Solved

DCDIAG

Posted on 2006-11-27
12
2,727 Views
Last Modified: 2013-12-23
currently having problem after the master role of a failing DC to another one
the old one is not longer online
and i am getting the following entry in event viewer in the new DC when runnng DCDIAG
how to fix this?
please help

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: UserNetz\servername
      Starting test: Connectivity
         ......................... servername passed test Connectivity

Doing primary tests

   Testing server: UserNetz\MUC-S-FILER01
      Starting test: Replications
         ......................... servername passed test Replications
      Starting test: NCSecDesc
         ......................... servername passed test NCSecDesc
      Starting test: NetLogons
         ......................... servername passed test NetLogons
      Starting test: Advertising
         ......................... servername passed test Advertising
      Starting test: KnowsOfRoleHolders
         Warning: CN=NTDS Settings\0ADEL:b05012fc-c8e7-49c7-ba1d-e4c9e68849ee,CN
=servername2\0ADEL:129013d3-55d1-4013-b861-35f53f92356c,CN=Servers,CN=BroadcastN
etz,CN=Sites,CN=Configuration,DC=mydomain,DC=local is the Schema Owner, but is de
leted.
         Warning: CN=NTDS Settings\0ADEL:b05012fc-c8e7-49c7-ba1d-e4c9e68849ee,CN
=servername2\0ADEL:129013d3-55d1-4013-b861-35f53f92356c,CN=Servers,CN=BroadcastN
etz,CN=Sites,CN=Configuration,DC=mydomain,DC=local is the Domain Owner, but is de
leted.
         ......................... servername failed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... servername passed test RidManager
      Starting test: MachineAccount
         ......................... servername passed test MachineAccount
      Starting test: Services
         ......................... servername passed test Services
      Starting test: ObjectsReplicated
         ......................... servername passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... servername passed test frssysvol
      Starting test: frsevent
         ......................... servername passed test frsevent
      Starting test: kccevent
         An Information Event occured.  EventID: 0x40000456
            Time Generated: 11/27/2006   17:08:23
            (Event String could not be retrieved)
         ......................... servername failed test kccevent
      Starting test: systemlog
         An Error Event occured.  EventID: 0xC0001B77
            Time Generated: 11/27/2006   16:57:11
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0001B77
            Time Generated: 11/27/2006   16:57:35
            (Event String could not be retrieved)
         ......................... servername failed test systemlog
      Starting test: VerifyReferences
         ......................... servername passed test VerifyReferences

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

 Running partition tests on : Configuration
    Starting test: CrossRefValidation
       ......................... Configuration passed test CrossRefValidation
    Starting test: CheckSDRefDom
       ......................... Configuration passed test CheckSDRefDom

 Running partition tests on : mydomain
    Starting test: CrossRefValidation
       ......................... mydomain passed test CrossRefValidation
    Starting test: CheckSDRefDom
       ......................... mydomain passed test CheckSDRefDom

 Running enterprise tests on : mydomain
    Starting test: Intersite
       ......................... mydomain passed test Intersite
    Starting test: FsmoCheck
       ......................... mydomain passed test FsmoCheck
0
Comment
Question by:FM089
  • 7
  • 5
12 Comments
 
LVL 10

Accepted Solution

by:
chrisnewman01 earned 500 total points
ID: 18020808
Have you seized the roles on another DC already?  

"Using Ntdsutil.exe to transfer or seize FSMO roles to a domain controller" <-- http://support.microsoft.com/?kbid=255504 (Use this ONLY if there is absolutely no way to bring the bad server back online.)
0
 

