locked
Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service <servicename> RRS feed

  • Question

  • Bonjour,

    des erreurs aléatoires apparaissent sur les postes clients (Windows 7). Ces erreurs sont toujours liées au "Service Control Manager". Ces erreurs apparaissent au logon de l'utilisateur mais aussi lorsqu'au aucune session n'est ouverte. 

    Il s'agit de l'erreur id n°7011, les services qui sont en cause sont les suivants :  

    wuauserv
    UxSms
    UmRdpService
    SysMain
    Spooler
    ShellHWDetection
    SessionEnv
    Schedule
    RtkAudioService

    Mais ces services ne posent pas toujours un problème de timeout au démarrage, c'est complètement aléatoire. Au départ le timeout était réglé à 30000 millisecondes, mais pour tester, je l'ai changé à 5000 millisecondes, mais je souhaiterais identifier la cause de ces problèmes..

    Il faut savoir que les ordinateurs clients sont tous des HP, et que Trend Micro agent est installé.

    Ci-dessous, un exemple de l'erreur rencontrée :

    - <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    - <System>
      <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" /> 
      <EventID Qualifiers="49152">7011</EventID> 
      <Version>0</Version> 
      <Level>2</Level> 
      <Task>0</Task> 
      <Opcode>0</Opcode> 
      <Keywords>0x8080000000000000</Keywords> 
      <TimeCreated SystemTime="2016-03-16T13:12:36.381402500Z" /> 
      <EventRecordID>452215</EventRecordID> 
      <Correlation /> 
      <Execution ProcessID="780" ThreadID="5064" /> 
      <Channel>System</Channel> 
      <Computer>PC-004.domain.fr</Computer> 
      <Security /> 
      </System>
    - <EventData>
      <Data Name="param1">5000</Data> 
      <Data Name="param2">wuauserv</Data> 
      </EventData>
      </Event>

    Merci, 

    John


    mercredi 16 mars 2016 14:47

Réponses

  • Bonjour,

    Le problème a été résolu en ajoutant un nouvelle GPO dans le domaine :

    Enable System\Logon\Always wait for the network at computer startup and logon (Turns off Fast Logon Optimization)

    Merci à tous,

    JohnDoe

    • Marqué comme réponse Emile Supiot vendredi 1 avril 2016 07:44
    vendredi 1 avril 2016 07:40

Toutes les réponses

  • Bonjour John,

    Je vous invite à consulter les liens suivant : Windows 7 SP1 - Event 7011Event ID 7011 — Basic Service Operations. En espérant que cela puisse vous aider.

    Cordialement,

    Emile


    Votez! Appel à la contribution TechNet Community Support. LE CONTENU EST FOURNI "TEL QUEL" SANS GARANTIE D'AUCUNE SORTE, EXPLICITE OU IMPLICITE. S'il vous plaît n'oubliez pas de "Marquer comme réponse" les réponses qui ont résolu votre problème. C'est une voie commune pour reconnaître ceux qui vous ont aidé, et rend plus facile pour les autres visiteurs de trouver plus tard la résolution.

    • Proposé comme réponse Emile Supiot vendredi 18 mars 2016 08:38
    jeudi 17 mars 2016 13:47
  • Bonjour Emile,

    Merci pour votre réponse, après quelques investigations, il se peut que ce soit les clients Windows 7 qui posent problème. J'avais déjà utilisé le tools "Windows Performance Analyser", mais le problème rencontré n'est jamais le même. Le résultat indique un temps de Logon relativement long, sur l'un des pcs, ça semble provenir d'un service, mais le test n'as pas encore été réalisé sur les autres ordinateurs.

    Bien à vous,

    John

    vendredi 18 mars 2016 16:02
  • Bonjour,

    Je réponds à mon propre Thread. En démarrant en mode journalisation via msconfig. Il s'avère qu'il y a un problème de chargement de driver comme le justifie le log ci-dessous.

    Quelqu'un pourrait m'éclairer à propos de ces erreurs ?

