Russ
Mon Jul 14 20:00:55 PDT 2008
Have you done the suggestions?
Russ
--
Russell Grover - SBITS.Biz
Microsoft Gold Certified Partner
Microsoft Small Business Specialist
World Wide Remote SBS2003 Support -
http://www.SBITS.Biz
Get Help Now!
http://www.crossloop.com/SBITSdotBiz
"midimike88" <midimike88.3cji3d@DoNotSpam.com> wrote in message
news:midimike88.3cji3d@DoNotSpam.com...
>
> Microsoft Windows [Version 5.2.3790]
> (C) Copyright 1985-2003 Microsoft Corp.
>
> C:\Documents and Settings\Mighty OAK>NTDSUTIL
> NTDSUTIL: domain management
> domain management: connections
> server connections: connect to server 225r2
> Binding to 225r2 ...
> Connected to 225r2 using credentials of locally logged on user.
> server connections: quit
> domain management: select operation target
> select operation target: list roles for connected server
> Server "225r2" knows about 5 roles
> Schema - CN=NTDS
> Settings,CN=225R2,CN=Servers,CN=Default-First-Site-Name,CN=Site
> s,CN=Configuration,DC=oakmgmt,DC=com
> Domain - CN=NTDS
> Settings,CN=225R2,CN=Servers,CN=Default-First-Site-Name,CN=Site
> s,CN=Configuration,DC=oakmgmt,DC=com
> PDC - CN=NTDS
> Settings,CN=225R2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,C
> N=Configuration,DC=oakmgmt,DC=com
> RID - CN=NTDS
> Settings,CN=225R2,CN=Servers,CN=Default-First-Site-Name,CN=Sites,C
> N=Configuration,DC=oakmgmt,DC=com
> Infrastructure - CN=NTDS
> Settings,CN=225R2,CN=Servers,CN=Default-First-Site-Name
> ,CN=Sites,CN=Configuration,DC=oakmgmt,DC=com
> select operation target: quit
> domain management: quit
> NTDSUTIL: quit
> Disconnecting from 225r2...
>
> C:\Documents and Settings\Mighty OAK>dcdiag
>
> Domain Controller Diagnosis
>
> Performing initial setup:
> Done gathering initial info.
>
> Doing initial required tests
>
> Testing server: Default-First-Site-Name\225R2
> Starting test: Connectivity
> ........................ 225R2 passed test Connectivity
>
> Doing primary tests
>
> Testing server: Default-First-Site-Name\225R2
> Starting test: Replications
> [Replications Check,225R2] A recent replication attempt
> failed:
> From 225R1 to 225R2
> Naming Context:
> CN=Schema,CN=Configuration,DC=oakmgmt,DC=com
> The replication generated an error (1396):
> Logon Failure: The target account name is incorrect.
> The failure occurred at 2008-07-14 08:48:13.
> The last success occurred at 2008-06-25 12:47:45.
> 457 failures have occurred since the last success.
> Kerberos Error.
> The KDC could not find the SPN for the server 225R1.
> This can be for several reasons:
>
> (1) - The SPN is not registered on the KDC (usually
> 225R2).
> Check that the SPN is registered on at least one other
> server
> besides 225R1, and that replication is progressing
> between this
> server and the KDC. The tool repadmin/syncall can be
> used for
> this purpose.
> (2) - This server could be a deleted server (and
> deleted DSA
> object), and this deletion has not replicated across
> the
> enterprise yet. This will rectify itself within the
> general
> replication latency plus the latency of the KCC. Should
> be less
> than a day.
> (3) - It's possible that this server was reclaimed, but
> it's
> DSA object was not deleted and an old DNS record
> representing
> the server is present. This can result in this error
> for the
> duration of a DNS record lease. Often about 2 weeks.
> To fix
> this, please clean up the DSA's metadata with ntdsutil.
> (4) - Finally, it's possible that this server has
> acquired a
> new IP address, the server's old IP address has been
> reused, and
> DNS hasn't been updated to reflect the new IP address.
> If this
> problem persists, stop and restart the "Net Logon"
> service on
> 225R1, and delete the old DNS record.
> [225R1] DsBindWithSpnEx() failed with error 1722,
> The RPC server is unavailable..
> [Replications Check,225R2] A recent replication attempt
> failed:
> From 225R1 to 225R2
> Naming Context: CN=Configuration,DC=oakmgmt,DC=com
> The replication generated an error (1396):
> Logon Failure: The target account name is incorrect.
> The failure occurred at 2008-07-14 08:48:13.
> The last success occurred at 2008-06-25 13:15:13.
> 457 failures have occurred since the last success.
> Kerberos Error.
> The KDC could not find the SPN for the server 225R1.
> This can be for several reasons:
>
> (1) - The SPN is not registered on the KDC (usually
> 225R2).
> Check that the SPN is registered on at least one other
> server
> besides 225R1, and that replication is progressing
> between this
> server and the KDC. The tool repadmin/syncall can be
> used for
> this purpose.
> (2) - This server could be a deleted server (and
> deleted DSA
> object), and this deletion has not replicated across
> the
> enterprise yet. This will rectify itself within the
> general
> replication latency plus the latency of the KCC. Should
> be less
> than a day.
> (3) - It's possible that this server was reclaimed, but
> it's
> DSA object was not deleted and an old DNS record
> representing
> the server is present. This can result in this error
> for the
> duration of a DNS record lease. Often about 2 weeks.
> To fix
> this, please clean up the DSA's metadata with ntdsutil.
> (4) - Finally, it's possible that this server has
> acquired a
> new IP address, the server's old IP address has been
> reused, and
> DNS hasn't been updated to reflect the new IP address.
> If this
> problem persists, stop and restart the "Net Logon"
> service on
> 225R1, and delete the old DNS record.
