Solved

ad sites and services

Posted on 2008-06-23
35
770 Views
Last Modified: 2008-06-25
i have a new site we configured. we have teh subnets etc. the dc down there does not have dns on teh server. when we look at dns at the main site in sites we do not see taht new site what can I look at to find out why that site has not showed up, and do I have to have DNS installed and working down there,
0
Comment
Question by:zenworksb
  • 22
  • 11
  • +1
35 Comments
 
LVL 13

Expert Comment

by:TheCapedPlodder
Comment Utility
Hi Zen,

To be honest I always install DNS on my domain controllers as I've never had a good reason not to.

Certainly your situation sounds like it could be caused by lack of DNS on the domain controller.

Can I suggest that you download the Windows Server 2003 Support Tools and run dcdiag.exe -v -e from the domain controller in the remote site.

This tool will almost certainly identify where the problem lies.

Cheers,

TCP
0
 

Author Comment

by:zenworksb
Comment Utility
when we try and replicate it says teh rpc is unavaliable on that server ideas?
0
 
LVL 48

Expert Comment

by:Jay_Jay70
Comment Utility
why would sites show up in DNS? your question makes no sense to me - what have you done, and what are you experiencing - have you read my guide on sites and services?
http://www.block.net.au/help/AD-Sites/
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
Comment Utility
If you're getting an RPC error at any point, then you're probably having DNS or replication issues that it sounds as if you may not be informed enough about the environment to notice.  Run a dcdiag and netdiag on all DCs in your environment and check the System & Directory Services logs on each; address any existing issues before continuing.
0
 

Author Comment

by:zenworksb
Comment Utility
i will run the dcdiag and reprot back
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
Comment Utility
Hi,

JayJay if you look in an AD integrated forward lookup zone that shares the name of the resource domain there is a container called sites under which you see the sites from AD Sites and Services.

The same is true under the DomainDNSZones container and ForestDNSZones.

I read the question as relating to a site missing from one of these which is why I suggested DCDIAG.  If you use the -e switch you don't necessarily need to run it on every DC.

Cheers,

TCP
0
 

Author Comment

by:zenworksb
Comment Utility
thanks man
0
 

Author Comment

by:zenworksb
Comment Utility
i will run dcdiag and report back but that is exactly what I am talking about in sites i do not see the server that was added as a dc
0
 

Author Comment

by:zenworksb
Comment Utility
here is the dcdiag. I will look through it but if teh experts can look as well that would be great. What do you think guys thank you

         CN=COMPANY-COUNTRY-SERVER1,CN=Domain System Volume (SYSVOL share),CN=File Replica
tion Service,CN=System,DC=WORLD,DC=COMPANY,DC=COM
         and backlink on
         CN=NTDS Settings,CN=COMPANY-COUNTRY-SERVER1,CN=Servers,CN=Default-First-Site-Name
,CN=Sites,CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM
         are correct.
         ......................... COMPANY-COUNTRY-SERVER1 passed test VerifyReferences
      Test omitted by user request: VerifyEnterpriseReferences
      Test omitted by user request: CheckSecurityError

