Windows Server 2003 PDC not answering domain requests.
I have a severly sick server. We had two servers on the network but what was the backup server died and the primary server is in bad shape. I am not sure what to do about it as it runs SQL Server which is no big deal but it also runs Exchange 2003 which is the issue at hand. I realize fully that it is a bad idea to run pretty much anything else on a domain server especially Exchange so please dont comment on how bad it is. The damage is done and what I need now is some help on solving these issues. I have another server that is ready to go if need be if that will help at all. Below is the message I am getting from dcdiag on the sick server. If you do not think it will be salvagable without a rebuild then please suggest some tools I can use to help salvage the data from Exchange and SQL I can handle but if you have any better solution for that then please let me know as well.
Big thank you to anyone who can help with this. I have to have this solved by Monday morning so what ever you can do is greatly appreciated.
DCDiag output...
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\BI
Starting test: Connectivity
......................... BIGBOX passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\BI
Starting test: Replications
[Replications Check,BIGBOX] A recent replication attempt failed:
From SERVER1 to BIGBOX
Naming Context: DC=ForestDnsZones,DC=weeks
The replication generated an error (1256):
The remote system is not available. For information about network tr
oubleshooting, see Windows Help.
The failure occurred at 2008-07-19 20:56:49.
The last success occurred at 2008-07-18 11:45:48.
34 failures have occurred since the last success.
[SERVER1] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
[Replications Check,BIGBOX] A recent replication attempt failed:
From SERVER1 to BIGBOX
Naming Context: DC=DomainDnsZones,DC=weeks
The replication generated an error (1256):
The remote system is not available. For information about network tr
oubleshooting, see Windows Help.
The failure occurred at 2008-07-19 20:56:49.
The last success occurred at 2008-07-18 11:45:48.
34 failures have occurred since the last success.
[Replications Check,BIGBOX] A recent replication attempt failed:
From SERVER1 to BIGBOX
Naming Context: CN=Schema,CN=Configuration
The replication generated an error (1753):
There are no more endpoints available from the endpoint mapper.
The failure occurred at 2008-07-19 20:56:49.
The last success occurred at 2008-07-18 11:47:55.
34 failures have occurred since the last success.
The directory on SERVER1 is in the process.
of starting up or shutting down, and is not available.
Verify machine is not hung during boot.
[Replications Check,BIGBOX] A recent replication attempt failed:
From SERVER1 to BIGBOX
Naming Context: CN=Configuration,DC=weeksr
The replication generated an error (1753):
There are no more endpoints available from the endpoint mapper.
The failure occurred at 2008-07-19 20:56:49.
The last success occurred at 2008-07-18 11:45:48.
34 failures have occurred since the last success.
The directory on SERVER1 is in the process.
of starting up or shutting down, and is not available.
Verify machine is not hung during boot.
[Replications Check,BIGBOX] A recent replication attempt failed:
From SERVER1 to BIGBOX
Naming Context: DC=weeksroses,DC=local
The replication generated an error (1753):
There are no more endpoints available from the endpoint mapper.
The failure occurred at 2008-07-19 20:56:49.
The last success occurred at 2008-07-18 11:58:21.
34 failures have occurred since the last success.
The directory on SERVER1 is in the process.
of starting up or shutting down, and is not available.
Verify machine is not hung during boot.
REPLICATION-RECEIVED LATENCY WARNING
BIGBOX: Current time is 2008-07-19 20:57:30.
DC=ForestDnsZones,DC=weeks
Last replication recieved from SERVER1 at 2008-07-18 11:50:22.
DC=DomainDnsZones,DC=weeks
Last replication recieved from SERVER1 at 2008-07-18 11:50:22.
CN=Schema,CN=Configuration
Last replication recieved from SERVER1 at 2008-07-18 11:52:29.
CN=Configuration,DC=weeksr
Last replication recieved from SERVER1 at 2008-07-18 11:50:22.
DC=weeksroses,DC=local
Last replication recieved from SERVER1 at 2008-07-18 12:02:55.
