troubleshooting Question

2000 AD Parent Domain Issues - URGENT

Avatar of he_who_dares
he_who_dares asked on
Windows 2000Active Directory
3 Comments2 Solutions283 ViewsLast Modified:
Guys got an urgent one here.

We have AD 2000 mixed mode, parent domain and then various child domains.

We have 2 DC's for the Parent domain (2000 server SP4) and one of them has developed a problem where its having trouble communicating with anything, especially the other DC.

The one with the issue (DC2) can ping DC1 and resolve the name fine, but if i try and do a telnet session to DC1 on various ports like 389 its doesnt respond. Its got so bad that i cant even connect to it sometimes remotely using VNC (port 5900).

The issue definately seems to be with DC2.

I have done dcdiag /fix & netdiag /fix and this hasnt helped.

Below are the outputs of DCDIAG & NETDIAG for DC2 and also some events that i found in the logs.

Both DC1 and 2 run on HP DL360 G4 with teamed NIC's, this has been in place for 2 years now with no probs.

Any suggestions welcome!


DCDIAG
_______



C:\Program Files\Support Tools>dcdiag

DC Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial non skippeable tests

   Testing server: Default-First-Site-Name\PREULOW2DPR2
      Starting test: Connectivity
         ......................... PREULOW2DPR2 passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\PREULOW2DPR2
      Starting test: Replications
         [PREULOW2DPR1] DsBind() failed with error 1722,
         Win32 Error 1722.
         ......................... PREULOW2DPR2 passed test Replications
      Starting test: NCSecDesc
         ......................... PREULOW2DPR2 passed test NCSecDesc
      Starting test: NetLogons
         ......................... PREULOW2DPR2 passed test NetLogons
      Starting test: Advertising
         ......................... PREULOW2DPR2 passed test Advertising
      Starting test: KnowsOfRoleHolders
         Warning: PREULOW2DPR1 is the Schema Owner, but is not responding to DS
RPC Bind.
         [PREULOW2DPR1] LDAP connection failed with error 58,
         Win32 Error 58.
         Warning: PREULOW2DPR1 is the Schema Owner, but is not responding to LDA
P Bind.
         Warning: PREULOW2DPR1 is the Domain Owner, but is not responding to DS
RPC Bind.
         Warning: PREULOW2DPR1 is the Domain Owner, but is not responding to LDA
P Bind.
         ......................... PREULOW2DPR2 failed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... PREULOW2DPR2 passed test RidManager
      Starting test: MachineAccount
         ......................... PREULOW2DPR2 passed test MachineAccount
      Starting test: Services
         ......................... PREULOW2DPR2 passed test Services
      Starting test: ObjectsReplicated
         ......................... PREULOW2DPR2 passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... PREULOW2DPR2 passed test frssysvol
      Starting test: kccevent
         ......................... PREULOW2DPR2 passed test kccevent
      Starting test: systemlog
         An Error Event occured.  EventID: 0x40011006
            Time Generated: 08/15/2007   14:40:11
            Event String: The connection was aborted by the remote WINS.
         An Error Event occured.  EventID: 0x40011006
            Time Generated: 08/15/2007   14:40:11
            Event String: The connection was aborted by the remote WINS.
         An Error Event occured.  EventID: 0x40011006
            Time Generated: 08/15/2007   14:40:11
            Event String: The connection was aborted by the remote WINS.
         An Error Event occured.  EventID: 0x40011006
            Time Generated: 08/15/2007   15:10:10
            Event String: The connection was aborted by the remote WINS.
         An Error Event occured.  EventID: 0x40011006
            Time Generated: 08/15/2007   15:10:10
            Event String: The connection was aborted by the remote WINS.
         An Error Event occured.  EventID: 0x40011006
            Time Generated: 08/15/2007   15:10:10
            Event String: The connection was aborted by the remote WINS.
         ......................... PREULOW2DPR2 failed test systemlog

   Running enterprise tests on : eu.primus
      Starting test: Intersite
         ......................... eu.primus passed test Intersite
      Starting test: FsmoCheck
         ......................... eu.primus passed test FsmoCheck

----------------------------------------------------------------------------------------


NETDIAG
_______




C:\Program Files\Support Tools>netdiag

..........................................

