none
Net logon service paused When Server Reboot RRS feed

  • Question

  • Hi,

    When ever i reboot our additional domain controller( using windows 2003 standard edition sp1)  the net logon service paused.  If i  start  the net logon service manualy its starting not an issue. The only problem is every reboot that service  paused. Blow is the log for your reference. 


    Event Type:    Error
    Event Source:    NTDS General
    Event Category:    Service Control
    Event ID:    2103
    Date:        3/16/2010
    Time:        1:26:54 PM
    User:        NT AUTHORITY\ANONYMOUS LOGON
    Computer:    CHD1DOMINO2
    Description:
    The Active Directory database has been restored using an unsupported restoration procedure.
     
    Active Directory will be unable to log on users while this condition persists. As a result, the Net Logon service has paused.
     
    User Action
    See previous event logs for details.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Wednesday, March 17, 2010 2:54 PM

Answers

  • Hi Alagar,

     

    According to your description, I understand that you are experiencing an Netlogon service issue with event ID 2103.

     

    To narrow down this issue, please check the following stuffs:

    1.     Check for USN rollback by using the command Repadmin /showutdvec (KB Article: 875495, 885875)

    2.     Check the Registry value "HKLM\System\CurrentControlSet\Services\NTDS\Parameters, "DSA Not Writable" (REG_DWORD) and its value is 0x4.

    3.     Delete "DSA Not Writable" (REG_DWORD) from registry and reboot the server.

    Please try above steps and let us know your results, thanks.

     

    Sincerely,

    Wilson Jia


    This posting is provided "AS IS" with no warranties, and confers no rights.
    • Marked as answer by Wilson Jia Tuesday, March 23, 2010 2:51 AM
    Thursday, March 18, 2010 3:44 AM

All replies

  • Hello,

    was the server restored from an image or snapshot of a VM? It sounds that you are run into USN rollback. Please check the following article:
    http://support.microsoft.com/kb/875495

    Also run dcdiag /v on all DCs(at least the problem one and a second) and post the output here.
    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
    Wednesday, March 17, 2010 3:01 PM
  • Hi,

    Thanks, Its not an image restore

    I have pasted both servers output. 

    server1= chd1domino1 

    server2= chd1domino2

    the problem is in chd1domino2



    Domain Controller Diagnosis

    Performing initial setup:
       * Verifying that the local machine chd1domino2, is a DC.
       * Connecting to directory service on server chd1domino2.
       * Collecting site info.
       * Identifying all servers.
       * Identifying all NC cross-refs.
       * Found 2 DC(s). Testing 1 of them.
       Done gathering initial info.

    Doing initial required tests
      
       Testing server: Default-First-Site-Name\CHD1DOMINO2
          Starting test: Connectivity
             * Active Directory LDAP Services Check
             * Active Directory RPC Services Check
             ......................... CHD1DOMINO2 passed test Connectivity