   Testing server: Default-First-Site-Name\COMPANY-COUNTRY-SERVER02
      Starting test: Replications
         * Replications Check
         * Replication Latency Check
         ......................... COMPANY-COUNTRY-SERVER02 passed test Replications
      Test omitted by user request: Topology
      Test omitted by user request: CutoffServers
      Starting test: NCSecDesc
         * Security Permissions check for all NC's on DC COMPANY-COUNTRY-SERVER02.
         * Security Permissions Check for
           DC=ForestDnsZones,DC=WORLD,DC=COMPANY,DC=COM
            (NDNC,Version 2)
         * Security Permissions Check for
           DC=DomainDnsZones,DC=WORLD,DC=COMPANY,DC=COM
            (NDNC,Version 2)
         * Security Permissions Check for
           CN=Schema,CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM
            (Schema,Version 2)
         * Security Permissions Check for
           CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM
            (Configuration,Version 2)
         * Security Permissions Check for
           DC=WORLD,DC=COMPANY,DC=COM
            (Domain,Version 2)
         ......................... COMPANY-COUNTRY-SERVER02 passed test NCSecDesc
      Starting test: NetLogons
         * Network Logons Privileges Check
         Verified share \\COMPANY-COUNTRY-SERVER02\netlogon
         Verified share \\COMPANY-COUNTRY-SERVER02\sysvol
         ......................... COMPANY-COUNTRY-SERVER02 passed test NetLogons
      Starting test: Advertising
         The DC COMPANY-COUNTRY-SERVER02 is advertising itself as a DC and having a DS.
         The DC COMPANY-COUNTRY-SERVER02 is advertising as an LDAP server
         The DC COMPANY-COUNTRY-SERVER02 is advertising as having a writeable directory
         The DC COMPANY-COUNTRY-SERVER02 is advertising as a Key Distribution Center
         The DC COMPANY-COUNTRY-SERVER02 is advertising as a time server
         The DS COMPANY-COUNTRY-SERVER02 is advertising as a GC.
         ......................... COMPANY-COUNTRY-SERVER02 passed test Advertising
      Starting test: KnowsOfRoleHolders
         Role Schema Owner = CN=NTDS Settings,CN=COMPANY-COUNTRY-SERVER1,CN=Servers,CN=Def
ault-First-Site-Name,CN=Sites,CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM
         Role Domain Owner = CN=NTDS Settings,CN=COMPANY-COUNTRY-SERVER1,CN=Servers,CN=Def
ault-First-Site-Name,CN=Sites,CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM
         Role PDC Owner = CN=NTDS Settings,CN=COMPANY-COUNTRY-SERVER1,CN=Servers,CN=Defaul
t-First-Site-Name,CN=Sites,CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM
         Role Rid Owner = CN=NTDS Settings,CN=COMPANY-COUNTRY-SERVER1,CN=Servers,CN=Defaul
t-First-Site-Name,CN=Sites,CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM
         Role Infrastructure Update Owner = CN=NTDS Settings,CN=COMPANY-COUNTRY-SERVER1,CN
=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=WORLD,DC=COMPANY,D
C=COM
         ......................... COMPANY-COUNTRY-SERVER02 passed test KnowsOfRoleHolders
      Starting test: RidManager
         * Available RID Pool for the Domain is 20100 to 1073741823
         * COMPANY-COUNTRY-SERVER1.WORLD.COMPANY.COM is the RID Master
         * DsBind with RID Master was successful
         * rIDAllocationPool is 18600 to 19099
         * rIDPreviousAllocationPool is 18600 to 19099
         * rIDNextRID: 18662
         ......................... COMPANY-COUNTRY-SERVER02 passed test RidManager
      Starting test: MachineAccount
         Checking machine account for DC COMPANY-COUNTRY-SERVER02 on DC COMPANY-COUNTRY-SERVER02.
         * SPN found :LDAP/COMPANY-COUNTRY-SERVER02.WORLD.COMPANY.COM/WORLD.COMPANY.COM
         * SPN found :LDAP/COMPANY-COUNTRY-SERVER02.WORLD.COMPANY.COM
         * SPN found :LDAP/COMPANY-COUNTRY-SERVER02
         * SPN found :LDAP/COMPANY-COUNTRY-SERVER02.WORLD.COMPANY.COM/WORLD
         * SPN found :LDAP/1f6a0f7f-6fee-4ebf-9bf2-7ea4be61f096._msdcs.WORLD.SP
X.COM
         * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/1f6a0f7f-6fee-4ebf-9b
f2-7ea4be61f096/WORLD.COMPANY.COM
         * SPN found :HOST/COMPANY-COUNTRY-SERVER02.WORLD.COMPANY.COM/WORLD.COMPANY.COM
         * SPN found :HOST/COMPANY-COUNTRY-SERVER02.WORLD.COMPANY.COM
         * SPN found :HOST/COMPANY-COUNTRY-SERVER02
         * SPN found :HOST/COMPANY-COUNTRY-SERVER02.WORLD.COMPANY.COM/WORLD
         * SPN found :GC/COMPANY-COUNTRY-SERVER02.WORLD.COMPANY.COM/WORLD.COMPANY.COM
         ......................... COMPANY-COUNTRY-SERVER02 passed test MachineAccount
      Starting test: Services
         * Checking Service: Dnscache
         * Checking Service: NtFrs
         * Checking Service: IsmServ
         * Checking Service: kdc
         * Checking Service: SamSs
         * Checking Service: LanmanServer
         * Checking Service: LanmanWorkstation
         * Checking Service: RpcSs
         * Checking Service: w32time
         * Checking Service: NETLOGON
         ......................... COMPANY-COUNTRY-SERVER02 passed test Services
      Test omitted by user request: OutboundSecureChannels
      Starting test: ObjectsReplicated
         COMPANY-COUNTRY-SERVER02 is in domain DC=WORLD,DC=COMPANY,DC=COM
         Checking for CN=COMPANY-COUNTRY-SERVER02,OU=Domain Controllers,DC=WORLD,DC=COMPANY,DC
=COM in domain DC=WORLD,DC=COMPANY,DC=COM on 2 servers
            Object is up-to-date on all servers.
         Checking for CN=NTDS Settings,CN=COMPANY-COUNTRY-SERVER02,CN=Servers,CN=Default-Fi
rst-Site-Name,CN=Sites,CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM in domain CN=Con
figuration,DC=WORLD,DC=COMPANY,DC=COM on 2 servers
            Object is up-to-date on all servers.
         ......................... COMPANY-COUNTRY-SERVER02 passed test ObjectsReplicated
      Starting test: frssysvol
         * The File Replication Service SYSVOL ready test
         File Replication Service's SYSVOL is ready
         ......................... COMPANY-COUNTRY-SERVER02 passed test frssysvol
      Starting test: frsevent
         * The File Replication Service Event log test
         ......................... COMPANY-COUNTRY-SERVER02 passed test frsevent
      Starting test: kccevent
         * The KCC Event log test
         Found no KCC errors in Directory Service Event log in the last 15 minut
es.
         ......................... COMPANY-COUNTRY-SERVER02 passed test kccevent
      Starting test: systemlog
         * The System Event log test
         Found no errors in System Event log in the last 60 minutes.
         ......................... COMPANY-COUNTRY-SERVER02 passed test systemlog
      Test omitted by user request: VerifyReplicas
      Starting test: VerifyReferences
         The system object reference (serverReference)
         CN=COMPANY-COUNTRY-SERVER02,OU=Domain Controllers,DC=WORLD,DC=COMPANY,DC=COM and
         backlink on
         CN=COMPANY-COUNTRY-SERVER02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Conf
iguration,DC=WORLD,DC=COMPANY,DC=COM
         are correct.
         The system object reference (frsComputerReferenceBL)
         CN=COMPANY-COUNTRY-SERVER02,CN=Domain System Volume (SYSVOL share),CN=File Replica
tion Service,CN=System,DC=WORLD,DC=COMPANY,DC=COM
         and backlink on
         CN=COMPANY-COUNTRY-SERVER02,OU=Domain Controllers,DC=WORLD,DC=COMPANY,DC=COM are
         correct.
         The system object reference (serverReferenceBL)
         CN=COMPANY-COUNTRY-SERVER02,CN=Domain System Volume (SYSVOL share),CN=File Replica
tion Service,CN=System,DC=WORLD,DC=COMPANY,DC=COM
         and backlink on
         CN=NTDS Settings,CN=COMPANY-COUNTRY-SERVER02,CN=Servers,CN=Default-First-Site-Name
,CN=Sites,CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM
         are correct.
         ......................... COMPANY-COUNTRY-SERVER02 passed test VerifyReferences
      Test omitted by user request: VerifyEnterpriseReferences
      Test omitted by user request: CheckSecurityError