......................... BIGBOX passed test Replications
Starting test: NCSecDesc
......................... BIGBOX passed test NCSecDesc
Starting test: NetLogons
......................... BIGBOX passed test NetLogons
Starting test: Advertising
......................... BIGBOX passed test Advertising
Starting test: KnowsOfRoleHolders
......................... BIGBOX passed test KnowsOfRoleHolders
Starting test: RidManager
......................... BIGBOX passed test RidManager
Starting test: MachineAccount
......................... BIGBOX passed test MachineAccount
Starting test: Services
......................... BIGBOX passed test Services
Starting test: ObjectsReplicated
......................... BIGBOX passed test ObjectsReplicated
Starting test: frssysvol
......................... BIGBOX passed test frssysvol
Starting test: frsevent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... BIGBOX failed test frsevent
Starting test: kccevent
......................... BIGBOX passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x00000457
Time Generated: 07/19/2008 20:55:32
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 07/19/2008 20:55:33
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 07/19/2008 20:55:33
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 07/19/2008 20:55:34
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 07/19/2008 20:55:34
(Event String could not be retrieved)
......................... BIGBOX failed test systemlog
Starting test: VerifyReferences
......................... BIGBOX passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : weeksroses
Starting test: CrossRefValidation
......................... weeksroses passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... weeksroses passed test CheckSDRefDom
Running enterprise tests on : weeksroses.local
Starting test: Intersite
......................... weeksroses.local passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQU
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERV
5
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... weeksroses.local failed test FsmoCheck
Big thank you to anyone who can help with this. I have to have this solved by Monday morning so what ever you can do is greatly appreciated.
DCDiag output...
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\BI
Starting test: Connectivity
......................... BIGBOX passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\BI
Starting test: Replications
[Replications Check,BIGBOX] A recent replication attempt failed:
From SERVER1 to BIGBOX
Naming Context: DC=ForestDnsZones,DC=weeks
The replication generated an error (1256):
The remote system is not available. For information about network tr
oubleshooting, see Windows Help.
The failure occurred at 2008-07-19 20:56:49.
The last success occurred at 2008-07-18 11:45:48.
34 failures have occurred since the last success.
[SERVER1] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
[Replications Check,BIGBOX] A recent replication attempt failed:
From SERVER1 to BIGBOX
Naming Context: DC=DomainDnsZones,DC=weeks
The replication generated an error (1256):
The remote system is not available. For information about network tr
oubleshooting, see Windows Help.
The failure occurred at 2008-07-19 20:56:49.
The last success occurred at 2008-07-18 11:45:48.
34 failures have occurred since the last success.
[Replications Check,BIGBOX] A recent replication attempt failed:
From SERVER1 to BIGBOX
Naming Context: CN=Schema,CN=Configuration
The replication generated an error (1753):
There are no more endpoints available from the endpoint mapper.
The failure occurred at 2008-07-19 20:56:49.
The last success occurred at 2008-07-18 11:47:55.
34 failures have occurred since the last success.
The directory on SERVER1 is in the process.
of starting up or shutting down, and is not available.
Verify machine is not hung during boot.
[Replications Check,BIGBOX] A recent replication attempt failed:
From SERVER1 to BIGBOX
Naming Context: CN=Configuration,DC=weeksr
The replication generated an error (1753):
There are no more endpoints available from the endpoint mapper.
The failure occurred at 2008-07-19 20:56:49.
The last success occurred at 2008-07-18 11:45:48.
34 failures have occurred since the last success.
The directory on SERVER1 is in the process.
of starting up or shutting down, and is not available.
Verify machine is not hung during boot.
[Replications Check,BIGBOX] A recent replication attempt failed:
From SERVER1 to BIGBOX
Naming Context: DC=weeksroses,DC=local
The replication generated an error (1753):
There are no more endpoints available from the endpoint mapper.
The failure occurred at 2008-07-19 20:56:49.
The last success occurred at 2008-07-18 11:58:21.
34 failures have occurred since the last success.
The directory on SERVER1 is in the process.
of starting up or shutting down, and is not available.
Verify machine is not hung during boot.
REPLICATION-RECEIVED LATENCY WARNING
BIGBOX: Current time is 2008-07-19 20:57:30.
DC=ForestDnsZones,DC=weeks
Last replication recieved from SERVER1 at 2008-07-18 11:50:22.
DC=DomainDnsZones,DC=weeks
Last replication recieved from SERVER1 at 2008-07-18 11:50:22.
CN=Schema,CN=Configuration
Last replication recieved from SERVER1 at 2008-07-18 11:52:29.
CN=Configuration,DC=weeksr
Last replication recieved from SERVER1 at 2008-07-18 11:50:22.
DC=weeksroses,DC=local
Last replication recieved from SERVER1 at 2008-07-18 12:02:55.
