Look at EventID.net :
http://www.eventid.net/dis
That link should help you out here with your problem. It's not an uncommon problem.
Main Topics
Browse All Topics
Loading Advertisement...
Question
Various problems with Windows 2003 Server
I've recently upgraded a W2K3 Server to new hardware and am having a variety of problems that I think are all coming from the same root cause. I'll detail the symptoms here and hopefully someone can help me get to the solution(s)...
1) Event ID 1030 is logged every 5 minutes with the message:
Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.
2) Event ID 1058 is logged every 5 minutes with the message:
Windows cannot access the file gpt.ini for GPO CN={A722EC58-E44F-4177-9B0
3) When I try to run either the Domain Controller Security Policy or the Domain Security Policy control panels I get a dialog that says:
GROUP POLICY ERROR
Failed to open the Group Policy Object. You may not have appropriate rights.
Details:
Windows cannot find the network path. Verify that the network path is correct and the destination computer is not busy or turned off. If Windows still cannot find the network path, contact your system administrator.
(Oddly, however, at other times I can open either of these control panels just fine.)
4) Some users are having trouble accessing server-based shares at time and SOMETIMES I cannot open the path:
\\mydomain.org\SYSVOL
I get the message:
\\mydomain.org\SYSVOL is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.
Configuration information could not be read from the domain controller, either because the machine is unavailable or access has been denied.
Other times, however, the path to \\mydomain.org\SYSVOL works just fine.
5) I am logged into the administrator account, W2K3 SP2 has been applied and all other updates have been applied.
6) The machine has TWO NICs, one has DHCP running and serves an internal network. The other is a public IP but the server does not route between the internal LAN and the WAN. We have a Cisco router that does that.
This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.
Subscribe now for full access to Experts Exchange and get
Instant Access to this Solution
- Plus...
- 30 Day FREE access, no risk, no obligation
- Collaborate with the world's top tech experts
- Unlimited access to our exclusive solution database
- Never be left without tech help again
Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.
- "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
- "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
- "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.
See what Experts Exchange can do for you.
Got a question?
We've got the answer.
Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.
Need individual assistance?
Our experts are ready to help.
If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.
Want to learn from the best?
Read articles from industry experts.
Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.
Working on a long term project?
Store your work and research.
Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.
Access the answers to your technology questions today.
30-day free trial. Register in 60 seconds.
What Makes Experts Exchange Unique?
Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.
Trusted by the world's most respected brands.
Faithfully serving IT professionals since 1996.
Try it out and discover for yourself.
30-day free trial. Register in 60 seconds.
Free Tech Articles
-
WARNING: 5 Reasons why you should NEVER fix a computer for free.
It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
-
SCCM OSD Basic troubleshooting
SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
-
Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
-
Create a Win7 Gadget
This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
-
Outlook continually prompting for username and password
There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
-
Backup Exchange 2010 Information Store using Windows Backup
There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...
Cloud Class Webinars
- Avoiding Bugs in Microsoft Access
Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
- Top 10 Best New Features in Visio 2010
Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
- IT Consultant Business Secrets Revealed
Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
- Disaster Recovery and Business Continuity
Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
- Organize Your Visio Diagrams with Containers and Lists
Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
- How to Us Objects, Properties, Events and Methods in Microsoft Access
Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...
Join the Community
Give a Little. Get a Lot.
Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.
Answers
1) benhanson : I tried setting the metric on the LAN to 10 and the WAN to 20. Did not seem to have any effect.
2) lazarus98: I've already seen and tried almost everything there. Is there anything in particular you think I should try again?
3) ajbritton: Can you be more specific? DNS is working and there do not seem to be any issues there.