    Computer Name: PREULOW2DPR2
    DNS Host Name: preulow2dpr2.eu.primus
    System info : Windows 2000 Server (Build 2195)
    Processor : x86 Family 15 Model 4 Stepping 1, GenuineIntel
    List of installed hotfixes :
        KB329115
        KB822343
        KB822831
        KB823182
        KB823559
        KB824105
        KB825119
        KB826232
        KB828035
        KB828749
        KB832353
        KB832359
        KB841356
        KB842773
        KB885836
        KB887797-OE6SP1-20041112.131144
        KB890046
        KB893066
        KB893756
        KB893803v2
        KB894320
        KB896358
        KB896422
        KB896423
        KB896688-IE6SP1-20051004.130236
        KB896727-IE6SP1-20050719.165959
        KB897715-OE6SP1-20050503.210336
        KB899587
        KB899588
        KB899589
        KB899591
        KB900725
        KB901017
        KB901214
        KB902400
        KB904706
        KB905414
        KB905495-IE6SP1-20050805.184113
        KB905749
        Q147222
        Q828026
        Update Rollup 1


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : Virtual Nic

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : preulow2dpr2
        IP Address . . . . . . . . : 172.17.29.38
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 172.17.29.1
        Primary WINS Server. . . . : 172.17.29.38
        Secondary WINS Server. . . : 172.17.29.37
        Dns Servers. . . . . . . . : 172.17.29.38
                                     172.17.29.37


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed

        WINS service test. . . . . : Passed


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{E13A197E-6B2C-4BB6-A811-EB185507C9DF}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Passed
    PASS - All the DNS entries for DC are registered on DNS server '172.17.29.38
' and other DCs also have some of the names registered.
    PASS - All the DNS entries for DC are registered on DNS server '172.17.29.37
' and other DCs also have some of the names registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{E13A197E-6B2C-4BB6-A811-EB185507C9DF}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{E13A197E-6B2C-4BB6-A811-EB185507C9DF}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed
    [WARNING] Failed to query SPN registration on DC 'preulow2dpr2.eu.primus'.
    [FATAL] Cannot open an LDAP session to 'preulow2dpr1.eu.primus' at '172.17.2
9.37'.
    [WARNING] Failed to query SPN registration on DC 'preulow2dpr1.eu.primus'.


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Passed
    IPSec policy service is active, but no policy is assigned.


The command completed successfully

C:\Program Files\Support Tools>

-------------------------------------------------------


VARIOUS EVENTS
_____________


Event Type:      Error
Event Source:      DNS
Event Category:      None
Event ID:      4016
Date:            08/08/2007
Time:            15:47:34
User:            N/A
Computer:      PREULOW2DPR2
Description:
The DNS server timed out attempting an Active Directory service operation on DC=RootDNSServers,cn=MicrosoftDNS,cn=System,DC=eu,DC=primus.  Check Active Directory to see that it is functioning properly. The event data contains the error.
Data:
0000: 55 00 00 00               U...    

------------------------------------------------

Event Type:      Warning
Event Source:      NtFrs
Event Category:      None
Event ID:      13509
Date:            15/08/2007
Time:            10:49:06
User:            N/A
Computer:      PREULOW2DPR2
Description:
The File Replication Service has enabled replication from PREULOW2DPR1 to PREULOW2DPR2 for d:\winnt\sysvol\domain after repeated retries.

-------------------------------------------------


Event Type:      Error
Event Source:      Wins
Event Category:      None
Event ID:      4102
Date:            15/08/2007
Time:            15:10:10
User:            N/A
Computer:      PREULOW2DPR2
Description:
The connection was aborted by the remote WINS. Remote WINS may not be configured to replicate with the server.
Data:
0000: 37 03 00 00 08 00 00 e0   7......à

 
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 2 Answers and 3 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 3 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros