Link to home
Start Free TrialLog in
Avatar of cegeland
cegelandFlag for Norway

asked on

LDAP errors Win2k8 AD with one DC: Event id 1535, 1213, 2041

Hi!

We have some issues on our windows 2008 r2 Domain Controller. We get loads of LDAP events in the Directory Service logs. We recently depromoted a second win2k8 DC due to reinstallation, and these events started to show up after running dcpromo on the "old" server.

We transferred all the 5 FSMO roles to the remaining server, and dcdiag was not giving any errors prior to depromoting the old server.

Attached is some of the events I find. New ones appear every few minutes.

Any help is greatly appreciated!
Log Name:      Directory Service
Source:        Microsoft-Windows-ActiveDirectory_DomainService
Date:          15.12.2010 16:30:32
Event ID:      1535
Task Category: LDAP Interface
Level:         Information
Keywords:      Classic
User:          SYSTEM
Computer:      dc1.domain.local
Description:
Internal event: The LDAP server returned an error. 
 
Additional Data 
Error value:
0000208D: NameErr: DSID-0310020A, problem 2001 (NO_OBJECT), data 0, best match of:
	'CN=System,DC=domain,DC=local'

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-ActiveDirectory_DomainService" Guid="{0e8478c5-3605-4e8c-8497-1e730c959516}" EventSourceName="NTDS General" />
    <EventID Qualifiers="16384">1535</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>16</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8080000000000000</Keywords>
    <TimeCreated SystemTime="2010-12-15T15:30:32.749192600Z" />
    <EventRecordID>3282</EventRecordID>
    <Correlation />
    <Execution ProcessID="584" ThreadID="1896" />
    <Channel>Directory Service</Channel>
    <Computer>dc1.domain.local</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <EventData>
    <Data>0000208D: NameErr: DSID-0310020A, problem 2001 (NO_OBJECT), data 0, best match of:
	'CN=System,DC=domainname,DC=local'
</Data>
  </EventData>
</Event>

--------------------------------------------------

Log Name:      Directory Service
Source:        Microsoft-Windows-ActiveDirectory_DomainService
Date:          15.12.2010 16:28:22
Event ID:      1535
Task Category: LDAP Interface
Level:         Information
Keywords:      Classic
User:          SYSTEM
Computer:      dc1.domain.local
Description:
Internal event: The LDAP server returned an error. 
 
Additional Data 
Error value:
0000208D: NameErr: DSID-0310020A, problem 2001 (NO_OBJECT), data 0, best match of:
	'CN=Dfs-Configuration,CN=System,DC=domain,DC=local'

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-ActiveDirectory_DomainService" Guid="{0e8478c5-3605-4e8c-8497-1e730c959516}" EventSourceName="NTDS General" />
    <EventID Qualifiers="16384">1535</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>16</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8080000000000000</Keywords>
    <TimeCreated SystemTime="2010-12-15T15:28:22.222234900Z" />
    <EventRecordID>3280</EventRecordID>
    <Correlation />
    <Execution ProcessID="584" ThreadID="5656" />
    <Channel>Directory Service</Channel>
    <Computer>dc1.domain.local</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <EventData>
    <Data>0000208D: NameErr: DSID-0310020A, problem 2001 (NO_OBJECT), data 0, best match of:
	'CN=Dfs-Configuration,CN=System,DC=domain,DC=local'
</Data>
  </EventData>
</Event>

-----------------------------------------------------

Log Name:      Directory Service
Source:        Microsoft-Windows-ActiveDirectory_DomainService
Date:          15.12.2010 16:27:55
Event ID:      1213
Task Category: LDAP Interface
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      dc1.domain.local
Description:
Internal event: An LDAP client connection was closed because it was disconnected on the client side. 
 
Additional Data 
Internal ID:
c0602e2
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-ActiveDirectory_DomainService" Guid="{0e8478c5-3605-4e8c-8497-1e730c959516}" EventSourceName="NTDS General" />
    <EventID Qualifiers="16384">1213</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>16</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8080000000000000</Keywords>
    <TimeCreated SystemTime="2010-12-15T15:27:55.527565700Z" />
    <EventRecordID>3279</EventRecordID>
    <Correlation />
    <Execution ProcessID="584" ThreadID="5656" />
    <Channel>Directory Service</Channel>
    <Computer>dc1.domain.local</Computer>
    <Security />
  </System>
  <EventData>
    <Data>c0602e2</Data>
  </EventData>
</Event>

-----------------------------------------------------

Log Name:      Directory Service
Source:        Microsoft-Windows-ActiveDirectory_DomainService
Date:          15.12.2010 16:27:43
Event ID:      1535
Task Category: LDAP Interface
Level:         Information
Keywords:      Classic
User:          domain\admin
Computer:      dc1.domain.local
Description:
Internal event: The LDAP server returned an error. 
 
Additional Data 
Error value:
0000208D: NameErr: DSID-0310020A, problem 2001 (NO_OBJECT), data 0, best match of:
	'CN=dc1,OU=Domain Controllers,DC=domain,DC=local'

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-ActiveDirectory_DomainService" Guid="{0e8478c5-3605-4e8c-8497-1e730c959516}" EventSourceName="NTDS General" />
    <EventID Qualifiers="16384">1535</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>16</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8080000000000000</Keywords>
    <TimeCreated SystemTime="2010-12-15T15:27:43.833396400Z" />
    <EventRecordID>3278</EventRecordID>
    <Correlation />
    <Execution ProcessID="584" ThreadID="1896" />
    <Channel>Directory Service</Channel>
    <Computer>dc1.domain.local</Computer>
    <Security UserID="S-1-5-21-2812511754-123718817-1394069073-500" />
  </System>
  <EventData>
    <Data>0000208D: NameErr: DSID-0310020A, problem 2001 (NO_OBJECT), data 0, best match of:
	'CN=dc1,OU=Domain Controllers,DC=domain,DC=local'
</Data>
  </EventData>
</Event>

---------------------------------------------

Log Name:      Directory Service
Source:        Microsoft-Windows-ActiveDirectory_DomainService
Date:          15.12.2010 16:14:58
Event ID:      1216
Task Category: LDAP Interface
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:      dc1.domain.local
Description:
Internal event: An LDAP client connection was closed because of an error. 
 
