Windows 2008 after replication
We setup a Windows Server 2008 to replicate to a Windows 2000 Server which is our DC on the network. I added the 08 server to an existing AD during dcpromo and everything went through ok. when I ran dcdiag afterwards it came up with a few errors(see below). The active Directory replicated ok and when i added a user on the DC (win2000) it showed up on the server 08 DC all objects appear on the new DC but I have these errors. Please I would like guidence to get this corrected.
Directory Server DiagnosisPerforming initial setup:
Trying to find home server...
Home Server = Civitas
* Identified AD Forest.
Done gathering initial info.Doing initial required tests
Testing server: 82Stone\CIVITAS
Starting test: Connectivity
......................... CIVITAS passed test ConnectivityDoing primary tests
Testing server: 82Stone\CIVITAS
Starting test: Advertising
Warning: DsGetDcName returned information for \\82STONE.citizen.local,
when we were trying to reach CIVITAS.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... CIVITAS failed test Advertising
Starting test: FrsEvent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... CIVITAS passed test FrsEvent
Starting test: DFSREvent
......................... CIVITAS passed test DFSREvent
Starting test: SysVolCheck
......................... CIVITAS passed test SysVolCheck
Starting test: KccEvent
......................... CIVITAS passed test KccEvent
Starting test: KnowsOfRoleHolders
[82STONE] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
Warning: 82STONE is the Schema Owner, but is not responding to DS RPC
Bind.
Ldap search capabality attribute search failed on server 82STONE,
return value = 81
Warning: 82STONE is the Schema Owner, but is not responding to LDAP
Bind.
Warning: 82STONE is the Domain Owner, but is not responding to DS RPC
Bind.
Warning: 82STONE is the Domain Owner, but is not responding to LDAP
Bind.
Warning: 82STONE is the PDC Owner, but is not responding to DS RPC
Bind.
Warning: 82STONE is the PDC Owner, but is not responding to LDAP Bind.
Warning: 82STONE is the Rid Owner, but is not responding to DS RPC
Bind.
Warning: 82STONE is the Rid Owner, but is not responding to LDAP Bind.
Warning: 82STONE is the Infrastructure Update Owner, but is not
responding to DS RPC Bind.
Warning: 82STONE is the Infrastructure Update Owner, but is not
responding to LDAP Bind.
......................... CIVITAS failed test KnowsOfRoleHolders
Starting test: MachineAccount
......................... CIVITAS passed test MachineAccount
Starting test: NCSecDesc
......................... CIVITAS passed test NCSecDesc
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\CIVITAS\netlogon)
[CIVITAS] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... CIVITAS failed test NetLogons
Starting test: ObjectsReplicated
......................... CIVITAS passed test ObjectsReplicated
Starting test: Replications
......................... CIVITAS failed test Replications
Starting test: RidManager
......................... CIVITAS failed test RidManager
Starting test: Services
......................... CIVITAS passed test Services
Starting test: SystemLog
An Warning Event occurred. EventID: 0x80000008
Time Generated: 10/27/2009 11:32:15
Event String:
The jobs in the print queue for printer HP Color LaserJet 4600 PCL6
(redirected 2) were deleted. No user action is required.
An Warning Event occurred. EventID: 0x80000004
Time Generated: 10/27/2009 11:32:15
Event String:
Printer HP Color LaserJet 4600 PCL6 (redirected 2) will be deleted.
No user action is required.
An Warning Event occurred. EventID: 0x80000003
Time Generated: 10/27/2009 11:32:15
Event String:
Printer HP Color LaserJet 4600 PCL6 (redirected 2) was deleted, and
users will no longer be able to print to this printer. No user action is require
d.
An Warning Event occurred. EventID: 0x80000008
Time Generated: 10/27/2009 11:32:15
Event String:
The jobs in the print queue for printer Color LaserJet 4600 on 82st
one (redirected 2) were deleted. No user action is required.
An Warning Event occurred. EventID: 0x80000004
Time Generated: 10/27/2009 11:32:15
Event String:
Printer Color LaserJet 4600 on 82stone (redirected 2) will be delet
ed. No user action is required.