    Doing primary tests
      
       Testing server: Default-First-Site-Name\CHD1DOMINO2
          Starting test: Replications
             * Replications Check
             * Replication Latency Check
                DC=ForestDnsZones,DC=vernalis,DC=com
                   Latency information for 3 entries in the vector were ignored.
                      3 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
                DC=DomainDnsZones,DC=vernalis,DC=com
                   Latency information for 3 entries in the vector were ignored.
                      3 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
                CN=Schema,CN=Configuration,DC=vernalis,DC=com
                   Latency information for 4 entries in the vector were ignored.
                      4 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
                CN=Configuration,DC=vernalis,DC=com
                   Latency information for 4 entries in the vector were ignored.
                      4 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
                DC=vernalis,DC=com
                   Latency information for 4 entries in the vector were ignored.
                      4 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
             * Replication Site Latency Check
             ......................... CHD1DOMINO2 passed test Replications
          Test omitted by user request: Topology
          Test omitted by user request: CutoffServers
          Starting test: NCSecDesc
             * Security Permissions check for all NC's on DC CHD1DOMINO2.
             * Security Permissions Check for
               DC=ForestDnsZones,DC=vernalis,DC=com
                (NDNC,Version 2)
             * Security Permissions Check for
               DC=DomainDnsZones,DC=vernalis,DC=com
                (NDNC,Version 2)
             * Security Permissions Check for
               CN=Schema,CN=Configuration,DC=vernalis,DC=com
                (Schema,Version 2)
             * Security Permissions Check for
               CN=Configuration,DC=vernalis,DC=com
                (Configuration,Version 2)
             * Security Permissions Check for
               DC=vernalis,DC=com
                (Domain,Version 2)
             ......................... CHD1DOMINO2 passed test NCSecDesc
          Starting test: NetLogons
             * Network Logons Privileges Check
             Verified share \\CHD1DOMINO2\netlogon
             Verified share \\CHD1DOMINO2\sysvol
             ......................... CHD1DOMINO2 passed test NetLogons
          Starting test: Advertising
             The DC CHD1DOMINO2 is advertising itself as a DC and having a DS.
             The DC CHD1DOMINO2 is advertising as an LDAP server
             The DC CHD1DOMINO2 is advertising as having a writeable directory
             The DC CHD1DOMINO2 is advertising as a Key Distribution Center
             Warning: CHD1DOMINO2 is not advertising as a time server.
             ......................... CHD1DOMINO2 failed test Advertising
          Starting test: KnowsOfRoleHolders
             Role Schema Owner = CN=NTDS Settings,CN=CHD1DOMINO1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vernalis,DC=com
             Role Domain Owner = CN=NTDS Settings,CN=CHD1DOMINO1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vernalis,DC=com
             Role PDC Owner = CN=NTDS Settings,CN=CHD1DOMINO1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vernalis,DC=com
             Role Rid Owner = CN=NTDS Settings,CN=CHD1DOMINO1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vernalis,DC=com
             Role Infrastructure Update Owner = CN=NTDS Settings,CN=CHD1DOMINO1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vernalis,DC=com
             ......................... CHD1DOMINO2 passed test KnowsOfRoleHolders
          Starting test: RidManager
             * Available RID Pool for the Domain is 5106 to 1073741823
             * chd1domino1.vernalis.com is the RID Master
             * DsBind with RID Master was successful
             * rIDAllocationPool is 4606 to 5105
             * rIDPreviousAllocationPool is 4106 to 4605
             * rIDNextRID: 4406
             ......................... CHD1DOMINO2 passed test RidManager
          Starting test: MachineAccount
             Checking machine account for DC CHD1DOMINO2 on DC CHD1DOMINO2.
             * SPN found :LDAP/chd1domino2.vernalis.com/vernalis.com
             * SPN found :LDAP/chd1domino2.vernalis.com
             * SPN found :LDAP/CHD1DOMINO2
             * SPN found :LDAP/chd1domino2.vernalis.com/VERNALIS
             * SPN found :LDAP/c965921e-927d-4e64-b32c-b677fdf81c96._msdcs.vernalis.com
             * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/c965921e-927d-4e64-b32c-b677fdf81c96/vernalis.com
             * SPN found :HOST/chd1domino2.vernalis.com/vernalis.com
             * SPN found :HOST/chd1domino2.vernalis.com
             * SPN found :HOST/CHD1DOMINO2
             * SPN found :HOST/chd1domino2.vernalis.com/VERNALIS
             * SPN found :GC/chd1domino2.vernalis.com/vernalis.com
             ......................... CHD1DOMINO2 passed test MachineAccount
          Starting test: Services
             * Checking Service: Dnscache
             * Checking Service: NtFrs
             * Checking Service: IsmServ
             * Checking Service: kdc
             * Checking Service: SamSs
             * Checking Service: LanmanServer
             * Checking Service: LanmanWorkstation
             * Checking Service: RpcSs
             * Checking Service: w32time
                w32time Service is stopped on [CHD1DOMINO2]
             * Checking Service: NETLOGON
             ......................... CHD1DOMINO2 failed test Services
          Test omitted by user request: OutboundSecureChannels
          Starting test: ObjectsReplicated
             CHD1DOMINO2 is in domain DC=vernalis,DC=com
             Checking for CN=CHD1DOMINO2,OU=Domain Controllers,DC=vernalis,DC=com in domain DC=vernalis,DC=com on 1 servers
                Object is up-to-date on all servers.
             Checking for CN=NTDS Settings,CN=CHD1DOMINO2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vernalis,DC=com in domain CN=Configuration,DC=vernalis,DC=com on 1 servers
                Object is up-to-date on all servers.
             ......................... CHD1DOMINO2 passed test ObjectsReplicated
          Starting test: frssysvol
             * The File Replication Service SYSVOL ready test
             File Replication Service's SYSVOL is ready
             ......................... CHD1DOMINO2 passed test frssysvol
          Starting test: frsevent
             * The File Replication Service Event log test
             ......................... CHD1DOMINO2 passed test frsevent
          Starting test: kccevent
             * The KCC Event log test
             Found no KCC errors in Directory Service Event log in the last 15 minutes.
             ......................... CHD1DOMINO2 passed test kccevent
          Starting test: systemlog
             * The System Event log test
             An Error Event occured.  EventID: 0x00000457
                Time Generated: 03/17/2010   19:59:56
                (Event String could not be retrieved)
             An Error Event occured.  EventID: 0x00000457
                Time Generated: 03/17/2010   19:59:57
                (Event String could not be retrieved)
             An Error Event occured.  EventID: 0x00000457
                Time Generated: 03/17/2010   19:59:58
                (Event String could not be retrieved)
             An Error Event occured.  EventID: 0x00000457
                Time Generated: 03/17/2010   20:38:22
                (Event String could not be retrieved)
             An Error Event occured.  EventID: 0x00000457
                Time Generated: 03/17/2010   20:38:23
                (Event String could not be retrieved)
             An Error Event occured.  EventID: 0x00000457
                Time Generated: 03/17/2010   20:38:23
                (Event String could not be retrieved)
             ......................... CHD1DOMINO2 failed test systemlog
          Test omitted by user request: VerifyReplicas
          Starting test: VerifyReferences
             The system object reference (serverReference)