Client IP:
[fe80::7844:d9c4:c8ff:bb8c%13]:52578 
 
Additional Data 
Error value:
1236 The network connection was aborted by the local system. 
Internal ID:
c0602f0
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-ActiveDirectory_DomainService" Guid="{0e8478c5-3605-4e8c-8497-1e730c959516}" EventSourceName="NTDS General" />
    <EventID Qualifiers="32768">1216</EventID>
    <Version>0</Version>
    <Level>3</Level>
    <Task>16</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8080000000000000</Keywords>
    <TimeCreated SystemTime="2010-12-15T15:14:58.934914200Z" />
    <EventRecordID>3253</EventRecordID>
    <Correlation />
    <Execution ProcessID="584" ThreadID="5656" />
    <Channel>Directory Service</Channel>
    <Computer>dc1.domain.local</Computer>
    <Security />
  </System>
  <EventData>
    <Data>1236</Data>
    <Data>c0602f0</Data>
    <Data>[fe80::7844:d9c4:c8ff:bb8c%13]:52578</Data>
    <Data>The network connection was aborted by the local system.</Data>
  </EventData>
</Event>

--------------------------------------------

Log Name:      Directory Service
Source:        Microsoft-Windows-ActiveDirectory_DomainService
Date:          15.12.2010 16:17:21
Event ID:      2041
Task Category: Internal Processing
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      dc1.domain.local
Description:
Duplicate event log entries were suppressed. 
 
See the previous event log entry for details. An entry is considered a duplicate if the event code and all of its insertion parameters are identical. The time period for this run of duplicates is from the time of the previous event to the time of this event. 
 
Event Code:
400005ff 
Number of duplicate entries: 
1
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-ActiveDirectory_DomainService" Guid="{0e8478c5-3605-4e8c-8497-1e730c959516}" EventSourceName="NTDS General" />
    <EventID Qualifiers="16384">2041</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>9</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8080000000000000</Keywords>
    <TimeCreated SystemTime="2010-12-15T15:17:21.536172900Z" />
    <EventRecordID>3255</EventRecordID>
    <Correlation />
    <Execution ProcessID="584" ThreadID="1896" />
    <Channel>Directory Service</Channel>
    <Computer>dc1.domain.local</Computer>
    <Security />
  </System>
  <EventData>
    <Data>400005ff</Data>
    <Data>1</Data>
  </EventData>
</Event>

Open in new window

SOLUTION
Avatar of KenMcF
KenMcF
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of cegeland
cegeland
Flag of Norway image

ASKER

The new server is pointing to itself - since it's the only remaining DNS server remaining. We have removed the DNS server from the old server as well.

The intention is to do a clean install on the old server and then rejoin it to the domain as a backup DC/secondary DNS.

Attached is the dcdiag and ipconfig /all results as requested.
Windows IP Configuration

   Host Name . . . . . . . . . . . . : DC1
   Primary Dns Suffix  . . . . . . . : Domain.local
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Domain.local

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client)
   Physical Address. . . . . . . . . : 00-1C-67-AG-DS-1A
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fg88::7844:d9c4:c3fh:bb8c%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.20.10(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   IPv4 Address. . . . . . . . . . . : 192.168.20.11(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   IPv4 Address. . . . . . . . . . . : 192.168.20.12(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.20.1
   DHCPv6 IAID . . . . . . . . . . . : 301997091
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-34-EB-32-00-1B-21-31-73-B3
   DNS Servers . . . . . . . . . . . : 192.168.20.10
                                       127.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 GT Desktop Adapter
   Physical Address. . . . . . . . . : 00-1B-25-71-87-C3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{EB650E78-F3F0-4E69-8809-B69F4AA0562B}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{81DE8F6C-9076-4518-9E63-FFA8BE934E19}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Open in new window

Command Line: "dcdiag.exe 
/V /C /D /E /s:dc1"

Directory Server Diagnosis


Performing initial setup:

   * Connecting to directory service on server dc1.

   dc1.currentTime = 20101215160028.0Z

   dc1.highestCommittedUSN = 2699894

   dc1.isSynchronized = 1

   dc1.isGlobalCatalogReady = 1

   * Identified AD Forest. 
   Collecting AD specific global data 
   * Collecting site info.

   Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local,LDAP_SCOPE_SUBTREE,(objectCategory=ntDSSiteSettings),.......
   The previous call succeeded 
   Iterating through the sites 
   Looking at base site object: CN=NTDS Site Settings,CN=DOMAIN,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local
   Getting ISTG and options for the site
   * Identifying all servers.

   Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local,LDAP_SCOPE_SUBTREE,(objectClass=ntDSDsa),.......
   The previous call succeeded....
   The previous call succeeded
   Iterating through the list of servers 
   Getting information for the server CN=NTDS Settings,CN=DC1,CN=Servers,CN=DOMAIN,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local 
   objectGuid obtained
   InvocationID obtained
   dnsHostname obtained
   site info obtained
   All the info for the server collected
   DC1.currentTime = 20101215160028.0Z

   DC1.highestCommittedUSN = 2699894

   DC1.isSynchronized = 1

   DC1.isGlobalCatalogReady = 1

   * Identifying all NC cross-refs.

   * Found 1 DC(s). Testing 1 of them.

   Done gathering initial info.



===============================================Printing out pDsInfo

GLOBAL:
	ulNumServers=1
	pszRootDomain=Domain.local
	pszNC=
	pszRootDomainFQDN=DC=DOMAIN,DC=local
	pszConfigNc=CN=Configuration,DC=DOMAIN,DC=local
	pszPartitionsDn=CN=Partitions,CN=Configuration,DC=DOMAIN,DC=local
	fAdam=0
	iSiteOptions=0
	dwTombstoneLifeTimeDays=60

	dwForestBehaviorVersion=4

	HomeServer=0, DC1

	SERVER: pServer[0].pszName=DC1
		pServer[0].pszGuidDNSName (binding str)=617a8ca6-e4bb-4b17-a29f-bd41a19c10c0._msdcs.Domain.local
		pServer[0].pszDNSName=Dc1.domain.local
		pServer[0].pszLdapPort=(null)
		pServer[0].pszSslPort=(null)
		pServer[0].pszDn=CN=NTDS Settings,CN=DC1,CN=Servers,CN=DOMAIN,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local
		pServer[0].pszComputerAccountDn=CN=DC1,OU=Domain Controllers,DC=DOMAIN,DC=local
		pServer[0].uuidObjectGuid=617a8ca6-e4bb-4b17-a29f-bd41a19c10c0
		pServer[0].uuidInvocationId=e0ae8e2f-8db9-4dd0-bb97-cf6a63c12b30
		pServer[0].iSite=0 (DOMAIN)
		pServer[0].iOptions=1
		pServer[0].ftLocalAcquireTime=315124b0 01cb9c71 

		pServer[0].ftRemoteConnectTime=3125f600 01cb9c71 

		pServer[0].ppszMaster/FullReplicaNCs:
			ppszMaster/FullReplicaNCs[0]=DC=ForestDnsZones,DC=DOMAIN,DC=local
			ppszMaster/FullReplicaNCs[1]=DC=DomainDnsZones,DC=DOMAIN,DC=local
			ppszMaster/FullReplicaNCs[2]=CN=Schema,CN=Configuration,DC=DOMAIN,DC=local
			ppszMaster/FullReplicaNCs[3]=CN=Configuration,DC=DOMAIN,DC=local
			ppszMaster/FullReplicaNCs[4]=DC=DOMAIN,DC=local