......................... BIGBOX passed test Replications
Starting test: NCSecDesc
......................... BIGBOX passed test NCSecDesc
Starting test: NetLogons
......................... BIGBOX passed test NetLogons
Starting test: Advertising
......................... BIGBOX passed test Advertising
Starting test: KnowsOfRoleHolders
......................... BIGBOX passed test KnowsOfRoleHolders
Starting test: RidManager
......................... BIGBOX passed test RidManager
Starting test: MachineAccount
......................... BIGBOX passed test MachineAccount
Starting test: Services
......................... BIGBOX passed test Services
Starting test: ObjectsReplicated
......................... BIGBOX passed test ObjectsReplicated
Starting test: frssysvol
......................... BIGBOX passed test frssysvol
Starting test: frsevent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... BIGBOX failed test frsevent
Starting test: kccevent
......................... BIGBOX passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x00000457
Time Generated: 07/19/2008 20:55:32
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 07/19/2008 20:55:33
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 07/19/2008 20:55:33
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 07/19/2008 20:55:34
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000457
Time Generated: 07/19/2008 20:55:34
(Event String could not be retrieved)
......................... BIGBOX failed test systemlog
Starting test: VerifyReferences
......................... BIGBOX passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : weeksroses
Starting test: CrossRefValidation
......................... weeksroses passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... weeksroses passed test CheckSDRefDom
Running enterprise tests on : weeksroses.local
Starting test: Intersite
......................... weeksroses.local passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQU
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERV
5
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... weeksroses.local failed test FsmoCheck
OOPS last sentence - I meant then make this server a global catalog sevrer
Yep... the reason you're getting those issues is predominantly because the other server is still present in Active Directory. Do as ryan has already said and run a metadata cleanup (provided you won't be bringing it back online) and it should sort a lot of the replication problems.
-tigermatt
-tigermatt
ASKER
This server does have the catalog server check box checked already.
The second server did hold the fsmo roles at one time but the remaining server has already been assigned all of the fsmo roles.
The second server will not be coming back in it's current form. I will be reinstalling it as a fresh server. It will be running SQL and Exchange but no DC roles. I have one more 2k3 server used as a terminal server for a few remote employees used to access Navision. With that would it or box two be able to handle a backup DC role or would we be better off purchasing a new copy and licenses to build a second stand alone 2k3 DC for backup? If the last statement were true would it be possible to use 2k8 for that new server or would that not work or introduce too many new challenges?
With all that said and with the exception of running meta cleanup for the second serrver users still cannot log on to computers on the domain as they get the "Domain not reachable" message and yes the remaining server has been rebooted.
The second server did hold the fsmo roles at one time but the remaining server has already been assigned all of the fsmo roles.
The second server will not be coming back in it's current form. I will be reinstalling it as a fresh server. It will be running SQL and Exchange but no DC roles. I have one more 2k3 server used as a terminal server for a few remote employees used to access Navision. With that would it or box two be able to handle a backup DC role or would we be better off purchasing a new copy and licenses to build a second stand alone 2k3 DC for backup? If the last statement were true would it be possible to use 2k8 for that new server or would that not work or introduce too many new challenges?
With all that said and with the exception of running meta cleanup for the second serrver users still cannot log on to computers on the domain as they get the "Domain not reachable" message and yes the remaining server has been rebooted.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
>> The solution was actually pretty simple
It's identifying and finding the solution which takes the time!
Glad you solved it.
It's identifying and finding the solution which takes the time!
Glad you solved it.
Nice work. For yoru question about bringing the other DC online a 2k8 would be fine to bring up as backup. Dont make the terminal server a DC in anyway shape or form.
Make your remaining DC a global catalog immediately
http://support.microsoft.com/kb/313994
This should solve some of the issue.
Also did DC 2 hold the fsmo roles?
If so you need to seize the roles back from server 2 to server 1
http://support.microsoft.com/kb/324801
Now since DC2 died is it coming back up? If not you need to remove it from Active Directory...
Use meta data clean up - this will remove it from active directory and no longer try and replicate with it
http://technet2.microsoft.com/windowsserver/en/library/012793ee-5e8c-4a5c-9f66-4a486a7114fd1033.mspx?mfr=true
The second server can always be handy.
Personally I would move exchange to it asap. No worries its not that hard use the migration method
This will also be your chance to move exchange to a member server
http://www.amset.info/exchange/migration.asp
Finally I would get your old server going or something that way you can bring up a second domain controller. Then also make this server a domain controller.