Active directory uses DNS to locate domain resources, analogous to how NT4 used WINS/NetBIOS to locate these resources. If you are resolving DNS queries to the wrong DNS server, you may not receive the proper service records for directory services to function properly. Could you do an ipconfig /all and post the output?
benhanson here is the output from IPCONFIG /ALL:
Windows IP Configuration
Host Name . . . . . . . . . . . . : mysrv3
Primary Dns Suffix . . . . . . . : mydomain.org
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : mydomain.org
PPP adapter RAS Server (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.0.0.10
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
Ethernet adapter WAN-DSL Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet #2
Physical Address. . . . . . . . . : 00-10-18-2C-75-E1
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : xxx.xxx.xx.130
Subnet Mask . . . . . . . . . . . : 255.255.255.248
Default Gateway . . . . . . . . . : xxx.xxx.xx.129
DNS Servers . . . . . . . . . . . : 192.168.0.10
216.54.196.250
NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter LAN NET:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
Physical Address. . . . . . . . . : 00-18-8B-E7-62-30
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.0.10
It does exist I promise you (see http://technet2.microsoft.
You may need to download the most recent support tools package. The Support Tools get updated with every Service Pack release, but they are not part of the service pack.
Ajbritton,
Can you point me to where to download the latest DCDIAG? The only one I found was older than the one I have by 3 years. The one I have does not have this test. Typeing DCDIAG /H gives:
Domain Controller Diagnosis
dcdiag.exe /s:<Domain Controller> [/u:<Domain>\<Username> /p:*|<Password>|""]
[/hqv] [/n:<Naming Context>] [/f:<Log>] [/ferr:<Errlog>]
[/skip:<Test>] [/test:<Test>]
/h: Display this help screen
/s: Use <Domain Controller> as Home Server. Ignored for DcPromo and
RegisterInDns tests which can only be run locally.
/n: Use <Naming Context> as the Naming Context to test
Domains may be specified in Netbios, DNS or DN form.
/u: Use domain\username credentials for binding.
Must also use the /p option
/p: Use <Password> as the password. Must also use the /u option
/a: Test all the servers in this site
/e: Test all the servers in the entire enterprise. Overrides /a
/q: Quiet - Only print error messages
/v: Verbose - Print extended information
/i: ignore - ignores superfluous error messages.
/fix: fix - Make safe repairs.
/f: Redirect all output to a file <Log>, /ferr will redirect error output
seperately.
/ferr:<ErrLog> Redirect fatal error output to a seperate file <ErrLog>
/c: Comprehensive, runs all tests, including non-default tests but excluding
DcPromo and RegisterInDNS. Can use with /skip
/test:<TestName> - Test only this test. Required tests will still
be run. Do not mix with /skip.
Valid tests are:
Connectivity - Tests whether DCs are DNS registered, pingeable, and
have LDAP/RPC connectivity.
Replications - Checks for timely replication between domain controllers.
Topology - Checks that the generated topology is fully connected for
all DCs.
CutoffServers - Check for servers that won't receive replications
because its partners are down
NCSecDesc - Checks that the security descriptosrs on the naming
context heads have appropriate permissions for replication.
NetLogons - Checks that the appropriate logon priviledges allow
replication to proceed.
Advertising - Checks whether each DC is advertising itself, and whether
it is advertising itself as having the capabilities of a DC.
KnowsOfRoleHolders - Check whether the DC thinks it knows the role
holders, and prints these roles out in verbose mode.
Intersite - Checks for failures that would prevent or temporarily
hold up intersite replication.
FsmoCheck - Checks that global role-holders are known, can be
located, and are responding.
RidManager - Check to see if RID master is accessable and to see if
it contains the proper information.
MachineAccount - Check to see if the Machine Account has the proper
information. Use /RecreateMachineAccount to attempt a repair
if the local machine account is missing. Use /FixMachineAccount
if the machine account flags are incorrect
Services - Check to see if appropriate DC services are running.
OutboundSecureChannels - See if we have secure channels from all of the
DC's in the domain the domains specified by /testdomain:.
/nositerestriction will prevent the test from
being limited to the DC's in the site.