	SITES:  pSites[0].pszName=DOMAIN
		pSites[0].pszSiteSettings=CN=NTDS Site Settings,CN=DOMAIN,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local
		pSites[0].pszISTG=CN=NTDS Settings,CN=DC1,CN=Servers,CN=DOMAIN,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local
		pSites[0].iSiteOption=0

		pSites[0].cServers=1

	NC:     pNCs[0].pszName=ForestDnsZones
		pNCs[0].pszDn=DC=ForestDnsZones,DC=DOMAIN,DC=local

			pNCs[0].aCrInfo[0].dwFlags=0x00000201
			pNCs[0].aCrInfo[0].pszDn=CN=21e9b1e7-8e02-4426-8cbd-9f43d1291c52,CN=Partitions,CN=Configuration,DC=DOMAIN,DC=local
			pNCs[0].aCrInfo[0].pszDnsRoot=ForestDnsZones.Domain.local
			pNCs[0].aCrInfo[0].iSourceServer=0
			pNCs[0].aCrInfo[0].pszSourceServer=(null)
			pNCs[0].aCrInfo[0].ulSystemFlags=0x00000005
			pNCs[0].aCrInfo[0].bEnabled=TRUE
			pNCs[0].aCrInfo[0].ftWhenCreated=00000000 00000000 			pNCs[0].aCrInfo[0].pszSDReferenceDomain=(null)
			pNCs[0].aCrInfo[0].pszNetBiosName=(null)
			pNCs[0].aCrInfo[0].cReplicas=-1
			pNCs[0].aCrInfo[0].aszReplicas=


	NC:     pNCs[1].pszName=DomainDnsZones
		pNCs[1].pszDn=DC=DomainDnsZones,DC=DOMAIN,DC=local

			pNCs[1].aCrInfo[0].dwFlags=0x00000201
			pNCs[1].aCrInfo[0].pszDn=CN=c6d2a78f-5f69-4465-906c-bf0d91ff0cbd,CN=Partitions,CN=Configuration,DC=DOMAIN,DC=local
			pNCs[1].aCrInfo[0].pszDnsRoot=DomainDnsZones.Domain.local
			pNCs[1].aCrInfo[0].iSourceServer=0
			pNCs[1].aCrInfo[0].pszSourceServer=(null)
			pNCs[1].aCrInfo[0].ulSystemFlags=0x00000005
			pNCs[1].aCrInfo[0].bEnabled=TRUE
			pNCs[1].aCrInfo[0].ftWhenCreated=00000000 00000000 			pNCs[1].aCrInfo[0].pszSDReferenceDomain=(null)
			pNCs[1].aCrInfo[0].pszNetBiosName=(null)
			pNCs[1].aCrInfo[0].cReplicas=-1
			pNCs[1].aCrInfo[0].aszReplicas=


	NC:     pNCs[2].pszName=Schema
		pNCs[2].pszDn=CN=Schema,CN=Configuration,DC=DOMAIN,DC=local

			pNCs[2].aCrInfo[0].dwFlags=0x00000201
			pNCs[2].aCrInfo[0].pszDn=CN=Enterprise Schema,CN=Partitions,CN=Configuration,DC=DOMAIN,DC=local
			pNCs[2].aCrInfo[0].pszDnsRoot=Domain.local
			pNCs[2].aCrInfo[0].iSourceServer=0
			pNCs[2].aCrInfo[0].pszSourceServer=(null)
			pNCs[2].aCrInfo[0].ulSystemFlags=0x00000001
			pNCs[2].aCrInfo[0].bEnabled=TRUE
			pNCs[2].aCrInfo[0].ftWhenCreated=00000000 00000000 			pNCs[2].aCrInfo[0].pszSDReferenceDomain=(null)
			pNCs[2].aCrInfo[0].pszNetBiosName=(null)
			pNCs[2].aCrInfo[0].cReplicas=-1
			pNCs[2].aCrInfo[0].aszReplicas=


	NC:     pNCs[3].pszName=Configuration
		pNCs[3].pszDn=CN=Configuration,DC=DOMAIN,DC=local

			pNCs[3].aCrInfo[0].dwFlags=0x00000201
			pNCs[3].aCrInfo[0].pszDn=CN=Enterprise Configuration,CN=Partitions,CN=Configuration,DC=DOMAIN,DC=local
			pNCs[3].aCrInfo[0].pszDnsRoot=Domain.local
			pNCs[3].aCrInfo[0].iSourceServer=0
			pNCs[3].aCrInfo[0].pszSourceServer=(null)
			pNCs[3].aCrInfo[0].ulSystemFlags=0x00000001
			pNCs[3].aCrInfo[0].bEnabled=TRUE
			pNCs[3].aCrInfo[0].ftWhenCreated=00000000 00000000 			pNCs[3].aCrInfo[0].pszSDReferenceDomain=(null)
			pNCs[3].aCrInfo[0].pszNetBiosName=(null)
			pNCs[3].aCrInfo[0].cReplicas=-1
			pNCs[3].aCrInfo[0].aszReplicas=


	NC:     pNCs[4].pszName=DOMAIN
		pNCs[4].pszDn=DC=DOMAIN,DC=local

			pNCs[4].aCrInfo[0].dwFlags=0x00000201
			pNCs[4].aCrInfo[0].pszDn=CN=DOMAIN,CN=Partitions,CN=Configuration,DC=DOMAIN,DC=local
			pNCs[4].aCrInfo[0].pszDnsRoot=Domain.local
			pNCs[4].aCrInfo[0].iSourceServer=0
			pNCs[4].aCrInfo[0].pszSourceServer=(null)
			pNCs[4].aCrInfo[0].ulSystemFlags=0x00000003
			pNCs[4].aCrInfo[0].bEnabled=TRUE
			pNCs[4].aCrInfo[0].ftWhenCreated=00000000 00000000 			pNCs[4].aCrInfo[0].pszSDReferenceDomain=(null)
			pNCs[4].aCrInfo[0].pszNetBiosName=(null)
			pNCs[4].aCrInfo[0].cReplicas=-1
			pNCs[4].aCrInfo[0].aszReplicas=


	5 NC TARGETS: ForestDnsZones, DomainDnsZones, Schema, Configuration, DOMAIN, 
	1 TARGETS: DC1, 

=============================================Done Printing pDsInfo

Doing initial required tests

   
   Testing server: DOMAIN\DC1

      Starting test: Connectivity

         * Active Directory LDAP Services Check
         Determining IP4 connectivity 
         Failure Analysis: DC1 ... OK.
         * Active Directory RPC Services Check
         ......................... DC1 passed test Connectivity