             CN=CHD1DOMINO2,OU=Domain Controllers,DC=vernalis,DC=com and backlink

             on

             CN=CHD1DOMINO2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vernalis,DC=com

             are correct.
             The system object reference (frsComputerReferenceBL)

             CN=CHD1DOMINO2,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=vernalis,DC=com

             and backlink on

             CN=CHD1DOMINO2,OU=Domain Controllers,DC=vernalis,DC=com are correct.
             The system object reference (serverReferenceBL)

             CN=CHD1DOMINO2,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=vernalis,DC=com

             and backlink on

             CN=NTDS Settings,CN=CHD1DOMINO2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vernalis,DC=com

             are correct.
             ......................... CHD1DOMINO2 passed test VerifyReferences
          Test omitted by user request: VerifyEnterpriseReferences
          Test omitted by user request: CheckSecurityError
      
       Running partition tests on : ForestDnsZones
          Starting test: CrossRefValidation
             ......................... ForestDnsZones passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... ForestDnsZones passed test CheckSDRefDom
      
       Running partition tests on : DomainDnsZones
          Starting test: CrossRefValidation
             ......................... DomainDnsZones passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... DomainDnsZones passed test CheckSDRefDom
      
       Running partition tests on : Schema
          Starting test: CrossRefValidation
             ......................... Schema passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... Schema passed test CheckSDRefDom
      
       Running partition tests on : Configuration
          Starting test: CrossRefValidation
             ......................... Configuration passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... Configuration passed test CheckSDRefDom
      
       Running partition tests on : vernalis
          Starting test: CrossRefValidation
             ......................... vernalis passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... vernalis passed test CheckSDRefDom
      
       Running enterprise tests on : vernalis.com
          Starting test: Intersite
             Skipping site Default-First-Site-Name, this site is outside the scope

             provided by the command line arguments provided.
             ......................... vernalis.com passed test Intersite
          Starting test: FsmoCheck
             GC Name: \\chd1domino1.vernalis.com
             Locator Flags: 0xe00003fd
             PDC Name: \\chd1domino1.vernalis.com
             Locator Flags: 0xe00003fd
             Time Server Name: \\chd1domino1.vernalis.com
             Locator Flags: 0xe00003fd
             Preferred Time Server Name: \\chd1domino1.vernalis.com
             Locator Flags: 0xe00003fd
             KDC Name: \\chd1domino2.vernalis.com
             Locator Flags: 0xe00001b8
             ......................... vernalis.com passed test FsmoCheck
          Test omitted by user request: DNS
          Test omitted by user request: DNS


    ######################################################################################


    Domain Controller Diagnosis

    Performing initial setup:
       * Verifying that the local machine chd1domino1, is a DC.
       * Connecting to directory service on server chd1domino1.
       * Collecting site info.
       * Identifying all servers.
       * Identifying all NC cross-refs.
       * Found 2 DC(s). Testing 1 of them.
       Done gathering initial info.