ObjectsReplicated - Check that Machine Account and DSA objects have
replicated. Use /objectdn:<dn> with /n:<nc> to specify an
additional object to check.
frssysvol - This test checks that the file replication system (FRS)
SYSVOL is ready
frsevent - This test checks to see if there are any operation errors
in the file replication system (FRS). Failing replication
of the SYSVOL share, can cause Policy problems.
kccevent - This test checks that the Knowledge Consistency Checker
is completing without errors.
systemlog - This test checks that the system is running without errors.
DcPromo - Tests the existing DNS infrastructure for promotion to domain
controller. If the infrastructure is sufficient, the computer
can be promoted to domain controller in a domain specified in
<Active_Directory_Domain_D
modifications to the existing DNS infrastructure are required.
Required argument:
/DnsDomain:<Active_Directo
One of the following arguments is required:
/NewForest
/NewTree
/ChildDomain
/ReplicaDC
If NewTree is specified, then the ForestRoot argument is
required:
/ForestRoot:<Forest_Root_D
RegisterInDNS - Tests whether this domain controller can register the
Domain Controller Locator DNS records. These records must be
present in DNS in order for other computers to locate this
domain controller for the <Active_Directory_Domain_D
domain. Reports whether any modifications to the existing DNS
infrastructure are required.
Required argument:
/DnsDomain:<Active_Directo
CrossRefValidation - This test looks for cross-refs that are in some
way invalid.
CheckSDRefDom - This test checks that all application directory
partitions have appropriate security descriptor reference
domains.
VerifyReplicas - This test verifys that all application directory
partitions are fully instantiated on all replica servers.
VerifyReferences - This test verifys that certain system references
are intact for the FRS and Replication infrastructure.
VerifyEnterpriseReferences
references are intact for the FRS and Replication
infrastructure across all objects in the enterprise
on each DC.
/skip:<TestName> - Skip the named test. Required tests will still
be run. Do not mix with /test.
Tests that can be skipped are:
Replications - Checks for timely replication between domain controllers.
Topology - Checks that the generated topology is fully connected for
all DCs.
CutoffServers - Check for servers that won't receive replications
because its partners are down
NCSecDesc - Checks that the security descriptosrs on the naming
context heads have appropriate permissions for replication.
NetLogons - Checks that the appropriate logon priviledges allow
replication to proceed.
Advertising - Checks whether each DC is advertising itself, and whether
it is advertising itself as having the capabilities of a DC.
KnowsOfRoleHolders - Check whether the DC thinks it knows the role
holders, and prints these roles out in verbose mode.
Intersite - Checks for failures that would prevent or temporarily
hold up intersite replication.
FsmoCheck - Checks that global role-holders are known, can be
located, and are responding.
RidManager - Check to see if RID master is accessable and to see if
it contains the proper information.
MachineAccount - Check to see if the Machine Account has the proper
information. Use /RecreateMachineAccount to attempt a repair
if the local machine account is missing. Use /FixMachineAccount
if the machine account flags are incorrect
Services - Check to see if appropriate DC services are running.
OutboundSecureChannels - See if we have secure channels from all of the
DC's in the domain the domains specified by /testdomain:.
/nositerestriction will prevent the test from
being limited to the DC's in the site.
ObjectsReplicated - Check that Machine Account and DSA objects have
replicated. Use /objectdn:<dn> with /n:<nc> to specify an
additional object to check.
frssysvol - This test checks that the file replication system (FRS)
SYSVOL is ready
frsevent - This test checks to see if there are any operation errors
in the file replication system (FRS). Failing replication
of the SYSVOL share, can cause Policy problems.
kccevent - This test checks that the Knowledge Consistency Checker
is completing without errors.
systemlog - This test checks that the system is running without errors.
DcPromo - Tests the existing DNS infrastructure for promotion to domain
controller. If the infrastructure is sufficient, the computer
can be promoted to domain controller in a domain specified in
<Active_Directory_Domain_D
modifications to the existing DNS infrastructure are required.