Doing primary tests

   
   Testing server: DOMAIN\DC1

      Starting test: Advertising

         The DC DC1 is advertising itself as a DC and having a DS.
         The DC DC1 is advertising as an LDAP server
         The DC DC1 is advertising as having a writeable directory
         The DC DC1 is advertising as a Key Distribution Center
         The DC DC1 is advertising as a time server
         The DS DC1 is advertising as a GC.
         ......................... DC1 passed test Advertising

      Starting test: CheckSecurityError

         * Dr Auth:  Beginning security errors check!
         Found KDC DC1 for domain Domain.local in site DOMAIN
         Checking machine account for DC DC1 on DC DC1.
         * SPN found :LDAP/Dc1.domain.local/Domain.local
         * SPN found :LDAP/Dc1.domain.local
         * SPN found :LDAP/DC1
         * SPN found :LDAP/Dc1.domain.local/DOMAIN
         * SPN found :LDAP/617a8ca6-e4bb-4b17-a29f-bd41a19c10c0._msdcs.Domain.local
         * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/617a8ca6-e4bb-4b17-a29f-bd41a19c10c0/Domain.local
         * SPN found :HOST/Dc1.domain.local/Domain.local
         * SPN found :HOST/Dc1.domain.local
         * SPN found :HOST/DC1
         * SPN found :HOST/Dc1.domain.local/DOMAIN
         * SPN found :GC/Dc1.domain.local/Domain.local
         [DC1] No security related replication errors were found on this DC!

         To target the connection to a specific source DC use /ReplSource:<DC>.

         ......................... DC1 passed test CheckSecurityError

      Starting test: CutoffServers

         * Configuration Topology Aliveness Check
         * Analyzing the alive system replication topology for DC=ForestDnsZones,DC=DOMAIN,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         * Analyzing the alive system replication topology for DC=DomainDnsZones,DC=DOMAIN,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         * Analyzing the alive system replication topology for CN=Schema,CN=Configuration,DC=DOMAIN,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         * Analyzing the alive system replication topology for CN=Configuration,DC=DOMAIN,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         * Analyzing the alive system replication topology for DC=DOMAIN,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         ......................... DC1 passed test CutoffServers

      Starting test: FrsEvent

         * The File Replication Service Event log test 
         There are warning or error events within the last 24 hours after the

         SYSVOL has been shared.  Failing SYSVOL replication problems may cause

         Group Policy problems. 
         A warning event occurred.  EventID: 0x800034C8

            Time Generated: 12/14/2010   23:39:42

            Event String:

            The File Replication Service has detected an enabled disk write cache on the drive containing the directory c:\windows\ntfrs\jet on the computer DC1. The File Replication Service might not recover when power to the drive is interrupted and critical updates are lost.

         ......................... DC1 passed test FrsEvent

      Starting test: DFSREvent

         The DFS Replication Event Log. 
         Skip the test because the server is running FRS.

         ......................... DC1 passed test DFSREvent

      Starting test: SysVolCheck

         * The File Replication Service SYSVOL ready test 
         File Replication Service's SYSVOL is ready 
         ......................... DC1 passed test SysVolCheck

      Starting test: FrsSysVol

         * The File Replication Service SYSVOL ready test 
         File Replication Service's SYSVOL is ready 
         ......................... DC1 passed test FrsSysVol

      Starting test: KccEvent

         * The KCC Event log test
         Found no KCC errors in "Directory Service" Event log in the last 15 minutes.
         ......................... DC1 passed test KccEvent

      Starting test: KnowsOfRoleHolders

         Role Schema Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=DOMAIN,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local
         Role Domain Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=DOMAIN,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local
         Role PDC Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=DOMAIN,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local
         Role Rid Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=DOMAIN,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local
         Role Infrastructure Update Owner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=DOMAIN,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local
         ......................... DC1 passed test KnowsOfRoleHolders

      Starting test: MachineAccount

         Checking machine account for DC DC1 on DC DC1.
         * SPN found :LDAP/Dc1.domain.local/Domain.local
         * SPN found :LDAP/Dc1.domain.local
         * SPN found :LDAP/DC1
         * SPN found :LDAP/Dc1.domain.local/DOMAIN
         * SPN found :LDAP/617a8ca6-e4bb-4b17-a29f-bd41a19c10c0._msdcs.Domain.local
         * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/617a8ca6-e4bb-4b17-a29f-bd41a19c10c0/Domain.local
         * SPN found :HOST/Dc1.domain.local/Domain.local
         * SPN found :HOST/Dc1.domain.local
         * SPN found :HOST/DC1
         * SPN found :HOST/Dc1.domain.local/DOMAIN
         * SPN found :GC/Dc1.domain.local/Domain.local
         ......................... DC1 passed test MachineAccount

      Starting test: NCSecDesc

         * Security Permissions check for all NC's on DC DC1.
         The forest is not ready for RODC. Will skip checking ERODC ACEs.
         * Security Permissions Check for

           DC=ForestDnsZones,DC=DOMAIN,DC=local
            (NDNC,Version 3)
         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have 

            Replicating Directory Changes In Filtered Set
         access rights for the naming context:

         DC=ForestDnsZones,DC=DOMAIN,DC=local
         * Security Permissions Check for

           DC=DomainDnsZones,DC=DOMAIN,DC=local
            (NDNC,Version 3)
         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have 

            Replicating Directory Changes In Filtered Set
         access rights for the naming context:

         DC=DomainDnsZones,DC=DOMAIN,DC=local
         * Security Permissions Check for

           CN=Schema,CN=Configuration,DC=DOMAIN,DC=local
            (Schema,Version 3)
         * Security Permissions Check for

           CN=Configuration,DC=DOMAIN,DC=local
            (Configuration,Version 3)
         * Security Permissions Check for

           DC=DOMAIN,DC=local
            (Domain,Version 3)
         ......................... DC1 failed test NCSecDesc

      Starting test: NetLogons

         * Network Logons Privileges Check
         Verified share \\DC1\netlogon
         Verified share \\DC1\sysvol
         ......................... DC1 passed test NetLogons

      Starting test: ObjectsReplicated

         DC1 is in domain DC=DOMAIN,DC=local
         Checking for CN=DC1,OU=Domain Controllers,DC=DOMAIN,DC=local in domain DC=DOMAIN,DC=local on 1 servers
            Object is up-to-date on all servers.
         Checking for CN=NTDS Settings,CN=DC1,CN=Servers,CN=DOMAIN,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local in domain CN=Configuration,DC=DOMAIN,DC=local on 1 servers
            Object is up-to-date on all servers.
         ......................... DC1 passed test ObjectsReplicated