   Testing server: SITE\COMPANY-SITE-SERVER1
      Skipping all tests, because server COMPANY-SITE-SERVER1 is
      not responding to directory service requests
      Test omitted by user request: Topology
      Test omitted by user request: CutoffServers
      Test omitted by user request: OutboundSecureChannels
      Test omitted by user request: VerifyReplicas
      Test omitted by user request: VerifyEnterpriseReferences
      Test omitted by user request: CheckSecurityError

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
            For the partition (DC=ForestDnsZones,DC=WORLD,DC=COMPANY,DC=COM) we
            encountered the following error retrieving the cross-ref's
            (CN=523dc340-cc0a-4b3c-92fd-8471a177ab76,CN=Partitions,CN=Configurat
ion,DC=WORLD,DC=COMPANY,DC=COM)
             information:
               LDAP Error 0x3a (58).
         ......................... ForestDnsZones failed test CrossRefValidation

      Starting test: CheckSDRefDom
            For the partition (DC=ForestDnsZones,DC=WORLD,DC=COMPANY,DC=COM) we
            encountered the following error retrieving the cross-ref's
            (CN=523dc340-cc0a-4b3c-92fd-8471a177ab76,CN=Partitions,CN=Configurat
ion,DC=WORLD,DC=COMPANY,DC=COM)
             information:
               LDAP Error 0x3a (58).
         ......................... ForestDnsZones failed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
            For the partition (DC=DomainDnsZones,DC=WORLD,DC=COMPANY,DC=COM) we
            encountered the following error retrieving the cross-ref's
            (CN=cc5ec12e-5de2-4d6b-843d-93781f0f2def,CN=Partitions,CN=Configurat
ion,DC=WORLD,DC=COMPANY,DC=COM)
             information:
               LDAP Error 0x3a (58).
         ......................... DomainDnsZones failed test CrossRefValidation

      Starting test: CheckSDRefDom
            For the partition (DC=DomainDnsZones,DC=WORLD,DC=COMPANY,DC=COM) we
            encountered the following error retrieving the cross-ref's
            (CN=cc5ec12e-5de2-4d6b-843d-93781f0f2def,CN=Partitions,CN=Configurat
ion,DC=WORLD,DC=COMPANY,DC=COM)
             information:
               LDAP Error 0x3a (58).
         ......................... DomainDnsZones failed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
            For the partition
            (CN=Schema,CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM) we encountered
            the following error retrieving the cross-ref's
            (CN=Enterprise Schema,CN=Partitions,CN=Configuration,DC=WORLD,DC=SP
X,DC=COM)
             information:
               LDAP Error 0x3a (58).
         ......................... Schema failed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
            For the partition (CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM) we
            encountered the following error retrieving the cross-ref's
            (CN=Enterprise Configuration,CN=Partitions,CN=Configuration,DC=GLOBA
L,DC=COMPANY,DC=COM)
             information:
               LDAP Error 0x3a (58).
         ......................... Configuration failed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : WORLD
      Starting test: CrossRefValidation
            For the partition (DC=WORLD,DC=COMPANY,DC=COM) we encountered the
            following error retrieving the cross-ref's
            (CN=WORLD,CN=Partitions,CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM)
            information:
               LDAP Error 0x3a (58).
         ......................... WORLD failed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... WORLD passed test CheckSDRefDom

   Running enterprise tests on : WORLD.COMPANY.COM
      Starting test: Intersite
         Doing intersite inbound replication test on site
         Default-First-Site-Name:
            Locating & Contacting Intersite Topology Generator (ISTG) ...
               The ISTG for site Default-First-Site-Name is: COMPANY-COUNTRY-SERVER1.
            Checking for down bridgeheads ...
               *Warning: Remote bridgehead SITE\COMPANY-SITE-SERVER1 is not eligible
               as a bridgehead due to too many failures.  Replication may be
               disrupted into the local site Default-First-Site-Name.
               Remote bridgehead SITE\COMPANY-SITE-SERVER1 also couldn't be
               contacted by dcdiag.  Check this server.
               Bridghead Default-First-Site-Name\COMPANY-COUNTRY-SERVER02 is up and
               replicating fine.
               Bridghead Default-First-Site-Name\COMPANY-COUNTRY-SERVER1 is up and
               replicating fine.
            Doing in depth site analysis ...
               Remote site SITE is replicating to the local site
               Default-First-Site-Name the writeable NC ForestDnsZones
               correctly.
               Remote site SITE is replicating to the local site
               Default-First-Site-Name the writeable NC DomainDnsZones
               correctly.
               Remote site SITE is replicating to the local site
               Default-First-Site-Name the writeable NC Schema correctly.
               Remote site SITE is replicating to the local site
               Default-First-Site-Name the writeable NC Configuration
               correctly.
               Remote site SITE is replicating to the local site
               Default-First-Site-Name the writeable NC WORLD correctly.
         Doing intersite inbound replication test on site SITE:
            Locating & Contacting Intersite Topology Generator (ISTG) ...
               The ISTG for site SITE is: COMPANY-SITE-SERVER1.
            Checking for down bridgeheads ...
               Bridghead Default-First-Site-Name\COMPANY-COUNTRY-SERVER1 is up and
               replicating fine.
               Bridghead SITE\COMPANY-SITE-SERVER1 is up and replicating fine.
               Remote bridgehead SITE\COMPANY-SITE-SERVER1 also couldn't be
               contacted by dcdiag.  Check this server.
            Doing in depth site analysis ...
               Remote site Default-First-Site-Name is replicating to the local
               site SITE the writeable NC ForestDnsZones correctly.
               Remote site Default-First-Site-Name is replicating to the local
               site SITE the writeable NC DomainDnsZones correctly.
               Remote site Default-First-Site-Name is replicating to the local
               site SITE the writeable NC Schema correctly.
               Remote site Default-First-Site-Name is replicating to the local
               site SITE the writeable NC Configuration correctly.
               Remote site Default-First-Site-Name is replicating to the local
               site SITE the writeable NC WORLD correctly.
         ......................... WORLD.COMPANY.COM passed test Intersite
      Starting test: FsmoCheck
         GC Name: \\COMPANY-SITE-SERVER1.WORLD.COMPANY.COM
         Locator Flags: 0xe00001fc
         PDC Name: \\COMPANY-COUNTRY-SERVER1.WORLD.COMPANY.COM
         Locator Flags: 0xe000017d
         Time Server Name: \\COMPANY-SITE-SERVER1.WORLD.COMPANY.COM
         Locator Flags: 0xe00001fc
         Preferred Time Server Name: \\COMPANY-SITE-SERVER1.WORLD.COMPANY.COM
         Locator Flags: 0xe00001fc
         KDC Name: \\COMPANY-SITE-SERVER1.WORLD.COMPANY.COM
         Locator Flags: 0xe00001fc
         ......................... WORLD.COMPANY.COM passed test FsmoCheck
      Test omitted by user request: DNS
      Test omitted by user request: DNS
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
Comment Utility
Testing server: SITE\COMPANY-SITE-SERVER1
      Skipping all tests, because server COMPANY-SITE-SERVER1 is
      not responding to directory service requests