Required argument:
/DnsDomain:<Active_Directo
One of the following arguments is required:
/NewForest
/NewTree
/ChildDomain
/ReplicaDC
If NewTree is specified, then the ForestRoot argument is
required:
/ForestRoot:<Forest_Root_D
RegisterInDNS - Tests whether this domain controller can register the
Domain Controller Locator DNS records. These records must be
present in DNS in order for other computers to locate this
domain controller for the <Active_Directory_Domain_D
domain. Reports whether any modifications to the existing DNS
infrastructure are required.
Required argument:
/DnsDomain:<Active_Directo
CrossRefValidation - This test looks for cross-refs that are in some
way invalid.
CheckSDRefDom - This test checks that all application directory
partitions have appropriate security descriptor reference
domains.
VerifyReplicas - This test verifys that all application directory
partitions are fully instantiated on all replica servers.
VerifyReferences - This test verifys that certain system references
are intact for the FRS and Replication infrastructure.
VerifyEnterpriseReferences
references are intact for the FRS and Replication
infrastructure across all objects in the enterprise
on each DC.
The following tests are not run by default:
Topology - Checks that the generated topology is fully connected for
all DCs.
CutoffServers - Check for servers that won't receive replications
because its partners are down
OutboundSecureChannels - See if we have secure channels from all of the
DC's in the domain the domains specified by /testdomain:.
/nositerestriction will prevent the test from
being limited to the DC's in the site.
VerifyReplicas - This test verifys that all application directory
partitions are fully instantiated on all replica servers.
VerifyEnterpriseReferences
references are intact for the FRS and Replication
infrastructure across all objects in the enterprise
on each DC.
All tests except DcPromo and RegisterInDNS must be run on computers
after they have been promoted to domain controller.
Note: Text (Naming Context names, server names, etc) with International or
Unicode characters will only display correctly if appropriate fonts and
language support are loaded
jhance, Look carefully at all of tehm and try them, they all pertain to exactly what is occuring to you. In particular look at: Rolf A. Vaglid's rsponse in it. His is pretty much like yours.
Also look at redoing your TCP/IP stacks. This sometimes will help sort things out.
I also notice that you have "Broadcom NetXtreme Gigabit Ethernet" NICS.
Look into resizing your IRPSTACK in teh registry this will help as well.
http://www.windowsnetworki
This will help with some other issues that arise from GigByte cards. If you see any 2011 or 0 Events in your registry of if your getting denials on your shared folders on that computer.
Windows Serve 2003 Service Pack 2 Support Toolshttp://www.microsoft.
ajbirtton: Ok I downloaded the updated support tools and ran DCDIAG /TEST:DNS. Results are:
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\MY
Starting test: Connectivity
......................... MYSRV3 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\MY
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : mydomain
Running enterprise tests on : mydomain.org
Starting test: DNS
Test results for domain controllers:
DC: mysrv3.mydomain.org
Domain: mydomain.org
TEST: Forwarders/Root hints (Forw)
Error: Root hints list has invalid root hint server: b.root-servers.net. (128.9.0.107)
Summary of test results for DNS servers used by the above domain controllers:
DNS server: 128.9.0.107 (b.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.9.0.107
......................... mydomain.org passed test DNS
Results w/ the /v option:
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine mysrv3, is a DC.
