edmallory
asked on
2003 Server dcdiag error: Incorrect function.
I have a domain controller that has been running without errors for a while and all of a sudden (i belive after a windows update) dcdiag is reporting a number of failed tests. The error is 'Incorrect Function'
dcdiag:
Starting test: NetLogons
[AD01] An net use or LsaPolicy operation failed with error 1, Incorrect function..
......................... AD01 failed test NetLogons
Starting test: Advertising
......................... AD01 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... AD01 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... AD01 passed test RidManager
Starting test: MachineAccount
Could not open pipe with [AD01]:failed with 1: Incorrect function.
Could not get NetBIOSDomainName
Failed can not test for HOST SPN
Failed can not test for HOST SPN
* Missing SPN :(null)
* Missing SPN :(null)
......................... AD01 failed test MachineAccount
Starting test: Services
Could not open Remote ipc to [AD01]:failed with 1: Incorrect function.
......................... AD01 failed test Services
Starting test: ObjectsReplicated
......................... AD01 passed test ObjectsReplicated
Starting test: frssysvol
[AD01] An net use or LsaPolicy operation failed with error 1, Incorrect function..
......................... AD01 failed test frssysvol
Starting test: frsevent
......................... AD01 failed test frsevent
Starting test: kccevent
Failed to enumerate event log records, error Incorrect function.
......................... AD01 failed test kccevent
Starting test: systemlog
Failed to enumerate event log records, error Incorrect function.
......................... AD01 failed test systemlog
Starting test: VerifyReferences
......................... AD01 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : domain
Starting test: CrossRefValidation
......................... domain passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... domain passed test CheckSDRefDom
Running enterprise tests on : domain.local
Starting test: Intersite
......................... domain.local passed test Intersite
Starting test: FsmoCheck
......................... domain.local passed test FsmoCheck
Also recieving 1030 and 1058 messages in application log and srv 2000 event messages in the system log.
The root of the issue seems to be that the machine account can not access \\domain.local\ or \\computername\sysvol.
Tyring to browse to both of these locations brings the error message "\\compuername\sysvol is not accessable. You might not have permissions.... Incorrect Function."
DNS on interface pointing to self, DNS running on dc, this is the only DC with this probelm, other DC has no problem reaching \\domain.local or \\computername\sysvol.
netdiag /q:
Per interface results:
Adapter : Local Area Connection
Host Name. . . . . . . . . : ad01
IP Address . . . . . . . . : 216.1.2.3
Subnet Mask. . . . . . . . : 255.255.255.240
Default Gateway. . . . . . : 216.1.2.1
Dns Servers. . . . . . . . : 216.1.2.3
WINS service test. . . . . : Skipped
Global results:
[WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server '216.1.2.3' and other DCs also have some of the names registered.
DC list test . . . . . . . . . . . : Failed
Failed to enumerate DCs by using the browser. [ERROR_INVALID_FUNCTION]
IP Security test . . . . . . . . . : Skipped
Again, here you see the Error_Invalid_Function
I have searched EE far and wide, google, and countless other locations...
Any suggestions would be GREAT except tearing it down and reinstalling (servers in a datacenter across the country)
Thank you in advance.
dcdiag:
Starting test: NetLogons
[AD01] An net use or LsaPolicy operation failed with error 1, Incorrect function..
......................... AD01 failed test NetLogons
Starting test: Advertising
......................... AD01 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... AD01 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... AD01 passed test RidManager
Starting test: MachineAccount
Could not open pipe with [AD01]:failed with 1: Incorrect function.
Could not get NetBIOSDomainName
Failed can not test for HOST SPN
Failed can not test for HOST SPN
* Missing SPN :(null)
* Missing SPN :(null)
......................... AD01 failed test MachineAccount
Starting test: Services
Could not open Remote ipc to [AD01]:failed with 1: Incorrect function.
......................... AD01 failed test Services
Starting test: ObjectsReplicated
......................... AD01 passed test ObjectsReplicated
Starting test: frssysvol
[AD01] An net use or LsaPolicy operation failed with error 1, Incorrect function..
......................... AD01 failed test frssysvol
Starting test: frsevent
......................... AD01 failed test frsevent
Starting test: kccevent
Failed to enumerate event log records, error Incorrect function.
......................... AD01 failed test kccevent
Starting test: systemlog
Failed to enumerate event log records, error Incorrect function.
......................... AD01 failed test systemlog
Starting test: VerifyReferences
......................... AD01 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : domain
Starting test: CrossRefValidation
......................... domain passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... domain passed test CheckSDRefDom
Running enterprise tests on : domain.local
Starting test: Intersite
......................... domain.local passed test Intersite
Starting test: FsmoCheck
......................... domain.local passed test FsmoCheck
Also recieving 1030 and 1058 messages in application log and srv 2000 event messages in the system log.