An Warning Event occurred. EventID: 0x80000003
Time Generated: 10/27/2009 11:32:15
Event String:
Printer Color LaserJet 4600 on 82stone (redirected 2) was deleted,
and users will no longer be able to print to this printer. No user action is req
uired.
An Error Event occurred. EventID: 0x00000457
Time Generated: 10/27/2009 11:33:00
Event String:
Driver HP LaserJet 4350 PCL 6 required for printer HP LaserJet 4350
PCL 6 is unknown. Contact the administrator to install the driver before you log
in again.
An Warning Event occurred. EventID: 0x80000008
Time Generated: 10/27/2009 11:39:18
Event String:
The jobs in the print queue for printer HP Color LaserJet 4600 PCL6
(redirected 2) were deleted. No user action is required.
An Warning Event occurred. EventID: 0x80000004
Time Generated: 10/27/2009 11:39:18
Event String:
Printer HP Color LaserJet 4600 PCL6 (redirected 2) will be deleted.
No user action is required.
An Warning Event occurred. EventID: 0x80000003
Time Generated: 10/27/2009 11:39:18
Event String:
Printer HP Color LaserJet 4600 PCL6 (redirected 2) was deleted, and
users will no longer be able to print to this printer. No user action is require
d.
An Warning Event occurred. EventID: 0x80000008
Time Generated: 10/27/2009 11:39:18
Event String:
The jobs in the print queue for printer Color LaserJet 4600 on 82st
one (redirected 2) were deleted. No user action is required.
An Warning Event occurred. EventID: 0x80000004
Time Generated: 10/27/2009 11:39:18
Event String:
Printer Color LaserJet 4600 on 82stone (redirected 2) will be delet
ed. No user action is required.
An Warning Event occurred. EventID: 0x80000003
Time Generated: 10/27/2009 11:39:18
Event String:
Printer Color LaserJet 4600 on 82stone (redirected 2) was deleted,
and users will no longer be able to print to this printer. No user action is req
uired.
An Error Event occurred. EventID: 0x00000457
Time Generated: 10/27/2009 11:53:04
Event String:
Driver HP LaserJet 4350 PCL 6 required for printer HP LaserJet 4350
PCL 6 is unknown. Contact the administrator to install the driver before you log
in again.
......................... CIVITAS failed test SystemLog
Starting test: VerifyReferences
......................... CIVITAS passed test VerifyReferences
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidationRunning partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidationRunning partition tests on : citizen
Starting test: CheckSDRefDom
......................... citizen passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... citizen passed test CrossRefValidationRunning enterprise tests on : citizen.local
Starting test: LocatorCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
......................... citizen.local failed test LocatorCheck
Starting test: Intersite
......................... citizen.local passed test Intersite
All Replies
- Did you run
adprep /forestprep
adprep /domainprep
adprep /gpprep
on your domain before deploying your Windows Server 2008?
See Technet documentation on Adprep
http://technet.microsoft.com/en-us/library/cc731728(WS.10).aspx
MCTS: Windows Server 2008 Active Directory Configuration
Blog: http://www.nixadmins.net - Hello,
I think you are having DNS related issue. How is your DNS configured? please do an ipconfig /all from both the W2K8 and the W2K domain controllers and post to the forum.
Also do a dcdiag /test:dns on both servers respectively..
Isaac Oben MCITP:EA, MCSE - Hi ,
I would go with Isaac here
from the errors
Warning: 82STONE is the Schema Owner, but is not responding to LDAP
Bind.
Warning: 82STONE is the Domain Owner, but is not responding to DS RPC
Bind.
Warning: 82STONE is the Domain Owner, but is not responding to LDAP
Bind.
Warning: 82STONE is the PDC Owner, but is not responding to DS RPC
Bind.
Warning: 82STONE is the PDC Owner, but is not responding to LDAP Bind.
Warning: 82STONE is the Rid Owner, but is not responding to DS RPC
Bind.
Warning: 82STONE is the Rid Owner, but is not responding to LDAP Bind.
Warning: 82STONE is the Infrastructure Update Owner, but is not
responding to DS RPC Bind.
Warning: 82STONE is the Infrastructure Update Owner, but is not
responding to LDAP Bind.