* Connecting to directory service on server mysrv3.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\my
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... mysrv3 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\my
Test omitted by user request: Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Test omitted by user request: NCSecDesc
Test omitted by user request: NetLogons
Test omitted by user request: Advertising
Test omitted by user request: KnowsOfRoleHolders
Test omitted by user request: RidManager
Test omitted by user request: MachineAccount
Test omitted by user request: Services
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: ObjectsReplicated
Test omitted by user request: frssysvol
Test omitted by user request: frsevent
Test omitted by user request: kccevent
Test omitted by user request: systemlog
Test omitted by user request: VerifyReplicas
Test omitted by user request: VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: CheckSecurityError
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : ForestDnsZones
Test omitted by user request: CrossRefValidation
Test omitted by user request: CheckSDRefDom
Running partition tests on : DomainDnsZones
Test omitted by user request: CrossRefValidation
Test omitted by user request: CheckSDRefDom
Running partition tests on : Schema
Test omitted by user request: CrossRefValidation
Test omitted by user request: CheckSDRefDom
Running partition tests on : Configuration
Test omitted by user request: CrossRefValidation
Test omitted by user request: CheckSDRefDom
Running partition tests on : wrcc
Test omitted by user request: CrossRefValidation
Test omitted by user request: CheckSDRefDom
Running enterprise tests on : mydomain.org
Test omitted by user request: Intersite
Test omitted by user request: FsmoCheck
Starting test: DNS
Test results for domain controllers:
DC: mysrv3.mydomain.org
Domain: mydomain.org
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
Microsoft(R) Windows(R) Server 2003, Standard Edition (Service Pack level: 2.0) is supported
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000007] Broadcom NetXtreme Gigabit Ethernet:
MAC address is 00:18:8B:E7:62:30
IP address is static
IP address: 192.168.0.10
DNS servers:
192.168.0.10 (<name unavailable>) [Valid]
Adapter [00000008] Broadcom NetXtreme Gigabit Ethernet:
MAC address is 00:10:18:2C:75:E1
IP address is static
IP address: X.X.X.X
DNS servers:
192.168.0.10 (<name unavailable>) [Valid]
216.54.196.250 (<name unavailable>) [Valid]
The A record for this DC was found
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found (primary)
Root zone on this DC/DNS server was not found
TEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders are not configured on this DNS server
Root hint Information:
Name: a.root-servers.net. IP: 198.41.0.4 [Valid]
Name: b.root-servers.net. IP: 128.9.0.107 [Invalid (unreachable)]
Name: b.root-servers.net. IP: 192.228.79.201 [Valid]
Name: c.root-servers.net. IP: 192.33.4.12 [Valid]
Name: d.root-servers.net. IP: 128.8.10.90 [Valid]
Name: e.root-servers.net. IP: 192.203.230.10 [Valid]
Name: f.root-servers.net. IP: 192.5.5.241 [Valid]
Name: g.root-servers.net. IP: 192.112.36.4 [Valid]
Name: h.root-servers.net. IP: 128.63.2.53 [Valid]
Name: i.root-servers.net. IP: 192.36.148.17 [Valid]
Name: j.root-servers.net. IP: 192.58.128.30 [Valid]
Name: j.root-servers.net. IP: 198.41.0.10 [Valid]
Name: k.root-servers.net. IP: 193.0.14.129 [Valid]
Name: l.root-servers.net. IP: 198.32.64.12 [Valid]
Name: m.root-servers.net. IP: 202.12.27.33 [Valid]
TEST: Delegations (Del)
No delegations were found in this zone on this DNS server
TEST: Dynamic update (Dyn)
Dynamic update is enabled on the zone mydomain.org.
Test record _dcdiag_test_record added successfully in zone mydomain.org.
Test record _dcdiag_test_record deleted successfully in zone mydomain.org.
