Server 2003 DC - Services Unable to Start
Someone did an update on our primary domain controller last night and this morning our entire domain is having issues, we have a backup domain controller, that is not working either. I am unable to get the secondary domain controller to take over (ie shutting the primary server down completely). I've noticed on the primary domain controller that most services are not running (dhcp, dns, etc.) I am unable to start any of those services and get an error 1068. I've checked to see if I can rollback any updates (under add/remove programs) the only updates shown are from months ago. At this point I think it might be easier for someone to tell me how to get the backup domain controller to take over. Also, the backup only shows (active directory and dns) services configured.
ASKER
2 domain controllers
we run DNS on our AD server (so ad-integrated as far as i know)
let me see about running that tool and get back with you
we run DNS on our AD server (so ad-integrated as far as i know)
let me see about running that tool and get back with you
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
C:\Program Files\Support Tools>dcdiag /v
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine aggie02, is a DC.
* Connecting to directory service on server aggie02.
[aggie02] LDAP search failed with error 58,
The specified server cannot perform the requested operation..
***Error: The machine, aggie02 could not be contacted, because of a bad net
response. Check to make sure that this machine is a Domain Controller.
C:\Program Files\Support Tools>repadmin /replsum
Replication Summary Start Time: 2007-10-16 10:07:17
Repadmin can't connect to a "home server", because of the following error. Try
specifying a different
home server with /homeserver:[dns name]
Error: An LDAP lookup operation failed with the following error:
LDAP Error 81(0x51): Server Down
Server Win32 Error 0(0x0):
Extended Information:
Source DC largest delta fails/total %% error
Destination DC largest delta fails/total %% error
C:\Program Files\Support Tools>
(working on getting the other one)
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine aggie02, is a DC.
* Connecting to directory service on server aggie02.
[aggie02] LDAP search failed with error 58,
The specified server cannot perform the requested operation..
***Error: The machine, aggie02 could not be contacted, because of a bad net
response. Check to make sure that this machine is a Domain Controller.
C:\Program Files\Support Tools>repadmin /replsum
Replication Summary Start Time: 2007-10-16 10:07:17
Repadmin can't connect to a "home server", because of the following error. Try
specifying a different
home server with /homeserver:[dns name]
Error: An LDAP lookup operation failed with the following error:
LDAP Error 81(0x51): Server Down
Server Win32 Error 0(0x0):
Extended Information:
Source DC largest delta fails/total %% error
Destination DC largest delta fails/total %% error
C:\Program Files\Support Tools>
(working on getting the other one)
ASKER
The one above we will refer to as DCA, here is DCB (not sure if I copied everything from the first command)
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine FCAHSSTEM, is a DC.
* Connecting to directory service on server FCAHSSTEM.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: ForrestCountyAgHS\FCAHSSTE
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... FCAHSSTEM passed test Connectivity
Doing primary tests
Testing server: ForrestCountyAgHS\FCAHSSTE
Starting test: Replications
* Replications Check
[Replications Check,FCAHSSTEM] A recent replication attempt failed:
From AGGIE02 to FCAHSSTEM
Naming Context: DC=ForestDnsZones,DC=fcahs
The replication generated an error (1256):
The remote system is not available. For information about network tr
oubleshooting, see Windows Help.
The failure occurred at 2007-10-16 09:59:05.
The last success occurred at 2007-10-15 17:27:27.
13 failures have occurred since the last success.
[AGGIE02] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
Printing RPC Extended Error Info:
Error Record 1, ProcessID is 3604 (DcDiag)
System Time is: 10/16/2007 15:24:36:171
Generating component is 8 (winsock)
Status is 1722: The RPC server is unavailable.
Detection location is 313
Error Record 2, ProcessID is 3604 (DcDiag)
System Time is: 10/16/2007 15:24:36:171
Generating component is 8 (winsock)
Status is 10061: No connection could be made because the target mach
ine actively refused it.
Detection location is 311
NumberOfParameters is 3
Long val: 135
Pointer val: 0
Pointer val: 0
Error Record 3, ProcessID is 3604 (DcDiag)
System Time is: 10/16/2007 15:24:36:171
Generating component is 8 (winsock)
Status is 10061: No connection could be made because the target mach
ine actively refused it.
Detection location is 318
[Replications Check,FCAHSSTEM] A recent replication attempt failed:
From AGGIE02 to FCAHSSTEM
Naming Context: DC=DomainDnsZones,DC=fcahs
The replication generated an error (1256):
The remote system is not available. For information about network tr
oubleshooting, see Windows Help.
