smartlurch
asked on
active directory problems
A few days ago, our pdc went down with bad memory. The pdc is the primary dns server and dhcp server for the network. While we were waiting for the part. I made one of the other DCs a dhcp server and primary dns server, just to get people working. That seemed to work fine. When we got the pdc back up, I disabled the DNS and DHCP roles on the other DC to try and get everything back to normal. Well now we cant get the pdc to replicate with the other DCs.
the error is:
"target principal name is incorrect"
We cant access shared resources by the PDCs name. We get the error:
"login failure: target account name is incorrect"
But i can map drives and printers by IP address of the PDC. In event viewer, there are a bunch of Kerberos errors:
event id 5 ....something about time out of sync
event id 4 on the other DC, account name mismatch
Any help or guidance would be much appreciated. Thanks
the error is:
"target principal name is incorrect"
We cant access shared resources by the PDCs name. We get the error:
"login failure: target account name is incorrect"
But i can map drives and printers by IP address of the PDC. In event viewer, there are a bunch of Kerberos errors:
event id 5 ....something about time out of sync
event id 4 on the other DC, account name mismatch
Any help or guidance would be much appreciated. Thanks
ASKER
these are errors on PDC:
Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 5
Date: 1/30/2008
Time: 5:30:34 PM
User: N/A
Computer: MASTER
Description:
The kerberos client received a KRB_AP_ERR_TKT_NYV error from the server host/pfx_svr.wdcocitrix.wd
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: DhcpServer
Event Category: None
Event ID: 1059
Date: 1/29/2008
Time: 7:02:06 PM
User: N/A
Computer: MASTER
Description:
The DHCP service failed to see a directory server for authorization.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 3a 20 00 00 : ..
Event Type: Error
Event Source: W32Time
Event Category: None
Event ID: 17
Date: 1/29/2008
Time: 7:01:23 PM
User: N/A
Computer: MASTER
Description:
Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'us.pool.ntp.org,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: No such service is known. The service cannot be found in the specified name space. (0x8007277C)
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40960
Date: 1/29/2008
Time: 7:01:01 PM
User: N/A
Computer: MASTER
Description:
The Security System detected an authentication error for the server LDAP/MASTER. The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request.
(0xc000005e)".
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 5e 00 00 c0 ^..À
DCDIAG on PDC:
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Southshore\MASTER
Starting test: Connectivity
......................... MASTER passed test Connectivity
Doing primary tests
Testing server: Southshore\MASTER
Starting test: Replications
REPLICATION LATENCY WARNING
ERROR: Expected notification link is missing.
Source PFX_SVR
Replication of new changes along this path will be delayed.
This problem should self-correct on the next periodic sync.
REPLICATION LATENCY WARNING
ERROR: Expected notification link is missing.
Source PFX_SVR
Replication of new changes along this path will be delayed.
This problem should self-correct on the next periodic sync.
......................... MASTER passed test Replications
Starting test: NCSecDesc
......................... MASTER passed test NCSecDesc
Starting test: NetLogons
......................... MASTER passed test NetLogons
Starting test: Advertising
......................... MASTER passed test Advertising
Starting test: KnowsOfRoleHolders
......................... MASTER passed test KnowsOfRoleHolders
Starting test: RidManager
......................... MASTER passed test RidManager
Starting test: MachineAccount
* The current DC is not in the domain controller's OU
......................... MASTER failed test MachineAccount
Starting test: Services
......................... MASTER passed test Services
Starting test: ObjectsReplicated
......................... MASTER passed test ObjectsReplicated
Starting test: frssysvol
......................... MASTER passed test frssysvol
Starting test: frsevent
......................... MASTER passed test frsevent
Starting test: kccevent
......................... MASTER passed test kccevent
Starting test: systemlog
......................... MASTER passed test systemlog
Starting test: VerifyReferences
......................... MASTER passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : wdcocitrix
Starting test: CrossRefValidation
......................... wdcocitrix passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... wdcocitrix passed test CheckSDRefDom
Running enterprise tests on : wdcocitrix.wdco.biz
Starting test: Intersite
......................... wdcocitrix.wdco.biz passed test Intersite
Starting test: FsmoCheck
......................... wdcocitrix.wdco.biz passed test FsmoCheck
Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 5
Date: 1/30/2008
Time: 5:30:34 PM
User: N/A
Computer: MASTER
Description:
The kerberos client received a KRB_AP_ERR_TKT_NYV error from the server host/pfx_svr.wdcocitrix.wd
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: DhcpServer
Event Category: None
Event ID: 1059
Date: 1/29/2008
Time: 7:02:06 PM
User: N/A
Computer: MASTER
Description:
The DHCP service failed to see a directory server for authorization.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 3a 20 00 00 : ..
Event Type: Error
Event Source: W32Time
Event Category: None
Event ID: 17
Date: 1/29/2008
Time: 7:01:23 PM
User: N/A
Computer: MASTER
Description:
Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'us.pool.ntp.org,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: No such service is known. The service cannot be found in the specified name space. (0x8007277C)
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40960
Date: 1/29/2008
Time: 7:01:01 PM
User: N/A
Computer: MASTER
Description:
The Security System detected an authentication error for the server LDAP/MASTER. The failure code from authentication protocol Kerberos was "There are currently no logon servers available to service the logon request.
(0xc000005e)".
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 5e 00 00 c0 ^..À
DCDIAG on PDC:
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Southshore\MASTER
Starting test: Connectivity
......................... MASTER passed test Connectivity
Doing primary tests
Testing server: Southshore\MASTER
Starting test: Replications
REPLICATION LATENCY WARNING
ERROR: Expected notification link is missing.
Source PFX_SVR
Replication of new changes along this path will be delayed.
This problem should self-correct on the next periodic sync.
REPLICATION LATENCY WARNING
ERROR: Expected notification link is missing.
Source PFX_SVR
Replication of new changes along this path will be delayed.
This problem should self-correct on the next periodic sync.
......................... MASTER passed test Replications
Starting test: NCSecDesc
......................... MASTER passed test NCSecDesc
Starting test: NetLogons
......................... MASTER passed test NetLogons
Starting test: Advertising
......................... MASTER passed test Advertising
Starting test: KnowsOfRoleHolders
......................... MASTER passed test KnowsOfRoleHolders
Starting test: RidManager
......................... MASTER passed test RidManager
Starting test: MachineAccount
* The current DC is not in the domain controller's OU
......................... MASTER failed test MachineAccount
Starting test: Services
......................... MASTER passed test Services
Starting test: ObjectsReplicated
......................... MASTER passed test ObjectsReplicated
Starting test: frssysvol
......................... MASTER passed test frssysvol
Starting test: frsevent
......................... MASTER passed test frsevent
Starting test: kccevent
......................... MASTER passed test kccevent
Starting test: systemlog
......................... MASTER passed test systemlog
Starting test: VerifyReferences
......................... MASTER passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : wdcocitrix
Starting test: CrossRefValidation
......................... wdcocitrix passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... wdcocitrix passed test CheckSDRefDom
Running enterprise tests on : wdcocitrix.wdco.biz
Starting test: Intersite
......................... wdcocitrix.wdco.biz passed test Intersite
Starting test: FsmoCheck
......................... wdcocitrix.wdco.biz passed test FsmoCheck
ASKER
DCDIAG on temp dhcp DC:
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Southshore\MASTER
Starting test: Connectivity
......................... MASTER passed test Connectivity
Doing primary tests
Testing server: Southshore\MASTER
Starting test: Replications
REPLICATION LATENCY WARNING
ERROR: Expected notification link is missing.
Source PFX_SVR
Replication of new changes along this path will be delayed.
This problem should self-correct on the next periodic sync.
REPLICATION LATENCY WARNING
ERROR: Expected notification link is missing.
Source PFX_SVR
Replication of new changes along this path will be delayed.
This problem should self-correct on the next periodic sync.
......................... MASTER passed test Replications
Starting test: NCSecDesc
......................... MASTER passed test NCSecDesc
Starting test: NetLogons
......................... MASTER passed test NetLogons
Starting test: Advertising
......................... MASTER passed test Advertising
Starting test: KnowsOfRoleHolders
......................... MASTER passed test KnowsOfRoleHolders
Starting test: RidManager
......................... MASTER passed test RidManager
Starting test: MachineAccount
* The current DC is not in the domain controller's OU
......................... MASTER failed test MachineAccount
Starting test: Services
......................... MASTER passed test Services
Starting test: ObjectsReplicated
......................... MASTER passed test ObjectsReplicated
Starting test: frssysvol
......................... MASTER passed test frssysvol
Starting test: frsevent
......................... MASTER passed test frsevent
Starting test: kccevent
......................... MASTER passed test kccevent
Starting test: systemlog
......................... MASTER passed test systemlog
Starting test: VerifyReferences
......................... MASTER passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : wdcocitrix
Starting test: CrossRefValidation
......................... wdcocitrix passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... wdcocitrix passed test CheckSDRefDom
Running enterprise tests on : wdcocitrix.wdco.biz
Starting test: Intersite
......................... wdcocitrix.wdco.biz passed test Intersite
Starting test: FsmoCheck
......................... wdcocitrix.wdco.biz passed test FsmoCheck
errors on temp dhcp DC:
Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 4
Date: 1/31/2008
Time: 11:54:27 AM
User: N/A
Computer: PFX_SVR
Description:
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/master.wdcocitrix.wdc
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 4
Date: 1/31/2008
Time: 11:16:44 AM
User: N/A
Computer: PFX_SVR
Description:
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/master.wdcocitrix.wdc
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 4
Date: 1/31/2008
Time: 10:54:40 AM
User: N/A
Computer: PFX_SVR
Description:
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/master.wdcocitrix.wdc
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 4
Date: 1/31/2008
Time: 10:16:44 AM
User: N/A
Computer: PFX_SVR
Description:
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/master.wdcocitrix.wdc
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Southshore\MASTER
Starting test: Connectivity
......................... MASTER passed test Connectivity
Doing primary tests
Testing server: Southshore\MASTER
Starting test: Replications
REPLICATION LATENCY WARNING
ERROR: Expected notification link is missing.
Source PFX_SVR
Replication of new changes along this path will be delayed.
This problem should self-correct on the next periodic sync.
REPLICATION LATENCY WARNING
ERROR: Expected notification link is missing.
Source PFX_SVR
Replication of new changes along this path will be delayed.
This problem should self-correct on the next periodic sync.
......................... MASTER passed test Replications
Starting test: NCSecDesc
......................... MASTER passed test NCSecDesc
Starting test: NetLogons
......................... MASTER passed test NetLogons
Starting test: Advertising
......................... MASTER passed test Advertising
Starting test: KnowsOfRoleHolders
......................... MASTER passed test KnowsOfRoleHolders
Starting test: RidManager
......................... MASTER passed test RidManager
Starting test: MachineAccount
* The current DC is not in the domain controller's OU
......................... MASTER failed test MachineAccount
Starting test: Services
......................... MASTER passed test Services
Starting test: ObjectsReplicated
......................... MASTER passed test ObjectsReplicated
Starting test: frssysvol
......................... MASTER passed test frssysvol
Starting test: frsevent
......................... MASTER passed test frsevent
Starting test: kccevent
......................... MASTER passed test kccevent
Starting test: systemlog
......................... MASTER passed test systemlog
Starting test: VerifyReferences
......................... MASTER passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : wdcocitrix
Starting test: CrossRefValidation
......................... wdcocitrix passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... wdcocitrix passed test CheckSDRefDom
Running enterprise tests on : wdcocitrix.wdco.biz
Starting test: Intersite
......................... wdcocitrix.wdco.biz passed test Intersite
Starting test: FsmoCheck
......................... wdcocitrix.wdco.biz passed test FsmoCheck
errors on temp dhcp DC:
Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 4
Date: 1/31/2008
Time: 11:54:27 AM
User: N/A
Computer: PFX_SVR
Description:
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/master.wdcocitrix.wdc
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 4
Date: 1/31/2008
Time: 11:16:44 AM
User: N/A
Computer: PFX_SVR
Description:
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/master.wdcocitrix.wdc
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 4
Date: 1/31/2008
Time: 10:54:40 AM
User: N/A
Computer: PFX_SVR
Description:
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/master.wdcocitrix.wdc
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Kerberos
Event Category: None
Event ID: 4
Date: 1/31/2008
Time: 10:16:44 AM
User: N/A
Computer: PFX_SVR
Description:
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/master.wdcocitrix.wdc
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
I'd check the time on both of these servers and see if they are far off... check the timezones as well
It sounds like they are off and that can cause some issues.
Run cmd.exe on the both
net time - this should return the local time and possible NTP time source
net time /DOMAIN:domainname - checks the time on the domain
net time /querysntp -returns your network time server if any is configured
you can try the following as well
net time /DOMAIN:domainname /set /y
That hopefully will fix the time problems
The other errors I'm not sure about but found this and it maight be helpful
http://www.petri.co.il/forums/showthread.php?t=10487
hope that helps! if not let us know.
It sounds like they are off and that can cause some issues.
Run cmd.exe on the both
net time - this should return the local time and possible NTP time source
net time /DOMAIN:domainname - checks the time on the domain
net time /querysntp -returns your network time server if any is configured
you can try the following as well
net time /DOMAIN:domainname /set /y
That hopefully will fix the time problems
The other errors I'm not sure about but found this and it maight be helpful
http://www.petri.co.il/forums/showthread.php?t=10487
hope that helps! if not let us know.
ASKER
when i run net time on the pdc i get a command completed successfully message but when i run it on the temp dhcp DC i get a "system error 5 has occurred...access is denied" error.
the domain time is the same on both except for the server listed:
the pdc lists itself
the temp dhcp lists itself
time zone is the same on both
the querysntp option:
on the pdc returns: time.windows.com
on the temp dhcp DC returns: this computer is not currenty configured to use a specific sntp server
workstations act the same as the temp Dhcp DC
any suggestions? and thanks for your help so far
the domain time is the same on both except for the server listed:
the pdc lists itself
the temp dhcp lists itself
time zone is the same on both
the querysntp option:
on the pdc returns: time.windows.com
on the temp dhcp DC returns: this computer is not currenty configured to use a specific sntp server
workstations act the same as the temp Dhcp DC
any suggestions? and thanks for your help so far
I'd set the temp dhcp dc to the same sntp server. See if the time service is running on both as well. It should be running on the old DC but it doesn't sound like it's running on the temp DC
Try demoting and promoting the temp dhcp server, it might help it re-synch.
Here's a link to trouble shooting the system error 5
http://support.microsoft.com/kb/555644
Also, run gpresult.exe on the temp dhcp and the main DC as well as a random workstation.
See if the policies are being pulled from the main DC.
Hope this helps, let us know.
Try demoting and promoting the temp dhcp server, it might help it re-synch.
Here's a link to trouble shooting the system error 5
http://support.microsoft.com/kb/555644
Also, run gpresult.exe on the temp dhcp and the main DC as well as a random workstation.
See if the policies are being pulled from the main DC.
Hope this helps, let us know.
ASKER
hey thanks for the help ....i havent got to run dcpromo yet on the temp dhcp ..i plan on doing it this weekend...clients and other servers are starting to behave normally...however the temp dhcp DC cant replicate anymore. I couldn't remote into it and i found that the netlogon service was paused. I resumed it but still could not remote into it. luckily i was still logged in at the terminal. When i tried restarting the netlogon service it fails starting with the following error:
"error 31: a device in the system is not functioning"
as a result, the temp dhcp server cannot access any of the other servers on the network.
I dont know what to do...I'm thinking i should at least demote it to a member server so that local login will still work.....staff members are still accessing shared drives and programs running off this dc and i'm trying not to totally kick them out during the work week. thanks for your help.
"error 31: a device in the system is not functioning"
as a result, the temp dhcp server cannot access any of the other servers on the network.
I dont know what to do...I'm thinking i should at least demote it to a member server so that local login will still work.....staff members are still accessing shared drives and programs running off this dc and i'm trying not to totally kick them out during the work week. thanks for your help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Did it work? Did you find a different solution?
ASKER
restarting it seemed to make it work so i didnt go any further ..thanks for all you help
No problem
next time give me an A ;)
next time give me an A ;)
From what you described Look here for the first error:
http://support.moonpoint.com/os/windows/domain/clocks-skewed.html
Could you also run dcdiag on both DCs (the one you made the temporary dhcp server) and the one that went down?
Thanks,