      Starting test: OutboundSecureChannels

         * The Outbound Secure Channels test
         ** Did not run Outbound Secure Channels test because /testdomain: was

         not entered

         ......................... DC1 passed test OutboundSecureChannels

      Starting test: Replications

         * Replications Check
         DC=ForestDnsZones,DC=DOMAIN,DC=local has 3 cursors.
         DC=DomainDnsZones,DC=DOMAIN,DC=local has 3 cursors.
         CN=Schema,CN=Configuration,DC=DOMAIN,DC=local has 4 cursors.
         CN=Configuration,DC=DOMAIN,DC=local has 4 cursors.
         DC=DOMAIN,DC=local has 4 cursors.
         * Replication Latency Check
            DC=ForestDnsZones,DC=DOMAIN,DC=local
               Latency information for 2 entries in the vector were ignored.
                  2 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC).  
            DC=DomainDnsZones,DC=DOMAIN,DC=local
               Latency information for 2 entries in the vector were ignored.
                  2 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC).  
            CN=Schema,CN=Configuration,DC=DOMAIN,DC=local
               Latency information for 3 entries in the vector were ignored.
                  3 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC).  
            CN=Configuration,DC=DOMAIN,DC=local
               Latency information for 3 entries in the vector were ignored.
                  3 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC).  
            DC=DOMAIN,DC=local
               Latency information for 3 entries in the vector were ignored.
                  3 were retired Invocations.  0 were either: read-only replicas and are not verifiably latent, or dc's no longer replicating this nc.  0 had no latency information (Win2K DC).  
         ......................... DC1 passed test Replications

      Starting test: RidManager

         ridManagerReference = CN=RID Manager$,CN=System,DC=DOMAIN,DC=local
         * Available RID Pool for the Domain is 3620 to 1073741823
         fSMORoleOwner = CN=NTDS Settings,CN=DC1,CN=Servers,CN=DOMAIN,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local
         * Dc1.domain.local is the RID Master
         * DsBind with RID Master was successful
         rIDSetReferences = CN=RID Set,CN=DC1,OU=Domain Controllers,DC=DOMAIN,DC=local
         * rIDAllocationPool is 3120 to 3619
         * rIDPreviousAllocationPool is 3120 to 3619
         * rIDNextRID: 3143
         ......................... DC1 passed test RidManager

      Starting test: Services

         * Checking Service: EventSystem
         * Checking Service: RpcSs
         * Checking Service: NTDS
         * Checking Service: DnsCache
         * Checking Service: DFSR
         * Checking Service: IsmServ
         * Checking Service: kdc
         * Checking Service: SamSs
         * Checking Service: LanmanServer
         * Checking Service: LanmanWorkstation
         * Checking Service: w32time
         * Checking Service: NETLOGON
         ......................... DC1 passed test Services

      Starting test: SystemLog

         * The System Event log test
         Found no errors in "System" Event log in the last 60 minutes.
         ......................... DC1 passed test SystemLog

      Starting test: Topology

         * Configuration Topology Integrity Check
         * Analyzing the connection topology for DC=ForestDnsZones,DC=DOMAIN,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         * Analyzing the connection topology for DC=DomainDnsZones,DC=DOMAIN,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         * Analyzing the connection topology for CN=Schema,CN=Configuration,DC=DOMAIN,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         * Analyzing the connection topology for CN=Configuration,DC=DOMAIN,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         * Analyzing the connection topology for DC=DOMAIN,DC=local.
         * Performing upstream (of target) analysis.
         * Performing downstream (of target) analysis.
         ......................... DC1 passed test Topology

      Starting test: VerifyEnterpriseReferences

         The following problems were found while verifying various important DN

         references.  Note, that  these problems can be reported because of

         latency in replication.  So follow up to resolve the following

         problems, only if the same problem is reported on all DCs for a given

         domain or if  the problem persists after replication has had

         reasonable time to replicate changes. 
            [1] Problem: Missing Expected Value

             Base Object: CN=DC1,OU=Domain Controllers,DC=DOMAIN,DC=local

             Base Object Description: "DC Account Object"

             Value Object Attribute Name: msDFSR-ComputerReferenceBL

             Value Object Description: "SYSVOL FRS Member Object"

             Recommended Action: See Knowledge Base Article: Q312862

             
            LDAP Error 0x20 (32) - No Such Object. 
         ......................... DC1 failed test VerifyEnterpriseReferences

      Starting test: VerifyReferences

         The system object reference (serverReference)

         CN=DC1,OU=Domain Controllers,DC=DOMAIN,DC=local and backlink on

         CN=DC1,CN=Servers,CN=DOMAIN,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local

         are correct. 
         The system object reference (serverReferenceBL)

         CN=DC1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=DOMAIN,DC=local

         and backlink on

         CN=NTDS Settings,CN=DC1,CN=Servers,CN=DOMAIN,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local

         are correct. 
         The system object reference (frsComputerReferenceBL)

         CN=DC1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=DOMAIN,DC=local

         and backlink on CN=DC1,OU=Domain Controllers,DC=DOMAIN,DC=local are

         correct. 
         ......................... DC1 passed test VerifyReferences

      Starting test: VerifyReplicas

         ......................... DC1 passed test VerifyReplicas

   
      Starting test: DNS

         

         DNS Tests are running and not hung. Please wait a few minutes...

         See DNS test in enterprise tests section for results
         ......................... DC1 passed test DNS

   
   Running partition tests on : ForestDnsZones

      Starting test: CheckSDRefDom

         ......................... ForestDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... ForestDnsZones passed test

         CrossRefValidation

   
   Running partition tests on : DomainDnsZones

      Starting test: CheckSDRefDom

         ......................... DomainDnsZones passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... DomainDnsZones passed test

         CrossRefValidation

   
   Running partition tests on : Schema

      Starting test: CheckSDRefDom

         ......................... Schema passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Schema passed test CrossRefValidation

   
   Running partition tests on : Configuration

      Starting test: CheckSDRefDom

         ......................... Configuration passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... Configuration passed test CrossRefValidation

   
   Running partition tests on : DOMAIN

      Starting test: CheckSDRefDom

         ......................... DOMAIN passed test CheckSDRefDom

      Starting test: CrossRefValidation

         ......................... DOMAIN passed test CrossRefValidation

   
   Running enterprise tests on : Domain.local

      Starting test: DNS

         Test results for domain controllers:

            
            DC: Dc1.domain.local

            Domain: Domain.local

            

                  
               TEST: Authentication (Auth)
                  Authentication test: Successfully completed
                  
               TEST: Basic (Basc)
                  The OS

                  Microsoft Windows Server 2008 R2 Standard  (Service Pack level: 0.0)

                  is supported.