     Service Pack 1 3 24 2016 15:13:22.109
    Loaded driver \SystemRoot\system32\ntoskrnl.exe
    Loaded driver \SystemRoot\system32\hal.dll
    Loaded driver \SystemRoot\system32\kdcom.dll
    Loaded driver \SystemRoot\system32\mcupdate_GenuineIntel.dll
    Loaded driver \SystemRoot\system32\PSHED.dll
    Loaded driver \SystemRoot\system32\CLFS.SYS
    Loaded driver \SystemRoot\system32\CI.dll
    Loaded driver \SystemRoot\system32\drivers\Wdf01000.sys
    Loaded driver \SystemRoot\system32\drivers\WDFLDR.SYS
    Loaded driver \SystemRoot\system32\drivers\ACPI.sys
    Loaded driver \SystemRoot\system32\drivers\WMILIB.SYS
    Loaded driver \SystemRoot\system32\drivers\msisadrv.sys
    Loaded driver \SystemRoot\system32\drivers\pci.sys
    Loaded driver \SystemRoot\system32\drivers\vdrvroot.sys
    Loaded driver \SystemRoot\system32\drivers\iusb3hcs.sys
    Loaded driver \SystemRoot\System32\drivers\partmgr.sys
    Loaded driver \SystemRoot\system32\drivers\volmgr.sys
    Loaded driver \SystemRoot\System32\drivers\volmgrx.sys
    Loaded driver \SystemRoot\System32\drivers\mountmgr.sys
    Loaded driver \SystemRoot\system32\DRIVERS\iaStor.sys
    Loaded driver \SystemRoot\system32\drivers\iaStorA.sys
    Loaded driver \SystemRoot\system32\drivers\storport.sys
    Loaded driver \SystemRoot\system32\drivers\amdxata.sys
    Loaded driver \SystemRoot\system32\drivers\fltmgr.sys
    Loaded driver \SystemRoot\system32\drivers\fileinfo.sys
    Loaded driver \SystemRoot\System32\Drivers\Ntfs.sys
    Loaded driver \SystemRoot\System32\Drivers\msrpc.sys
    Loaded driver \SystemRoot\System32\Drivers\ksecdd.sys
    Loaded driver \SystemRoot\System32\Drivers\cng.sys
    Loaded driver \SystemRoot\System32\drivers\pcw.sys
    Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.sys
    Loaded driver \SystemRoot\system32\drivers\ndis.sys
    Loaded driver \SystemRoot\system32\drivers\NETIO.SYS
    Loaded driver \SystemRoot\System32\Drivers\ksecpkg.sys
    Loaded driver \SystemRoot\System32\drivers\tcpip.sys
    Loaded driver \SystemRoot\System32\drivers\fwpkclnt.sys
    Loaded driver \SystemRoot\system32\drivers\vmstorfl.sys
    Loaded driver \SystemRoot\system32\drivers\volsnap.sys
    Loaded driver \SystemRoot\System32\Drivers\spldr.sys
    Loaded driver \SystemRoot\System32\drivers\rdyboost.sys
    Loaded driver \SystemRoot\System32\Drivers\mup.sys
    Loaded driver \SystemRoot\system32\drivers\iaStorF.sys
    Loaded driver \SystemRoot\System32\drivers\hwpolicy.sys
    Loaded driver \SystemRoot\System32\DRIVERS\fvevol.sys
    Loaded driver \SystemRoot\system32\drivers\disk.sys
    Loaded driver \SystemRoot\system32\drivers\CLASSPNP.SYS
    Loaded driver \SystemRoot\system32\DRIVERS\cdrom.sys
    Loaded driver \SystemRoot\System32\Drivers\Null.SYS
    Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
    Loaded driver \SystemRoot\System32\drivers\vga.sys
    Loaded driver \SystemRoot\System32\DRIVERS\RDPCDD.sys
    Loaded driver \SystemRoot\system32\drivers\rdpencdd.sys
    Loaded driver \SystemRoot\system32\drivers\rdprefmp.sys
    Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
    Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
    Loaded driver \SystemRoot\system32\DRIVERS\tdx.sys
    Loaded driver \SystemRoot\system32\drivers\afd.sys
    Loaded driver \SystemRoot\System32\DRIVERS\netbt.sys
    Loaded driver \SystemRoot\system32\DRIVERS\wfplwf.sys
    Loaded driver \SystemRoot\system32\DRIVERS\pacer.sys
    Loaded driver \SystemRoot\system32\DRIVERS\tmlwf.sys
    Loaded driver \SystemRoot\system32\DRIVERS\netbios.sys
    Loaded driver \SystemRoot\system32\DRIVERS\serial.sys
    Loaded driver \SystemRoot\system32\DRIVERS\tmcomm.sys
    Loaded driver \SystemRoot\system32\DRIVERS\wanarp.sys
    Loaded driver \SystemRoot\system32\DRIVERS\tmtdi.sys
    Loaded driver \SystemRoot\system32\drivers\termdd.sys
    Loaded driver \SystemRoot\system32\DRIVERS\rdbss.sys
    Loaded driver \SystemRoot\system32\drivers\nsiproxy.sys
    Loaded driver \SystemRoot\system32\drivers\mssmbios.sys
    Loaded driver \SystemRoot\System32\drivers\discache.sys
    Loaded driver \SystemRoot\system32\drivers\csc.sys
    Loaded driver \SystemRoot\System32\Drivers\dfsc.sys
    Loaded driver \SystemRoot\system32\DRIVERS\CLVirtualDrive.sys
    Loaded driver \SystemRoot\system32\drivers\blbdrive.sys
    Loaded driver \SystemRoot\system32\DRIVERS\tunnel.sys
    Loaded driver \SystemRoot\system32\DRIVERS\atikmdag.sys
    Loaded driver \SystemRoot\System32\Drivers\fastfat.SYS
    Loaded driver \SystemRoot\System32\drivers\dxgkrnl.sys
    Loaded driver \SystemRoot\system32\DRIVERS\atikmpag.sys
    Loaded driver \SystemRoot\system32\DRIVERS\HDAudBus.sys
    Loaded driver \SystemRoot\system32\drivers\iusb3xhc.sys
    Loaded driver \SystemRoot\system32\DRIVERS\HECIx64.sys
    Loaded driver \SystemRoot\system32\DRIVERS\serenum.sys
    Loaded driver \SystemRoot\system32\DRIVERS\e1c62x64.sys
    Loaded driver \SystemRoot\system32\drivers\usbehci.sys
    Loaded driver \SystemRoot\system32\drivers\i8042prt.sys
    Loaded driver \SystemRoot\system32\DRIVERS\kbdclass.sys
    Loaded driver \SystemRoot\system32\DRIVERS\mouclass.sys
    Loaded driver \SystemRoot\system32\drivers\tpm.sys
    Loaded driver \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    Loaded driver \SystemRoot\system32\drivers\intelppm.sys
    Loaded driver \SystemRoot\system32\drivers\wmiacpi.sys
    Loaded driver \SystemRoot\system32\drivers\CompositeBus.sys
    Loaded driver \SystemRoot\system32\DRIVERS\lmimirr.sys
    Loaded driver \SystemRoot\system32\DRIVERS\AgileVpn.sys
    Loaded driver \SystemRoot\system32\DRIVERS\rasl2tp.sys
    Loaded driver \SystemRoot\system32\DRIVERS\ndistapi.sys
    Loaded driver \SystemRoot\system32\DRIVERS\ndiswan.sys
    Loaded driver \SystemRoot\system32\DRIVERS\raspppoe.sys
    Loaded driver \SystemRoot\system32\DRIVERS\raspptp.sys
    Loaded driver \SystemRoot\system32\DRIVERS\rassstp.sys
    Loaded driver \SystemRoot\system32\drivers\rdpbus.sys
    Loaded driver \SystemRoot\system32\drivers\swenum.sys
    Loaded driver \SystemRoot\system32\DRIVERS\umbus.sys
    Did not load driver \SystemRoot\System32\drivers\vga.sys
    Loaded driver \SystemRoot\system32\DRIVERS\usbhub.sys
    Loaded driver \SystemRoot\System32\Drivers\NDProxy.SYS
    Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
    Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
    Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
    Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
    Loaded driver \SystemRoot\system32\drivers\AtihdW76.sys
    Loaded driver \SystemRoot\system32\drivers\ksthunk.sys
    Loaded driver \SystemRoot\system32\drivers\iusb3hub.sys
    Loaded driver \SystemRoot\system32\drivers\RTKVHD64.sys
    Loaded driver \SystemRoot\system32\DRIVERS\monitor.sys
    Loaded driver \SystemRoot\system32\drivers\luafv.sys
    Loaded driver \??\C:\Program Files (x86)\Trend Micro\Security Agent\TmPreFlt.sys
    Loaded driver \??\C:\Program Files (x86)\Trend Micro\Security Agent\VSApiNt.sys
    Loaded driver \??\C:\Program Files (x86)\Trend Micro\Security Agent\TmXPFlt.sys
    Loaded driver \SystemRoot\system32\DRIVERS\lltdio.sys
    Loaded driver \SystemRoot\system32\DRIVERS\rspndr.sys
    Loaded driver \SystemRoot\system32\drivers\HTTP.sys
    Loaded driver \SystemRoot\system32\DRIVERS\bowser.sys
    Loaded driver \SystemRoot\System32\drivers\mpsdrv.sys
    Loaded driver \SystemRoot\system32\drivers\mrxdav.sys
    Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb.sys
    Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    Loaded driver \SystemRoot\system32\DRIVERS\tmevtmgr.sys
    Loaded driver \SystemRoot\system32\DRIVERS\tmactmon.sys
    Loaded driver \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
    Loaded driver \??\C:\Windows\system32\drivers\LMIRfsDriver.sys
    Loaded driver \SystemRoot\system32\drivers\peauth.sys
    Loaded driver \SystemRoot\System32\DRIVERS\srvnet.sys
    Loaded driver \SystemRoot\System32\drivers\tcpipreg.sys
    Loaded driver \SystemRoot\system32\DRIVERS\tmwfp.sys
    Loaded driver \SystemRoot\System32\DRIVERS\srv2.sys
    Loaded driver \SystemRoot\System32\DRIVERS\srv.sys
    Did not load driver \SystemRoot\System32\DRIVERS\srv.sys
    Loaded driver \SystemRoot\System32\drivers\rdpdr.sys
    Loaded driver \SystemRoot\system32\drivers\tdtcp.sys
    Loaded driver \SystemRoot\System32\DRIVERS\tssecsrv.sys
    Loaded driver \SystemRoot\System32\Drivers\RDPWD.SYS
    Loaded driver \SystemRoot\system32\DRIVERS\cdfs.sys
    

    D'avance merci,

    John Doe

    jeudi 24 mars 2016 15:35
  • Bonjour John Doe,

    Avez-vous déjà tenté de mettre à jour les drivers de vos machines HP ?

    https://support.hp.com/us-en/drivers

    jeudi 24 mars 2016 16:24
  • Bonjour Nathanaël Stassart,

    Merci pour votre réponse, les drivers sont bien à jour, mais le problème persiste.