This domain controller seems to be in quite a poorly state.  Is this the new one in the remote site?
0
 

Author Comment

by:zenworksb
Comment Utility
that is the main dc and I ran dcdiag from the new site server. shoudl I run in from server1 and post that?
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
Comment Utility
I would run it from the main DC as this suggests that the new DC is not talking to the main DC.  Are you confident about the reliability of the main DC?
0
 

Author Comment

by:zenworksb
Comment Utility
i am not this is a new setup that I was not involved with.  i will run this and send it up give me a few minutes
0
 

Author Comment

by:zenworksb
Comment Utility
i appologize this is teh new site server COMPANY-SITE-SERVER1 what suggestions?
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
Comment Utility
At this stage I would personally take some concrete steps to re-assure myself about the new server.

First I would quickly rebuild it and patch it to the same service pack level as the main DC.

Then I would run netdiag to ensure that it can communicate correctly with the main DC.

I would then install DNS and DCPROMO the server.  I would re-configure the static IP address to use 127.0.0.1 as the primary DNS and then I would re-test using DCDiag.

It might seem extreme but if you have no faith in the current setup this will provide you with re-assurance that things have been done correctly.

Cheers,

TCP
0
 

Author Comment

by:zenworksb
Comment Utility
this is from the main dc the main dc is company-country-server
the new site is company-site-server1



         An Warning Event occured.  EventID: 0x80000785
            Time Generated: 06/24/2008   10:04:20
            Event String: The attempt to establish a replication link for
the following writable directory partition
failed.

Directory partition:
DC=WORLD,DC=COMPANY,DC=COM
Source domain controller:
CN=NTDS Settings,CN=COMPANY-SITE-SERVER01,CN=Servers,CN=SITE,CN=Sites,CN=Configuration
,DC=WORLD,DC=COMPANY,DC=COM

Source domain controller address:
f595cd57-91fe-4c10-9c53-4cd7a0c224b5._msdcs.WORLD.COMPANY.COM

Intersite transport (if any):
CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM



This domain controller will be unable to
replicate with the source domain controller until
this problem is corrected.

User Action
Verify if the source domain controller is
accessible or network connectivity is available.

Additional Data
Error value:
8524
The DSA operation is unable to proceed because of a DNS lookup failure.

         ......................... COMPANY-COUNTRY-SERVER01 failed test kccevent
      Starting test: systemlog
         * The System Event log test
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 06/24/2008   10:10:13
            (Event String could not be retrieved)
         ......................... COMPANY-COUNTRY-SERVER01 failed test systemlog
      Test omitted by user request: VerifyReplicas
      Starting test: VerifyReferences
         The system object reference (serverReference)
         CN=COMPANY-COUNTRY-SERVER01,OU=Domain Controllers,DC=WORLD,DC=COMPANY,DC=COM and
         backlink on
         CN=COMPANY-COUNTRY-SERVER01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Conf
iguration,DC=WORLD,DC=COMPANY,DC=COM
         are correct.
         The system object reference (frsComputerReferenceBL)
         CN=COMPANY-COUNTRY-SERVER01,CN=Domain System Volume (SYSVOL share),CN=File Replica
tion Service,CN=System,DC=WORLD,DC=COMPANY,DC=COM
         and backlink on
         CN=COMPANY-COUNTRY-SERVER01,OU=Domain Controllers,DC=WORLD,DC=COMPANY,DC=COM are
         correct.
         The system object reference (serverReferenceBL)
         CN=COMPANY-COUNTRY-SERVER01,CN=Domain System Volume (SYSVOL share),CN=File Replica
tion Service,CN=System,DC=WORLD,DC=COMPANY,DC=COM
         and backlink on
         CN=NTDS Settings,CN=COMPANY-COUNTRY-SERVER01,CN=Servers,CN=Default-First-Site-Name
,CN=Sites,CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM
         are correct.
         ......................... COMPANY-COUNTRY-SERVER01 passed test VerifyReferences
      Test omitted by user request: VerifyEnterpriseReferences
      Test omitted by user request: CheckSecurityError