I would recommend you to check the DNS server for the srv records
Also check if you are pointing the DNS approrpriately
perform nslookup and post us back for any errors.
Also run portqry to check if all the relevant ports are opened
http://www.microsoft.com/downloads/details.aspx?FamilyID=89811747-C74B-4638-A2D5-AC828BDC6983&displaylang=en
run dcdiag /test:knowsofroleholders /a on all the DC's Ok, Isaac here is some of the requested information (see below) on the Main server the Windows 2000 server(82stone) I cannot get the dcdiag /test:dns to work at all I downloaded the Support Tools and dcdiag will work but none of the switches. The Windows 2000 server is where the DNS for the network is held 192.168.64.19
Windows 2000 IP ConfigurationHost Name . . . . . . . . . . . . : 82STONE
Primary DNS Suffix . . . . . . . : citizen.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : citizen.localEthernet adapter Local Area Connection 4:
Connection-specific DNS Suffix . : citizen.local
Description . . . . . . . . . . . : Intel(R) PRO/1
ion #2
Physical Address. . . . . . . . . : 00-14-22-24-1D
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.64.19
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.64.1
DNS Servers . . . . . . . . . . . : 192.168.64.19
Primary WINS Server . . . . . . . : 192.168.64.19
Windows IP Configuration 2008Host Name . . . . . . . . . . . . : Civitas
Primary Dns Suffix . . . . . . . : citizen.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : citizen.local
civitas.localEthernet adapter Local Area Connection:
Windows 2008 IP configurationConnection-specific DNS Suffix . : civitas.local
Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDI
VBD Client)
Physical Address. . . . . . . . . : 00-1E-C9-53-D2-78
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.64.22(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.64.1
DNS Servers . . . . . . . . . . . : 192.168.64.22
127.0.0.1
Primary WINS Server . . . . . . . : 192.168.64.19
Secondary WINS Server . . . . . . : 192.168.64.22
NetBIOS over Tcpip. . . . . . . . : EnabledTunnel adapter Local Area Connection* 9:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : civitas.local
Description . . . . . . . . . . . : isatap.civitas.local
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Directory Server Diagnosis Dcdiag /test:dns
Server 2008Performing initial setup:
Trying to find home server...
Home Server = Civitas
* Identified AD Forest.
Done gathering initial info.Doing initial required tests
Testing server: 82Stone\CIVITAS
Starting test: Connectivity
......................... CIVITAS passed test ConnectivityDoing primary tests
Testing server: 82Stone\CIVITAS
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
ERROR: NO DNS servers for IPV6 stack was found
......................... CIVITAS passed test DNSRunning partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : citizen
Running enterprise tests on : citizen.local
Starting test: DNS
Test results for domain controllers:DC: Civitas.citizen.local
Domain: citizen.local
TEST: Basic (Basc)
Warning: The AAAA record for this DC was not foundTEST: Forwarders/Root hints (Forw)
Error: Forwarders list has invalid forwarder: 192.168.16.15 (<
name unavailable>)
Error: Forwarders list has invalid forwarder: 216.183.68.110 (
<name unavailable>)
Error: Forwarders list has invalid forwarder: 216.183.68.111 (
<name unavailable>)TEST: Dynamic update (Dyn)
Warning: Failed to delete the test record _dcdiag_test_record
in zone citizen.localTEST: Records registration (RReg)
Network Adapter
[00000006] Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Clien
t):Warning:
Missing AAAA record at DNS server 192.168.64.22:
Civitas.citizen.localWarning:
Missing AAAA record at DNS server 192.168.64.22:
gc._msdcs.citizen.localWarning:
Missing AAAA record at DNS server 192.168.64.22:
Civitas.citizen.localWarning:
Missing AAAA record at DNS server 192.168.64.22:
gc._msdcs.citizen.localWarning: Record Registrations not found in some network adapters
Summary of test results for DNS servers used by the above domain
controllers:DNS server: 192.168.16.15 (<name unavailable>)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.168.16.15
DNS server: 216.183.68.110 (<name unavailable>)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 216.183.68.110
DNS server: 216.183.68.111 (<name unavailable>)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 216.183.68.111
Summary of DNS test results:Auth Basc Forw Del Dyn RReg Ext
_________________________________________________________________
Domain: citizen.local
Civitas PASS WARN FAIL PASS WARN WARN n/a......................... citizen.local failed test DNS
Domain Controller Diagnosis
dcdiag /test:Knowofroleholders
Server 2008Performing initial setup:
* Verifying that the local machine 82STONE, is a DC.