    Doing initial required tests
      
       Testing server: Default-First-Site-Name\CHD1DOMINO1
          Starting test: Connectivity
             * Active Directory LDAP Services Check
             * Active Directory RPC Services Check
             ......................... CHD1DOMINO1 passed test Connectivity

    Doing primary tests
      
       Testing server: Default-First-Site-Name\CHD1DOMINO1
          Starting test: Replications
             * Replications Check
             * Replication Latency Check
                DC=ForestDnsZones,DC=vernalis,DC=com
                   Latency information for 3 entries in the vector were ignored.
                      3 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
                DC=DomainDnsZones,DC=vernalis,DC=com
                   Latency information for 3 entries in the vector were ignored.
                      3 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
                CN=Schema,CN=Configuration,DC=vernalis,DC=com
                   Latency information for 4 entries in the vector were ignored.
                      4 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
                CN=Configuration,DC=vernalis,DC=com
                   Latency information for 4 entries in the vector were ignored.
                      4 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
                DC=vernalis,DC=com
                   Latency information for 4 entries in the vector were ignored.
                      4 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC). 
             * Replication Site Latency Check
             ......................... CHD1DOMINO1 passed test Replications
          Test omitted by user request: Topology
          Test omitted by user request: CutoffServers
          Starting test: NCSecDesc
             * Security Permissions check for all NC's on DC CHD1DOMINO1.
             * Security Permissions Check for
               DC=ForestDnsZones,DC=vernalis,DC=com
                (NDNC,Version 2)
             * Security Permissions Check for
               DC=DomainDnsZones,DC=vernalis,DC=com
                (NDNC,Version 2)
             * Security Permissions Check for
               CN=Schema,CN=Configuration,DC=vernalis,DC=com
                (Schema,Version 2)
             * Security Permissions Check for
               CN=Configuration,DC=vernalis,DC=com
                (Configuration,Version 2)
             * Security Permissions Check for
               DC=vernalis,DC=com
                (Domain,Version 2)
             ......................... CHD1DOMINO1 passed test NCSecDesc
          Starting test: NetLogons
             * Network Logons Privileges Check
             Verified share \\CHD1DOMINO1\netlogon
             Verified share \\CHD1DOMINO1\sysvol
             ......................... CHD1DOMINO1 passed test NetLogons
          Starting test: Advertising
             The DC CHD1DOMINO1 is advertising itself as a DC and having a DS.
             The DC CHD1DOMINO1 is advertising as an LDAP server
             The DC CHD1DOMINO1 is advertising as having a writeable directory
             The DC CHD1DOMINO1 is advertising as a Key Distribution Center
             The DC CHD1DOMINO1 is advertising as a time server
             The DS CHD1DOMINO1 is advertising as a GC.
             ......................... CHD1DOMINO1 passed test Advertising
          Starting test: KnowsOfRoleHolders
             Role Schema Owner = CN=NTDS Settings,CN=CHD1DOMINO1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vernalis,DC=com
             Role Domain Owner = CN=NTDS Settings,CN=CHD1DOMINO1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vernalis,DC=com
             Role PDC Owner = CN=NTDS Settings,CN=CHD1DOMINO1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vernalis,DC=com
             Role Rid Owner = CN=NTDS Settings,CN=CHD1DOMINO1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vernalis,DC=com
             Role Infrastructure Update Owner = CN=NTDS Settings,CN=CHD1DOMINO1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vernalis,DC=com
             ......................... CHD1DOMINO1 passed test KnowsOfRoleHolders
          Starting test: RidManager
             * Available RID Pool for the Domain is 5106 to 1073741823
             * chd1domino1.vernalis.com is the RID Master
             * DsBind with RID Master was successful
             * rIDAllocationPool is 3606 to 4105
             * rIDPreviousAllocationPool is 3606 to 4105
             * rIDNextRID: 3837
             ......................... CHD1DOMINO1 passed test RidManager
          Starting test: MachineAccount
             Checking machine account for DC CHD1DOMINO1 on DC CHD1DOMINO1.
             * SPN found :LDAP/chd1domino1.vernalis.com/vernalis.com
             * SPN found :LDAP/chd1domino1.vernalis.com
             * SPN found :LDAP/CHD1DOMINO1
             * SPN found :LDAP/chd1domino1.vernalis.com/VERNALIS
             * SPN found :LDAP/32202f44-cd9b-4322-94b1-2d8486921250._msdcs.vernalis.com
             * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/32202f44-cd9b-4322-94b1-2d8486921250/vernalis.com
             * SPN found :HOST/chd1domino1.vernalis.com/vernalis.com
             * SPN found :HOST/chd1domino1.vernalis.com
             * SPN found :HOST/CHD1DOMINO1
             * SPN found :HOST/chd1domino1.vernalis.com/VERNALIS
             * SPN found :GC/chd1domino1.vernalis.com/vernalis.com
             ......................... CHD1DOMINO1 passed test MachineAccount
          Starting test: Services
             * Checking Service: Dnscache
             * Checking Service: NtFrs
             * Checking Service: IsmServ
             * Checking Service: kdc
             * Checking Service: SamSs
             * Checking Service: LanmanServer
             * Checking Service: LanmanWorkstation
             * Checking Service: RpcSs
             * Checking Service: w32time
             * Checking Service: NETLOGON
             ......................... CHD1DOMINO1 passed test Services
          Test omitted by user request: OutboundSecureChannels
          Starting test: ObjectsReplicated
             CHD1DOMINO1 is in domain DC=vernalis,DC=com
             Checking for CN=CHD1DOMINO1,OU=Domain Controllers,DC=vernalis,DC=com in domain DC=vernalis,DC=com on 1 servers
                Object is up-to-date on all servers.
             Checking for CN=NTDS Settings,CN=CHD1DOMINO1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vernalis,DC=com in domain CN=Configuration,DC=vernalis,DC=com on 1 servers
                Object is up-to-date on all servers.
             ......................... CHD1DOMINO1 passed test ObjectsReplicated
          Starting test: frssysvol
             * The File Replication Service SYSVOL ready test
             File Replication Service's SYSVOL is ready
             ......................... CHD1DOMINO1 passed test frssysvol
          Starting test: frsevent
             * The File Replication Service Event log test
             ......................... CHD1DOMINO1 passed test frsevent
          Starting test: kccevent
             * The KCC Event log test
             Found no KCC errors in Directory Service Event log in the last 15 minutes.
             ......................... CHD1DOMINO1 passed test kccevent
          Starting test: systemlog
             * The System Event log test
             An Error Event occured.  EventID: 0x00000457
                Time Generated: 03/17/2010   20:40:08
                (Event String could not be retrieved)
             An Error Event occured.  EventID: 0x00000457
                Time Generated: 03/17/2010   20:40:09
                (Event String could not be retrieved)
             An Error Event occured.  EventID: 0x00000457
                Time Generated: 03/17/2010   20:40:10
                (Event String could not be retrieved)
             ......................... CHD1DOMINO1 failed test systemlog
          Test omitted by user request: VerifyReplicas
          Starting test: VerifyReferences
             The system object reference (serverReference)

