Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

DCDIAG Warning MachineAccount Test

Posted on 2007-03-24
2
Medium Priority
?
4,913 Views
Last Modified: 2010-08-05
Hello all

How do I resolve the warning message for the MachineAccount test?

Chris

C:\Documents and Settings\Administrator2>dcdiag

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Manchester\SERVER02
      Starting test: Connectivity
         ......................... SERVER02 passed test Connectivity

Doing primary tests

   Testing server: Manchester\SERVER02
      Starting test: Replications
         ......................... SERVER02 passed test Replications
      Starting test: NCSecDesc
         ......................... SERVER02 passed test NCSecDesc
      Starting test: NetLogons
         ......................... SERVER02 passed test NetLogons
      Starting test: Advertising
         ......................... SERVER02 passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... SERVER02 passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... SERVER02 passed test RidManager
      Starting test: MachineAccount
         Warning:  Attribute userAccountControl of SERVER02 is: 0x82020 = ( UF_P
ASSWD_NOTREQD | UF_SERVER_TRUST_ACCOUNT | UF_TRUSTED_FOR_DELEGATION )
         Typical setting for a DC is 0x82000 = ( UF_SERVER_TRUST_ACCOUNT | UF_TR
USTED_FOR_DELEGATION )
         This may be affecting replication?
         ......................... SERVER02 passed test MachineAccount
      Starting test: Services
         ......................... SERVER02 passed test Services
      Starting test: ObjectsReplicated
         ......................... SERVER02 passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... SERVER02 passed test frssysvol
      Starting test: frsevent
         ......................... SERVER02 passed test frsevent
      Starting test: kccevent
         ......................... SERVER02 passed test kccevent
      Starting test: systemlog
         ......................... SERVER02 passed test systemlog
      Starting test: VerifyReferences
         ......................... SERVER02 passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : ctc
      Starting test: CrossRefValidation
         ......................... ctc passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ctc passed test CheckSDRefDom

   Running enterprise tests on : ctc.local
      Starting test: Intersite
         ......................... ctc.local passed test Intersite
      Starting test: FsmoCheck
         ......................... ctc.local passed test FsmoCheck

C:\Documents and Settings\Administrator2>
0
Comment
Question by:mail2clk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 38

Accepted Solution

by:
Shift-3 earned 2000 total points
ID: 18786800
There is a potential fix for this problem here:
http://www.pcreview.co.uk/forums/thread-2378247.php

Be sure to have a good System State backup of the server before changing anything.
0
 
LVL 33

Expert Comment

by:Busbar
ID: 18787458
go to the domain controllers OU,
right click on the Domain controller
properties
delegation
make sure that this computer is trusted for delegation (kerberos only) is selected
restart the server
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Let's recap what we learned from yesterday's Skyport Systems webinar.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question