* Connecting to directory service on server 82STONE.
* Collecting site info.
* Identifying all servers.
* Found 2 DC(s). Testing 2 of them.
Done gathering initial info.Doing initial required tests
Testing server: 82Stone\82STONE
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... 82STONE passed test Connectivity
Testing server: 82Stone\CIVITAS
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... CIVITAS passed test ConnectivityDoing primary tests
Testing server: 82Stone\82STONE
Test omitted by user request: Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Test omitted by user request: NCSecDesc
Test omitted by user request: NetLogons
Test omitted by user request: Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=82STONE,CN=Servers,CN=82Stone,CN=Sites,CN=Configuration,DC=citizen,DC=local
Role Domain Owner = CN=NTDS Settings,CN=82STONE,CN=Servers,CN=82Stone,CN=Sites,CN=Configuration,DC=citizen,DC=local
Role PDC Owner = CN=NTDS Settings,CN=82STONE,CN=Servers,CN=82Stone,CN=Sites,CN=Configuration,DC=citizen,DC=local
Role Rid Owner = CN=NTDS Settings,CN=82STONE,CN=Servers,CN=82Stone,CN=Sites,CN=Configuration,DC=citizen,DC=local
Role Infrastructure Update Owner = CN=NTDS Settings,CN=82STONE,CN=Servers,CN=82Stone,CN=Sites,CN=Configuration,DC=citizen,DC=local
......................... 82STONE passed test KnowsOfRoleHolders
Test omitted by user request: RidManager
Test omitted by user request: MachineAccount
Test omitted by user request: Services
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: ObjectsReplicated
Test omitted by user request: frssysvol
Test omitted by user request: kccevent
Test omitted by user request: systemlog
Testing server: 82Stone\CIVITAS
Test omitted by user request: Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Test omitted by user request: NCSecDesc
Test omitted by user request: NetLogons
Test omitted by user request: Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=82STONE,CN=Servers,CN=82Stone,CN=Sites,CN=Configuration,DC=citizen,DC=local
Role Domain Owner = CN=NTDS Settings,CN=82STONE,CN=Servers,CN=82Stone,CN=Sites,CN=Configuration,DC=citizen,DC=local
Role PDC Owner = CN=NTDS Settings,CN=82STONE,CN=Servers,CN=82Stone,CN=Sites,CN=Configuration,DC=citizen,DC=local
Role Rid Owner = CN=NTDS Settings,CN=82STONE,CN=Servers,CN=82Stone,CN=Sites,CN=Configuration,DC=citizen,DC=local
Role Infrastructure Update Owner = CN=NTDS Settings,CN=82STONE,CN=Servers,CN=82Stone,CN=Sites,CN=Configuration,DC=citizen,DC=local
......................... CIVITAS passed test KnowsOfRoleHolders
Test omitted by user request: RidManager
Test omitted by user request: MachineAccount
Test omitted by user request: Services
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: ObjectsReplicated
Test omitted by user request: frssysvol
Test omitted by user request: kccevent
Test omitted by user request: systemlog
Running enterprise tests on : citizen.local
Test omitted by user request: Intersite
Test omitted by user request: FsmoCheck- Hello
On your Windows Server 2008 Domain Controller,
Change the DNS entries as follows:
Pri:192.168.64.19
Sec: 192.168.64.22
After that, do an ipconfig /flushdns and then ipconfig /registerdns and run the DCdiag test again
Isaac Oben MCITP:EA, MCSE- Proposed As Answer byIsaac Oben Thursday, October 29, 2009 12:55 PM
Changed settings on the 08 server and ipconfig /flushdns and /registerdns ran dcdiag see bellow:
dcdiag /test:dns
Directory Server DiagnosisPerforming initial setup:
Trying to find home server...
Home Server = Civitas
* Identified AD Forest.