   Testing server: Default-First-Site-Name\COMPANY-COUNTRY-DC02
      Starting test: Replications
         * Replications Check
         * Replication Latency Check
         ......................... COMPANY-COUNTRY-DC02 passed test Replications
      Test omitted by user request: Topology
      Test omitted by user request: CutoffServers
      Starting test: NCSecDesc
         * Security Permissions check for all NC's on DC COMPANY-COUNTRY-DC02.
         * Security Permissions Check for
           DC=ForestDnsZones,DC=WORLD,DC=COMPANY,DC=COM
            (NDNC,Version 2)
         * Security Permissions Check for
           DC=DomainDnsZones,DC=WORLD,DC=COMPANY,DC=COM
            (NDNC,Version 2)
         * Security Permissions Check for
           CN=Schema,CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM
            (Schema,Version 2)
         * Security Permissions Check for
           CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM
            (Configuration,Version 2)
         * Security Permissions Check for
           DC=WORLD,DC=COMPANY,DC=COM
            (Domain,Version 2)
         ......................... COMPANY-COUNTRY-DC02 passed test NCSecDesc
      Starting test: NetLogons
         * Network Logons Privileges Check
         Verified share \\COMPANY-COUNTRY-DC02\netlogon
         Verified share \\COMPANY-COUNTRY-DC02\sysvol
         ......................... COMPANY-COUNTRY-DC02 passed test NetLogons
      Starting test: Advertising
         The DC COMPANY-COUNTRY-DC02 is advertising itself as a DC and having a DS.
         The DC COMPANY-COUNTRY-DC02 is advertising as an LDAP server
         The DC COMPANY-COUNTRY-DC02 is advertising as having a writeable directory
         The DC COMPANY-COUNTRY-DC02 is advertising as a Key Distribution Center
         The DC COMPANY-COUNTRY-DC02 is advertising as a time server
         The DS COMPANY-COUNTRY-DC02 is advertising as a GC.
         ......................... COMPANY-COUNTRY-DC02 passed test Advertising
      Starting test: KnowsOfRoleHolders
         Role Schema Owner = CN=NTDS Settings,CN=COMPANY-COUNTRY-SERVER01,CN=Servers,CN=Def
ault-First-Site-Name,CN=Sites,CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM
         Role Domain Owner = CN=NTDS Settings,CN=COMPANY-COUNTRY-SERVER01,CN=Servers,CN=Def
ault-First-Site-Name,CN=Sites,CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM
         Role PDC Owner = CN=NTDS Settings,CN=COMPANY-COUNTRY-SERVER01,CN=Servers,CN=Defaul
t-First-Site-Name,CN=Sites,CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM
         Role Rid Owner = CN=NTDS Settings,CN=COMPANY-COUNTRY-SERVER01,CN=Servers,CN=Defaul
t-First-Site-Name,CN=Sites,CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM
         Role Infrastructure Update Owner = CN=NTDS Settings,CN=COMPANY-COUNTRY-SERVER01,CN
=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=WORLD,DC=COMPANY,D
C=COM
         ......................... COMPANY-COUNTRY-DC02 passed test KnowsOfRoleHolders
      Starting test: RidManager
         * Available RID Pool for the Domain is 20100 to 1073741823
         * COMPANY-COUNTRY-SERVER01.WORLD.COMPANY.COM is the RID Master
         * DsBind with RID Master was successful
         * rIDAllocationPool is 18600 to 19099
         * rIDPreviousAllocationPool is 18600 to 19099
         * rIDNextRID: 18664
         ......................... COMPANY-COUNTRY-DC02 passed test RidManager
      Starting test: MachineAccount
         Checking machine account for DC COMPANY-COUNTRY-DC02 on DC COMPANY-COUNTRY-DC02.
         * SPN found :LDAP/COMPANY-COUNTRY-DC02.WORLD.COMPANY.COM/WORLD.COMPANY.COM
         * SPN found :LDAP/COMPANY-COUNTRY-DC02.WORLD.COMPANY.COM
         * SPN found :LDAP/COMPANY-COUNTRY-DC02
         * SPN found :LDAP/COMPANY-COUNTRY-DC02.WORLD.COMPANY.COM/WORLD
         * SPN found :LDAP/1f6a0f7f-6fee-4ebf-9bf2-7ea4be61f096._msdcs.WORLD.SP
X.COM
         * SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/1f6a0f7f-6fee-4ebf-9b
f2-7ea4be61f096/WORLD.COMPANY.COM
         * SPN found :HOST/COMPANY-COUNTRY-DC02.WORLD.COMPANY.COM/WORLD.COMPANY.COM
         * SPN found :HOST/COMPANY-COUNTRY-DC02.WORLD.COMPANY.COM
         * SPN found :HOST/COMPANY-COUNTRY-DC02
         * SPN found :HOST/COMPANY-COUNTRY-DC02.WORLD.COMPANY.COM/WORLD
         * SPN found :GC/COMPANY-COUNTRY-DC02.WORLD.COMPANY.COM/WORLD.COMPANY.COM
         ......................... COMPANY-COUNTRY-DC02 passed test MachineAccount
      Starting test: Services
         * Checking Service: Dnscache
         * Checking Service: NtFrs
         * Checking Service: IsmServ
         * Checking Service: kdc
         * Checking Service: SamSs
         * Checking Service: LanmanServer
         * Checking Service: LanmanWorkstation
         * Checking Service: RpcSs
         * Checking Service: w32time
         * Checking Service: NETLOGON
         ......................... COMPANY-COUNTRY-DC02 passed test Services
      Test omitted by user request: OutboundSecureChannels
      Starting test: ObjectsReplicated
         COMPANY-COUNTRY-DC02 is in domain DC=WORLD,DC=COMPANY,DC=COM
         Checking for CN=COMPANY-COUNTRY-DC02,OU=Domain Controllers,DC=WORLD,DC=COMPANY,DC
=COM in domain DC=WORLD,DC=COMPANY,DC=COM on 2 servers
            Object is up-to-date on all servers.
         Checking for CN=NTDS Settings,CN=COMPANY-COUNTRY-DC02,CN=Servers,CN=Default-Fi
rst-Site-Name,CN=Sites,CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM in domain CN=Con
figuration,DC=WORLD,DC=COMPANY,DC=COM on 2 servers
            Object is up-to-date on all servers.
         ......................... COMPANY-COUNTRY-DC02 passed test ObjectsReplicated
      Starting test: frssysvol
         * The File Replication Service SYSVOL ready test
         File Replication Service's SYSVOL is ready
         ......................... COMPANY-COUNTRY-DC02 passed test frssysvol
      Starting test: frsevent
         * The File Replication Service Event log test
         ......................... COMPANY-COUNTRY-DC02 passed test frsevent
      Starting test: kccevent
         * The KCC Event log test
         Found no KCC errors in Directory Service Event log in the last 15 minut
es.
         ......................... COMPANY-COUNTRY-DC02 passed test kccevent
      Starting test: systemlog
         * The System Event log test
         Found no errors in System Event log in the last 60 minutes.
         ......................... COMPANY-COUNTRY-DC02 passed test systemlog
      Test omitted by user request: VerifyReplicas
      Starting test: VerifyReferences
         The system object reference (serverReference)
         CN=COMPANY-COUNTRY-DC02,OU=Domain Controllers,DC=WORLD,DC=COMPANY,DC=COM and
         backlink on
         CN=COMPANY-COUNTRY-DC02,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Conf
iguration,DC=WORLD,DC=COMPANY,DC=COM
         are correct.
         The system object reference (frsComputerReferenceBL)
         CN=COMPANY-COUNTRY-DC02,CN=Domain System Volume (SYSVOL share),CN=File Replica
tion Service,CN=System,DC=WORLD,DC=COMPANY,DC=COM
         and backlink on
         CN=COMPANY-COUNTRY-DC02,OU=Domain Controllers,DC=WORLD,DC=COMPANY,DC=COM are
         correct.
         The system object reference (serverReferenceBL)
         CN=COMPANY-COUNTRY-DC02,CN=Domain System Volume (SYSVOL share),CN=File Replica
tion Service,CN=System,DC=WORLD,DC=COMPANY,DC=COM
         and backlink on
         CN=NTDS Settings,CN=COMPANY-COUNTRY-DC02,CN=Servers,CN=Default-First-Site-Name
,CN=Sites,CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM
         are correct.
         ......................... COMPANY-COUNTRY-DC02 passed test VerifyReferences
      Test omitted by user request: VerifyEnterpriseReferences
      Test omitted by user request: CheckSecurityError

