Link to home
Start Free TrialLog in
Avatar of BJMagill
BJMagill

asked on

Events appearing on remote global catalog server.

These events are appearing on a remote GCS connected to HQ via VPN.


Event Type:      Error
Event Source:      AutoEnrollment
Event Category:      None
Event ID:      13
Date:            08/12/2006
Time:            11:26:31
User:            N/A
Computer:      W2K3DC04
Description:
Automatic certificate enrollment for local system failed to enroll for one Domain Controller certificate (0x80070005).  Access is denied.

Followed by:

Event Type:      Warning
Event Source:      SRMSVC
Event Category:      None
Event ID:      12317
Date:            08/12/2006
Time:            12:24:48
User:            N/A
Computer:      W2K3DC04
Description:
File Server Resource Manager failed to enumerate share paths or DFS paths.  Mappings from local file paths to share and DFS paths may be incomplete or temporarily unavailable.  FSRM will retry the operation at a later time.

Error-specific details:
   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.

   Error: (0x80070005) Access is denied.


For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 50 4d 43 41 43 48 45 43   PMCACHEC
0008: 38 30 33 00 00 00 00 00   803.....
0010: 50 4d 43 41 43 48 45 43   PMCACHEC
0018: 37 30 38 00 00 00 00 00   708.....

Avatar of John Gates, CISSP, CDPSE
John Gates, CISSP, CDPSE
Flag of United States of America image

Install the support tools and run a dcdiag and netdiag on the machine where this error is occurring. Post it here.
Avatar of BJMagill
BJMagill

ASKER

DCDIAG Results:
Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Site\W2K3DC04
      Starting test: Connectivity
         ......................... W2K3DC04 passed test Connectivity

Doing primary tests

   Testing server: Site\W2K3DC04
      Starting test: Replications
         ......................... W2K3DC04 passed test Replications
      Starting test: NCSecDesc
         ......................... W2K3DC04 passed test NCSecDesc
      Starting test: NetLogons
         ......................... W2K3DC04 passed test NetLogons
      Starting test: Advertising
         ......................... W2K3DC04 passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... W2K3DC04 passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... W2K3DC04 passed test RidManager
      Starting test: MachineAccount
         ......................... W2K3DC04 passed test MachineAccount
      Starting test: Services
         ......................... W2K3DC04 passed test Services
      Starting test: ObjectsReplicated
         ......................... W2K3DC04 passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... W2K3DC04 passed test frssysvol
      Starting test: frsevent
         ......................... W2K3DC04 passed test frsevent
      Starting test: kccevent
         ......................... W2K3DC04 passed test kccevent
      Starting test: systemlog
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 12/08/2006   13:15:04
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 12/08/2006   13:15:04
            (Event String could not be retrieved)
         ......................... W2K3DC04 failed test systemlog
      Starting test: VerifyReferences
         ......................... W2K3DC04 passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : domain
      Starting test: CrossRefValidation
         ......................... domain passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... domain passed test CheckSDRefDom

   Running enterprise tests on : domain.co.uk
      Starting test: Intersite
         ......................... domain.co.uk passed test Intersite
      Starting test: FsmoCheck
         ......................... domain.co.uk passed test FsmoCheck




Netdiag Results

Computer Name: W2K3DC04
    DNS Host Name: w2k3dc04.domain.co.uk
    System info : Windows 2000 Server (Build 3790)
    Processor : x86 Family 15 Model 4 Stepping 10, GenuineIntel
    List of installed hotfixes :
        KB890046
        KB893756
        KB896358
        KB896424
        KB896428
        KB898715
        KB899587
        KB899588
        KB899589
        KB899591
        KB900725
        KB901017
        KB901214
        KB902400
        KB904706
        KB905414
        KB908519
        KB908531
        KB910437
        KB911164
        KB911280
        KB911562
        KB911567
        KB911927
        KB912919
        KB914388
        KB914389
        KB917344
        KB917422
        KB917734
        KB917953
        KB918439
        KB918899
        KB920214
        KB920670
        KB920683
        KB920685
        KB921398
        KB921883
        KB922582
        KB922616
        KB922819
        KB923191
        KB923414
        KB924191
        KB924496
        KB925486
        Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : w2k3dc04
        IP Address . . . . . . . . : 192.168.4.3
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.4.1
        Primary WINS Server. . . . : 192.168.1.4
        Secondary WINS Server. . . : 192.168.1.2
        Dns Servers. . . . . . . . : 192.168.1.4
                                     192.168.1.2


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenge
r Service', <20> 'WINS' names is missing.

        WINS service test. . . . . : Passed


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{E40E0A27-B9EF-4367-9E96-8297ABCA6E1C}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed
    [WARNING] You don't have a single interface with the <00> 'WorkStation Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '192.168.1.4'. Please wait for 30 minutes for DNS server replication.
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '192.168.1.2'. Please wait for 30 minutes for DNS server replication.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{E40E0A27-B9EF-4367-9E96-8297ABCA6E1C}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{E40E0A27-B9EF-4367-9E96-8297ABCA6E1C}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Passed
    Secure channel for domain 'DOMAIN_NT' is to '\\W2K3DC01.domain.co.uk'.


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed
    [WARNING] Failed to query SPN registration on DC 'w2k3dc10.domain.co.uk'.
    [WARNING] Failed to query SPN registration on DC 'w2k3dc06.domain.co.uk'.
    [WARNING] Failed to query SPN registration on DC 'w2k3dc05.domain.co.uk'.
    [WARNING] Failed to query SPN registration on DC 'w2k3dc03.domain.co.uk'.


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully
This could be an issue:

http://support.microsoft.com/kb/839499

Beyond that do you have this server set up as a DNS server?  Please explain how your network is layed out, and most importantly if your machines are separated by WAN links.

-D-
Yes this server is a DNS server.

In HQ we have a DC and in 5 locations we have a global catalog server.
Each site is connected via a static VPN Wan link.
Each GCS on sites are running DNS.

The remote sites can only see the HQ DC. HQ can see all sites.

Each site has a sepearte subnet.
HQ = 192.168.1.x
sites. = 192.168.2.x, 3.x, 4.x etc.
Oh if the machine is not a DNS server then make sure you point it at a valid DNS server in TCP/IP settings and issue this command at a command prompt:


ipconfig /registerdns

Run dcdiag and netdiag and when dns passes the server will be able to communicate.  The problem is now the DCs do not see that machine as a peer.  That is where your issue is coming from.
Did you set up site links correctly?
The machine is a DNS server.
What should it be set to under TCPIP stack?

and

Did I set up the site links correctly?
How do I tell?
ASKER CERTIFIED SOLUTION
Avatar of John Gates, CISSP, CDPSE
John Gates, CISSP, CDPSE
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
As far as site links are concerned once you set the dns correctly the KCC "Knowledge Consistency Checker" should set your site links.  You can check this by going to active directory sites and services and see that the DCs can communicate through NTDS settings.
okay. The only error i get now is          

......................... W2K3DC05 passed test kccevent
      Starting test: systemlog
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 12/08/2006   15:55:12
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 12/08/2006   15:55:13
            (Event String could not be retrieved)
         ......................... W2K3DC05 failed test systemlog

Once replication settles that error will be gone as well.