Done gathering initial info.Doing initial required tests
Testing server: 82Stone\CIVITAS
Starting test: Connectivity
......................... CIVITAS passed test ConnectivityDoing primary tests
Testing server: 82Stone\CIVITAS
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
ERROR: NO DNS servers for IPV6 stack was found
......................... CIVITAS passed test DNSRunning partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : citizen
Running enterprise tests on : citizen.local
Starting test: DNS
Test results for domain controllers:DC: Civitas.citizen.local
Domain: citizen.local
TEST: Basic (Basc)
Warning: The AAAA record for this DC was not foundTEST: Forwarders/Root hints (Forw)
Error: Forwarders list has invalid forwarder: 192.168.16.15 (<
name unavailable>)
Error: Forwarders list has invalid forwarder: 216.183.68.110 (
<name unavailable>)
Error: Forwarders list has invalid forwarder: 216.183.68.111 (
<name unavailable>)TEST: Dynamic update (Dyn)
Warning: Failed to delete the test record _dcdiag_test_record
in zone citizen.localTEST: Records registration (RReg)
Network Adapter
[00000006] Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Clien
t):Warning:
Missing AAAA record at DNS server 192.168.64.19:
Civitas.citizen.localWarning:
Missing AAAA record at DNS server 192.168.64.19:
gc._msdcs.citizen.localWarning:
Missing AAAA record at DNS server 192.168.64.22:
Civitas.citizen.localWarning:
Missing AAAA record at DNS server 192.168.64.22:
gc._msdcs.citizen.localWarning: Record Registrations not found in some network adapters
Summary of test results for DNS servers used by the above domain
controllers:DNS server: 192.168.16.15 (<name unavailable>)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 192.168.16.15
DNS server: 216.183.68.110 (<name unavailable>)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 216.183.68.110
DNS server: 216.183.68.111 (<name unavailable>)
1 test failure on this DNS server
PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DN
S server 216.183.68.111
Summary of DNS test results:Auth Basc Forw Del Dyn RReg Ext
_________________________________________________________________
Domain: citizen.local
Civitas PASS WARN FAIL PASS WARN WARN n/a......................... citizen.local failed test DNS
Ok, I got rid of some old forwarders that were set on the DNS and the following dcdiag /test:dns
Directory Server DiagnosisPerforming initial setup:
Trying to find home server...
Home Server = Civitas
* Identified AD Forest.
Done gathering initial info.Doing initial required tests
Testing server: 82Stone\CIVITAS
Starting test: Connectivity
......................... CIVITAS passed test ConnectivityDoing primary tests
Testing server: 82Stone\CIVITAS
Starting test: DNS
DNS Tests are running and not hung. Please wait a few minutes...
ERROR: NO DNS servers for IPV6 stack was found
......................... CIVITAS passed test DNSRunning partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : citizen
Running enterprise tests on : citizen.local
Starting test: DNS
Test results for domain controllers:DC: Civitas.citizen.local
Domain: citizen.local
TEST: Basic (Basc)
Warning: The AAAA record for this DC was not foundTEST: Dynamic update (Dyn)
Warning: Failed to delete the test record _dcdiag_test_record
in zone citizen.localTEST: Records registration (RReg)
Network Adapter
[00000006] Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Clie
t):Warning:
Missing AAAA record at DNS server 192.168.64.19:
Civitas.citizen.localWarning:
Missing AAAA record at DNS server 192.168.64.19:
gc._msdcs.citizen.localWarning:
Missing AAAA record at DNS server 192.168.64.22:
Civitas.citizen.localWarning:
Missing AAAA record at DNS server 192.168.64.22:
gc._msdcs.citizen.localWarning: Record Registrations not found in some network adapters
Civitas PASS WARN PASS PASS WARN WARN n/a
......................... citizen.local passed test DNS- Hello it seems issue is resolved. Please run another dcdiag /v and post..