TEST: Records registration (RReg)
Network Adapter [00000007] Broadcom NetXtreme Gigabit Ethernet:
Matching A record found at DNS server 192.168.0.10:
mysrv3.mydomain.org
Matching CNAME record found at DNS server 192.168.0.10:
66d79efe-00c0-417c-b36c-4a
Matching DC SRV record found at DNS server 192.168.0.10:
_ldap._tcp.dc._msdcs.mydom
Matching GC SRV record found at DNS server 192.168.0.10:
_ldap._tcp.gc._msdcs.mydom
Matching PDC SRV record found at DNS server 192.168.0.10:
_ldap._tcp.pdc._msdcs.mydo
Network Adapter [00000008] Broadcom NetXtreme Gigabit Ethernet:
Matching A record found at DNS server 192.168.0.10:
mysrv3.mydomain.org
Matching CNAME record found at DNS server 192.168.0.10:
66d79efe-00c0-417c-b36c-4a
Matching DC SRV record found at DNS server 192.168.0.10:
_ldap._tcp.dc._msdcs.mydom
Matching GC SRV record found at DNS server 192.168.0.10:
_ldap._tcp.gc._msdcs.mydom
Matching PDC SRV record found at DNS server 192.168.0.10:
_ldap._tcp.pdc._msdcs.mydo
Matching A record found at DNS server 216.54.196.250:
mysrv3.mydomain.org
Matching CNAME record found at DNS server 216.54.196.250:
66d79efe-00c0-417c-b36c-4a
Matching DC SRV record found at DNS server 216.54.196.250:
_ldap._tcp.dc._msdcs.mydom
Matching GC SRV record found at DNS server 216.54.196.250:
_ldap._tcp.gc._msdcs.mydom
Matching PDC SRV record found at DNS server 216.54.196.250:
_ldap._tcp.pdc._msdcs.mydo
Summary of test results for DNS servers used by the above domain controllers:
DNS server: 128.9.0.107 (b.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.127.in-addr.arpa. failed on the DNS server 128.9.0.107
[Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)]
DNS server: 216.54.196.250 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server
Name resolution is funtional. _ldap._tcp SRV record for the forest root domain is registered
DNS server: 202.12.27.33 (m.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server
DNS server: 198.41.0.4 (a.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server
DNS server: 198.41.0.10 (j.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server
DNS server: 198.32.64.12 (l.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server
DNS server: 193.0.14.129 (k.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server
DNS server: 192.58.128.30 (j.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server
DNS server: 192.5.5.241 (f.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server
DNS server: 192.36.148.17 (i.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server
DNS server: 192.33.4.12 (c.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server
DNS server: 192.228.79.201 (b.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server
DNS server: 192.203.230.10 (e.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server
DNS server: 192.168.0.10 (<name unavailable>)
All tests passed on this DNS server
This is a valid DNS server
Name resolution is funtional. _ldap._tcp SRV record for the forest root domain is registered
DNS server: 192.112.36.4 (g.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server
DNS server: 128.8.10.90 (d.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server
DNS server: 128.63.2.53 (h.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
__________________________
Domain: mydomain.org
mysrv3 PASS PASS PASS PASS PASS PASS n/a
......................... mydomain.org passed test DNS
I don't know if this is just cosmetic or if it's an actual fix - I don't know dns and ad well enough. But we had this same problem and this is the only thing that got rid of the errors:
http://www.webservertalk.c
To reiterate - this may not fix any of your other sysvol errors even if it does stop the 1030 error.
Regarding being unable to open the policies in group policy editor, make sure you are using the group policy MANAGEMENT console - gpmc.msc - you may have to download it:
http://www.microsoft.com/d
When we opened the domain and domain controller policy using this, windows detected the access error and offered to fix it, which it did. It did not stop the 1030 errors (but previous fix did), but we could access and edit the policy.
Hope this helps...
Best Regards
3 Ways to Join
Business Accounts
- Perfect for organizations
- Multiple users
- Save over 36%
- Create a Business Account
Answer for Membership
- Earn free access
- Showcase your knowledge
- No credit card required
- Sign Up to Answer
Loading Advertisement...
by: benhansonPosted on 2007-06-16 at 11:54:40ID: 19299097
Do you have a metric defined on the to NICs? Try setting the interface metric on the public NIC to a higher number, or disable it completely to rule out OS confusion. Windows may be looking for domain resources on the public side and timing out looking for it.