i have 2 windows 2003 servers on a domain called acdomain
one server is called acserver
the other one is called fidelioserver
when they were orginally setup (nearly three years ago) i belive the acserver was setup
initally with all the roles on it and fidelioserver was added as another domain controller.
about 1 year ago the acserver had to be built from scratch (dont know why) and is was added
back to the acdomain.
all seemed to be working ok till very recently. now acserver is giving a lot of trouble (i
will try and outline the main symtoms here:
(Please be warned - my active directory skill and understanding are POOR!)
acserver holds all the printers. when this server is rebooted, all printing works fine for
about 45 mins and then stops. the spooler continues to run (stopping and starting does not
make a difference) jobs go into the q but will not print. (physcial printers are fine and
will resume printing if the server is physically rebooted)
when the printers stop working again (which i am sure is a result of the underlying issue),
if i run dcdiag, the output below is what i get:
--------------------------
----------
----------
----------
----------
----------
---
Domain Controller Diagnosis
Performing initial setup:
[acserver] LDAP search failed with error 58,
The specified server cannot perform the requested operation..
***Error: The machine, acserver could not be contacted, because of a bad net
response. Check to make sure that this machine is a Domain Controller.
--------------------------
----------
----------
----------
----------
----------
----
also when the server stops functioning, if i try to browse to fidelioserver by typing in
\\fidelioserver i get a message saying "a device attached to the system is not funtioning."
at this point i can ping exteranl websites but not browse them. incoming connections to the
server ARE accepted
when the server reboots...all works fine (printers, internet out, incoming connections)
when i rund dcdiag now, this is what i get:
--------------------------
----------
----------
----------
----------
----------
----------
----
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site\ACSERVE
R
Starting test: Connectivity
The host 45627628-b935-4132-88d1-b0
8a9d38e11b
._msdcs.ac
domain.loc
al could not be
resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(45627628-b935-4132-88d1-b
08a9d38e11
b._msdcs.a
cdomain.lo
cal) couldn't
be resolved, the server name (acserver.acdomain.local) resolved to the
IP address (192.168.5.5) and was pingable. Check that the IP address
is registered correctly with the DNS server.
......................... ACSERVER failed test Connectivity
Doing primary tests
Testing server: Default-First-Site\ACSERVE
R
Skipping all tests, because server ACSERVER is
not responding to directory service requests
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : acdomain
Starting test: CrossRefValidation
......................... acdomain passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... acdomain passed test CheckSDRefDom
Running enterprise tests on : acdomain.local
Starting test: Intersite
......................... acdomain.local passed test Intersite
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQU
IRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERV
ER_PREFERR
ED) call failed, error 1355
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... acdomain.local failed test FsmoCheck
--------------------------
----------
----------
----------
----------
----------
----------
-----
the folloing are some errors that are being recorded in the event logs
application log:
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1030
Date: 22/12/2007
Time: 10:14:45
User: NT AUTHORITY\SYSTEM
Computer: ACSERVER
Description:
Windows cannot query for the list of Group Policy objects. Check the event log for possible
messages previously logged by the policy engine that describes the reason for this.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
--------------------------
----------
----------
----------
----------
----------
----------
------
system log
Event Type: Error
Event Source: NETLOGON
Event Category: None
Event ID: 5719
Date: 22/12/2007
Time: 10:29:16
User: N/A
Computer: ACSERVER
Description:
This computer was not able to set up a secure session with a domain controller in domain
ACDOMAIN due to the following:
There are currently no logon servers available to service the logon request.
This may lead to authentication problems. Make sure that this computer is connected to the
network. If the problem persists, please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it sets up the secure
session to the primary domain controller emulator in the specified domain. Otherwise, this
computer sets up the secure session to any domain controller in the specified domain.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 5e 00 00 c0 ^..
--------------------------
----------
----------
----------
----------
----
Event Type: Error
Event Source: DhcpServer
Event Category: None
Event ID: 1059
Date: 22/12/2007
Time: 10:14:31
User: N/A
Computer: ACSERVER
Description:
The DHCP service failed to see a directory server for authorization.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 3a 20 00 00 : ..
--------------------------
----------
----------
----------
----------
------
DNS Server log
Event Type: Warning
Event Source: DNS
Event Category: None
Event ID: 4510
Date: 22/12/2007
Time: 10:19:42
User: N/A
Computer: ACSERVER
Description:
The DNS server was unable to connect to the domain naming FSMO "". No modifications to
Directory Partitions are possible until the FSMO server is available for LDAP connections.
The event data contains the error code.
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Data:
0000: af 20 00 00 ..
--------------------------
----------
----------
----------
----------
----------
-
i know the whole AD is messed up.....where do i start?
yours in hope!
ger