    John doe


    mardi 29 mars 2016 12:06
  • Bonjour,

    Le problème a été résolu en ajoutant un nouvelle GPO dans le domaine :

    Enable System\Logon\Always wait for the network at computer startup and logon (Turns off Fast Logon Optimization)

    Merci à tous,

    JohnDoe

    • Marqué comme réponse Emile Supiot vendredi 1 avril 2016 07:44
    vendredi 1 avril 2016 07:40
  • Bonjour,

    J'ai malheureusement parlé trop vite.. le problème n'est pas résolu, mais je pense que le fait d'avoir activé cette GPO a un tout petit peu amélioré la vitesse de logon.

    Par contre, j'ai identifié d'autres problèmes en consultant le log netlogon.log.

    Plusieurs problèmes apparaissent, le voici :

    04/07 12:15:17 [INIT] Group Policy is not defined for Netlogon
    04/07 12:15:17 [INIT] Following are the effective values after parsing
    04/07 12:15:17 [INIT]    Sysvol = C:\windows\SYSVOL\SYSVOL
    04/07 12:15:17 [INIT]    Scripts = (null)
    04/07 12:15:17 [INIT]    RpcDacl = (null)
    04/07 12:15:17 [INIT]    SiteName (0) = Default-First-Site-Name
    04/07 12:15:17 [INIT]    Pulse = 300 (0x12c)
    04/07 12:15:17 [INIT]    Randomize = 1 (0x1)
    04/07 12:15:17 [INIT]    PulseMaximum = 7200 (0x1c20)
    04/07 12:15:17 [INIT]    PulseConcurrency = 10 (0xa)
    04/07 12:15:17 [INIT]    PulseTimeout1 = 10 (0xa)
    04/07 12:15:17 [INIT]    PulseTimeout2 = 300 (0x12c)
    04/07 12:15:17 [INIT]    MaximumMailslotMessages = 500 (0x1f4)
    04/07 12:15:17 [INIT]    MailslotMessageTimeout = 10 (0xa)
    04/07 12:15:17 [INIT]    MailslotDuplicateTimeout = 2 (0x2)
    04/07 12:15:17 [INIT]    ExpectedDialupDelay = 0 (0x0)
    04/07 12:15:17 [INIT]    ScavengeInterval = 900 (0x384)
    04/07 12:15:17 [INIT]    MaximumPasswordAge = 30 (0x1e)
    04/07 12:15:17 [INIT]    LdapSrvPriority = 0 (0x0)
    04/07 12:15:17 [INIT]    LdapSrvWeight = 100 (0x64)
    04/07 12:15:17 [INIT]    LdapSrvPort = 389 (0x185)
    04/07 12:15:17 [INIT]    LdapGcSrvPort = 3268 (0xcc4)
    04/07 12:15:17 [INIT]    KdcSrvPort = 88 (0x58)
    04/07 12:15:17 [INIT]    KerbIsDoneWithJoinDomainEntry = 0 (0x0)
    04/07 12:15:17 [INIT]    DnsTtl = 600 (0x258)
    04/07 12:15:17 [INIT]    DnsRefreshInterval = 3600 (0xe10)
    04/07 12:15:17 [INIT]    CloseSiteTimeout = 900 (0x384)
    04/07 12:15:17 [INIT]    SiteNameTimeout = 300 (0x12c)
    04/07 12:15:17 [INIT]    DuplicateEventlogTimeout = 14400 (0x3840)
    04/07 12:15:17 [INIT]    MaxConcurrentApi = 0 (0x0)
    04/07 12:15:17 [INIT]    NegativeCachePeriod = 45 (0x2d)
    04/07 12:15:17 [INIT]    BackgroundRetryInitialPeriod = 600 (0x258)
    04/07 12:15:17 [INIT]    BackgroundRetryMaximumPeriod = 3600 (0xe10)
    04/07 12:15:17 [INIT]    BackgroundRetryQuitTime = 0 (0x0)
    04/07 12:15:17 [INIT]    BackgroundSuccessfulRefreshPeriod = 4294967295 (0xffffffff)
    04/07 12:15:17 [INIT]    NonBackgroundSuccessfulRefreshPeriod = 1800 (0x708)
    04/07 12:15:17 [INIT]    DnsFailedDeregisterTimeout = 172800 (0x2a300)
    04/07 12:15:17 [INIT]    MaxLdapServersPinged = 55 (0x37)
    04/07 12:15:17 [INIT]    SiteCoverageRefreshInterval = 3600 (0xe10)
    04/07 12:15:17 [INIT]    FtInfoUpdateInterval = 86400 (0x15180)
    04/07 12:15:17 [INIT]    DBFlag = 545325055 (0x2080ffff)
    04/07 12:15:17 [INIT]    MaximumLogFileSize = 20000000 (0x1312d00)
    04/07 12:15:17 [INIT]    AddressTypeReturned = 1 (0x1)
    04/07 12:15:17 [INIT]    ForceRediscoveryInterval = 43200 (0xa8c0)
    04/07 12:15:17 [INIT]    RestrictNTLMInDomain = 0 (0x0)
    04/07 12:15:17 [INIT]    AuditNTLMInDomain = 0 (0x0)
    04/07 12:15:17 [INIT]    NextClosestSiteFilter = 2 (0x2)
    04/07 12:15:17 [INIT]    NextClosestSiteRefreshInterval = 10800 (0x2a30)
    04/07 12:15:17 [INIT]    RefusePasswordChange = FALSE
    04/07 12:15:17 [INIT]    AvoidSamRepl = TRUE
    04/07 12:15:17 [INIT]    AvoidLsaRepl = TRUE
    04/07 12:15:17 [INIT]    SignSecureChannel = TRUE
    04/07 12:15:17 [INIT]    SealSecureChannel = TRUE
    04/07 12:15:17 [INIT]    RequireSignOrSeal = TRUE
    04/07 12:15:17 [INIT]    RequireStrongKey = TRUE
    04/07 12:15:17 [INIT]    SysVolReady = TRUE
    04/07 12:15:17 [INIT]    UseDynamicDns = TRUE
    04/07 12:15:17 [INIT]    RegisterDnsARecords = TRUE
    04/07 12:15:17 [INIT]    AvoidPdcOnWan = FALSE
    04/07 12:15:17 [INIT]    AutoSiteCoverage = TRUE
    04/07 12:15:17 [INIT]    AvoidDnsDeregOnShutdown = TRUE
    04/07 12:15:17 [INIT]    DnsUpdateOnAllAdapters = FALSE
    04/07 12:15:17 [INIT]    Nt4Emulator = FALSE
    04/07 12:15:17 [INIT]    EnableChainSetClientAttributes = TRUE
    04/07 12:15:17 [INIT]    DisablePasswordChange = FALSE
    04/07 12:15:17 [INIT]    NeutralizeNt4Emulator = FALSE
    04/07 12:15:17 [INIT]    AllowSingleLabelDnsDomain = FALSE
    04/07 12:15:17 [INIT]    AllowExclusiveSysvolShareAccess = FALSE
    04/07 12:15:17 [INIT]    AllowExclusiveScriptsShareAccess = FALSE
    04/07 12:15:17 [INIT]    AvoidLocatorAccountLookup = FALSE
    04/07 12:15:17 [INIT]    NeverPing = FALSE
    04/07 12:15:17 [INIT]    RegisterSiteSpecificDnsRecordsOnly = FALSE
    04/07 12:15:17 [INIT]    TryNextClosestSite = FALSE
    04/07 12:15:17 [INIT]    AllowNT4Crypto = FALSE
    04/07 12:15:17 [INIT]    IgnoreIncomingMailslotMessages = FALSE
    04/07 12:15:17 [INIT]    RejectMd5Servers = FALSE
    04/07 12:15:17 [INIT]    RejectMd5Clients = FALSE
    04/07 12:15:17 [INIT] Command line parsed successfully ...
    04/07 12:15:17 [INIT] Netlogon.dll has been unloaded (recover from it).
    04/07 12:15:17 [PERF] NlInit: New NlPcGlobalTotalInstance (000000000029C268): "_Total"
    04/07 12:15:17 [SITE] Setting site name to 'Default-First-Site-Name'
    04/07 12:15:17 [SESSION] \Device\NetBT_Tcpip_{1114E648-788D-413A-98FE-DE54E33BAF3A}: Transport Added (192.168.1.73)
    04/07 12:15:17 [SESSION] Winsock Addrs: 192.168.1.73 (1) 
    04/07 12:15:17 [SESSION] V6 Winsock Addrs: fe80::dd93:8172:124b:3e78%11 (1) 
    04/07 12:15:17 [DNS] Set DnsForestName to: domain.com
    04/07 12:15:17 [DOMAIN] domain: Adding new domain
    04/07 12:15:17 [DOMAIN] Setting our computer name to dom-PC-027 dom-PC-027.domain.com
    04/07 12:15:17 [DOMAIN] Setting Netbios domain name to domain
    04/07 12:15:17 [DOMAIN] Setting DNS domain name to domain.com.
    04/07 12:15:17 [DOMAIN] Setting Domain GUID to e0b47f4e-a298-4c3f-a73b-4160cb0c8bd8
    04/07 12:15:17 [CRITICAL] C:\windows\system32\config\netlogon.ftj: Unable to open. 2
    04/07 12:15:17 [INIT] Getting cached trusted domain list from binary file.
    04/07 12:15:17 [MISC] NlpInitializeTrace succeeded 0
    04/07 12:15:17 [LOGON] NlSetForestTrustList: New trusted domain list:
    04/07 12:15:17 [LOGON]     0: domain domain.com (NT 5) (Forest Tree Root) (Primary Domain) (Native)
    04/07 12:15:17 [LOGON]        Dom Guid: e0b47f4e-a298-4c3f-a73b-4160cb0c8bd8
