2003 Server dcdiag error: Incorrect function.

I have a domain controller that has been running without errors for a while and all of a sudden (i belive after a windows update) dcdiag is reporting a number of failed tests.  The error is 'Incorrect Function'

dcdiag:
      Starting test: NetLogons
         [AD01] An net use or LsaPolicy operation failed with error 1, Incorrect function..
         ......................... AD01 failed test NetLogons
      Starting test: Advertising
         ......................... AD01 passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... AD01 passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... AD01 passed test RidManager
      Starting test: MachineAccount
         Could not open pipe with [AD01]:failed with 1: Incorrect function.
         Could not get NetBIOSDomainName
         Failed can not test for HOST SPN
         Failed can not test for HOST SPN
         * Missing SPN :(null)
         * Missing SPN :(null)
         ......................... AD01 failed test MachineAccount
      Starting test: Services
         Could not open Remote ipc to [AD01]:failed with 1: Incorrect function.
         ......................... AD01 failed test Services
      Starting test: ObjectsReplicated
         ......................... AD01 passed test ObjectsReplicated
      Starting test: frssysvol
         [AD01] An net use or LsaPolicy operation failed with error 1, Incorrect function..
         ......................... AD01 failed test frssysvol
      Starting test: frsevent
         ......................... AD01 failed test frsevent
      Starting test: kccevent
         Failed to enumerate event log records, error Incorrect function.
         ......................... AD01 failed test kccevent
      Starting test: systemlog
         Failed to enumerate event log records, error Incorrect function.
         ......................... AD01 failed test systemlog
      Starting test: VerifyReferences
         ......................... AD01 passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : domain
      Starting test: CrossRefValidation
         ......................... domain passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... domain passed test CheckSDRefDom

   Running enterprise tests on : domain.local
      Starting test: Intersite
         ......................... domain.local passed test Intersite
      Starting test: FsmoCheck
         ......................... domain.local passed test FsmoCheck


Also recieving 1030 and 1058 messages in application log and srv 2000 event messages in the system log.

The root of the issue seems to be that the machine account can not access \\domain.local\ or \\computername\sysvol.

Tyring to browse to both of these locations brings the error message "\\compuername\sysvol is not accessable.  You might not have permissions.... Incorrect Function."

DNS on interface pointing to self, DNS running on dc, this is the only DC with this probelm, other DC has no problem reaching \\domain.local or \\computername\sysvol.

netdiag /q:
Per interface results:

    Adapter : Local Area Connection

        Host Name. . . . . . . . . : ad01
        IP Address . . . . . . . . : 216.1.2.3
        Subnet Mask. . . . . . . . : 255.255.255.240
        Default Gateway. . . . . . : 216.1.2.1
        Dns Servers. . . . . . . . : 216.1.2.3

        WINS service test. . . . . : Skipped

Global results:
    [WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.

DNS test . . . . . . . . . . . . . : Passed
    PASS - All the DNS entries for DC are registered on DNS server '216.1.2.3' and other DCs also have some of the names registered.

DC list test . . . . . . . . . . . : Failed
        Failed to enumerate DCs by using the browser. [ERROR_INVALID_FUNCTION]

IP Security test . . . . . . . . . : Skipped


Again, here you see the Error_Invalid_Function

I have searched EE far and wide, google, and countless other locations...

Any suggestions would be GREAT except tearing it down and reinstalling (servers in a datacenter across the country)

Thank you in advance.


edmalloryAsked:
Who is Participating?
 
Computer101Connect With a Mentor Commented:
PAQed with points refunded (500)

Computer101
EE Admin
0
 
edmalloryAuthor Commented:
A day ago I foudn that the disabled NIC on this machine that was set to bind to 'file and printer sharing for microsoft networks' and 'client for microsoft networks'  I remvoved these bindings and the problem was resolved.  However, after a reboot to verify, the problem came right back.  Bindings are still removed for the disabled nic.

i have over 20 hours in on this one... and i am out of ideas...   This seems like a common DNS issue, but the Incorrect Function error while browsing to \\computername\sysvol is confusing.  

also, the 1058 error states that the gpt.ini file can not be accessed because "The format of the specified network name is invalid"

The SRV 2000 message states "The server's call to a system service failed unexpectedly"

all of these errors seem to point back and the inability to resolve anything deeper than the \\computername by either the Administrators group or local system/machine accounts...  the sysvol directory has permissions set to allow these users, and authenticated users, read access.
0
 
bkellyboulderitCommented:
If I may take a pot shot: if you can take it offline for a bit....

stop services like DNS... WINS... flushdns, clear arp cache, nbtstat -R, uninstall and reinstall the NIC's. Disable NIC2. Set NIC1 correctly. reboot.

IF server behaves the same then try another NIC.
IF server + NIC behaves the same then ouch, you're probably in the OS more.

Servers usually just don't start doing this....
I often go back to wondering about the hardware, which is the foundation. So, since you seem like your not losing your mind ;-), then maybe the hardware is. Maybe a bad NIC driver update....

0
 
edmalloryAuthor Commented:
looking back at the logs there were no driver updates...  i am having a ip kvm moved to the sever to test some of those options.  right around this same time another DC was promoted also...  the worst part about this is i cant seem to find any information about the Invald Function error.
0
 
edmalloryAuthor Commented:
two things have helped...
I had a 53258 error due to MSDTC permissions probelms and the following fied a BIG erorr that was throwing DCOM error 10016...  

I have seen this error lots of times in the past.

To solve the error do the following:

Click Start, click Run, type dcomcnfg in the Open box, and then click OK.
In Component Services, double-click Component Services, and then double-click Computers.
Right-click My Computer, and then click Properties.
Click the COM Security tab.
In the Launch and Activation Permissions area, click Edit Default.
Click Add, type Network Service, and then click OK.
While Network Service is selected, click to select the Allow check boxes for the following items
      Local Launch
      Remote Launch
      Local Activation
      Remote Activation

3) Click ok

0
All Courses

From novice to tech pro — start learning today.