Isaiah Melendez
asked on
Active directory is not fully functioning.
dcdiag
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\dc
Starting test: Connectivity
......................... dc1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\dc
Starting test: Replications
[Replications Check,dc1] A recent replication attempt failed:
From dc2 to dc1
Naming Context: DC=CBAuto,DC=Pri
The replication generated an error (8524):
The DSA operation is unable to proceed because of a DNS lookup failure.
The failure occurred at 2008-10-25 11:56.48.
The last success occurred at 2008-10-16 17:45.55.
213 failures have occurred since the last success.
The guid-based DNS name 8625fa52-da96-4011-bfe3-06
is not registered on one or more DNS servers.
[dc2] DsBind() failed with error 1722,
The RPC server is unavailable..
[Replications Check,dc1] A recent replication attempt failed:
From dc2 to dc1
Naming Context: CN=Configuration,DC=CBAuto
The replication generated an error (8524):
The DSA operation is unable to proceed because of a DNS lookup failure.
The failure occurred at 2008-10-25 11:56.50.
The last success occurred at 2008-10-16 17:45.55.
213 failures have occurred since the last success.
The guid-based DNS name 8625fa52-da96-4011-bfe3-06
is not registered on one or more DNS servers.
[Replications Check,dc1] A recent replication attempt failed:
From dc2 to dc1
Naming Context: CN=Schema,CN=Configuration
The replication generated an error (8524):
The DSA operation is unable to proceed because of a DNS lookup failure.
The failure occurred at 2008-10-25 11:56.53.
The last success occurred at 2008-10-16 17:45.55.
213 failures have occurred since the last success.
The guid-based DNS name 8625fa52-da96-4011-bfe3-06
is not registered on one or more DNS servers.
[Replications Check,dc1] A recent replication attempt failed:
From dc2 to dc1
Naming Context: DC=DomainDnsZones,DC=CBAut
The replication generated an error (1256):
The remote system is not available. For information about network troubleshooting, see Windows Help.
The failure occurred at 2008-10-25 11:56.48.
The last success occurred at 2008-10-16 17:45.55.
213 failures have occurred since the last success.
[Replications Check,dc1] A recent replication attempt failed:
From dc2 to dc1
Naming Context: DC=ForestDnsZones,DC=CBAut
The replication generated an error (1256):
The remote system is not available. For information about network troubleshooting, see Windows Help.
The failure occurred at 2008-10-25 11:56.48.
The last success occurred at 2008-10-16 17:45.55.
213 failures have occurred since the last success.
......................... dc1 passed test Replications
Starting test: NCSecDesc
......................... dc1 passed test NCSecDesc
Starting test: NetLogons
......................... dc1 passed test NetLogons
Starting test: Advertising
......................... dc1 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... dc1 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... dc1 passed test RidManager
Starting test: MachineAccount
* dc1 is not a server trust account
* dc1 is not trusted for account delegation
......................... dc1 failed test MachineAccount
Starting test: Services
TrkWks Service is stopped on [dc1]
TrkSvr Service is stopped on [dc1]
......................... dc1 failed test Services
Starting test: ObjectsReplicated
......................... dc1 passed test ObjectsReplicated
Starting test: frssysvol
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
......................... dc1 passed test frssysvol
Starting test: kccevent
......................... dc1 passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x00000423
Time Generated: 10/25/2008 10:57:46
Event String: The DHCP service failed to see a directory server
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 10:59:46
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 10:59:46
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 11:14:53
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 11:14:53
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 11:29:56
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 11:29:56
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 11:44:56
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 11:44:56
(Event String could not be retrieved)
......................... dc1 failed test systemlog
Running enterprise tests on : MYDOMAIN
Starting test: Intersite
......................... MYDOMAIN passed test Intersite
Starting test: FsmoCheck
......................... MYDOMAIN passed test FsmoCheck
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\dc
Starting test: Connectivity
......................... dc1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\dc
Starting test: Replications
[Replications Check,dc1] A recent replication attempt failed:
From dc2 to dc1
Naming Context: DC=CBAuto,DC=Pri
The replication generated an error (8524):
The DSA operation is unable to proceed because of a DNS lookup failure.
The failure occurred at 2008-10-25 11:56.48.
The last success occurred at 2008-10-16 17:45.55.
213 failures have occurred since the last success.
The guid-based DNS name 8625fa52-da96-4011-bfe3-06
is not registered on one or more DNS servers.
[dc2] DsBind() failed with error 1722,
The RPC server is unavailable..
[Replications Check,dc1] A recent replication attempt failed:
From dc2 to dc1
Naming Context: CN=Configuration,DC=CBAuto
The replication generated an error (8524):
The DSA operation is unable to proceed because of a DNS lookup failure.
