Verifying the connection to the domain controller computer by using the Dcdiag tool

Use the Dcdiag command-line tool to help you determine whether the domain controller computer is registered with the domain name server (DNS), whether the controller can be pinged, and whether the controller has Lightweight Directory Access Protocol (LDAP) connectivity.

1. On a computer that is a member of a Windows domain, go to http://www.microsoft.com/en-us/download/details.aspx?id=15326.
2. Download the following files to the same location:
   • support.cab
   • suptools.msi
3. Run the suptools.msi file.
4. Proceed through the installation software and click Finish to install the tool.
5. In a command prompt window, to run the tool, enter the following command:

   DCDIAG /TEST:DNS /V /E /S:domaincontroller	

   Where domaincontroller is the name of the domain controller computer, for example, TPCDomain.

   Important: You can run the command only if you are logged in with a Windows domain user name. If you try to run the command when you are logged in with a local user name, the following error message is displayed:

   Connecting to directory service on server 10.10.10.10 
   LDAP bind failed with error 1326, 
   Logon failure: unknown user name or bad password.

Starting test: Connectivity
* Active Directory LDAP Services Check
*** Warning: could not confirm the identity 
of this server in the directory versus 
the names returned by DNS servers. If 
there are problems accessing this directory 
server then you may need to check that this 
server is correctly registered with DNS
* Active Directory RPC Services Check
......................... TPCDomain passed test Connectivity