                  NETLOGON service is running

                  kdc service is running

                  DNSCACHE service is running

                  DNS service is running

                  DC is a DNS server

                  Network adapters information:

                  Adapter

                  [00000010] Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client):

                  

                     MAC address is 00:1C:23:DB:DC:1A
                     IP Address is static 
                     IP address: 192.168.20.12, 192.168.20.11, 192.168.20.10, fe80::7844:d9c4:c8ff:bb8c
                     DNS servers:

                        192.168.20.10 (DC1) [Valid]
                        127.0.0.1 (DC1) [Valid]
                  The A host record(s) for this DC was found
                  The SOA record for the Active Directory zone was found
                  The Active Directory zone on this DC/DNS server was found primary
                  Root zone on this DC/DNS server was not found
                  
               TEST: Forwarders/Root hints (Forw)
                  Recursion is enabled
                  Forwarders Information: 
                     212.33.131.67 (<name unavailable>) [Valid] 
                     212.33.135.184 (<name unavailable>) [Valid] 
                  
               TEST: Delegations (Del)
                  No delegations were found in this zone on this DNS server
                  
               TEST: Dynamic update (Dyn)
                  Test record dcdiag-test-record added successfully in zone Domain.local
                  Warning: Failed to delete the test record dcdiag-test-record in zone Domain.local
                  [Error details: 9505 (Type: Win32 - Description: Unsecured DNS packet.)]
                  
               TEST: Records registration (RReg)
                  Network Adapter

                  [00000010] Broadcom BCM5708C NetXtreme II GigE (NDIS VBD Client):

                  

                     Matching CNAME record found at DNS server 192.168.20.10:
                     617a8ca6-e4bb-4b17-a29f-bd41a19c10c0._msdcs.Domain.local

                     Matching A record found at DNS server 192.168.20.10:
                     Dc1.domain.local

                     Matching  SRV record found at DNS server 192.168.20.10:
                     _ldap._tcp.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.10:
                     _ldap._tcp.ad86ac78-df33-44db-a8c7-61c312cd2627.domains._msdcs.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.10:
                     _kerberos._tcp.dc._msdcs.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.10:
                     _ldap._tcp.dc._msdcs.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.10:
                     _kerberos._tcp.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.10:
                     _kerberos._udp.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.10:
                     _kpasswd._tcp.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.10:
                     _ldap._tcp.DOMAIN._sites.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.10:
                     _kerberos._tcp.DOMAIN._sites.dc._msdcs.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.10:
                     _ldap._tcp.DOMAIN._sites.dc._msdcs.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.10:
                     _kerberos._tcp.DOMAIN._sites.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.10:
                     _ldap._tcp.gc._msdcs.Domain.local

                     Matching A record found at DNS server 192.168.20.10:
                     gc._msdcs.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.10:
                     _gc._tcp.DOMAIN._sites.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.10:
                     _ldap._tcp.DOMAIN._sites.gc._msdcs.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.10:
                     _ldap._tcp.pdc._msdcs.Domain.local

                     Matching CNAME record found at DNS server 192.168.20.12:
                     617a8ca6-e4bb-4b17-a29f-bd41a19c10c0._msdcs.Domain.local

                     Matching A record found at DNS server 192.168.20.12:
                     Dc1.domain.local

                     Matching  SRV record found at DNS server 192.168.20.12:
                     _ldap._tcp.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.12:
                     _ldap._tcp.ad86ac78-df33-44db-a8c7-61c312cd2627.domains._msdcs.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.12:
                     _kerberos._tcp.dc._msdcs.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.12:
                     _ldap._tcp.dc._msdcs.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.12:
                     _kerberos._tcp.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.12:
                     _kerberos._udp.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.12:
                     _kpasswd._tcp.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.12:
                     _ldap._tcp.DOMAIN._sites.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.12:
                     _kerberos._tcp.DOMAIN._sites.dc._msdcs.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.12:
                     _ldap._tcp.DOMAIN._sites.dc._msdcs.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.12:
                     _kerberos._tcp.DOMAIN._sites.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.12:
                     _ldap._tcp.gc._msdcs.Domain.local

                     Matching A record found at DNS server 192.168.20.12:
                     gc._msdcs.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.12:
                     _gc._tcp.DOMAIN._sites.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.12:
                     _ldap._tcp.DOMAIN._sites.gc._msdcs.Domain.local

                     Matching  SRV record found at DNS server 192.168.20.12:
                     _ldap._tcp.pdc._msdcs.Domain.local

               Total query time:0 min. 0 sec.. Total RPC connection

               time:0 min. 0 sec.

               Total WMI connection time:0 min. 22 sec. Total Netuse connection

               time:0 min. 0 sec.

         
         Summary of test results for DNS servers used by the above domain

         controllers:

         

            DNS server: 192.168.20.10 (DC1)

               All tests passed on this DNS server

               Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered 
               Total query time:0 min. 0 sec., Total WMI connection

               time:0 min. 0 sec.

               
            DNS server: 192.168.20.12 (DC1)

               All tests passed on this DNS server

               Name resolution is functional._ldap._tcp SRV record for the forest root domain is registered 
               Total query time:0 min. 0 sec., Total WMI connection

               time:0 min. 0 sec.

               
            DNS server: 212.33.131.67 (<name unavailable>)

               All tests passed on this DNS server

               Total query time:0 min. 0 sec., Total WMI connection

               time:0 min. 21 sec.

               
            DNS server: 212.33.135.184 (<name unavailable>)

               All tests passed on this DNS server

               Total query time:0 min. 0 sec., Total WMI connection

               time:0 min. 1 sec.

               
         Summary of DNS test results:

         
                                            Auth Basc Forw Del  Dyn  RReg Ext
            _________________________________________________________________
            Domain: Domain.local

               DC1                        PASS PASS PASS PASS WARN PASS n/a  
         
         Total Time taken to test all the DCs:0 min. 22 sec.

         ......................... Domain.local passed test DNS

      Starting test: LocatorCheck

         GC Name: \\Dc1.domain.local

         Locator Flags: 0xe00033fd
         PDC Name: \\Dc1.domain.local
         Locator Flags: 0xe00033fd
         Time Server Name: \\Dc1.domain.local
         Locator Flags: 0xe00033fd
         Preferred Time Server Name: \\Dc1.domain.local
         Locator Flags: 0xe00033fd
         KDC Name: \\Dc1.domain.local
         Locator Flags: 0xe00033fd
         ......................... Domain.local passed test LocatorCheck

      Starting test: FsmoCheck

         GC Name: \\Dc1.domain.local

         Locator Flags: 0xe00033fd
         PDC Name: \\Dc1.domain.local
         Locator Flags: 0xe00033fd
         Time Server Name: \\Dc1.domain.local
         Locator Flags: 0xe00033fd
         Preferred Time Server Name: \\Dc1.domain.local
         Locator Flags: 0xe00033fd
         KDC Name: \\Dc1.domain.local
         Locator Flags: 0xe00033fd
         ......................... Domain.local passed test FsmoCheck

      Starting test: Intersite

         Skipping site DOMAIN, this site is outside the scope provided by the

         command line arguments provided. 
         ......................... Domain.local passed test Intersite

Open in new window

Avatar of Darius Ghassem
Darius Ghassem
Flag of United States of America image
Disable second NIC you should only have one NIC enabled.

Go to the Network Connections then Advance Settings make sure your primary NIC is listed first and that IPv4 is listed first as well.

Go to TCP\IP properties remove 127.0.0.1

Run ipconfig /flushdns
ipconfig /registerdns
dcdiag /fix
Avatar of cegeland
cegeland
Flag of Norway image

ASKER

Thanks for your quick reply!

I have disabled the NIC

Under Network Connections  I have no "Advanced settings", only two icons representing the 2 NIC's (one now disabled - the other one active).

I opened the active NIC's properties and removed the localhost loopback entry (127.0.0.1) from the secondary DNS entry in TCP/IPv4. IPv4 is checked as active. Ipv6 is disabled(we do not use IPv6).

Ran ipconfig /flushdns, /registerdns and dcdiag /fix

dcdiag /fix results attached. As you can see it produced 7x warnings ( Event ID 1216) 

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = DC1
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: DOMAIN\DC1
      Starting test: Connectivity
         ......................... DC1 passed test Connectivity

Doing primary tests

   Testing server: DOMAIN\DC1
      Starting test: Advertising
         ......................... DC1 passed test Advertising
      Starting test: FrsEvent
         There are warning or error events within the last 24 hours after the SYSVOL has been sh
         replication problems may cause Group Policy problems.
         ......................... DC1 passed test FrsEvent
      Starting test: DFSREvent
         ......................... DC1 passed test DFSREvent
      Starting test: SysVolCheck
         ......................... DC1 passed test SysVolCheck
      Starting test: KccEvent
         A warning event occurred.  EventID: 0x800004C0
            Time Generated: 12/15/2010   17:43:41
            Event String: Internal event: An LDAP client connection was closed because of an err
         A warning event occurred.  EventID: 0x800004C0
            Time Generated: 12/15/2010   17:43:41
            Event String: Internal event: An LDAP client connection was closed because of an err
         A warning event occurred.  EventID: 0x800004C0
            Time Generated: 12/15/2010   17:43:41
            Event String: Internal event: An LDAP client connection was closed because of an err
         A warning event occurred.  EventID: 0x800004C0
            Time Generated: 12/15/2010   17:48:13
            EvtFormatMessage failed (second call), error 15029 The substitution string for inser
e found..
            (Event String (event log = Directory Service) could not be retrieved, error 0x3ab5)
         A warning event occurred.  EventID: 0x800004C0
            Time Generated: 12/15/2010   17:48:13
            Event String: Internal event: An LDAP client connection was closed because of an err
         A warning event occurred.  EventID: 0x800004C0
            Time Generated: 12/15/2010   17:48:13
            EvtFormatMessage failed (second call), error 15029 The substitution string for inser
e found..
            (Event String (event log = Directory Service) could not be retrieved, error 0x3ab5)
         A warning event occurred.  EventID: 0x800004C0
            Time Generated: 12/15/2010   17:48:13
            EvtFormatMessage failed (second call), error 15029 The substitution string for inser
e found..
            (Event String (event log = Directory Service) could not be retrieved, error 0x3ab5)
         A warning event occurred.  EventID: 0x800004C0
            Time Generated: 12/15/2010   17:48:13
            EvtFormatMessage failed (second call), error 15029 The substitution string for inser
e found..
            (Event String (event log = Directory Service) could not be retrieved, error 0x3ab5)
         A warning event occurred.  EventID: 0x800004C0
            Time Generated: 12/15/2010   17:48:13
            EvtFormatMessage failed (second call), error 15029 The substitution string for inser
e found..
            (Event String (event log = Directory Service) could not be retrieved, error 0x3ab5)
         A warning event occurred.  EventID: 0x800004C0
            Time Generated: 12/15/2010   17:48:14
            Event String: Internal event: An LDAP client connection was closed because of an err
         ......................... DC1 passed test KccEvent
      Starting test: KnowsOfRoleHolders
         ......................... DC1 passed test KnowsOfRoleHolders
      Starting test: MachineAccount
         ......................... DC1 passed test MachineAccount
      Starting test: NCSecDesc
         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
            Replicating Directory Changes In Filtered Set
         access rights for the naming context:
         DC=ForestDnsZones,DC=DOMAIN,DC=local
         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
            Replicating Directory Changes In Filtered Set
         access rights for the naming context:
         DC=DomainDnsZones,DC=DOMAIN,DC=local
         ......................... DC1 failed test NCSecDesc
      Starting test: NetLogons
         ......................... DC1 passed test NetLogons
      Starting test: ObjectsReplicated
         ......................... DC1 passed test ObjectsReplicated
      Starting test: Replications
         ......................... DC1 passed test Replications
      Starting test: RidManager
         ......................... DC1 passed test RidManager
      Starting test: Services
         ......................... DC1 passed test Services
      Starting test: SystemLog
         An error event occurred.  EventID: 0xC0002719
            Time Generated: 12/15/2010   17:00:50
            Event String:
            DCOM was unable to communicate with the computer 212.33.131.67 using any of the conf
         An error event occurred.  EventID: 0xC0002719
            Time Generated: 12/15/2010   17:00:52
            Event String:
            DCOM was unable to communicate with the computer 212.33.135.184 using any of the con
         A warning event occurred.  EventID: 0x000003F6
            Time Generated: 12/15/2010   17:43:56
            Event String:
            Name resolution for the name Domain.local timed out after none of the configured DNS se
         A warning event occurred.  EventID: 0x000003F6
            Time Generated: 12/15/2010   17:48:28
            Event String:
            Name resolution for the name Domain.local timed out after none of the configured DNS se
         ......................... DC1 failed test SystemLog
      Starting test: VerifyReferences
         ......................... DC1 passed test VerifyReferences


   Running partition tests on : ForestDnsZones
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

   Running partition tests on : DomainDnsZones
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

   Running partition tests on : Schema
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation

   Running partition tests on : Configuration
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation

   Running partition tests on : CompanyName
      Starting test: CheckSDRefDom
         ......................... CompanyName passed test CheckSDRefDom
      Starting test: CrossRefValidation
         ......................... CompanyName passed test CrossRefValidation

   Running enterprise tests on : Domain.local
      Starting test: LocatorCheck
         ......................... Domain.local passed test LocatorCheck
      Starting test: Intersite
         ......................... Domain.local passed test Intersite

Open in new window

Avatar of cegeland
cegeland
Flag of Norway image

ASKER

I read Microsoft's KB312862 and ran the ntfrsutl ds command. Attached is the result of this command.

Could the fact that the FRS DomainControllerName is listed as (null) have anything to do with this?