    04/07 12:15:17 [LOGON]        Dom Sid: S-1-5-21-4136991897-1228951460-3767016069
    04/07 12:15:17 [INIT] Starting RPC server.
    04/07 12:15:17 [SESSION] domain: NlSessionSetup: Try Session setup
    04/07 12:15:17 [SESSION] domain: NlDiscoverDc: Start Synchronous Discovery
    04/07 12:15:17 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:17 [MAILSLOT] NetpDcPingListIp: domain.com.: Sent UDP ping to 192.168.1.110
    04/07 12:15:17 [MISC] NetpDcGetName: NetpDcGetNameIp returned 0
    04/07 12:15:17 [PERF] NlAllocateClientSession: New Perf Instance (0000000001DC62E8): "\\dc.domain.com"
        ClientSession: 0000000001DCB900
    04/07 12:15:17 [SESSION] domain: NlDiscoverDc: Found DC \\dc.domain.com
    04/07 12:15:17 [MISC] DsGetDcName function called: Dom:domain.com Acct:(null) Flags: IP KDC 
    04/07 12:15:17 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:17 [MISC] NetpDcGetName: domain.com using cached information
    04/07 12:15:17 [MISC] DsGetDcName function returns 0: Dom:domain.com Acct:(null) Flags: IP KDC 
    04/07 12:15:17 [SESSION] domain: NlSessionSetup: Negotiated flags with server are 0x612fffff
    04/07 12:15:17 [SESSION] domain: NlSetStatusClientSession: Set connection status to 0
    04/07 12:15:17 [DOMAIN] Setting LSA NetbiosDomain: domain DnsDomain: domain.com. DnsTree: domain.com. DomainGuid:e0b47f4e-a298-4c3f-a73b-4160cb0c8bd8
    04/07 12:15:17 [LOGON] NlSetForestTrustList: New trusted domain list:
    04/07 12:15:17 [LOGON]     0: domain domain.com (NT 5) (Forest Tree Root) (Primary Domain) (Native)
    04/07 12:15:17 [LOGON]        Dom Guid: e0b47f4e-a298-4c3f-a73b-4160cb0c8bd8
    04/07 12:15:17 [LOGON]        Dom Sid: S-1-5-21-4136991897-1228951460-3767016069
    04/07 12:15:17 [SESSION] domain: NlSetStatusClientSession: Set connection status to 0
    04/07 12:15:17 [SESSION] domain: NlSessionSetup: Session setup Succeeded
    04/07 12:15:17 [INIT] Started successfully
    04/07 12:15:17 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: 
    04/07 12:15:17 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:17 [MISC] NetpDcGetName: domain.com. using cached information
    04/07 12:15:17 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: 
    04/07 12:15:17 [MISC] DsGetDcName function called: Dom:ForestDnsZones.domain.com Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:15:17 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:17 [MAILSLOT] NetpDcPingListIp: ForestDnsZones.domain.com: Sent UDP ping to 192.168.1.110
    04/07 12:15:18 [MISC] NetpDcGetName: NetpDcGetNameIp returned 0
    04/07 12:15:18 [MISC] DsGetDcName function returns 0: Dom:ForestDnsZones.domain.com Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:15:18 [MISC] DsGetDcName function called: Dom:DomainDnsZones.domain.com Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:15:18 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:18 [MAILSLOT] NetpDcPingListIp: DomainDnsZones.domain.com: Sent UDP ping to 192.168.1.110
    04/07 12:15:18 [MISC] NetpDcGetName: NetpDcGetNameIp returned 0
    04/07 12:15:18 [MISC] DsGetDcName function returns 0: Dom:DomainDnsZones.domain.com Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:15:18 [MISC] DsGetDcName function called: Dom:domain.com Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:15:18 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:18 [MAILSLOT] NetpDcPingListIp: domain.com: Sent UDP ping to 192.168.1.110
    04/07 12:15:18 [MISC] NetpDcGetName: NetpDcGetNameIp returned 0
    04/07 12:15:18 [MISC] DsGetDcName function returns 0: Dom:domain.com Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:15:18 [MISC] DsGetDcName function called: Dom:domain.com Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:15:18 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:18 [MISC] NetpDcGetName: domain.com using cached information
    04/07 12:15:18 [MISC] DsGetDcName function returns 0: Dom:domain.com Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:15:18 [MISC] NlWksScavenger: Can be called again in 23 days (0x7ae339c1)
    04/07 12:15:18 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: RET_DNS 
    04/07 12:15:18 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:18 [MISC] NetpDcGetName: domain.com. using cached information
    04/07 12:15:18 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: RET_DNS 
    04/07 12:15:18 [MISC] DsGetDcName function called: Dom:domain.com Acct:(null) Flags: DNS 
    04/07 12:15:18 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:18 [MISC] NetpDcGetName: domain.com using cached information
    04/07 12:15:18 [MISC] DsGetDcName function returns 0: Dom:domain.com Acct:(null) Flags: DNS 
    04/07 12:15:18 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:15:18 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:18 [MISC] NetpDcGetName: domain.com. using cached information
    04/07 12:15:18 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:15:19 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: DS GC RET_DNS 
    04/07 12:15:19 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:19 [MAILSLOT] NetpDcPingListIp: domain.com.: Sent UDP ping to 192.168.1.110
    04/07 12:15:19 [MISC] NetpDcGetName: NetpDcGetNameIp returned 0
    04/07 12:15:19 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: DS GC RET_DNS 
    04/07 12:15:19 [INIT] Group Policy is not defined for Netlogon
    04/07 12:15:19 [INIT] Following are the effective values after parsing
    04/07 12:15:20 [SESSION] \Device\NetBT_Tcpip_{1114E648-788D-413A-98FE-DE54E33BAF3A}: Transport Address is still (192.168.1.73)
    04/07 12:15:21 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: DS 
    04/07 12:15:21 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:21 [MISC] NetpDcGetName: domain.com. using cached information
    04/07 12:15:21 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: DS 
    04/07 12:15:23 [MISC] DsGetDcName function called: Dom:domain Acct:(null) Flags: DS NETBIOS RET_DNS 
    04/07 12:15:23 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:23 [MISC] NetpDcGetName: domain.com. using cached information
    04/07 12:15:23 [MISC] DsGetDcName function returns 0: Dom:domain Acct:(null) Flags: DS NETBIOS RET_DNS 
    04/07 12:15:23 [MISC] DsGetDcName function called: Dom:domain Acct:(null) Flags: DS WRITABLE NETBIOS RET_DNS 
    04/07 12:15:23 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:23 [MISC] NetpDcGetName: domain.com. using cached information
    04/07 12:15:23 [MISC] DsGetDcName function returns 0: Dom:domain Acct:(null) Flags: DS WRITABLE NETBIOS RET_DNS 
    04/07 12:15:24 [SITE] DsrGetSiteName: Returning site name 'Default-First-Site-Name' from local cache.
    04/07 12:15:24 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: IP TIMESERV AVOIDSELF BACKGROUND 