   Testing server: SITE\COMPANY-SITE-SERVER01
      Skipping all tests, because server COMPANY-SITE-SERVER01 is
      not responding to directory service requests
      Test omitted by user request: Topology
      Test omitted by user request: CutoffServers
      Test omitted by user request: OutboundSecureChannels
      Test omitted by user request: VerifyReplicas
      Test omitted by user request: VerifyEnterpriseReferences
      Test omitted by user request: CheckSecurityError

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : WORLD
      Starting test: CrossRefValidation
         ......................... WORLD passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... WORLD passed test CheckSDRefDom

   Running enterprise tests on : WORLD.COMPANY.COM
      Starting test: Intersite
         Doing intersite inbound replication test on site
         Default-First-Site-Name:
            Locating & Contacting Intersite Topology Generator (ISTG) ...
               The ISTG for site Default-First-Site-Name is: COMPANY-COUNTRY-SERVER01.
            Checking for down bridgeheads ...
               *Warning: Remote bridgehead SITE\COMPANY-SITE-SERVER01 is not eligible
               as a bridgehead due to too many failures.  Replication may be
               disrupted into the local site Default-First-Site-Name.
               Remote bridgehead SITE\COMPANY-SITE-SERVER01 also couldn't be
               contacted by dcdiag.  Check this server.
               Bridghead Default-First-Site-Name\COMPANY-COUNTRY-DC02 is up and
               replicating fine.
               Bridghead Default-First-Site-Name\COMPANY-COUNTRY-SERVER01 is up and
               replicating fine.
            Doing in depth site analysis ...
               Remote site SITE is replicating to the local site
               Default-First-Site-Name the writeable NC ForestDnsZones
               correctly.
               Remote site SITE is replicating to the local site
               Default-First-Site-Name the writeable NC DomainDnsZones
               correctly.
               Remote site SITE is replicating to the local site
               Default-First-Site-Name the writeable NC Schema correctly.
               Remote site SITE is replicating to the local site
               Default-First-Site-Name the writeable NC Configuration
               correctly.
               Remote site SITE is replicating to the local site
               Default-First-Site-Name the writeable NC WORLD correctly.
         Doing intersite inbound replication test on site SITE:
            Locating & Contacting Intersite Topology Generator (ISTG) ...
               ***ERROR: There is an inconsistency in the DS, suggest you run
               dcdiag in a few moments, perhaps on a different DC.
         ......................... WORLD.COMPANY.COM failed test Intersite
      Starting test: FsmoCheck
         GC Name: \\COMPANY-COUNTRY-SERVER01.WORLD.COMPANY.COM
         Locator Flags: 0xe00001fd
         PDC Name: \\COMPANY-COUNTRY-SERVER01.WORLD.COMPANY.COM
         Locator Flags: 0xe00001fd
         Time Server Name: \\COMPANY-COUNTRY-SERVER01.WORLD.COMPANY.COM
         Locator Flags: 0xe00001fd
         Preferred Time Server Name: \\COMPANY-COUNTRY-SERVER01.WORLD.COMPANY.COM
         Locator Flags: 0xe00001fd
         KDC Name: \\COMPANY-COUNTRY-SERVER01.WORLD.COMPANY.COM
         Locator Flags: 0xe00001fd
         ......................... WORLD.COMPANY.COM passed test FsmoCheck
      Test omitted by user request: DNS
      Test omitted by user request: DNS