The failure occurred at 2008-10-25 11:56.50.
The last success occurred at 2008-10-16 17:45.55.
213 failures have occurred since the last success.
The guid-based DNS name 8625fa52-da96-4011-bfe3-06
is not registered on one or more DNS servers.
[Replications Check,dc1] A recent replication attempt failed:
From dc2 to dc1
Naming Context: CN=Schema,CN=Configuration
The replication generated an error (8524):
The DSA operation is unable to proceed because of a DNS lookup failure.
The failure occurred at 2008-10-25 11:56.53.
The last success occurred at 2008-10-16 17:45.55.
213 failures have occurred since the last success.
The guid-based DNS name 8625fa52-da96-4011-bfe3-06
is not registered on one or more DNS servers.
[Replications Check,dc1] A recent replication attempt failed:
From dc2 to dc1
Naming Context: DC=DomainDnsZones,DC=CBAut
The replication generated an error (1256):
The remote system is not available. For information about network troubleshooting, see Windows Help.
The failure occurred at 2008-10-25 11:56.48.
The last success occurred at 2008-10-16 17:45.55.
213 failures have occurred since the last success.
[Replications Check,dc1] A recent replication attempt failed:
From dc2 to dc1
Naming Context: DC=ForestDnsZones,DC=CBAut
The replication generated an error (1256):
The remote system is not available. For information about network troubleshooting, see Windows Help.
The failure occurred at 2008-10-25 11:56.48.
The last success occurred at 2008-10-16 17:45.55.
213 failures have occurred since the last success.
......................... dc1 passed test Replications
Starting test: NCSecDesc
......................... dc1 passed test NCSecDesc
Starting test: NetLogons
......................... dc1 passed test NetLogons
Starting test: Advertising
......................... dc1 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... dc1 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... dc1 passed test RidManager
Starting test: MachineAccount
* dc1 is not a server trust account
* dc1 is not trusted for account delegation
......................... dc1 failed test MachineAccount
Starting test: Services
TrkWks Service is stopped on [dc1]
TrkSvr Service is stopped on [dc1]
......................... dc1 failed test Services
Starting test: ObjectsReplicated
......................... dc1 passed test ObjectsReplicated
Starting test: frssysvol
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
......................... dc1 passed test frssysvol
Starting test: kccevent
......................... dc1 passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x00000423
Time Generated: 10/25/2008 10:57:46
Event String: The DHCP service failed to see a directory server
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 10:59:46
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 10:59:46
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 11:14:53
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 11:14:53
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 11:29:56
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 11:29:56
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 11:44:56
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 11:44:56
(Event String could not be retrieved)
......................... dc1 failed test systemlog
Running enterprise tests on : MYDOMAIN
Starting test: Intersite
......................... MYDOMAIN passed test Intersite
Starting test: FsmoCheck
......................... MYDOMAIN passed test FsmoCheck
ASKER
Removing FRS metadata for the selected server.
Unable to find server reference on "CN=dc2,CN=Servers,CN=Defa
me,CN=Sites,CN=Configurati
LDAP error 0x5e(94 (No result present in message).)
The attempt to remove the FRS settings on CN=dc2,CN=Servers,CN=Defau
ite-Name,CN=Sites,CN=Confi
found.";
metadata cleanup is continuing.
"CN=dc2,CN=Servers,CN=Defa
metadata cleanup:
Unable to find server reference on "CN=dc2,CN=Servers,CN=Defa
me,CN=Sites,CN=Configurati
LDAP error 0x5e(94 (No result present in message).)
The attempt to remove the FRS settings on CN=dc2,CN=Servers,CN=Defau
ite-Name,CN=Sites,CN=Confi
found.";
metadata cleanup is continuing.