The failure occurred at 2007-10-16 09:59:05.
The last success occurred at 2007-10-15 17:27:27.
13 failures have occurred since the last success.
[Replications Check,FCAHSSTEM] A recent replication attempt failed:
From AGGIE02 to FCAHSSTEM
Naming Context: CN=Schema,CN=Configuration
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2007-10-16 09:59:07.
The last success occurred at 2007-10-15 17:27:26.
13 failures have occurred since the last success.
The source remains down. Please check the machine.
[Replications Check,FCAHSSTEM] A recent replication attempt failed:
From AGGIE02 to FCAHSSTEM
Naming Context: CN=Configuration,DC=fcahs,
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2007-10-16 09:59:06.
The last success occurred at 2007-10-15 17:27:26.
13 failures have occurred since the last success.
The source remains down. Please check the machine.
[Replications Check,FCAHSSTEM] A recent replication attempt failed:
From AGGIE02 to FCAHSSTEM
Naming Context: DC=fcahs,DC=local
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2007-10-16 09:59:05.
The last success occurred at 2007-10-15 17:30:53.
16 failures have occurred since the last success.
The source remains down. Please check the machine.
* Replication Latency Check
REPLICATION-RECEIVED LATENCY WARNING
FCAHSSTEM: Current time is 2007-10-16 10:24:35.
DC=ForestDnsZones,DC=fcahs
Last replication recieved from AGGIE02 at 2007-10-15 17:27:26.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
DC=DomainDnsZones,DC=fcahs
Last replication recieved from AGGIE02 at 2007-10-15 17:27:26.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
CN=Schema,CN=Configuration
Last replication recieved from AGGIE02 at 2007-10-15 17:27:25.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
^C
C:\Program Files\Support Tools>
Generating component is 8 (winsock)
Status is 10061: No connection could be made because the target mach
ine actively refused it.
Detection location is 311
NumberOfParameters is 3
Long val: 135
Pointer val: 0
Pointer val: 0
Error Record 3, ProcessID is 584 (DcDiag)
System Time is: 10/16/2007 15:21:22:359
Generating component is 8 (winsock)
Status is 10061: No connection could be made because the target mach
ine actively refused it.
Detection location is 318
[Replications Check,FCAHSSTEM] A recent replication attempt failed:
From AGGIE02 to FCAHSSTEM
Naming Context: DC=DomainDnsZones,DC=fcahs
The replication generated an error (1256):
The remote system is not available. For information about network tr
oubleshooting, see Windows Help.
The failure occurred at 2007-10-16 09:59:05.
The last success occurred at 2007-10-15 17:27:27.
13 failures have occurred since the last success.
[Replications Check,FCAHSSTEM] A recent replication attempt failed:
From AGGIE02 to FCAHSSTEM
Naming Context: CN=Schema,CN=Configuration
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2007-10-16 09:59:07.
The last success occurred at 2007-10-15 17:27:26.
13 failures have occurred since the last success.
The source remains down. Please check the machine.
[Replications Check,FCAHSSTEM] A recent replication attempt failed:
From AGGIE02 to FCAHSSTEM
Naming Context: CN=Configuration,DC=fcahs,
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2007-10-16 09:59:06.
The last success occurred at 2007-10-15 17:27:26.
13 failures have occurred since the last success.
The source remains down. Please check the machine.
[Replications Check,FCAHSSTEM] A recent replication attempt failed:
From AGGIE02 to FCAHSSTEM
Naming Context: DC=fcahs,DC=local
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2007-10-16 09:59:05.
The last success occurred at 2007-10-15 17:30:53.
16 failures have occurred since the last success.
The source remains down. Please check the machine.
* Replication Latency Check
REPLICATION-RECEIVED LATENCY WARNING
FCAHSSTEM: Current time is 2007-10-16 10:21:21.
DC=ForestDnsZones,DC=fcahs
Last replication recieved from AGGIE02 at 2007-10-15 17:27:26.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
DC=DomainDnsZones,DC=fcahs
Last replication recieved from AGGIE02 at 2007-10-15 17:27:26.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
CN=Schema,CN=Configuration
Last replication recieved from AGGIE02 at 2007-10-15 17:27:25.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
CN=Configuration,DC=fcahs,
Last replication recieved from AGGIE02 at 2007-10-15 17:27:25.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
DC=fcahs,DC=local
Last replication recieved from AGGIE02 at 2007-10-15 17:30:53.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
* Replication Site Latency Check
......................... FCAHSSTEM passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC FCAHSSTEM.
