spectdev
Sun Jun 15 21:59:50 PDT 2008
Thanks guys.
I was having issues with the BDC that I did not take care of until i
became too late.
The original problem was: "...KDC certificate was once valid, but no
is invalid..."
Am I going to lose all my DNS, DHCP, WINS, DFS, and others loa
balancing configurations once I force demote the BDC?
Is it best for me to create a new BDC from scratch or will it be ok t
re-promote the BDC?
I certainly wish I had known not to rely on the backups made by Norto
Ghost for DCs.
Anyways, this is the output of dcdiag /v:
Code
-------------------
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine srv1, is a DC.
* Connecting to directory service on server srv1.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\SRV1
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... SRV1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\SRV1
Starting test: Replications
* Replications Check
[Replications Check,SRV1] A recent replication attempt failed:
From SRV1B to SRV1
Naming Context: DC=ForestDnsZones,DC=Tchegbe,DC=com
The replication generated an error (1256):
The remote system is not available. For information about network troubleshooting, see Windows Help.
The failure occurred at 2008-06-15 23:46:17.
The last success occurred at 2007-07-04 23:02:47.
25 failures have occurred since the last success.
[SRV1B] DsBindWithSpnEx() failed with error 1753,
There are no more endpoints available from the endpoint mapper..
Printing RPC Extended Error Info:
Error Record 1, ProcessID is 1524 (DcDiag)
System Time is: 6/16/2008 4:53:23:937
Generating component is 2 (RPC runtime)
Status is 1753: There are no more endpoints available from the endpoint mapper.
Detection location is 501
NumberOfParameters is 4
Unicode string: ncacn_ip_tcp
Unicode string: 3583f317-0caa-4426-9428-b4f2ca743341._msdcs.Tchegbe.com
Long val: -481213899
Pointer val: 629352
[Replications Check,SRV1] A recent replication attempt failed:
From SRV1B to SRV1
Naming Context: DC=DomainDnsZones,DC=Tchegbe,DC=com
The replication generated an error (1256):
The remote system is not available. For information about network troubleshooting, see Windows Help.
The failure occurred at 2008-06-15 23:46:17.
The last success occurred at 2007-07-04 23:02:50.
31 failures have occurred since the last success.
[Replications Check,SRV1] A recent replication attempt failed:
From SRV1B to SRV1
Naming Context: CN=Schema,CN=Configuration,DC=Tchegbe,DC=com
The replication generated an error (1753):
There are no more endpoints available from the endpoint mapper.
The failure occurred at 2008-06-15 23:46:17.
The last success occurred at 2007-07-04 22:53:36.
26 failures have occurred since the last success.
The directory on SRV1B is in the process.
of starting up or shutting down, and is not available.
Verify machine is not hung during boot.
[Replications Check,SRV1] A recent replication attempt failed:
From SRV1B to SRV1
Naming Context: CN=Configuration,DC=Tchegbe,DC=com
The replication generated an error (1753):
There are no more endpoints available from the endpoint mapper.
The failure occurred at 2008-06-15 23:46:17.
The last success occurred at 2007-07-04 22:57:41.
63 failures have occurred since the last success.
The directory on SRV1B is in the process.
of starting up or shutting down, and is not available.
Verify machine is not hung during boot.
[Replications Check,SRV1] A recent replication attempt failed:
From SRV1B to SRV1
Naming Context: DC=Tchegbe,DC=com
The replication generated an error (1753):
There are no more endpoints available from the endpoint mapper.
The failure occurred at 2008-06-15 23:46:17.
The last success occurred at 2007-07-04 22:58:43.
29 failures have occurred since the last success.
The directory on SRV1B is in the process.
of starting up or shutting down, and is not available.
Verify machine is not hung during boot.
* Replication Latency Check
REPLICATION-RECEIVED LATENCY WARNING
SRV1: Current time is 2008-06-15 23:53:23.
DC=ForestDnsZones,DC=Tchegbe,DC=com
Last replication recieved from SRV1B at 2007-07-04 23:02:46.
WARNING: This latency is over the Tombstone Lifetime of 180 days!
DC=DomainDnsZones,DC=Tchegbe,DC=com
Last replication recieved from SRV1B at 2007-07-04 23:02:49.
WARNING: This latency is over the Tombstone Lifetime of 180 days!
CN=Schema,CN=Configuration,DC=Tchegbe,DC=com
Last replication recieved from SRV1B at 2007-07-04 22:53:35.
WARNING: This latency is over the Tombstone Lifetime of 180 days!
CN=Configuration,DC=Tchegbe,DC=com
Last replication recieved from SRV1B at 2007-07-04 22:57:39.
WARNING: This latency is over the Tombstone Lifetime of 180 days!
DC=Tchegbe,DC=com
Last replication recieved from SRV1B at 2007-07-04 22:58:42.
WARNING: This latency is over the Tombstone Lifetime of 180 days!
* Replication Site Latency Check
......................... SRV1 passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC SRV1.
