none
Event 467 ESENT - Windows 2008 Server Standard SP2

Answers

  • Hi,

    Please offer us more information about your server, such as the server role what application installed in your server, the usually event 467 we suggest you try to back up your server then demoted and promoted again the domain controller again.

    The more similar fixed issue you can refer the following steps.

    1. First we completed the steps from the following article:

    Compact the Directory Database File (Offline Defragmentation)

    http://technet.microsoft.com/en-us/library/cc794920(WS.10).aspx

    We defragmented the database and completed a successful integrity check.

    After the integrity check we started again the Active Directory Domain Services and the other important services (Kerberos Key Distribution Center, DNS Server, DFS Replication).

    After the start of the services we checked the Event Viewer, "Directory Services" log and found an Information event, which states that the AD database has been successfully repaired.

    Another helpful article:

    If the Database Integrity Check Fails, Perform Semantic Database Analysis with Fixup

    http://technet.microsoft.com/en-us/library/cc816754(WS.10).aspx

    2. After the repair of the database we found out that the DNS console still cannot be opened.

    We did a "dcdiag" test, which failed the test "Connectivity"

    So after some troubleshooting we decided to remove the network teaming, which has been configured and restart the server.

    3. After uninstalling the teaming and restarting the server the DNS console could still not be opened.

    Again in the Event Viewer, "Directory Services" log we found out, that the server does not see itself as a Global Catalog.

    4. We used netdom resetpwd in order to reset the secure channel of the server to the domain. Instead of using the /s:Servername we used /s:IP address, because we had no name resolution.

    Reference:

    How to use Netdom.exe to reset machine account passwords of a Windows Server domain controller

    http://support.microsoft.com/kb/325850

    5. After the server restart we were again able to open the DNS console and view all zones with their records. We made sure that DNS is configured properly on server and zone level.

    Tools used:

    ADSI Edit (adsiedit.msc)

    http://technet.microsoft.com/en-us/library/cc773354(WS.10).aspx

    Repadmin /options

    http://technet.microsoft.com/en-us/library/cc835086(WS.10).aspx

    Ntdsutil

    http://technet.microsoft.com/en-us/library/cc753343(WS.10).aspx

    Dcdiag

    http://blogs.technet.com/b/askds/archive/2011/03/22/what-does-dcdiag-actually-do.aspx


    Alex Lv

    Monday, October 21, 2013 3:37 AM

All replies

  • Hi,

    Please offer us more information about your server, such as the server role what application installed in your server, the usually event 467 we suggest you try to back up your server then demoted and promoted again the domain controller again.

    The more similar fixed issue you can refer the following steps.

    1. First we completed the steps from the following article:

    Compact the Directory Database File (Offline Defragmentation)

    http://technet.microsoft.com/en-us/library/cc794920(WS.10).aspx

    We defragmented the database and completed a successful integrity check.

    After the integrity check we started again the Active Directory Domain Services and the other important services (Kerberos Key Distribution Center, DNS Server, DFS Replication).

    After the start of the services we checked the Event Viewer, "Directory Services" log and found an Information event, which states that the AD database has been successfully repaired.

    Another helpful article:

    If the Database Integrity Check Fails, Perform Semantic Database Analysis with Fixup

    http://technet.microsoft.com/en-us/library/cc816754(WS.10).aspx

    2. After the repair of the database we found out that the DNS console still cannot be opened.

    We did a "dcdiag" test, which failed the test "Connectivity"

    So after some troubleshooting we decided to remove the network teaming, which has been configured and restart the server.

    3. After uninstalling the teaming and restarting the server the DNS console could still not be opened.

    Again in the Event Viewer, "Directory Services" log we found out, that the server does not see itself as a Global Catalog.

    4. We used netdom resetpwd in order to reset the secure channel of the server to the domain. Instead of using the /s:Servername we used /s:IP address, because we had no name resolution.

    Reference:

    How to use Netdom.exe to reset machine account passwords of a Windows Server domain controller

    http://support.microsoft.com/kb/325850

    5. After the server restart we were again able to open the DNS console and view all zones with their records. We made sure that DNS is configured properly on server and zone level.

    Tools used:

    ADSI Edit (adsiedit.msc)

    http://technet.microsoft.com/en-us/library/cc773354(WS.10).aspx

    Repadmin /options

    http://technet.microsoft.com/en-us/library/cc835086(WS.10).aspx

    Ntdsutil

    http://technet.microsoft.com/en-us/library/cc753343(WS.10).aspx

    Dcdiag

    http://blogs.technet.com/b/askds/archive/2011/03/22/what-does-dcdiag-actually-do.aspx


    Alex Lv

    Monday, October 21, 2013 3:37 AM

  • Hi,

    I would like to check if you need further assistance.

    Thanks.


    Alex Lv

    Wednesday, November 06, 2013 9:26 AM