Author Comment

by:FM089
ID: 18022278
the below errors messages are my concern

Starting test: KnowsOfRoleHolders
         Warning: CN=NTDS Settings\0ADEL:b05012fc-c8e7-49c7-ba1d-e4c9e68849ee,CN
=servername2\0ADEL:129013d3-55d1-4013-b861-35f53f92356c,CN=Servers,CN=BroadcastN
etz,CN=Sites,CN=Configuration,DC=mydomain,DC=local is the Schema Owner, but is de
leted.
         Warning: CN=NTDS Settings\0ADEL:b05012fc-c8e7-49c7-ba1d-e4c9e68849ee,CN
=servername2\0ADEL:129013d3-55d1-4013-b861-35f53f92356c,CN=Servers,CN=BroadcastN
etz,CN=Sites,CN=Configuration,DC=mydomain,DC=local is the Domain Owner, but is de
leted.

the name servername2 does no longer exist as DC,
i had to remove it manually from AD after a crash
this server was the master for RID, PDC etc...
how can i resolve this issue - those errors messages
thx
0
 
LVL 10

Expert Comment

by:chrisnewman01
ID: 18022366
On the server you want to be the new DC (or any DC), you have to seize the roles -- especially the schema master and domain naming master (only 1 of each of these exists per forest).  The article in my previous post tells you how to seize the roles.

Seizing the domain naming master (listed as "Domain Owner" in your DCDIAG logs)
http://technet2.microsoft.com/WindowsServer/f/?en/library/33d25c21-ae42-422c-be18-d3e706e4b45e1033.mspx

Seizing the schema master (listed as "Schema Owner" in your DCDIAG logs):
http://technet2.microsoft.com/WindowsServer/f/?en/library/33d25c21-ae42-422c-be18-d3e706e4b45e1033.mspx

Chris
0
 
LVL 10

Expert Comment

by:chrisnewman01
ID: 18022422
Here's another page with some screenshots and better descriptions that might be more useful to you:  http://www.petri.co.il/seizing_fsmo_roles.htm

It would be considered "transferring" the roles if you were able to successfully move the roles off of the failing server to the server you want them to be on.  Since everything was lost on that DC, it's "seizing" the roles...
0
 

Author Comment

by:FM089
ID: 18022509
looks like i am getting there
when i run the dcdiag i am the following

Starting test: kccevent
   An Warning Event occured.  EventID: 0x8025082B
      Time Generated: 11/27/2006   21:47:17
      (Event String could not be retrieved)
   An Warning Event occured.  EventID: 0x8025082B
      Time Generated: 11/27/2006   21:47:17
      (Event String could not be retrieved)
   An Warning Event occured.  EventID: 0x8000072D
      Time Generated: 11/27/2006   21:48:13
      (Event String could not be retrieved)
   An Warning Event occured.  EventID: 0x8000072D
      Time Generated: 11/27/2006   21:48:59
      (Event String could not be retrieved)
   ......................... MyNewDC failed test kccevent

this the only one i get now
anyidea?
thx
0
 
LVL 10

Expert Comment

by:chrisnewman01
ID: 18022764
That's the Knowledge Consistency Checker.  In AD Sites & Services, have you replicated all DCs?  Are any remnants of the old server showing up in there?  If you run DCDIAG /s (or /v, or /z) runs the super-verbose mode.

Chris
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:FM089
ID: 18026329
hi chris

thanks for all this info
i have a one more question

if a dc failes and can not be brought back online and this server owns the master role, ie: RID PDC etc....
what s the procedure?

thank you

0
 
LVL 10

Expert Comment

by:chrisnewman01
ID: 18027647
If there's no way to transfer it (your situation), you will have to seize those roles as well...  
0
 

Author Comment

by:FM089
ID: 18027688
fortunately this is not my current situation but if this was the case i can bring master role DC up by manually running the command ndtsutil.... RID PDC etc?
thx again for your input
0
 
LVL 10

Expert Comment

by:chrisnewman01
ID: 18027741
You can do that, or alternately use the one in AD Users & Computers (I haven't done it this way).  
Chris
0
 
LVL 10

Expert Comment

by:chrisnewman01
ID: 18027753
To clarify the last statement:  I haven't used AD Users & Computers to try to transfer a role after a failure, only NTDSUtil :-)
0
 

Author Comment

by:FM089
ID: 18027758
thx
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Suggested Solutions

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
This video discusses moving either the default database or any database to a new volume.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now