* Security Permissions Check for
DC=ForestDnsZones,DC=fcahs
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=fcahs
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=fcahs,
(Configuration,Version 2)
* Security Permissions Check for
DC=fcahs,DC=local
(Domain,Version 2)
......................... FCAHSSTEM passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\FCAHSSTEM\netlogon
Verified share \\FCAHSSTEM\sysvol
......................... FCAHSSTEM passed test NetLogons
Starting test: Advertising
The DC FCAHSSTEM is advertising itself as a DC and having a DS.
The DC FCAHSSTEM is advertising as an LDAP server
The DC FCAHSSTEM is advertising as having a writeable directory
The DC FCAHSSTEM is advertising as a Key Distribution Center
Warning: FCAHSSTEM is not advertising as a time server.
The DS FCAHSSTEM is advertising as a GC.
......................... FCAHSSTEM failed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=AGGIE02,CN=Ser
untyAgHS,CN=Sites,CN=Confi
Warning: AGGIE02 is the Schema Owner, but is not responding to DS RPC B
ind.
RPC Extended Error Info not available. Use group policy on the local ma
chine at "Computer Configuration/Administrati
e Call" to enable it.
[AGGIE02] LDAP search failed with error 58,
The specified server cannot perform the requested operation..
Warning: AGGIE02 is the Schema Owner, but is not responding to LDAP Bin
d.
Role Domain Owner = CN=NTDS Settings,CN=AGGIE02,CN=Ser
untyAgHS,CN=Sites,CN=Confi
Warning: AGGIE02 is the Domain Owner, but is not responding to DS RPC B
ind.
RPC Extended Error Info not available. Use group policy on the local ma
chine at "Computer Configuration/Administrati
e Call" to enable it.
Warning: AGGIE02 is the Domain Owner, but is not responding to LDAP Bin
d.
Role PDC Owner = CN=NTDS Settings,CN=AGGIE02,CN=Ser
yAgHS,CN=Sites,CN=Configur
Warning: AGGIE02 is the PDC Owner, but is not responding to DS RPC Bind
.
RPC Extended Error Info not available. Use group policy on the local ma
chine at "Computer Configuration/Administrati
e Call" to enable it.
Warning: AGGIE02 is the PDC Owner, but is not responding to LDAP Bind.
Role Rid Owner = CN=NTDS Settings,CN=AGGIE02,CN=Ser
yAgHS,CN=Sites,CN=Configur
Warning: AGGIE02 is the Rid Owner, but is not responding to DS RPC Bind
.
RPC Extended Error Info not available. Use group policy on the local ma
chine at "Computer Configuration/Administrati
e Call" to enable it.
Warning: AGGIE02 is the Rid Owner, but is not responding to LDAP Bind.
Role Infrastructure Update Owner = CN=NTDS Settings,CN=AGGIE02,CN=Ser
rs,CN=ForrestCountyAgHS,CN
Warning: AGGIE02 is the Infrastructure Update Owner, but is not respond
ing to DS RPC Bind.
RPC Extended Error Info not available. Use group policy on the local ma
chine at "Computer Configuration/Administrati
e Call" to enable it.
Warning: AGGIE02 is the Infrastructure Update Owner, but is not respond
ing to LDAP Bind.
......................... FCAHSSTEM failed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 4110 to 1073741823
* aggie02.fcahs.local is the RID Master
......................... FCAHSSTEM failed test RidManager
Starting test: MachineAccount
Checking machine account for DC FCAHSSTEM on DC FCAHSSTEM.
* SPN found :LDAP/FCAHSSTEM.fcahs.loca
* SPN found :LDAP/FCAHSSTEM.fcahs.loca
* SPN found :LDAP/FCAHSSTEM
* SPN found :LDAP/FCAHSSTEM.fcahs.loca
* SPN found :LDAP/7ef14b4b-a7de-4e93-8
al
* SPN found :E3514235-4B06-11D1-AB04-0
e0-a7759bf393af/fcahs.loca
* SPN found :HOST/FCAHSSTEM.fcahs.loca
* SPN found :HOST/FCAHSSTEM.fcahs.loca
* SPN found :HOST/FCAHSSTEM
* SPN found :HOST/FCAHSSTEM.fcahs.loca
* SPN found :GC/FCAHSSTEM.fcahs.local/
......................... FCAHSSTEM passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... FCAHSSTEM passed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
FCAHSSTEM is in domain DC=fcahs,DC=local
Checking for CN=FCAHSSTEM,OU=Domain Controllers,DC=fcahs,DC=lo
main DC=fcahs,DC=local on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=FCAHSSTEM,CN=S
gHS,CN=Sites,CN=Configurat
ahs,DC=local on 1 servers
Object is up-to-date on all servers.
......................... FCAHSSTEM passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... FCAHSSTEM passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 10/15/2007 22:55:05
(Event String could not be retrieved)
......................... FCAHSSTEM failed test frsevent
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15 minut
es.
......................... FCAHSSTEM passed test kccevent
Starting test: systemlog
* The System Event log test
Found no errors in System Event log in the last 60 minutes.
......................... FCAHSSTEM passed test systemlog
Test omitted by user request: VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=FCAHSSTEM,OU=Domain Controllers,DC=fcahs,DC=lo
CN=FCAHSSTEM,CN=Servers,CN
DC=fcahs,DC=local
are correct.
The system object reference (frsComputerReferenceBL)
CN=FCAHSSTEM,CN=Domain System Volume (SYSVOL share),CN=File Replication
Service,CN=System,DC=fcahs
and backlink on CN=FCAHSSTEM,OU=Domain Controllers,DC=fcahs,DC=lo
are correct.
The system object reference (serverReferenceBL)
CN=FCAHSSTEM,CN=Domain System Volume (SYSVOL share),CN=File Replication
Service,CN=System,DC=fcahs
and backlink on
CN=NTDS Settings,CN=FCAHSSTEM,CN=S
CN=Configuration,DC=fcahs,
are correct.
......................... FCAHSSTEM passed test VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: CheckSecurityError
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : fcahs
Starting test: CrossRefValidation
......................... fcahs passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... fcahs passed test CheckSDRefDom
Running enterprise tests on : fcahs.local
Starting test: Intersite
Skipping site ForrestCountyAgHS, this site is outside the scope
provided by the command line arguments provided.
......................... fcahs.local passed test Intersite
Starting test: FsmoCheck
GC Name: \\FCAHSSTEM.fcahs.local
Locator Flags: 0xe00001bc
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
C:\Program Files\Support Tools>repadmin /replsum
Replication Summary Start Time: 2007-10-16 10:26:44
Beginning data collection for replication summary, this may take awhile:
.....
Source DC largest delta fails/total %% error
AGGIE02 16h:59m:18s 5 / 5 100 (1722) The RPC server is...
Destination DC largest delta fails/total %% error
FCAHSSTEM 16h:59m:19s 5 / 5 100 (1722) The RPC server is...
Experienced the following operational errors trying to retrieve replication info
rmation:
58 - aggie02.fcahs.local
C:\Program Files\Support Tools>
Domain Controller Diagnosis
Performing initial setup:
* Verifying that the local machine FCAHSSTEM, is a DC.
* Connecting to directory service on server FCAHSSTEM.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 2 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: ForrestCountyAgHS\FCAHSSTE
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... FCAHSSTEM passed test Connectivity
Doing primary tests
Testing server: ForrestCountyAgHS\FCAHSSTE
Starting test: Replications
* Replications Check
[Replications Check,FCAHSSTEM] A recent replication attempt failed:
From AGGIE02 to FCAHSSTEM
Naming Context: DC=ForestDnsZones,DC=fcahs
The replication generated an error (1256):
The remote system is not available. For information about network tr
oubleshooting, see Windows Help.
The failure occurred at 2007-10-16 09:59:05.
The last success occurred at 2007-10-15 17:27:27.
13 failures have occurred since the last success.
[AGGIE02] DsBindWithSpnEx() failed with error 1722,
The RPC server is unavailable..
Printing RPC Extended Error Info:
Error Record 1, ProcessID is 3604 (DcDiag)
System Time is: 10/16/2007 15:24:36:171
Generating component is 8 (winsock)
Status is 1722: The RPC server is unavailable.
Detection location is 313
Error Record 2, ProcessID is 3604 (DcDiag)
System Time is: 10/16/2007 15:24:36:171
Generating component is 8 (winsock)
Status is 10061: No connection could be made because the target mach
ine actively refused it.