    04/07 12:15:24 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:24 [MISC] NetpDcGetName: domain.com. using cached information
    04/07 12:15:24 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: IP TIMESERV AVOIDSELF BACKGROUND 
    04/07 12:15:25 [MISC] DsGetDcName function called: Dom:domain.com Acct:(null) Flags: DS BACKGROUND RET_DNS 
    04/07 12:15:25 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:25 [MISC] NetpDcGetName: domain.com using cached information
    04/07 12:15:25 [MISC] DsGetDcName function returns 0: Dom:domain.com Acct:(null) Flags: DS BACKGROUND RET_DNS 
    04/07 12:15:25 [SITE] DsrGetSiteName: Returning site name 'Default-First-Site-Name' from local cache.
    04/07 12:15:25 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: IP TIMESERV AVOIDSELF BACKGROUND 
    04/07 12:15:25 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:25 [MISC] NetpDcGetName: domain.com. using cached information
    04/07 12:15:25 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: IP TIMESERV AVOIDSELF BACKGROUND 
    04/07 12:15:26 [MISC] DsGetDcName function called: Dom:dc.domain.com Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:15:26 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:26 [CRITICAL] NetpDcGetNameIp: dc.domain.com: No data returned from DnsQuery.
    04/07 12:15:26 [MISC] NetpDcGetName: NetpDcGetNameIp returned 1355
    04/07 12:15:26 [CRITICAL] NetpDcGetName: dc.domain.com: IP and Netbios are both done.
    04/07 12:15:26 [MISC] DsGetDcName function returns 1355: Dom:dc.domain.com Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:15:26 [SITE] DsrGetSiteName: Returning site name 'Default-First-Site-Name' from local cache.
    04/07 12:15:26 [MISC] DsGetDcName function called: Dom:domain.com Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:15:26 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:26 [MISC] NetpDcGetName: domain.com using cached information
    04/07 12:15:26 [MISC] DsGetDcName function returns 0: Dom:domain.com Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:15:26 [SESSION] I_NetLogonGetAuthData called: (null) domain.com (Flags 0x1)  
    04/07 12:15:28 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: LDAPONLY BACKGROUND RET_DNS 
    04/07 12:15:28 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:28 [MISC] NetpDcGetName: domain.com. using cached information
    04/07 12:15:28 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: LDAPONLY BACKGROUND RET_DNS 
    04/07 12:15:28 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: DSP 
    04/07 12:15:28 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:28 [MISC] NetpDcGetName: domain.com. using cached information
    04/07 12:15:28 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: DSP 
    04/07 12:15:28 [MISC] DsGetDcName function called: Dom:domain.com Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:15:28 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:28 [MISC] NetpDcGetName: domain.com using cached information
    04/07 12:15:28 [MISC] DsGetDcName function returns 0: Dom:domain.com Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:15:43 [MISC] DsGetDcName function called: Dom:domain Acct:(null) Flags: RET_DNS 
    04/07 12:15:43 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:43 [MISC] NetpDcGetName: domain.com. using cached information
    04/07 12:15:43 [MISC] DsGetDcName function returns 0: Dom:domain Acct:(null) Flags: RET_DNS 
    04/07 12:15:44 [MISC] DsrEnumerateDomainTrusts: Called, Flags = 0x1
    04/07 12:15:44 [MISC] DsrEnumerateDomainTrusts: returns: 0
    04/07 12:15:48 [MISC] DsGetDcName function called: Dom:domain Acct:(null) Flags: DS NETBIOS RET_DNS 
    04/07 12:15:48 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:48 [MISC] NetpDcGetName: domain.com. using cached information
    04/07 12:15:48 [MISC] DsGetDcName function returns 0: Dom:domain Acct:(null) Flags: DS NETBIOS RET_DNS 
    04/07 12:15:48 [MISC] DsrEnumerateDomainTrusts: Called, Flags = 0x1
    04/07 12:15:48 [MISC] DsrEnumerateDomainTrusts: returns: 0
    04/07 12:15:48 [MISC] DsGetDcName function called: Dom:domain Acct:(null) Flags: DS RET_DNS 
    04/07 12:15:48 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:48 [MISC] NetpDcGetName: domain.com. using cached information
    04/07 12:15:48 [MISC] DsGetDcName function returns 0: Dom:domain Acct:(null) Flags: DS RET_DNS 
    04/07 12:15:48 [MISC] DsGetDcName function called: Dom:domain.com Acct:(null) Flags: DS BACKGROUND RET_DNS 
    04/07 12:15:48 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:48 [MISC] NetpDcGetName: domain.com using cached information
    04/07 12:15:48 [MISC] DsGetDcName function returns 0: Dom:domain.com Acct:(null) Flags: DS BACKGROUND RET_DNS 
    04/07 12:15:49 [MISC] DsGetDcName function called: Dom:dc.domain.com Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:15:49 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:49 [MISC] NetpDcGetName: dc.domain.com similar query failed recently 22994
    04/07 12:15:49 [MISC] DsGetDcName function returns 1355: Dom:dc.domain.com Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:15:49 [SITE] DsrGetSiteName: Returning site name 'Default-First-Site-Name' from local cache.
    04/07 12:15:49 [MISC] DsGetDcName function called: Dom:domain.com Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:15:49 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:15:49 [MISC] NetpDcGetName: domain.com using cached information
    04/07 12:15:49 [MISC] DsGetDcName function returns 0: Dom:domain.com Acct:(null) Flags: LDAPONLY RET_DNS 
    04/07 12:16:11 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: DS GC RET_DNS 
    04/07 12:16:11 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
    04/07 12:16:11 [MISC] NetpDcGetName: domain.com. using cached information
    04/07 12:16:11 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: DS GC RET_DNS 
    04/07 12:16:22 [SESSION] I_NetLogonGetAuthData called: (null) domain.com (Flags 0x1)  
    04/07 12:16:24 [SESSION] I_NetLogonGetAuthData called: (null) domain.com (Flags 0x1)  
    04/07 12:16:24 [SESSION] I_NetLogonGetAuthData called: (null) domain.com (Flags 0x1)  
    04/07 12:16:24 [SESSION] I_NetLogonGetAuthData called: (null) domain.com (Flags 0x1)  
    04/07 12:16:49 [SESSION] I_NetLogonGetAuthData called: (null) domain.com (Flags 0x1)  
    04/07 12:16:49 [SESSION] I_NetLogonGetAuthData called: (null) domain.com (Flags 0x1)  
    04/07 12:16:49 [SESSION] I_NetLogonGetAuthData called: (null) domain.com (Flags 0x1)  
    04/07 12:17:06 [SESSION] I_NetLogonGetAuthData called: (null) domain.com (Flags 0x1)  
    04/07 12:17:06 [SESSION] I_NetLogonGetAuthData called: (null) domain.com (Flags 0x1)  
    04/07 12:17:06 [SESSION] I_NetLogonGetAuthData called: (null) domain.com (Flags 0x1) 