The root of the issue seems to be that the machine account can not access \\domain.local\ or \\computername\sysvol.
Tyring to browse to both of these locations brings the error message "\\compuername\sysvol is not accessable. You might not have permissions.... Incorrect Function."
DNS on interface pointing to self, DNS running on dc, this is the only DC with this probelm, other DC has no problem reaching \\domain.local or \\computername\sysvol.
netdiag /q:
Per interface results:
Adapter : Local Area Connection
Host Name. . . . . . . . . : ad01
IP Address . . . . . . . . : 216.1.2.3
Subnet Mask. . . . . . . . : 255.255.255.240
Default Gateway. . . . . . : 216.1.2.1
Dns Servers. . . . . . . . : 216.1.2.3
WINS service test. . . . . : Skipped
Global results:
[WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.
DNS test . . . . . . . . . . . . . : Passed
PASS - All the DNS entries for DC are registered on DNS server '216.1.2.3' and other DCs also have some of the names registered.
DC list test . . . . . . . . . . . : Failed
Failed to enumerate DCs by using the browser. [ERROR_INVALID_FUNCTION]
IP Security test . . . . . . . . . : Skipped
Again, here you see the Error_Invalid_Function
I have searched EE far and wide, google, and countless other locations...
Any suggestions would be GREAT except tearing it down and reinstalling (servers in a datacenter across the country)
Thank you in advance.
If I may take a pot shot: if you can take it offline for a bit....
stop services like DNS... WINS... flushdns, clear arp cache, nbtstat -R, uninstall and reinstall the NIC's. Disable NIC2. Set NIC1 correctly. reboot.
IF server behaves the same then try another NIC.
IF server + NIC behaves the same then ouch, you're probably in the OS more.
Servers usually just don't start doing this....
I often go back to wondering about the hardware, which is the foundation. So, since you seem like your not losing your mind ;-), then maybe the hardware is. Maybe a bad NIC driver update....
stop services like DNS... WINS... flushdns, clear arp cache, nbtstat -R, uninstall and reinstall the NIC's. Disable NIC2. Set NIC1 correctly. reboot.
IF server behaves the same then try another NIC.
IF server + NIC behaves the same then ouch, you're probably in the OS more.
Servers usually just don't start doing this....
I often go back to wondering about the hardware, which is the foundation. So, since you seem like your not losing your mind ;-), then maybe the hardware is. Maybe a bad NIC driver update....
ASKER
looking back at the logs there were no driver updates... i am having a ip kvm moved to the sever to test some of those options. right around this same time another DC was promoted also... the worst part about this is i cant seem to find any information about the Invald Function error.
ASKER
two things have helped...
I had a 53258 error due to MSDTC permissions probelms and the following fied a BIG erorr that was throwing DCOM error 10016...
I have seen this error lots of times in the past.
To solve the error do the following:
Click Start, click Run, type dcomcnfg in the Open box, and then click OK.
In Component Services, double-click Component Services, and then double-click Computers.
Right-click My Computer, and then click Properties.
Click the COM Security tab.
In the Launch and Activation Permissions area, click Edit Default.
Click Add, type Network Service, and then click OK.
While Network Service is selected, click to select the Allow check boxes for the following items
Local Launch
Remote Launch
Local Activation
Remote Activation
3) Click ok
I had a 53258 error due to MSDTC permissions probelms and the following fied a BIG erorr that was throwing DCOM error 10016...
I have seen this error lots of times in the past.
To solve the error do the following:
Click Start, click Run, type dcomcnfg in the Open box, and then click OK.
In Component Services, double-click Component Services, and then double-click Computers.
Right-click My Computer, and then click Properties.
Click the COM Security tab.
In the Launch and Activation Permissions area, click Edit Default.
Click Add, type Network Service, and then click OK.
While Network Service is selected, click to select the Allow check boxes for the following items
Local Launch
Remote Launch
Local Activation
Remote Activation
3) Click ok
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
i have over 20 hours in on this one... and i am out of ideas... This seems like a common DNS issue, but the Incorrect Function error while browsing to \\computername\sysvol is confusing.
also, the 1058 error states that the gpt.ini file can not be accessed because "The format of the specified network name is invalid"
The SRV 2000 message states "The server's call to a system service failed unexpectedly"
all of these errors seem to point back and the inability to resolve anything deeper than the \\computername by either the Administrators group or local system/machine accounts... the sysvol directory has permissions set to allow these users, and authenticated users, read access.