Isaac Oben MCITP:EA, MCSE Here is the results of the test, but why do i get this error The File Replication Service is having trouble enabling replication, Unable to connect to the NETLOGON share
DCDIAG /VThe previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=82STONE,CN=Servers,CN=
82Stone,CN=Sites,CN=Configuration,DC=citizen,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
Getting information for the server CN=NTDS Settings,CN=CIVITAS,CN=Servers,CN=
82Stone,CN=Sites,CN=Configuration,DC=citizen,DC=local
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.Doing initial required tests
Testing server: 82Stone\CIVITAS
Starting test: Connectivity
* Active Directory LDAP Services Check
Determining IP4 connectivity
Determining IP6 connectivity
* Active Directory RPC Services Check
......................... CIVITAS passed test ConnectivityDoing primary tests
Testing server: 82Stone\CIVITAS
Starting test: Advertising
Warning: DsGetDcName returned information for \\82STONE.citizen.local,
when we were trying to reach CIVITAS.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... CIVITAS failed test Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Starting test: FrsEvent
* The File Replication Service Event log test
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
An Warning Event occurred. EventID: 0x800034FA
Time Generated: 10/28/2009 10:39:10
Event String:
Following is the summary of warnings and errors encountered by File
Replication Service while polling the Domain Controller Civitas.citizen.local fo
r FRS replica set configuration information.The nTDSConnection object cn=civitas,cn=ntds settings,cn=82stone,cn
=servers,cn=82stone,cn=sites,cn=configuration,dc=citizen,dc=local is conflicting
with cn=9375e50c-3c7c-47a2-bcf3-cd1fd4e3c16a,cn=ntds settings,cn=82stone,cn=ser
vers,cn=82stone,cn=sites,cn=configuration,dc=citizen,dc=local. Using cn=civitas,
cn=ntds settings,cn=82stone,cn=servers,cn=82stone,cn=sites,cn=configuration,dc=c
itizen,dc=localAn Warning Event occurred. EventID: 0x800034C4
Time Generated: 10/28/2009 12:37:08
Event String:
The File Replication Service is having trouble enabling replication
from 82STONE.citizen.local to CIVITAS for c:\windows\sysvol\domain using the DNS
name 82STONE.citizen.local. FRS will keep retrying.
Following are some of the reasons you would see this warning.[1] FRS can not correctly resolve the DNS name 82STONE.citizen.loca
l from this computer.
[2] FRS is not running on 82STONE.citizen.local.
[3] The topology information in the Active Directory Domain Service
s for this replica has not yet replicated to all the Domain Controllers.This event log message will appear once per connection, After the p
roblem is fixed you will see another event log message indicating that the conne
ction has been established.
An Warning Event occurred. EventID: 0x800034C4
Time Generated: 10/28/2009 12:40:37
Event String:
The File Replication Service is having trouble enabling replication
from 82STONE to CIVITAS for c:\windows\sysvol\domain using the DNS name 82STONE.
citizen.local. FRS will keep retrying.
Following are some of the reasons you would see this warning.[1] FRS can not correctly resolve the DNS name 82STONE.citizen.loca
l from this computer.
[2] FRS is not running on 82STONE.citizen.local.
[3] The topology information in the Active Directory Domain Service
s for this replica has not yet replicated to all the Domain Controllers.This event log message will appear once per connection, After the p
roblem is fixed you will see another event log message indicating that the conne
ction has been established.
......................... CIVITAS passed test FrsEvent
Starting test: DFSREvent
The DFS Replication Event Log.
......................... CIVITAS passed test DFSREvent
Starting test: SysVolCheck
* The File Replication Service SYSVOL ready test
The registry lookup failed to determine the state of the SYSVOL. The
error returned was 0x0 "The operation completed successfully.".
Check the FRS event log to see if the SYSVOL has successfully been
shared.
......................... CIVITAS passed test SysVolCheck
Starting test: KccEvent
* The KCC Event log test
Found no KCC errors in "Directory Service" Event log in the last 15 min
utes.