             CN=CHD1DOMINO1,OU=Domain Controllers,DC=vernalis,DC=com and backlink

             on

             CN=CHD1DOMINO1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vernalis,DC=com

             are correct.
             The system object reference (frsComputerReferenceBL)

             CN=CHD1DATASERVER1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=vernalis,DC=com

             and backlink on

             CN=CHD1DOMINO1,OU=Domain Controllers,DC=vernalis,DC=com are correct.
             The system object reference (serverReferenceBL)

             CN=CHD1DATASERVER1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=vernalis,DC=com

             and backlink on

             CN=NTDS Settings,CN=CHD1DOMINO1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=vernalis,DC=com

             are correct.
             ......................... CHD1DOMINO1 passed test VerifyReferences
          Test omitted by user request: VerifyEnterpriseReferences
          Test omitted by user request: CheckSecurityError
      
       Running partition tests on : ForestDnsZones
          Starting test: CrossRefValidation
             ......................... ForestDnsZones passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... ForestDnsZones passed test CheckSDRefDom
      
       Running partition tests on : DomainDnsZones
          Starting test: CrossRefValidation
             ......................... DomainDnsZones passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... DomainDnsZones passed test CheckSDRefDom
      
       Running partition tests on : Schema
          Starting test: CrossRefValidation
             ......................... Schema passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... Schema passed test CheckSDRefDom
      
       Running partition tests on : Configuration
          Starting test: CrossRefValidation
             ......................... Configuration passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... Configuration passed test CheckSDRefDom
      
       Running partition tests on : vernalis
          Starting test: CrossRefValidation
             ......................... vernalis passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... vernalis passed test CheckSDRefDom
      
       Running enterprise tests on : vernalis.com
          Starting test: Intersite
             Skipping site Default-First-Site-Name, this site is outside the scope

             provided by the command line arguments provided.
             ......................... vernalis.com passed test Intersite
          Starting test: FsmoCheck
             GC Name: \\chd1domino1.vernalis.com
             Locator Flags: 0xe00003fd
             PDC Name: \\chd1domino1.vernalis.com
             Locator Flags: 0xe00003fd
             Time Server Name: \\chd1domino1.vernalis.com
             Locator Flags: 0xe00003fd
             Preferred Time Server Name: \\chd1domino1.vernalis.com
             Locator Flags: 0xe00003fd
             KDC Name: \\chd1domino1.vernalis.com
             Locator Flags: 0xe00003fd
             ......................... vernalis.com passed test FsmoCheck
          Test omitted by user request: DNS
          Test omitted by user request: DNS


    Wednesday, March 17, 2010 3:14 PM
  • Hi Alagar,

     

    According to your description, I understand that you are experiencing an Netlogon service issue with event ID 2103.