    l'erreur "[SESSION] I_NetLogonGetAuthData called: (null) domain.com (Flags 0x1)"  apparait plusieurs fois, et c'est comme si il y avait une boucle qui se créait et qui pourrait être la cause du ralentissement. Malheureusement, après quelques recherches sur le web, je ne parviens pas à identifier le problème.

    Une autre erreur apparait également que voici : "NetpDcGetNameIp: dc.domain.com: No data returned from DnsQuery."

    Johndoe

    ps: est-ce que le modérateur peut mettre le thread en non résolu ? merci d'avance


    jeudi 7 avril 2016 11:45
  • [CRITICAL] NetpDcGetNameIp: dc.domain.com: No data returned from DnsQuery

    Ceci indique soit que votre DNS est injoignable (ou trop lent à répondre)

    Mais les erreurs en boucles "[SESSION] I_NetLogonGetAuthData called: (null) domain.com (Flags 0x1)" sont bizarre quand même. Ca pourrait indiquer un problème avec votre DC qui ne parvient pas à répondre à la demande d'authentification. Sans pour autant se mettre en "failed".

    • Vérifier bien que la ou les cartes réseaux de vos PC sont bien configurer avec un primary DNS qui réponds
    • Verifier que vos DC/DNS ne sont pas "submergé" par des authentication client
    • Un petit tour dans les logs sur vos DCs : DNS et Directory Service
    • Debug : inverser votre primary et secondary DNS client pour voir si c'est mieux.
    • Si les communications DNS sont bonnes, peut-être redémarrer le service DNS.

    ps : bonne idée le verbose netlogon :-)

    jeudi 7 avril 2016 14:48
  • Bonjour Monsieur,

    Merci pour votre réponse. L'architecture actuelle est la suivante : il n'y a qu'un DC (Windows 2012R2) et un DNS. Par conséquent, il n'y a pas de secondary DNS.

    En consultant, les logs sur le serveur, il y a des erreurs avec le Directory Service qui reviennent constamment (toutes les minutes environ).. les voici :

    Internal error: The operation on the object failed. 
     
    Additional Data 
    Error value:
    2 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of:
    	'CN=Dfs-Configuration,CN=System,DC=DOMAIN,DC=COM'
    Internal error: The operation on the object failed. 
     
    Additional Data 
    Error value:
    1 00002074: AtrErr: DSID-03120199, #1:
    	0: 00002074: DSID-03120199, problem 1001 (NO_ATTRIBUTE_OR_VAL), data 0, Att 90204 (serverReferenceBL)

    L'id error est 1481, mais après quelques recherches sur internet, je n'ai rien trouvé de fructueux.

    Par contre, comment vérifier que le DC/DNS ne sont pas "submergé" par des authentifications clients ? Je ne vois rien qui s'apparente à ça dans les logs.

    D'avance merci,

    John

    vendredi 8 avril 2016 07:51
  • Bonjour,

    Cette erreur me semble assez inquiétante ...  Avez-vous "dépromotionner" un contrôleur de domaine récemment ? Depuis quand plus ou moins ces erreurs apparaissent ?

    Pouvez-vous effectuer les tests suivants sur votre domaine contrôleur et nous afficher le résultat ?

    • dcdiag /v
    • netdom query fsmo
    • Vérifier s'il est bien Global Catalogue ( dans la console ADUC sur l'object DC)

    Cette erreur pourrait indiquer que le rôle Active Directory a été retirer d'un de vos DC "incorrectement".

    Redémarrer le service NTDS :

    • net stop ntds
    • net start ntds

    Si les erreurs sont toujours présentes, je vous conseille de lancer une vérification d'intégrité sémantique avec NTDSTUTIL

    Après cette vérification, si le problème est toujours présent, il existe un hotfix pour cette erreur en 2008R2 (mais donc pas pour 2012R2)


    vendredi 8 avril 2016 10:17
  • Merci pour les conseils,

    Pour répondre à vos premières questions, non le serveur n'a pas été "décomissionner", et j'ignore depuis quand elles apparaissent, avant février 2016 je pense.. car ce n'est pas moi qui ait implémenté l'infra.

    Oui il est Global Catalogue.

    Par contre, je ne peux pas exécuter la correction de sémantique avec NTDSUTIL car il n'y a qu'un seul contrôleur de domaine, et je ne peux pas pas arrêter l'AD DS en pleine production.

    voici le résultat de dcdiag :

    Directory Server Diagnosis
    
    
    Performing initial setup:
    
       Trying to find home server...
    
       * Verifying that the local machine DC-SRV-001, is a Directory Server. 
       Home Server = DC-SRV-001
    
       * Connecting to directory service on server DC-SRV-001.
    
       * Identified AD Forest. 
       Collecting AD specific global data 
       * Collecting site info.
    
       Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COM,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
       The previous call succeeded 
       Iterating through the sites 
       Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COM
       Getting ISTG and options for the site
       * Identifying all servers.
    
       Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COM,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
       The previous call succeeded....
       The previous call succeeded
       Iterating through the list of servers 
       Getting information for the server CN=NTDS Settings,CN=DC-SRV-001,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COM 
       objectGuid obtained
       InvocationID obtained
       dnsHostname obtained
       site info obtained
       All the info for the server collected
       * Identifying all NC cross-refs.
    
       * Found 1 DC(s). Testing 1 of them.
    
       Done gathering initial info.
    