Detection location is 311
NumberOfParameters is 3
Long val: 135
Pointer val: 0
Pointer val: 0
Error Record 3, ProcessID is 3604 (DcDiag)
System Time is: 10/16/2007 15:24:36:171
Generating component is 8 (winsock)
Status is 10061: No connection could be made because the target mach
ine actively refused it.
Detection location is 318
[Replications Check,FCAHSSTEM] A recent replication attempt failed:
From AGGIE02 to FCAHSSTEM
Naming Context: DC=DomainDnsZones,DC=fcahs
The replication generated an error (1256):
The remote system is not available. For information about network tr
oubleshooting, see Windows Help.
The failure occurred at 2007-10-16 09:59:05.
The last success occurred at 2007-10-15 17:27:27.
13 failures have occurred since the last success.
[Replications Check,FCAHSSTEM] A recent replication attempt failed:
From AGGIE02 to FCAHSSTEM
Naming Context: CN=Schema,CN=Configuration
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2007-10-16 09:59:07.
The last success occurred at 2007-10-15 17:27:26.
13 failures have occurred since the last success.
The source remains down. Please check the machine.
[Replications Check,FCAHSSTEM] A recent replication attempt failed:
From AGGIE02 to FCAHSSTEM
Naming Context: CN=Configuration,DC=fcahs,
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2007-10-16 09:59:06.
The last success occurred at 2007-10-15 17:27:26.
13 failures have occurred since the last success.
The source remains down. Please check the machine.
[Replications Check,FCAHSSTEM] A recent replication attempt failed:
From AGGIE02 to FCAHSSTEM
Naming Context: DC=fcahs,DC=local
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2007-10-16 09:59:05.
The last success occurred at 2007-10-15 17:30:53.
16 failures have occurred since the last success.
The source remains down. Please check the machine.
* Replication Latency Check
REPLICATION-RECEIVED LATENCY WARNING
FCAHSSTEM: Current time is 2007-10-16 10:24:35.
DC=ForestDnsZones,DC=fcahs
Last replication recieved from AGGIE02 at 2007-10-15 17:27:26.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
DC=DomainDnsZones,DC=fcahs
Last replication recieved from AGGIE02 at 2007-10-15 17:27:26.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
CN=Schema,CN=Configuration
Last replication recieved from AGGIE02 at 2007-10-15 17:27:25.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
^C
C:\Program Files\Support Tools>
Generating component is 8 (winsock)
Status is 10061: No connection could be made because the target mach
ine actively refused it.
Detection location is 311
NumberOfParameters is 3
Long val: 135
Pointer val: 0
Pointer val: 0
Error Record 3, ProcessID is 584 (DcDiag)
System Time is: 10/16/2007 15:21:22:359
Generating component is 8 (winsock)
Status is 10061: No connection could be made because the target mach
ine actively refused it.
Detection location is 318
[Replications Check,FCAHSSTEM] A recent replication attempt failed:
From AGGIE02 to FCAHSSTEM
Naming Context: DC=DomainDnsZones,DC=fcahs
The replication generated an error (1256):
The remote system is not available. For information about network tr
oubleshooting, see Windows Help.
The failure occurred at 2007-10-16 09:59:05.
The last success occurred at 2007-10-15 17:27:27.
13 failures have occurred since the last success.
[Replications Check,FCAHSSTEM] A recent replication attempt failed:
From AGGIE02 to FCAHSSTEM
Naming Context: CN=Schema,CN=Configuration
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2007-10-16 09:59:07.
The last success occurred at 2007-10-15 17:27:26.
13 failures have occurred since the last success.
The source remains down. Please check the machine.
[Replications Check,FCAHSSTEM] A recent replication attempt failed:
From AGGIE02 to FCAHSSTEM
Naming Context: CN=Configuration,DC=fcahs,
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2007-10-16 09:59:06.
The last success occurred at 2007-10-15 17:27:26.
13 failures have occurred since the last success.
The source remains down. Please check the machine.
[Replications Check,FCAHSSTEM] A recent replication attempt failed:
From AGGIE02 to FCAHSSTEM
Naming Context: DC=fcahs,DC=local
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2007-10-16 09:59:05.
The last success occurred at 2007-10-15 17:30:53.
16 failures have occurred since the last success.
The source remains down. Please check the machine.
* Replication Latency Check
REPLICATION-RECEIVED LATENCY WARNING
FCAHSSTEM: Current time is 2007-10-16 10:21:21.