* Security Permissions Check for
DC=ForestDnsZones,DC=Tchegbe,DC=com
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=Tchegbe,DC=com
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=Tchegbe,DC=com
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=Tchegbe,DC=com
(Configuration,Version 2)
* Security Permissions Check for
DC=Tchegbe,DC=com
(Domain,Version 2)
......................... SRV1 passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\SRV1\netlogon
Verified share \\SRV1\sysvol
......................... SRV1 passed test NetLogons
Starting test: Advertising
The DC SRV1 is advertising itself as a DC and having a DS.
The DC SRV1 is advertising as an LDAP server
The DC SRV1 is advertising as having a writeable directory
The DC SRV1 is advertising as a Key Distribution Center
Warning: SRV1 is not advertising as a time server.
The DS SRV1 is advertising as a GC.
......................... SRV1 failed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=SRV1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Tchegbe,DC=com
Role Domain Owner = CN=NTDS Settings,CN=SRV1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Tchegbe,DC=com
Role PDC Owner = CN=NTDS Settings,CN=SRV1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Tchegbe,DC=com
Role Rid Owner = CN=NTDS Settings,CN=SRV1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Tchegbe,DC=com
Role Infrastructure Update Owner = CN=NTDS Settings,CN=SRV1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Tchegbe,DC=com
......................... SRV1 passed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 2103 to 1073741823
* srv1.Tchegbe.com is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 1103 to 1602
* rIDPreviousAllocationPool is 1103 to 1602
* rIDNextRID: 1133
......................... SRV1 passed test RidManager
Starting test: MachineAccount
Checking machine account for DC SRV1 on DC SRV1.
* SPN found :LDAP/srv1.Tchegbe.com/Tchegbe.com
* SPN found :LDAP/srv1.Tchegbe.com
* SPN found :LDAP/SRV1
* SPN found :LDAP/srv1.Tchegbe.com/TCHEGBE
* SPN found :LDAP/5a68703b-f2ef-425c-8752-a94f963bf7a9._msdcs.Tchegbe.com
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/5a68703b-f2ef-425c-8752-a94f963bf7a9/Tchegbe.com
* SPN found :HOST/srv1.Tchegbe.com/Tchegbe.com
* SPN found :HOST/srv1.Tchegbe.com
* SPN found :HOST/SRV1
* SPN found :HOST/srv1.Tchegbe.com/TCHEGBE
* SPN found :GC/srv1.Tchegbe.com/Tchegbe.com
......................... SRV1 passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
w32time Service is stopped on [SRV1]
* Checking Service: NETLOGON
......................... SRV1 failed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
SRV1 is in domain DC=Tchegbe,DC=com
Checking for CN=SRV1,OU=Domain Controllers,DC=Tchegbe,DC=com in domain DC=Tchegbe,DC=com on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=SRV1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Tchegbe,DC=com in domain CN=Configuration,DC=Tchegbe,DC=com on 1 servers
Object is up-to-date on all servers.
......................... SRV1 passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... SRV1 passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
......................... SRV1 passed test frsevent
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15 minutes.
......................... SRV1 passed test kccevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0x40011006
Time Generated: 06/15/2008 23:46:59
Event String: The connection was aborted by the remote WINS.
Remote WINS may not be configured to replicate
with the server.
......................... SRV1 failed test systemlog
Test omitted by user request: VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=SRV1,OU=Domain Controllers,DC=Tchegbe,DC=com and backlink on
CN=SRV1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Tchegbe,DC=com
are correct.
The system object reference (frsComputerReferenceBL)
CN=SRV1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=Tchegbe,DC=com
and backlink on CN=SRV1,OU=Domain Controllers,DC=Tchegbe,DC=com are
correct.
The system object reference (serverReferenceBL)
CN=SRV1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=Tchegbe,DC=com
and backlink on
CN=NTDS Settings,CN=SRV1,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Tchegbe,DC=com
are correct.
......................... SRV1 passed test VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: CheckSecurityError
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : Tchegbe
Starting test: CrossRefValidation
......................... Tchegbe passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Tchegbe passed test CheckSDRefDom
Running enterprise tests on : Tchegbe.com
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope
provided by the command line arguments provided.
......................... Tchegbe.com passed test Intersite
Starting test: FsmoCheck
GC Name: \\srv1.Tchegbe.com
Locator Flags: 0xe00001bd
PDC Name: \\srv1.Tchegbe.com
Locator Flags: 0xe00001bd
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1355
A Good Time Server could not be located.
KDC Name: \\srv1.Tchegbe.com
Locator Flags: 0xe00001bd
......................... Tchegbe.com failed test FsmoCheck
Test omitted by user request: DNS
Test omitted by user request: DNS
--------------------
--
spectdev
------------------------------------------------------------------------
spectdev's Profile:
http://forums.techarena.in/member.php?userid=51655
View this thread:
http://forums.techarena.in/showthread.php?t=986612
http://forums.techarena.in