C:\Program Files\Support Tools>
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
Comment Utility
There is a fundamental issue with network connectivity between the two machines and this may well be down to DNS.

Either do a clean rebuild or run netdiag from the Support Tools on both DCs to help identify the issue.

Can both servers ping each other by FQDN?

Cheers,

TCP
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:zenworksb
Comment Utility
i will check and do netdiag and get this to you shortly be there soon tahnk you
0
 

Author Comment

by:zenworksb
Comment Utility
I can ping from teh main server to the site server and from teh site server to the main dc by name. I will run netdiag on both
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
Comment Utility
When you say by name, was this the FQDN or NetBIOS name?
0
 

Author Comment

by:zenworksb
Comment Utility
netbios name let me know if I need to do name.domain.com etc I will check that as well.

here is the netdiag from the main DC

C:\Program Files\Support Tools>netdiag

..............................................

    Computer Name: COMPANY-COUNTRY-SERVER01
    DNS Host Name: COMPANY-COUNTRY-SERVER01.WORLD.COMPANY.COM
    System info : Microsoft Windows Server 2003 R2 (Build 3790)
    Processor : x86 Family 15 Model 4 Stepping 1, GenuineIntel
    List of installed hotfixes :
        KB883939
        KB890046
        KB893756
        KB896358
        KB896422
        KB896424
        KB896428
        KB896688
        KB896727
        KB898715
        KB899587
        KB899588
        KB899589
        KB899591
        KB900725
        KB901017
        KB901214
        KB902400
        KB903235
        KB904706
        KB905414
        KB905915
        KB908519
        KB908531
        KB910437
        KB911280
        KB911562
        KB911567
        KB911897
        KB911927
        KB912812
        KB912919
        KB913446
        KB914388
        KB914389
        KB916281
        KB916846
        KB917159
        KB917344
        KB917422
        KB917734
        KB917953
        KB918118
        KB918439
        KB918899
        KB920213
        KB920214
        KB920670
        KB920683
        KB920685
        KB921398
        KB921503
        KB921883
        KB922582
        KB922616
        KB922760
        KB922819
        KB923191
        KB923414
        KB923689
        KB923694
        KB923980
        KB924191
        KB924496
        KB924667
        KB925398_WMP64
        KB925486
        KB925902
        KB926122
        KB926139
        KB926247
        KB926436
        KB927891
        KB928255
        KB928843
        KB929123
        KB929969
        KB930178
        KB931768
        KB931784
        KB931836
        KB932168
        KB933566
        KB933729
        KB933854
        KB935839
        KB935840
        KB935966
        KB936021
        KB936357
        KB936782
        KB937143
        KB938127
        KB938829
        KB939653
        KB941202
        KB941568
        KB941569
        KB941644
        KB941672
        KB941693
        KB942615
        KB942763
        KB942840
        KB943055
        KB943460
        KB943484
        KB943485
        KB944338
        KB944533
        KB944653
        KB945553
        KB946026
        KB947864
        KB948590
        KB948881
        KB950749
        Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : eth0

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : COMPANY-COUNTRY-SERVER01.WORLD.COMPANY.COM
        IP Address . . . . . . . . : 10.41.44.106
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 10.41.44.1
        Dns Servers. . . . . . . . : 127.0.0.1
                                     10.41.44.108


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenge
r Service', <20> 'WINS' names is missing.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.

    Adapter : eth3

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : COMPANY-COUNTRY-SERVER01.WORLD.COMPANY.COM
        IP Address . . . . . . . . : 172.16.44.106
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . :
        Dns Servers. . . . . . . . : 127.0.0.1
                                     172.16.44.108


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Skipped
            [WARNING] No gateways defined for this adapter.

        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenge
r Service', <20> 'WINS' names is missing.
            No remote names have been found.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.


WORLD results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{497EA086-C83D-455B-9625-C2FAC79974F2}
        NetBT_Tcpip_{DDA9EC89-6968-4D85-ADEE-273FA0B2B8AF}
    2 NetBt transports currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed
    [WARNING] You don't have a single interface with the <00> 'WorkStation Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '127.0.0.1'. Please wait for 30 minutes for DNS server replication.
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '10.41.44.108'. Please wait for 30 minutes for DNS server replication.
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '172.16.44.108'. Please wait for 30 minutes for DNS server replication.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Failed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{497EA086-C83D-455B-9625-C2FAC79974F2}
        NetBT_Tcpip_{DDA9EC89-6968-4D85-ADEE-273FA0B2B8AF}
    The redir is bound to 2 NetBt transports.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{DDA9EC89-6968-4D85-ADEE-273FA0B2B8AF}
        NetBT_Tcpip_{497EA086-C83D-455B-9625-C2FAC79974F2}
    The browser is bound to 2 NetBt transports.
    [FATAL] Cannot send mailslot message to '\\IT*\MAILSLOT\NET\NETLOGON' via re
dir. [ERROR_BAD_NETPATH]


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Failed
        Failed to enumerate DCs by using the browser. [83B]


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully

C:\Program Files\Support Tools>
0
 

Author Comment

by:zenworksb
Comment Utility
from the site server

C:\Program Files\Support Tools>netdiag

......................................