NTFRS CONFIGURATION IN THE DS
SUBSTITUTE DCINFO FOR DC
   FRS  DomainControllerName: (null)
   Computer Name            : DC1
   Computer DNS Name        : Dc1.domain.local

BINDING TO THE DS:
   ldap_connect     : Dc1.domain.local
   DsBind     : Dc1.domain.local

NAMING CONTEXTS:
   SitesDn    : CN=Sites,cn=configuration,dc=DOMAIN,dc=local
   ServicesDn : CN=Services,cn=configuration,dc=DOMAIN,dc=local
   DefaultNcDn: DC=DOMAIN,DC=local
   ComputersDn: CN=Computers,DC=DOMAIN,DC=local
   DomainCtlDn: OU=Domain Controllers,DC=DOMAIN,DC=local
   Fqdn       : CN=DC1,OU=Domain Controllers,DC=DOMAIN,DC=local
   Searching  : Fqdn

COMPUTER: DC1
   DN   : cn=dc1,ou=domain controllers,dc=DOMAIN,dc=local
   Guid : 2927cf37-0293-4dc0-a379af987d2e62a1
   UAC  : 0x00082000
   Server BL : CN=DC1,CN=Servers,CN=DOMAIN,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local
   Settings  : cn=ntds settings,cn=dc1,cn=servers,cn=DOMAIN,cn=sites,cn=configuration,dc=DOMAIN,dc=local
   DNS Name  : Dc1.domain.local
   WhenCreated  : 4/29/2008 10:27:6 W. Europe Standard Time W. Europe Daylight Time [-60]
   WhenChanged  : 12/12/2010 16:46:56 W. Europe Standard Time W. Europe Daylight Time [-60]

   SUBSCRIPTION: NTFRS SUBSCRIPTIONS
      DN   : cn=ntfrs subscriptions,cn=dc1,ou=domain controllers,dc=DOMAIN,dc=local
      Guid : 36c43e98-9a11-4d5d-90377bd18508a68e
      Working       : c:\windows\ntfrs
      Actual Working: c:\windows\ntfrs
      WhenCreated  : 3/23/2010 12:11:31 W. Europe Standard Time W. Europe Daylight Time [-60]
      WhenChanged  : 3/23/2010 12:11:31 W. Europe Standard Time W. Europe Daylight Time [-60]

      SUBSCRIBER: DOMAIN SYSTEM VOLUME (SYSVOL SHARE)
         DN   : cn=domain system volume (sysvol share),cn=ntfrs subscriptions,cn=dc1,ou=domain controllers,dc=DOMAIN,dc=l
ocal
         Guid : c6dffa3c-f983-4b9b-90d5bbb8601fe96c
         Member Ref: CN=DC1,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=DOMAIN,DC=loc
al
         Root      : c:\windows\sysvol\domain
         Stage     : c:\windows\sysvol\staging\domain
         WhenCreated  : 3/23/2010 12:11:31 W. Europe Standard Time W. Europe Daylight Time [-60]
         WhenChanged  : 3/23/2010 12:11:31 W. Europe Standard Time W. Europe Daylight Time [-60]
   Subscriber Member Back Links:
      cn=dc1,cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=DOMAIN,dc=local

SETTINGS: FILE REPLICATION SERVICE
   DN   : cn=file replication service,cn=system,dc=DOMAIN,dc=local
   Guid : 82bd83af-9ce6-4854-ba9ed4acd9d3b7c8
   WhenCreated  : 4/29/2008 10:23:0 W. Europe Standard Time W. Europe Daylight Time [-60]
   WhenChanged  : 3/23/2010 12:8:18 W. Europe Standard Time W. Europe Daylight Time [-60]

   SET: DOMAIN SYSTEM VOLUME (SYSVOL SHARE)
      DN   : cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=DOMAIN,dc=local
      Guid : f443054e-ed03-43e4-99fc7f8fdfa9d41d
      Type          : 2
      Primary Member: (null)
      File Filter   : *.tmp, *.bak, ~*
      Dir  Filter   : (null)
      FRS Flags     : (null)
      WhenCreated  : 4/29/2008 10:27:53 W. Europe Standard Time W. Europe Daylight Time [-60]
      WhenChanged  : 3/23/2010 12:8:33 W. Europe Standard Time W. Europe Daylight Time [-60]

      MEMBER: DC1
         DN   : cn=dc1,cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=DOMAIN,dc=local
         Guid : cd296cdb-3b07-4c37-b3384abf3f56fb0c
         Server Ref     : CN=NTDS Settings,CN=DC1,CN=Servers,CN=DOMAIN,CN=Sites,CN=Configuration,DC=DOMAIN,DC=local
         Computer Ref   : cn=dc1,ou=domain controllers,dc=DOMAIN,dc=local
         Cracked Domain : Domain.local
         Cracked Name   : 00000002 DOMAIN\DC1$
         Cracked Domain : Domain.local
         Cracked Name   : fffffff4 S-1-5-21-2812511754-123718817-1394069073-1020
         Computer's DNS : Dc1.domain.local
         WhenCreated  : 3/23/2010 12:11:31 W. Europe Standard Time W. Europe Daylight Time [-60]
         WhenChanged  : 3/23/2010 12:11:31 W. Europe Standard Time W. Europe Daylight Time [-60]

Open in new window

Avatar of Darius Ghassem
Darius Ghassem
Flag of United States of America image
Is DC one still functioning?

post dcdiag /test:dns
Avatar of cegeland
cegeland
Flag of Norway image

ASKER

Yes - dc1 seems to be working - at least I can log on/off users and join new computers to the domain.

Attached is dcdiag /test:dns.
PS C:\Users\admin> dcdiag /test:dns

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = DC1
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: DOMAIN\DC1
      Starting test: Connectivity
         ......................... DC1 passed test Connectivity

Doing primary tests

   Testing server: DOMAIN\DC1

      Starting test: DNS

         DNS Tests are running and not hung. Please wait a few minutes...
         ......................... DC1 passed test DNS

   Running partition tests on : ForestDnsZones

   Running partition tests on : DomainDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running partition tests on : DOMAIN

   Running enterprise tests on : DOMAIN.local
      Starting test: DNS
         Test results for domain controllers:

            DC: Dc1.domain.local
            Domain: DOMAIN.local


               TEST: Dynamic update (Dyn)
                  Warning: Failed to delete the test record dcdiag-test-record in zone DOMAIN.local

               DC1                        PASS PASS PASS PASS WARN PASS n/a
         ......................... DOMAIN.local passed test DNS
PS C:\Users\admin>

Open in new window

Avatar of Darius Ghassem
Darius Ghassem
Flag of United States of America image
Run metadata cleanup to check for any lingering objects
http://www.petri.co.il/delete_failed_dcs_from_ad.htm
Avatar of cegeland
cegeland
Flag of Norway image

ASKER

Thank you for your suggestion. I have performed the steps mentioned in the link - however I have only one record for my remaining server, no faulty entries for any "old" servers.

ASKER CERTIFIED SOLUTION
Avatar of Darius Ghassem
Darius Ghassem
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial