Can not connect to the Primary Domain controller for DOMAINNAME domain. The specified domain either (NETIQKB6844)

  • 7706844
  • 02-Feb-2007
  • 07-Jan-2008

Resolution

fact
Domain Migration Administrator 7.1

symptom
The attempt to connect to a PDC has failed, this will result in your not being able to migrate SID history or disable source accounts.

cause
This error usually occurs as a result of Network name resolution issues.

fix

Run the following command to determine if the Domain Migration Administrator (DMA) console can correctly resolve the name of the PDC:

  • NLTEST /DSGETDC:DOMAINNAME /PDC

Verify that this results in the correct name and IP address of the PDC.

These errors can also be caused by WINS or DNS issues. For NT domains, it can be due to invalid WINS resolution.  As a troubleshooting step, consider adding an LMHOSTS entry for the source PDC to the DMA computer's LMHOSTS file.  The steps for accomplishing this are described in Microsoft TechNet Article Q180094 (http://support.microsoft.com/default.aspx?scid=kb;en-us;Q180094). Verify that there are not any incorrect static entries in the LMHOSTS file on the DMA console.

As for DNS issues, troubleshoot DNS in your environment.  The following procedure is suggested as a way to troubleshoot numerous obscure DNS errors:

  1. Verify every domain controller's IP addresses in the DNS forward lookup zone(s).  In addition, make sure there aren't any missing or old (unneeded) host records.  Pay particular attention to the global catalog gc records in the forest root domain's forward lookup zone located under TCP.
  2. Verify every domain controller's IP addresses in the DNS reverse lookup zone(s).  In addition, make sure there aren't any missing or old (unneeded) reverse pointer records.
  3. At the primary DNS server, bounce the DNS server service and DNS client service in that order.
  4. At the secondary DNS server, bounce the DNS server service and DNS client service in that order.
  5. At each domain controller that is not the primary or secondary DNS server and is not deliberately intended to be a DNS server, stop the DNS Server service (if it is present) and disable it.
  6. At each domain controller that is not the primary or secondary DNS server and is not deliberately intended to be a DNS server, bounce the DNS client service.
  7. Use nslookup at the primary and secondary DNS servers to verify that the DMA console machine's hostname and IP address are both resolved properly as follows:
    • nslookup <hostname>
    • nslookup <IP address>
  8. Use nslookup at the DMA console machine to verify at minimum that the primary and secondary DNS servers, the domain GC catalog server(s), and all five FSMO role servers are properly resolved for both hostname and IP address as follows:
    • nslookup <hostname>
    • nslookup <IP address>
  9. At the DMA console machine, query the domain SRV (service locator) records as follows:
    •  nslookup
    •  set q=SRV
    • <domain.suffix> -  where <domain.suffix> = the domain name, such as "microsoft.com".   Verify the displayed information is correct.  If not, make corrections as necessary to the dc records located under the domain's forward lookup zone.


note

Please refer to the following Microsoft KB articles for more information:

  • 256083 - Error Message: The Specified Domain Either Does Not Exist or Could Not Be Contacted
  • 283133 - Error Message: The Specified Domain Either Does Not Exist or Could Not Be Contacted


Additional Information

Formerly known as NETIQKB6844