    Computer Name: COMPANY-SITE-SERVER01
    DNS Host Name: COMPANY-SITE-SERVER01.WORLD.COMPANY.com
    System info : Microsoft Windows Server 2003 R2 (Build 3790)
    Processor : x86 Family 6 Model 15 Stepping 8, GenuineIntel
    List of installed hotfixes :
        KB924667-v2
        KB925398_WMP64
        KB925902
        KB926122
        KB927891
        KB929123
        KB930178
        KB931784
        KB932168
        KB933729
        KB933854
        KB935839
        KB935840
        KB936021
        KB936357
        KB936782
        KB938127
        KB941202
        KB941568
        KB941569
        KB941644
        KB941693
        KB942763
        KB942840
        KB943055
        KB943460
        KB943485
        KB944338
        KB944533
        KB944653
        KB945553
        KB946026
        KB947864
        KB948590
        KB948881
        Q147222


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : eth0

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : COMPANY-SITE-SERVER01.WORLD.COMPANY.COM
        IP Address . . . . . . . . : 10.72.128.100
        Subnet Mask. . . . . . . . : 255.255.252.0
        Default Gateway. . . . . . : 10.72.128.1
        Dns Servers. . . . . . . . : 10.41.44.106
                                     10.41.44.108


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Passed

        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenge
r Service', <20> 'WINS' names is missing.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.


WORLD results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{8E8345EA-13E4-444D-B92C-03FC89F3F174}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Passed


NetBT name test. . . . . . . . . . : Passed
    [WARNING] You don't have a single interface with the <00> 'WorkStation Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '10.41.44.106'. Please wait for 30 minutes for DNS server replication.
    [WARNING] The DNS entries for this DC are not registered correctly on DNS se
rver '10.41.44.108'. Please wait for 30 minutes for DNS server replication.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{8E8345EA-13E4-444D-B92C-03FC89F3F174}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{8E8345EA-13E4-444D-B92C-03FC89F3F174}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Passed
    Secure channel for domain 'WORLD' is to '\\COMPANY-COUNTRY-SERVER01.WORLD.COMPANY.COM'.


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

    Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully

C:\Program Files\Support Tools>
0
 

Author Comment

by:zenworksb
Comment Utility
I can ping them from each other with teh FQDN
0
 
LVL 13

Accepted Solution

by:
TheCapedPlodder earned 500 total points
Comment Utility
Definitely test it by FQDN.

Is COMPANY-COUNTRY-SERVER01.WORLD.COMPANY.COM the primary DC?  It appears to have two NICs on different subnets which is a bit strange....

The server cannot find itself in DNS which is not a good start.  Is DNS running ok on this server?  It also cannot find any other DC's including itself!

0
 
LVL 13

Expert Comment

by:TheCapedPlodder
Comment Utility
First thing to do is identify why the primary server can't find itself in DNS....
0
 

Author Comment

by:zenworksb
Comment Utility
what are the steps to troubleshoot this because I can ping it by name and fqdn and dns is running on this server
0
 

Author Comment

by:zenworksb
Comment Utility
i also found out they did not register the server when it was built it was added later. I onsite tech is removing the a records and running a ipconfig /registerdns i will let you know what happens from here, but what shoudl and how shoudl I troubleshoot it not seeing itself?

this is from the main dc the main dc is company-country-server
the new site is company-site-server1
0
 

Author Comment

by:zenworksb
Comment Utility
i also found in the event log this, does this help>

The Knowledge Consistency Checker (KCC) has detected problems with the following directory partition.
 
Directory partition:
CN=Configuration,DC=WORLD,DC=COMPANY,DC=COM
 
There is insufficient site connectivity information in Active Directory Sites and Services for the KCC to create a spanning tree replication topology. Or, one or more domain controllers with this directory partition are unable to replicate the directory partition information. This is probably due to inaccessible domain controllers.
 
User Action
Use Active Directory Sites and Services to perform one of the following actions:
- Publish sufficient site connectivity information so that the KCC can determine a route by which this directory partition can reach this site. This is the preferred option.
- Add a Connection object to a domain controller that contains the directory partition in this site from a domain controller that contains the same directory partition in another site.
 
If neither of the Active Directory Sites and Services tasks correct this condition, see previous events logged by the KCC that identify the inaccessible domain controllers.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
 

Author Comment

by:zenworksb
Comment Utility
should i dcpromo and remove teh site server and then dcpromo back in so it can register to teh dns again?
0
 

Author Comment

by:zenworksb
Comment Utility
also in tcp in dns the srv records are not there?
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
Comment Utility
Hi Zen,

I'll pick this up again tomorrow.

Cheers,

TCP
0
 

Author Comment

by:zenworksb
Comment Utility
thanks man. I am going to dcpromo this server out of the domain, and then re dcpromo it back in the domain and make sure teh register with dns is checked. i will make sure it is patched, and then I will make it a secondary dns server to the main one. I will then run dcdiag, and netdiag and post results. Thanks for your help i really appreciate it.
0
 
LVL 13

Expert Comment

by:TheCapedPlodder
Comment Utility
OK, let me know how that goes.
0
 

Author Comment

by:zenworksb
Comment Utility
so should i just have to go to the server at teh remote site dcpromo and remove ad and remove it from teh directory, then dcpromo again and bring it back into the directory? is that the process?
0
 

Author Comment

by:zenworksb
Comment Utility
we resolved it by unchecking register with dns, and then rechecking and restarting teh netlogon process. thanks for all teh help
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Join & Write a Comment

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Learn about cloud computing and its benefits for small business owners.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now