Solved

DCDIAG Warning MachineAccount Test

Posted on 2007-03-24
2
4,823 Views
Last Modified: 2010-08-05
Hello all

How do I resolve the warning message for the MachineAccount test?

Chris

C:\Documents and Settings\Administrator2>dcdiag

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests

   Testing server: Manchester\SERVER02
      Starting test: Connectivity
         ......................... SERVER02 passed test Connectivity

Doing primary tests

   Testing server: Manchester\SERVER02
      Starting test: Replications
         ......................... SERVER02 passed test Replications
      Starting test: NCSecDesc
         ......................... SERVER02 passed test NCSecDesc
      Starting test: NetLogons
         ......................... SERVER02 passed test NetLogons
      Starting test: Advertising
         ......................... SERVER02 passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... SERVER02 passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... SERVER02 passed test RidManager
      Starting test: MachineAccount
         Warning:  Attribute userAccountControl of SERVER02 is: 0x82020 = ( UF_P
ASSWD_NOTREQD | UF_SERVER_TRUST_ACCOUNT | UF_TRUSTED_FOR_DELEGATION )
         Typical setting for a DC is 0x82000 = ( UF_SERVER_TRUST_ACCOUNT | UF_TR
USTED_FOR_DELEGATION )
         This may be affecting replication?
         ......................... SERVER02 passed test MachineAccount
      Starting test: Services
         ......................... SERVER02 passed test Services
      Starting test: ObjectsReplicated
         ......................... SERVER02 passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... SERVER02 passed test frssysvol
      Starting test: frsevent
         ......................... SERVER02 passed test frsevent
      Starting test: kccevent
         ......................... SERVER02 passed test kccevent
      Starting test: systemlog
         ......................... SERVER02 passed test systemlog
      Starting test: VerifyReferences
         ......................... SERVER02 passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : ctc
      Starting test: CrossRefValidation
         ......................... ctc passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ctc passed test CheckSDRefDom

   Running enterprise tests on : ctc.local
      Starting test: Intersite
         ......................... ctc.local passed test Intersite
      Starting test: FsmoCheck
         ......................... ctc.local passed test FsmoCheck

C:\Documents and Settings\Administrator2>
0
Comment
Question by:mail2clk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 38

Accepted Solution

by:
Shift-3 earned 500 total points
ID: 18786800
There is a potential fix for this problem here:
http://www.pcreview.co.uk/forums/thread-2378247.php

Be sure to have a good System State backup of the server before changing anything.
0
 
LVL 33

Expert Comment

by:Busbar
ID: 18787458
go to the domain controllers OU,
right click on the Domain controller
properties
delegation
make sure that this computer is trusted for delegation (kerberos only) is selected
restart the server
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question