......................... CIVITAS passed test KccEvent
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=82STONE,CN=Servers,CN=82Stone,C
N=Sites,CN=Configuration,DC=citizen,DC=local
Role Domain Owner = CN=NTDS Settings,CN=82STONE,CN=Servers,CN=82Stone,C
N=Sites,CN=Configuration,DC=citizen,DC=local
Role PDC Owner = CN=NTDS Settings,CN=82STONE,CN=Servers,CN=82Stone,CN=S
ites,CN=Configuration,DC=citizen,DC=local
Role Rid Owner = CN=NTDS Settings,CN=82STONE,CN=Servers,CN=82Stone,CN=S
ites,CN=Configuration,DC=citizen,DC=local
Role Infrastructure Update Owner = CN=NTDS Settings,CN=82STONE,CN=Serve
rs,CN=82Stone,CN=Sites,CN=Configuration,DC=citizen,DC=local
......................... CIVITAS passed test KnowsOfRoleHolders
Starting test: MachineAccount
Checking machine account for DC CIVITAS on DC CIVITAS.
* SPN found :LDAP/Civitas.citizen.local/citizen.local
* SPN found :LDAP/Civitas.citizen.local
* SPN found :LDAP/CIVITAS
* SPN found :LDAP/Civitas.citizen.local/CITIZEN
* SPN found :LDAP/b2baa1fe-1731-4013-a764-8741af6d67cd._msdcs.citizen.l
ocal
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/b2baa1fe-1731-4013-a7
64-8741af6d67cd/citizen.local
* SPN found :HOST/Civitas.citizen.local/citizen.local
* SPN found :HOST/Civitas.citizen.local
* SPN found :HOST/CIVITAS
* SPN found :HOST/Civitas.citizen.local/CITIZEN
* SPN found :GC/Civitas.citizen.local/citizen.local
......................... CIVITAS passed test MachineAccount
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC CIVITAS.
The forest is not ready for RODC. Will skip checking ERODC ACEs.
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=citizen,DC=local
(Schema,Version 3)
* Security Permissions Check for
CN=Configuration,DC=citizen,DC=local
(Configuration,Version 3)
* Security Permissions Check for
DC=citizen,DC=local
(Domain,Version 3)
......................... CIVITAS passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Unable to connect to the NETLOGON share! (\\CIVITAS\netlogon)
[CIVITAS] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... CIVITAS failed test NetLogons
Starting test: ObjectsReplicated
CIVITAS is in domain DC=citizen,DC=local
Checking for CN=CIVITAS,OU=Domain Controllers,DC=citizen,DC=local in do
main DC=citizen,DC=local on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=CIVITAS,CN=Servers,CN=82Stone,CN=Sites
,CN=Configuration,DC=citizen,DC=local in domain CN=Configuration,DC=citizen,DC=l
ocal on 1 servers
Object is up-to-date on all servers.
......................... CIVITAS passed test ObjectsReplicated
Test omitted by user request: OutboundSecureChannels
Starting test: Replications
* Replications Check
* Replication Latency Check
CN=Schema,CN=Configuration,DC=citizen,DC=local
Latency information for 6 entries in the vector were ignored.
6 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
CN=Configuration,DC=citizen,DC=local
Latency information for 6 entries in the vector were ignored.
6 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
DC=citizen,DC=local
Latency information for 5 entries in the vector were ignored.
5 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
* Replication Site Latency Check
Site
CN=NTDS Site Settings,CN=101bway,CN=Sites,CN=Configuration,DC=citizen,D
C=local
was skipped because it never had an ISTG running in it.
Site
CN=NTDS Site Settings,CN=civitas,CN=Sites,CN=Configuration,DC=citizen,D
C=local
was skipped because it never had an ISTG running in it.
......................... CIVITAS passed test Replications
Starting test: RidManager
* Available RID Pool for the Domain is 6603 to 1073741823
* 82STONE.citizen.local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 5603 to 6102
* rIDPreviousAllocationPool is 5603 to 6102
* rIDNextRID: 5603
......................... CIVITAS passed test RidManager
Starting test: Services
* Checking Service: EventSystem
* Checking Service: RpcSs
* Checking Service: NTDS
* Checking Service: DnsCache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: w32time
* Checking Service: NETLOGON
......................... CIVITAS passed test Services
Starting test: SystemLog
* The System Event log test
An Warning Event occurred. EventID: 0x8000001D
Time Generated: 10/29/2009 08:39:05
Event String:
The Key Distribution Center (KDC) cannot find a suitable certificate
to use for smart card logons, or the KDC certificate could not be verified. Sma
rt card logon may not function correctly if this problem is not resolved. To cor
rect this problem, either verify the existing KDC certificate using certutil.exe
or enroll for a new KDC certificate.