DC=ForestDnsZones,DC=fcahs
Last replication recieved from AGGIE02 at 2007-10-15 17:27:26.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
DC=DomainDnsZones,DC=fcahs
Last replication recieved from AGGIE02 at 2007-10-15 17:27:26.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
CN=Schema,CN=Configuration
Last replication recieved from AGGIE02 at 2007-10-15 17:27:25.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
CN=Configuration,DC=fcahs,
Last replication recieved from AGGIE02 at 2007-10-15 17:27:25.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
DC=fcahs,DC=local
Last replication recieved from AGGIE02 at 2007-10-15 17:30:53.
Latency information for 1 entries in the vector were ignored.
1 were retired Invocations. 0 were either: read-only replicas
and are not verifiably latent, or dc's no longer replicating this nc. 0 had no
latency information (Win2K DC).
* Replication Site Latency Check
......................... FCAHSSTEM passed test Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC FCAHSSTEM.
* Security Permissions Check for
DC=ForestDnsZones,DC=fcahs
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=fcahs
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=fcahs,
(Configuration,Version 2)
* Security Permissions Check for
DC=fcahs,DC=local
(Domain,Version 2)
......................... FCAHSSTEM passed test NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\FCAHSSTEM\netlogon
Verified share \\FCAHSSTEM\sysvol
......................... FCAHSSTEM passed test NetLogons
Starting test: Advertising
The DC FCAHSSTEM is advertising itself as a DC and having a DS.
The DC FCAHSSTEM is advertising as an LDAP server
The DC FCAHSSTEM is advertising as having a writeable directory
The DC FCAHSSTEM is advertising as a Key Distribution Center
Warning: FCAHSSTEM is not advertising as a time server.
The DS FCAHSSTEM is advertising as a GC.
......................... FCAHSSTEM failed test Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS Settings,CN=AGGIE02,CN=Ser
untyAgHS,CN=Sites,CN=Confi
Warning: AGGIE02 is the Schema Owner, but is not responding to DS RPC B
ind.
RPC Extended Error Info not available. Use group policy on the local ma
chine at "Computer Configuration/Administrati
e Call" to enable it.
[AGGIE02] LDAP search failed with error 58,
The specified server cannot perform the requested operation..
Warning: AGGIE02 is the Schema Owner, but is not responding to LDAP Bin
d.
Role Domain Owner = CN=NTDS Settings,CN=AGGIE02,CN=Ser
untyAgHS,CN=Sites,CN=Confi
Warning: AGGIE02 is the Domain Owner, but is not responding to DS RPC B
ind.
RPC Extended Error Info not available. Use group policy on the local ma
chine at "Computer Configuration/Administrati
e Call" to enable it.
Warning: AGGIE02 is the Domain Owner, but is not responding to LDAP Bin
d.
Role PDC Owner = CN=NTDS Settings,CN=AGGIE02,CN=Ser
yAgHS,CN=Sites,CN=Configur
Warning: AGGIE02 is the PDC Owner, but is not responding to DS RPC Bind
.
RPC Extended Error Info not available. Use group policy on the local ma
chine at "Computer Configuration/Administrati
e Call" to enable it.
Warning: AGGIE02 is the PDC Owner, but is not responding to LDAP Bind.
Role Rid Owner = CN=NTDS Settings,CN=AGGIE02,CN=Ser
yAgHS,CN=Sites,CN=Configur
Warning: AGGIE02 is the Rid Owner, but is not responding to DS RPC Bind
.
RPC Extended Error Info not available. Use group policy on the local ma
chine at "Computer Configuration/Administrati
e Call" to enable it.
Warning: AGGIE02 is the Rid Owner, but is not responding to LDAP Bind.
Role Infrastructure Update Owner = CN=NTDS Settings,CN=AGGIE02,CN=Ser
rs,CN=ForrestCountyAgHS,CN
Warning: AGGIE02 is the Infrastructure Update Owner, but is not respond
ing to DS RPC Bind.
RPC Extended Error Info not available. Use group policy on the local ma
chine at "Computer Configuration/Administrati
e Call" to enable it.
Warning: AGGIE02 is the Infrastructure Update Owner, but is not respond
ing to LDAP Bind.
......................... FCAHSSTEM failed test KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 4110 to 1073741823
* aggie02.fcahs.local is the RID Master
......................... FCAHSSTEM failed test RidManager
Starting test: MachineAccount
Checking machine account for DC FCAHSSTEM on DC FCAHSSTEM.