> [Replications Check,225R2] A recent replication attempt
> failed:
> From 225R1 to 225R2
> Naming Context: DC=oakmgmt,DC=com
> The replication generated an error (1396):
> Logon Failure: The target account name is incorrect.
> The failure occurred at 2008-07-14 08:48:12.
> The last success occurred at 2008-06-25 13:19:33.
> 497 failures have occurred since the last success.
> Kerberos Error.
> The KDC could not find the SPN for the server 225R1.
> This can be for several reasons:
>
> (1) - The SPN is not registered on the KDC (usually
> 225R2).
> Check that the SPN is registered on at least one other
> server
> besides 225R1, and that replication is progressing
> between this
> server and the KDC. The tool repadmin/syncall can be
> used for
> this purpose.
> (2) - This server could be a deleted server (and
> deleted DSA
> object), and this deletion has not replicated across
> the
> enterprise yet. This will rectify itself within the
> general
> replication latency plus the latency of the KCC. Should
> be less
> than a day.
> (3) - It's possible that this server was reclaimed, but
> it's
> DSA object was not deleted and an old DNS record
> representing
> the server is present. This can result in this error
> for the
> duration of a DNS record lease. Often about 2 weeks.
> To fix
> this, please clean up the DSA's metadata with ntdsutil.
> (4) - Finally, it's possible that this server has
> acquired a
> new IP address, the server's old IP address has been
> reused, and
> DNS hasn't been updated to reflect the new IP address.
> If this
> problem persists, stop and restart the "Net Logon"
> service on
> 225R1, and delete the old DNS record.
> REPLICATION-RECEIVED LATENCY WARNING
> 225R2: Current time is 2008-07-14 09:06:53.
> CN=Configuration,DC=oakmgmt,DC=com
> Last replication recieved from 225R1 at 2008-06-25
> 13:15:13.
> DC=oakmgmt,DC=com
> Last replication recieved from 225R1 at 2008-06-25
> 13:19:33.
> ........................ 225R2 passed test Replications
> Starting test: NCSecDesc
> ........................ 225R2 passed test NCSecDesc
> Starting test: NetLogons
> ........................ 225R2 passed test NetLogons
> Starting test: Advertising
> ........................ 225R2 passed test Advertising
> Starting test: KnowsOfRoleHolders
> ........................ 225R2 passed test
> KnowsOfRoleHolders
> Starting test: RidManager
> ........................ 225R2 passed test RidManager
> Starting test: MachineAccount
> ........................ 225R2 passed test MachineAccount
> Starting test: Services
> ........................ 225R2 passed test Services
> Starting test: ObjectsReplicated
> ........................ 225R2 passed test ObjectsReplicated
> Starting test: frssysvol
> ........................ 225R2 passed test frssysvol
> Starting test: frsevent
> There are warning or error events within the last 24 hours
> after the
> SYSVOL has been shared. Failing SYSVOL replication problems
> may cause
> Group Policy problems.
> ........................ 225R2 failed test frsevent
> Starting test: kccevent
> An Warning Event occured. EventID: 0x80000785
> Time Generated: 07/14/2008 08:53:28
> Event String: The attempt to establish a replication link
> for
> ........................ 225R2 failed test kccevent
> Starting test: systemlog
> An Error Event occured. EventID: 0x00000457
> Time Generated: 07/14/2008 09:06:35
> (Event String could not be retrieved)
> An Error Event occured. EventID: 0x00000457
> Time Generated: 07/14/2008 09:06:35
> (Event String could not be retrieved)
> An Error Event occured. EventID: 0x00000457
> Time Generated: 07/14/2008 09:06:35
> (Event String could not be retrieved)
> An Error Event occured. EventID: 0x00000457
> Time Generated: 07/14/2008 09:06:35
> (Event String could not be retrieved)
> An Error Event occured. EventID: 0x00000457
> Time Generated: 07/14/2008 09:06:36
> (Event String could not be retrieved)
> ........................ 225R2 failed test systemlog
> Starting test: VerifyReferences
> ........................ 225R2 passed test VerifyReferences
>
> Running partition tests on : ForestDnsZones
> Starting test: CrossRefValidation
> ........................ ForestDnsZones passed test
> CrossRefValidation
>
> Starting test: CheckSDRefDom
> ........................ ForestDnsZones passed test
> CheckSDRefDom
>
> Running partition tests on : DomainDnsZones
> Starting test: CrossRefValidation
> ........................ DomainDnsZones passed test
> CrossRefValidation
>
> Starting test: CheckSDRefDom
> ........................ DomainDnsZones passed test
> CheckSDRefDom
>
> Running partition tests on : Schema
> Starting test: CrossRefValidation
> ........................ Schema passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ........................ Schema passed test CheckSDRefDom
>
> Running partition tests on : Configuration
> Starting test: CrossRefValidation
> ........................ Configuration passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ........................ Configuration passed test
> CheckSDRefDom
>
> Running partition tests on : oakmgmt
> Starting test: CrossRefValidation
> ........................ oakmgmt passed test
> CrossRefValidation
> Starting test: CheckSDRefDom
> ........................ oakmgmt passed test CheckSDRefDom
>
> Running enterprise tests on : oakmgmt.com
> Starting test: Intersite
> ........................ oakmgmt.com passed test Intersite
> Starting test: FsmoCheck
> ........................ oakmgmt.com passed test FsmoCheck
>
> C:\Documents and Settings\Mighty OAK>
>
>
> --
> midimike88
> ------------------------------------------------------------------------
> midimike88's Profile:
http://forums.techarena.in/member.php?u=52903
> View this thread:
http://forums.techarena.in/showthread.php?t=999494
>
>
http://forums.techarena.in
>