An Error Event occurred. EventID: 0x00000457
Time Generated: 10/29/2009 08:53:37
Event String:
Driver HP LaserJet 4350 PCL 6 required for printer HP LaserJet 4350
PCL 6 is unknown. Contact the administrator to install the driver before you log
in again.
......................... CIVITAS failed test SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Starting test: VerifyReferences
The system object reference (serverReference)
CN=CIVITAS,OU=Domain Controllers,DC=citizen,DC=local and backlink on
CN=CIVITAS,CN=Servers,CN=82Stone,CN=Sites,CN=Configuration,DC=citizen,D
C=local
are correct.
The system object reference (serverReferenceBL)
CN=CIVITAS,CN=Domain System Volume (SYSVOL share),CN=File Replication S
ervice,CN=System,DC=citizen,DC=local
and backlink on
CN=NTDS Settings,CN=CIVITAS,CN=Servers,CN=82Stone,CN=Sites,CN=Configura
tion,DC=citizen,DC=local
are correct.
......................... CIVITAS passed test VerifyReferences
Test omitted by user request: VerifyReplicasTest omitted by user request: DNS
Test omitted by user request: DNSRunning partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidationRunning partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidationRunning partition tests on : citizen
Starting test: CheckSDRefDom
......................... citizen passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... citizen passed test CrossRefValidationRunning enterprise tests on : citizen.local
Test omitted by user request: DNS
Test omitted by user request: DNS
Starting test: LocatorCheck
GC Name: \\82STONE.citizen.local
Locator Flags: 0xe00001fd
PDC Name: \\82STONE.citizen.local
Locator Flags: 0xe00001fd
Time Server Name: \\82STONE.citizen.local
Locator Flags: 0xe00001fd
Preferred Time Server Name: \\82STONE.citizen.local
Locator Flags: 0xe00001fd
KDC Name: \\82STONE.citizen.local
Locator Flags: 0xe00001fd
......................... citizen.local passed test LocatorCheck
Starting test: Intersite
Skipping site 101bway, this site is outside the scope provided by the
command line arguments provided.
Skipping site 82Stone, this site is outside the scope provided by the
command line arguments provided.
Skipping site civitas, this site is outside the scope provided by the
command line arguments provided.
......................... citizen.local passed test Intersite- Your DC might still be initializing..Do a net share and see if you can see the netlogon share. if not just wait for a little while until sysvol completes initialiazation
Isaac Oben MCITP:EA, MCSE Ok, ran Net Share (see bellow) but I also am still getting the errors in DCDIAG (see bellow)
NET SHARE
Share name Resource Remark------------------------------------------------------------------
C$ C:\ Default share
G$ G:\ Default share
IPC$ Remote IPC
ADMIN$ C:\Windows Remote Admin
scripts C:\Windows\SYSVOL\sysvol\citizen.local\scriptssysvol2 C:\Windows\SYSVOL\sysvol
The command completed successfully.
ERRORS DCDIAG
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\CIVITAS\netlogon)
[CIVITAS] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... CIVITAS failed test NetLogons
Starting test: Advertising
Warning: DsGetDcName returned information for \\82STONE.citizen.local,
when we were trying to reach CIVITAS.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... CIVITAS failed test Advertising
Still no NETLOGON share
NET SHARE
Share name Resource Remark------------------------------------------------------------------
C$ C:\ Default share
G$ G:\ Default share
IPC$ Remote IPC
ADMIN$ C:\Windows Remote Admin
scripts C:\Windows\SYSVOL\sysvol\citizen.local\scriptssysvol2 C:\Windows\SYSVOL\sysvol
The command completed successfully.
ERRORS DCDIAG
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\CIVITAS\netlogon)
[CIVITAS] An net use or LsaPolicy operation failed with error 67,
The network name cannot be found..
......................... CIVITAS failed test NetLogons
Starting test: Advertising
Warning: DsGetDcName returned information for \\82STONE.citizen.local,
when we were trying to reach CIVITAS.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... CIVITAS failed test Advertising
