has logged into. This machine logon establishes the "secure channel" between your machine and the domain. You can use an old tool that is still around called nltest.

This output shows the status of your secure channel, and the name of the domain controller you are querying. You will need to provide the name of the domain you are connected to. FQDN domain name or NETBIOS domain name should work fine. If you don't have any results for secure channel, you need to start troubleshooting with the basics: 1) is my NIC connected, 2) do I have a valid IP, 3) can I ping anything outside of my machine, 4) do I have DNS server IP's configured, 5) Are the dns servers responding (test with: nslookup -type=soa contoso.com, replacing contoso.com with the dns name of you active directory domain, which is probably what is listed in the Primary Dns Suffix line of ipconfig /all).

If you do have a working secure channel, this powershell script will provide two functions, one port checker and one function to run to test your connection. You can copy and paste the script into a powershell window, then run Test-DomainControllerPorts with your domain name (or leave it blank for auto detect). The script returns the name of the DC that you are connected to, along with 2 arrays of ports that are open and another of ports that aren't responding.

3a8082e126