"CN=dc2,CN=Servers,CN=Defa
metadata cleanup:
ASKER
C:\>dcdiag
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC
Starting test: Connectivity
......................... DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC
Starting test: Replications
......................... DC1 passed test Replications
Starting test: NCSecDesc
......................... DC1 passed test NCSecDesc
Starting test: NetLogons
......................... DC1 passed test NetLogons
Starting test: Advertising
......................... DC1 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... DC1 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... DC1 passed test RidManager
Starting test: MachineAccount
* DC1 is not a server trust account
* DC1 is not trusted for account delegation
......................... DC1 failed test MachineAccount
Starting test: Services
TrkWks Service is stopped on [DC1]
TrkSvr Service is stopped on [DC1]
......................... DC1 failed test Services
Starting test: ObjectsReplicated
......................... DC1 passed test ObjectsReplicated
Starting test: frssysvol
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
......................... DC1 passed test frssysvol
Starting test: kccevent
......................... DC1 passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0x00000423
Time Generated: 10/25/2008 14:57:46
Event String: The DHCP service failed to see a directory server
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 14:59:56
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 14:59:56
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 15:14:56
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 15:14:56
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 15:29:56
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 15:29:56
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000423
Time Generated: 10/25/2008 15:42:51
Event String: The DHCP service failed to see a directory server
An Error Event occured. EventID: 0x00000423
Time Generated: 10/25/2008 15:42:51
Event String: The DHCP service failed to see a directory server
An Error Event occured. EventID: 0xC0000021
Time Generated: 10/25/2008 15:43:32
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0000021
Time Generated: 10/25/2008 15:43:32
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0000021
Time Generated: 10/25/2008 15:43:32
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0000021
Time Generated: 10/25/2008 15:43:32
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 15:44:25
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 15:44:25
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 15:44:25
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 15:44:40
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 15:44:40
(Event String could not be retrieved)
......................... DC1 failed test systemlog
Running enterprise tests on : MYDOMAIN
Starting test: Intersite
......................... MYDOMAIN passed test Intersite
Starting test: FsmoCheck
......................... MYDOMAIN passed test FsmoCheck
c:\
Is your FRS service started? What errors are you getting in your Event Log?
ASKER
FRS IS started.
Event Type: Error
Event Source: NTDS General
Event Category: Global Catalog
Event ID: 1126
Date: 10/25/2008
Time: 3:57:01 PM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DC1
Description:
Active Directory was unable to establish a connection with the global catalog.
Additional Data
Error value:
8430 The directory service encountered an internal failure.
Internal ID:
3200c89
User Action:
Make sure a global catalog is available in the forest, and is reachable from this domain controller. You may use the nltest utility to diagnose this problem.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: NTDS General
Event Category: Global Catalog
Event ID: 1126
Date: 10/25/2008
Time: 3:57:01 PM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DC1
Description:
Active Directory was unable to establish a connection with the global catalog.
Additional Data
Error value:
8430 The directory service encountered an internal failure.
Internal ID:
3200c89
User Action:
Make sure a global catalog is available in the forest, and is reachable from this domain controller. You may use the nltest utility to diagnose this problem.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
ASKER
Event Type: Warning
Event Source: NTDS General
Event Category: Global Catalog
Event ID: 1655
Date: 10/25/2008
Time: 3:57:01 PM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DC1
Description:
Active Directory attempted to communicate with the following global catalog and the attempts were unsuccessful.
Global catalog:
\\DC1.MYDOMAIN.LOCAL
The operation in progress might be unable to continue. Active Directory will use the domain controller locator to try to find an available global catalog server.
Additional Data
Error value:
5 Access is denied.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Source: NTDS General
Event Category: Global Catalog
Event ID: 1655
Date: 10/25/2008
Time: 3:57:01 PM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DC1
Description:
Active Directory attempted to communicate with the following global catalog and the attempts were unsuccessful.
Global catalog:
\\DC1.MYDOMAIN.LOCAL
The operation in progress might be unable to continue. Active Directory will use the domain controller locator to try to find an available global catalog server.
Additional Data
Error value:
5 Access is denied.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Look over this link. Is this server a GC? Run a netdiag /fix.
http://www.eventid.net/display.asp?eventid=1126&eventno=656&source=NTDS%20General&phase=1
http://www.eventid.net/display.asp?eventid=1126&eventno=656&source=NTDS%20General&phase=1
ASKER
The DC is a GC.
Did dcdiag /fix & then stopped and started netlogon.
DCdiag again:
C:\>dcdiag
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC
Starting test: Connectivity
......................... DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC
Starting test: Replications
......................... DC1 passed test Replications
Starting test: NCSecDesc
......................... DC1 passed test NCSecDesc
Starting test: NetLogons
......................... DC1 passed test NetLogons
Starting test: Advertising
......................... DC1 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... DC1 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... DC1 passed test RidManager
Starting test: MachineAccount
* DC1 is not a server trust account
* DC1 is not trusted for account delegation
......................... DC1 failed test MachineAccount
Starting test: Services
TrkWks Service is stopped on [DC1]
TrkSvr Service is stopped on [DC1]
......................... DC1 failed test Services
Starting test: ObjectsReplicated
......................... DC1 passed test ObjectsReplicated
Starting test: frssysvol
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
......................... DC1 passed test frssysvol
Starting test: kccevent
......................... DC1 passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 16:29:40
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 16:29:40
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000423
Time Generated: 10/25/2008 16:42:51
Event String: The DHCP service failed to see a directory server
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 16:44:40
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 16:44:40
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 16:59:40
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 16:59:40
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 17:14:40
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 17:14:40
(Event String could not be retrieved)
......................... DC1 failed test systemlog
Running enterprise tests on : MYDOMAIN.LOCAL
Starting test: Intersite
......................... MYDOMAIN.LOCAL passed test Intersite
Starting test: FsmoCheck
......................... MYDOMAIN.LOCAL passed test FsmoCheck
Did dcdiag /fix & then stopped and started netlogon.