     

    To narrow down this issue, please check the following stuffs:

    1.     Check for USN rollback by using the command Repadmin /showutdvec (KB Article: 875495, 885875)

    2.     Check the Registry value "HKLM\System\CurrentControlSet\Services\NTDS\Parameters, "DSA Not Writable" (REG_DWORD) and its value is 0x4.

    3.     Delete "DSA Not Writable" (REG_DWORD) from registry and reboot the server.

    Please try above steps and let us know your results, thanks.

     

    Sincerely,

    Wilson Jia


    This posting is provided "AS IS" with no warranties, and confers no rights.
    • Marked as answer by Wilson Jia Tuesday, March 23, 2010 2:51 AM
    Thursday, March 18, 2010 3:44 AM
  • Many many thanks to Wilson.I was suffering with this problem from long time ago.I googled it many times but couln't come up with any real solution.Your steps actually fix my problem.Keep it up Wilson.
    Thursday, April 22, 2010 11:44 AM
  • Thanks!  I too, have been looking for a LONG time to find a cure for this issue and could never find anything until this post!  Thanks again!
    Tuesday, June 14, 2011 7:55 PM
  • So can I do this on a DC that has been restored using an image from acronis?

    I had to restore a DC from an image made with acronis.   windows 2008 r2.

    I deleted that reg value and now all seems to be working fine, or is there some thing else that could be messed up here. 

    Monday, December 3, 2012 4:51 PM
  •  Delete "DSA Not Writable" and reboot the server - solution!
    Monday, March 4, 2013 3:35 PM
  • Thank you Wilson. This solved a problem that we had never seen before.
    Tuesday, September 3, 2013 6:55 PM
  • I had a test Active Directory Domain controllers running in VMWare Workstation 10 and restored the backup from a snapshot. USN rollback is what I believe what happened and threw all sorts of errors and there was no replication between the 2 DCs. The netlogon service was getting paused.

    Deleting the registry entry fixed the issue.

    Thanks Wilson.

    Sunday, March 30, 2014 4:08 PM
  • Thanks Wilson, the problem solved in windows 2008 enterprise as well.

    Sunday, April 6, 2014 2:53 PM
  • Good Day Wilson

    Deleted DSA Not Writable and worked perfectly on Windows 2008 R2 Enterprise... Thanks a lot.

    Friday, August 1, 2014 12:13 PM
  • Thanks Wilson - DSA was the problem - deleted and all is good.

    At least there are some "KNOWLEDGABLE" tech's out there that are not blowing wind

    Points to you!

    Thursday, December 3, 2015 11:12 PM
  • Don't often get first time fixes.

    Thank you

    Saturday, May 6, 2017 6:44 AM
  • Wilson,

    I am encountering all symptoms that could be caused by a USN Rollback.

    1- Windows automatically disabled inbound/outbound replication to the server in question

    2- The Netlogon Service is paused.

    3- the DSA Not Writable value is 4.

    My primary domain controller (the fsmo holder) is a virtual OS hosted on VMware ESX and it crashed so I booted up a replica of it and that's when the problem started.

    This happened a month ago but I didn't detect the problem until now. Will the steps you mentioned fix my problem? Official Technet recommendation for USN Rollbacks is to demote the server, etc.. etc...

    p.s: The server is also a GC and the environment contains 2 other domain controllers, a 200R2 and a 2003.

    Sunday, May 21, 2017 1:54 PM
  • ***Thank you Wilson Jia*** issue has been resolved after applying mentioned steps.... apprecaited (y)

    (1)

    Check the Registry value "HKLM\System\CurrentControlSet\Services\NTDS\Parameters, "DSA Not Writable" (REG_DWORD) and its value is 0x4.

    (2)

    Delete "DSA Not Writable" (REG_DWORD) from registry and reboot the server.

    Thank you

    Anwar Bilal Qasim

    Monday, January 29, 2018 5:17 AM