* SPN found :LDAP/FCAHSSTEM.fcahs.loca
* SPN found :LDAP/FCAHSSTEM.fcahs.loca
* SPN found :LDAP/FCAHSSTEM
* SPN found :LDAP/FCAHSSTEM.fcahs.loca
* SPN found :LDAP/7ef14b4b-a7de-4e93-8
al
* SPN found :E3514235-4B06-11D1-AB04-0
e0-a7759bf393af/fcahs.loca
* SPN found :HOST/FCAHSSTEM.fcahs.loca
* SPN found :HOST/FCAHSSTEM.fcahs.loca
* SPN found :HOST/FCAHSSTEM
* SPN found :HOST/FCAHSSTEM.fcahs.loca
* SPN found :GC/FCAHSSTEM.fcahs.local/
......................... FCAHSSTEM passed test MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
......................... FCAHSSTEM passed test Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
FCAHSSTEM is in domain DC=fcahs,DC=local
Checking for CN=FCAHSSTEM,OU=Domain Controllers,DC=fcahs,DC=lo
main DC=fcahs,DC=local on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS Settings,CN=FCAHSSTEM,CN=S
gHS,CN=Sites,CN=Configurat
ahs,DC=local on 1 servers
Object is up-to-date on all servers.
......................... FCAHSSTEM passed test ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... FCAHSSTEM passed test frssysvol
Starting test: frsevent
* The File Replication Service Event log test
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
An Warning Event occured. EventID: 0x800034C4
Time Generated: 10/15/2007 22:55:05
(Event String could not be retrieved)
......................... FCAHSSTEM failed test frsevent
Starting test: kccevent
* The KCC Event log test
Found no KCC errors in Directory Service Event log in the last 15 minut
es.
......................... FCAHSSTEM passed test kccevent
Starting test: systemlog
* The System Event log test
Found no errors in System Event log in the last 60 minutes.
......................... FCAHSSTEM passed test systemlog
Test omitted by user request: VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=FCAHSSTEM,OU=Domain Controllers,DC=fcahs,DC=lo
CN=FCAHSSTEM,CN=Servers,CN
DC=fcahs,DC=local
are correct.
The system object reference (frsComputerReferenceBL)
CN=FCAHSSTEM,CN=Domain System Volume (SYSVOL share),CN=File Replication
Service,CN=System,DC=fcahs
and backlink on CN=FCAHSSTEM,OU=Domain Controllers,DC=fcahs,DC=lo
are correct.
The system object reference (serverReferenceBL)
CN=FCAHSSTEM,CN=Domain System Volume (SYSVOL share),CN=File Replication
Service,CN=System,DC=fcahs
and backlink on
CN=NTDS Settings,CN=FCAHSSTEM,CN=S
CN=Configuration,DC=fcahs,
are correct.
......................... FCAHSSTEM passed test VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: CheckSecurityError
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : fcahs
Starting test: CrossRefValidation
......................... fcahs passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... fcahs passed test CheckSDRefDom
Running enterprise tests on : fcahs.local
Starting test: Intersite
Skipping site ForrestCountyAgHS, this site is outside the scope
provided by the command line arguments provided.
......................... fcahs.local passed test Intersite
Starting test: FsmoCheck
GC Name: \\FCAHSSTEM.fcahs.local
Locator Flags: 0xe00001bc
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
C:\Program Files\Support Tools>repadmin /replsum
Replication Summary Start Time: 2007-10-16 10:26:44
Beginning data collection for replication summary, this may take awhile:
.....
Source DC largest delta fails/total %% error
AGGIE02 16h:59m:18s 5 / 5 100 (1722) The RPC server is...
Destination DC largest delta fails/total %% error
FCAHSSTEM 16h:59m:19s 5 / 5 100 (1722) The RPC server is...
Experienced the following operational errors trying to retrieve replication info
rmation:
58 - aggie02.fcahs.local
C:\Program Files\Support Tools>
If you wish to take the misbehaving DC offline and reinstall it, follow the steps outlined in my previous comment.
ASKER
I'm not sure we want to do that. I don't have the power to make that decision anyways, but it looks like the easiest thing to do in this case.
How many total domain controllers are installed in your domain?
Are you running AD-integrated DNS or using non-Windows DNS?
Install the Windows Support Tools on each DC and run dcdiag /v and repadmin /replsum on each one to see if you can pinpoint the issue at hand.