DCdiag again:
C:\>dcdiag
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\DC
Starting test: Connectivity
......................... DC1 passed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\DC
Starting test: Replications
......................... DC1 passed test Replications
Starting test: NCSecDesc
......................... DC1 passed test NCSecDesc
Starting test: NetLogons
......................... DC1 passed test NetLogons
Starting test: Advertising
......................... DC1 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... DC1 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... DC1 passed test RidManager
Starting test: MachineAccount
* DC1 is not a server trust account
* DC1 is not trusted for account delegation
......................... DC1 failed test MachineAccount
Starting test: Services
TrkWks Service is stopped on [DC1]
TrkSvr Service is stopped on [DC1]
......................... DC1 failed test Services
Starting test: ObjectsReplicated
......................... DC1 passed test ObjectsReplicated
Starting test: frssysvol
Error: No record of File Replication System, SYSVOL started.
The Active Directory may be prevented from starting.
......................... DC1 passed test frssysvol
Starting test: kccevent
......................... DC1 passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 16:29:40
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 16:29:40
(Event String could not be retrieved)
An Error Event occured. EventID: 0x00000423
Time Generated: 10/25/2008 16:42:51
Event String: The DHCP service failed to see a directory server
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 16:44:40
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 16:44:40
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 16:59:40
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 16:59:40
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 17:14:40
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002720
Time Generated: 10/25/2008 17:14:40
(Event String could not be retrieved)
......................... DC1 failed test systemlog
Running enterprise tests on : MYDOMAIN.LOCAL
Starting test: Intersite
......................... MYDOMAIN.LOCAL passed test Intersite
Starting test: FsmoCheck
......................... MYDOMAIN.LOCAL passed test FsmoCheck
Run this commnad dcdiag /test:MachineAccount. Make sure that DC1 is pointing to itself for DNS. Go into AD and see if you see DC1 in the Domain Controllers OU.
http://support.microsoft.com/kb/833436
https://www.experts-exchange.com/questions/23353722/Windows-2003-server-errors-in-dcdiag-exe-PDC-Failed-MachineAccount-test-it-cannot-replicate.html
http://support.microsoft.com/kb/833436
https://www.experts-exchange.com/questions/23353722/Windows-2003-server-errors-in-dcdiag-exe-PDC-Failed-MachineAccount-test-it-cannot-replicate.html
what is the ipconfig for both DC1 and DC2
Starting test: MachineAccount
* DC1 is not a server trust account
* DC1 is not trusted for account delegation
......................... DC1 failed test MachineAccount
Try to run this command from a command prompt:
nltest /sc_change_pwd:<DomainName
If you receive a Not a server trust account error:
Open ADSI edit (Adsiedit.msc):
Expand Domain.
Expand DC=<DomainName>,DC=<Domain
Expand CN=Domain Controllers.
In the right-hand pane, right-click the domain controller object and press Properties.
Select the Attributes tab.
In the Select a property to view drop-down box, press userAccountControl. Please post what value you got here.
Type 532480 into the Edit Attribute text box and press the Set button.
Close ADSI Edit.
Shutdown and restart your domain controller
Run dcdiag to see if it helped.
SG
* DC1 is not a server trust account
* DC1 is not trusted for account delegation
......................... DC1 failed test MachineAccount
Try to run this command from a command prompt:
nltest /sc_change_pwd:<DomainName
If you receive a Not a server trust account error:
Open ADSI edit (Adsiedit.msc):
Expand Domain.
Expand DC=<DomainName>,DC=<Domain
Expand CN=Domain Controllers.
In the right-hand pane, right-click the domain controller object and press Properties.
Select the Attributes tab.
In the Select a property to view drop-down box, press userAccountControl. Please post what value you got here.
Type 532480 into the Edit Attribute text box and press the Set button.
Close ADSI Edit.
Shutdown and restart your domain controller
Run dcdiag to see if it helped.
SG
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I thought this was a 2003 server.
ASKER
It is Win2k3.
Did you install IPv6?
ASKER
No.
ASKER
I promoted a 2008 box to DC so I'm assuming it was installed somehow during that. (The 2008 box died btw.)
OK I see now. I'm glad everything is working.
ASKER