    
    Doing initial required tests
    
       
       Testing server: Default-First-Site-Name\DC-SRV-001
    
          Starting test: Connectivity
    
             * Active Directory LDAP Services Check
             Determining IP4 connectivity 
             * Active Directory RPC Services Check
             ......................... DC-SRV-001 passed test Connectivity
    
    
    
    Doing primary tests
    
       
       Testing server: Default-First-Site-Name\DC-SRV-001
    
          Starting test: Advertising
    
             The DC DC-SRV-001 is advertising itself as a DC and having a DS.
             The DC DC-SRV-001 is advertising as an LDAP server
             The DC DC-SRV-001 is advertising as having a writeable directory
             The DC DC-SRV-001 is advertising as a Key Distribution Center
             The DC DC-SRV-001 is advertising as a time server
             The DS DC-SRV-001 is advertising as a GC.
             ......................... DC-SRV-001 passed test Advertising
    
          Test omitted by user request: CheckSecurityError
    
          Test omitted by user request: CutoffServers
    
          Starting test: FrsEvent
    
             * The File Replication Service Event log test 
             Skip the test COMcause the server is running DFSR.
    
             ......................... DC-SRV-001 passed test FrsEvent
    
          Starting test: DFSREvent
    
             The DFS Replication Event Log. 
             ......................... DC-SRV-001 passed test DFSREvent
    
          Starting test: SysVolCheck
    
             * The File Replication Service SYSVOL ready test 
             File Replication Service's SYSVOL is ready 
             ......................... DC-SRV-001 passed test SysVolCheck
    
          Starting test: KccEvent
    
             * The KCC Event log test
             An error event occurred.  EventID: 0xC00005C9
    
                Time Generated: 04/08/2016   15:11:04
    
                Event String:
    
                Internal error: The operation on the object failed. 
    
                 
    
                Additional Data 
    
                Error value:
    
                2 000020EF: NameErr: DSID-032500FA, problem 2001 (NO_OBJECT), data -1603, COMst match of:
                	''
                
    
             An error event occurred.  EventID: 0xC00005C9
    
                Time Generated: 04/08/2016   15:11:09
    
                Event String:
    
                Internal error: The operation on the object failed. 
    
                 
    
                Additional Data 
    
                Error value:
    
                2 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, COMst match of:
                	'CN=Dfs-Configuration,CN=System,DC=DOMAIN,DC=COM'
                
    
             An error event occurred.  EventID: 0xC00005C9
    
                Time Generated: 04/08/2016   15:11:16
    
                Event String:
    
                Internal error: The operation on the object failed. 
    
                 
    
                Additional Data 
    
                Error value:
    
                2 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, COMst match of:
                	'CN=Dfs-Configuration,CN=System,DC=DOMAIN,DC=COM'
                
    
             An error event occurred.  EventID: 0xC00005C9
    
                Time Generated: 04/08/2016   15:11:16
    
                Event String:
    
                Internal error: The operation on the object failed. 
    
                 
    
                Additional Data 
    
                Error value:
    
                2 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, COMst match of:
                	'CN=Dfs-Configuration,CN=System,DC=DOMAIN,DC=COM'
                
    
             An error event occurred.  EventID: 0xC00005C9
    
                Time Generated: 04/08/2016   15:11:25
    
                Event String:
    
                Internal error: The operation on the object failed. 
    
                 
    
                Additional Data 
    
                Error value:
    
                2 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, COMst match of:
                	'CN=Dfs-Configuration,CN=System,DC=DOMAIN,DC=COM'
                
    
             An error event occurred.  EventID: 0xC00005C9
    
                Time Generated: 04/08/2016   15:11:32
    
                Event String:
    
                Internal error: The operation on the object failed. 
    
                 
    
                Additional Data 
    
                Error value:
    
                2 000020EF: NameErr: DSID-032500FA, problem 2001 (NO_OBJECT), data -1603, COMst match of:
                	''
                
    
             An error event occurred.  EventID: 0xC00005C9
    
                Time Generated: 04/08/2016   15:11:32
    
                Event String:
    
                Internal error: The operation on the object failed. 
    
                 
    
                Additional Data 
    
                Error value:
    
                2 000020EF: NameErr: DSID-032500FA, problem 2001 (NO_OBJECT), data -1603, COMst match of:
                	''
                
    
             An error event occurred.  EventID: 0xC00005C9
    
                Time Generated: 04/08/2016   15:11:55
    
                Event String:
    
                Internal error: The operation on the object failed. 
    
                 
    
                Additional Data 
    
                Error value:
    
                2 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, COMst match of:
                	'CN=System,DC=DOMAIN,DC=COM'
                
    
             An error event occurred.  EventID: 0xC00005C9
    
                Time Generated: 04/08/2016   15:12:09
    
                Event String:
    
                Internal error: The operation on the object failed. 
    
                 
    
                Additional Data 
    
                Error value:
    
                2 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, COMst match of:
                	'CN=Dfs-Configuration,CN=System,DC=DOMAIN,DC=COM'
                
    
             ......................... DC-SRV-001 failed test KccEvent
    
          Starting test: KnowsOfRoleHolders
    
             Role Schema Owner = CN=NTDS Settings,CN=DC-SRV-001,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COM
             Role Domain Owner = CN=NTDS Settings,CN=DC-SRV-001,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COM
             Role PDC Owner = CN=NTDS Settings,CN=DC-SRV-001,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COM
             Role Rid Owner = CN=NTDS Settings,CN=DC-SRV-001,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COM
             Role Infrastructure Update Owner = CN=NTDS Settings,CN=DC-SRV-001,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COM
             ......................... DC-SRV-001 passed test KnowsOfRoleHolders
    
          Starting test: MachineAccount
    
             Checking machine account for DC DC-SRV-001 on DC DC-SRV-001.
             * SPN found :LDAP/DC-SRV-001.DOMAIN.COM/DOMAIN.COM
             * SPN found :LDAP/DC-SRV-001.DOMAIN.COM
             * SPN found :LDAP/DC-SRV-001
             * SPN found :LDAP/DC-SRV-001.DOMAIN.COM/DOMAIN
             * SPN found :LDAP/20bfd919-e46c-480b-8ea7-f78e74c2ffab._msdcs.DOMAIN.COM
             * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/20bfd919-e46c-480b-8ea7-f78e74c2ffab/DOMAIN.COM
             * SPN found :HOST/DC-SRV-001.DOMAIN.COM/DOMAIN.COM
             * SPN found :HOST/DC-SRV-001.DOMAIN.COM
             * SPN found :HOST/DC-SRV-001
             * SPN found :HOST/DC-SRV-001.DOMAIN.COM/DOMAIN
             * SPN found :GC/DC-SRV-001.DOMAIN.COM/DOMAIN.COM
             ......................... DC-SRV-001 passed test MachineAccount
    
          Starting test: NCSecDesc
    
             * Security Permissions check for all NC's on DC DC-SRV-001.
             * Security Permissions Check for
    
               DC=ForestDnsZones,DC=DOMAIN,DC=COM
                (NDNC,Version 3)
             * Security Permissions Check for
    
               DC=DomainDnsZones,DC=DOMAIN,DC=COM
                (NDNC,Version 3)
             * Security Permissions Check for
    
               CN=Schema,CN=Configuration,DC=DOMAIN,DC=COM
                (Schema,Version 3)
             * Security Permissions Check for
    
               CN=Configuration,DC=DOMAIN,DC=COM
                (Configuration,Version 3)
             * Security Permissions Check for
    
