Setup encountered a problem while validating the state of Active Directory

Setup encountered a problem while validating the state of Active Directory

 

Hi Harvey

This error message is a very common message that everyone will face. This is what I want you to do in order to rectify this error.

1. First I want you to disconnect the server and then rejoin with the domain.

2.  Please make sure that the DC is always healthy.

3. Please do check the DNS with the help of dnslint command, and make sure you get the following message.

C:dnslint>dnslint /ad /s 172.30.1.9 /v

What the DNSlint will do is that it will verify  the DNS entries that are used in the AD replication, what it uses is 127.0.0.1 for the LDAP and also it starts for 172.30.1.9 for the DNS. This whole process will take around 3-5 mins.

Then you need to check if you can find the root of the AD forest.

Let me know what message you see after the test.

It should be LDAP query to specified LDAP server on TCP port 389 failed.

Or you can also see another error that says server down or the server that is specified seems to be down.

4. You need to analyze the port with the portqry (usually in win 2003) and see what message you are getting.

You should see a message like C:WINDOWS>portqry -n contoso.com -e 389 -p udp.

This is querying a target system that is called: Contoso.com.

This is attempting to resolve the name to the IP addresses… : 172.30.1.10.

And the UDP port will be: 389.

 Later on you will see another message that says sending to LDAP to the port 389 failed, or the message server did not or failed to respond to LDAP query.

5. Also you need to check the firewall settings and make sure that you allow connection from the port 389 both for TCP and also UDP.

Check all these above mentioned points and you will see that the server will respond just fine.

Bell Keny