               DC=DOMAIN,DC=COM
                (Domain,Version 3)
             ......................... DC-SRV-001 passed test NCSecDesc
    
          Starting test: NetLogons
    
             * Network Logons Privileges Check
             Verified share \\DC-SRV-001\netlogon
             Verified share \\DC-SRV-001\sysvol
             ......................... DC-SRV-001 passed test NetLogons
    
          Starting test: ObjectsReplicated
    
             DC-SRV-001 is in domain DC=DOMAIN,DC=COM
             Checking for CN=DC-SRV-001,OU=Domain Controllers,DC=DOMAIN,DC=COM in domain DC=DOMAIN,DC=COM on 1 servers
                Object is up-to-date on all servers.
             Checking for CN=NTDS Settings,CN=DC-SRV-001,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COM in domain CN=Configuration,DC=DOMAIN,DC=COM on 1 servers
                Object is up-to-date on all servers.
             ......................... DC-SRV-001 passed test ObjectsReplicated
    
          Test omitted by user request: OutboundSecureChannels
    
          Starting test: Replications
    
             * Replications Check
             * Replication Latency Check
             ......................... DC-SRV-001 passed test Replications
    
          Starting test: RidManager
    
             * Available RID Pool for the Domain is 1601 to 1073741823
             * DC-SRV-001.DOMAIN.COM is the RID Master
             * DsBind with RID Master was successful
             * rIDAllocationPool is 1101 to 1600
             * rIDPreviousAllocationPool is 1101 to 1600
             * rIDNextRID: 1266
             ......................... DC-SRV-001 passed test RidManager
    
          Starting test: Services
    
             * Checking Service: EventSystem
             * Checking Service: RpcSs
             * Checking Service: NTDS
             * Checking Service: DnsCache
             * Checking Service: DFSR
             * Checking Service: IsmServ
             * Checking Service: kdc
             * Checking Service: SamSs
             * Checking Service: LanmanServer
             * Checking Service: LanmanWorkstation
             * Checking Service: w32time
             * Checking Service: NETLOGON
             ......................... DC-SRV-001 passed test Services
    
          Starting test: SystemLog
    
             * The System Event log test
             Found no errors in "System" Event log in the last 60 minutes.
             ......................... DC-SRV-001 passed test SystemLog
    
          Test omitted by user request: Topology
    
          Test omitted by user request: VerifyEnterpriseReferences
    
          Starting test: VerifyReferences
    
             The system object reference (serverReference)
    
             CN=DC-SRV-001,OU=Domain Controllers,DC=DOMAIN,DC=COM and backlink on
    
             CN=DC-SRV-001,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COM
    
             are correct. 
             The system object reference (serverReferenceBL)
    
             CN=DC-SRV-001,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=DOMAIN,DC=COM
    
             and backlink on
    
             CN=NTDS Settings,CN=DC-SRV-001,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=DOMAIN,DC=COM
    
             are correct. 
             The system object reference (msDFSR-ComputerReferenceBL)
    
             CN=DC-SRV-001,CN=Topology,CN=Domain System Volume,CN=DFSR-GlobalSettings,CN=System,DC=DOMAIN,DC=COM
    
             and backlink on CN=DC-SRV-001,OU=Domain Controllers,DC=DOMAIN,DC=COM
    
             are correct. 
             ......................... DC-SRV-001 passed test VerifyReferences
    
          Test omitted by user request: VerifyReplicas
    
       
          Test omitted by user request: DNS
    
          Test omitted by user request: DNS
    
       
       Running partition tests on : ForestDnsZones
    
          Starting test: CheckSDRefDom
    
             ......................... ForestDnsZones passed test CheckSDRefDom
    
          Starting test: CrossRefValidation
    
             ......................... ForestDnsZones passed test
    
             CrossRefValidation
    
       
       Running partition tests on : DomainDnsZones
    
          Starting test: CheckSDRefDom
    
             ......................... DomainDnsZones passed test CheckSDRefDom
    
          Starting test: CrossRefValidation
    
             ......................... DomainDnsZones passed test
    
             CrossRefValidation
    
       
       Running partition tests on : Schema
    
          Starting test: CheckSDRefDom
    
             ......................... Schema passed test CheckSDRefDom
    
          Starting test: CrossRefValidation
    
             ......................... Schema passed test CrossRefValidation
    
       
       Running partition tests on : Configuration
    
          Starting test: CheckSDRefDom
    
             ......................... Configuration passed test CheckSDRefDom
    
          Starting test: CrossRefValidation
    
             ......................... Configuration passed test CrossRefValidation
    
       
       Running partition tests on : DOMAIN
    
          Starting test: CheckSDRefDom
    
             ......................... DOMAIN passed test CheckSDRefDom
    
          Starting test: CrossRefValidation
    
             ......................... DOMAIN passed test CrossRefValidation
    
       
       Running enterprise tests on : DOMAIN.COM
    
          Test omitted by user request: DNS
    
          Test omitted by user request: DNS
    
          Starting test: LocatorCheck
    
             GC Name: \\DC-SRV-001.DOMAIN.COM
    
             Locator Flags: 0xe000f3fd
             PDC Name: \\DC-SRV-001.DOMAIN.COM
             Locator Flags: 0xe000f3fd
             Time Server Name: \\DC-SRV-001.DOMAIN.COM
             Locator Flags: 0xe000f3fd
             Preferred Time Server Name: \\DC-SRV-001.DOMAIN.COM
             Locator Flags: 0xe000f3fd
             KDC Name: \\DC-SRV-001.DOMAIN.COM
             Locator Flags: 0xe000f3fd
             ......................... DOMAIN.COM passed test LocatorCheck
    
          Starting test: Intersite
    
             Skipping site Default-First-Site-Name, this site is outside the scope
    
             provided by the command line arguments provided. 
             ......................... DOMAIN.COM passed test Intersite
    
    

    le résultat de netdom query fsmo:

    Schema master               DC-SRV-001.DOMAIN.COM
    Domain naming master        DC-SRV-001.DOMAIN.COM
    PDC                         DC-SRV-001.DOMAIN.COM
    RID pool manager            DC-SRV-001.DOMAIN.COM
    Infrastructure master       DC-SRV-001.DOMAIN.COM
    The command completed successfully.
    

    John


    vendredi 8 avril 2016 13:45
  • Bonjour après plusieurs recherches, il semblerait que le problème s'oriente vers Trend Micro (l'agent), celui-ci scanne le démarrage de la session. Pour ce faire, j'ai utilisé Windows Performance Toolkit.

    Lorsque je désinstalle l'agent, je constate que les problèmes que l'on rencontrait disparaissent..

    Par contre, j'ai contacté les ingénieurs de Trend Micro, ils m'ont orienté vers plusieurs procédures, mais rien n'y fait..

    J'ai exclu les dossiers comme expliqué à cette adresse : http://esupport.trendmicro.com/solution/en-US/1038111.aspx

    J'ai également essayé de modifier la clé de registre "NTRtScanInitSleep" pour y mettre la valeur 180000 comme indiqué à cette adresse :

    http://esupport.trendmicro.com/solution/en-US/1095646.aspx

    Mais la valeur de la clé est réinitialisée à chaque redémarrage... il y a également une option dans la console de Trend Micro qui permet d'autoriser les clients à modifier la clé de registre, mais elle est déjà cochée.

    Est-ce que l'un d'entre vous à déjà rencontré le problème ?

    JohnDoe

    mardi 7 juin 2016 13:34