[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 367
  • Last Modified:

Domain controller will a bunch of issues

I have a Domain controller which also acts as our print, 2nd DNS, and DHCP server.

Recently, we've started getting a bunch of errors with the server that I have no idea how or what to start with to correct.

1. Shortly after a reboot we cannot connect to the server via Remote Desktop. We get the error that they system cannot log you on due to the following error: The RPC server is unavailable.

2. The server cannot browse the network. It cannot connect to any of the other servers in the domain but they can connect to it.

3. I've run a dcdiag and I get replication errors in AD. But, I'm unable to access AS users and computers while getting the error message "naming information cannot be located because: The target principle name is incorrect.

Some guidance would be greatly appreciated. This is a production server and it's currently the busiest time of the season (Accountants).
0
dak11
Asked:
dak11
  • 5
  • 4
  • 4
2 Solutions
 
ryansotoCommented:
Has anything changed?
First double check that the machine is pointing to itself for DNS (in the tcp ip properties of the lan connection)
Can you post a dcdiag
0
 
Mike KlineCommented:
Have you tried to reboot the box a second time.  
Also post the results of  repadmin /showreps
The reason I asked about the second reboot is because of the RDP issue
http://support.microsoft.com/default.aspx?scid=kb;en-us;930045
We have seen on a few of our servers (Pain in the butt).  The second reboot also helped.
 
Thanks
Mike
0
 
dak11Author Commented:
Nothing that I know of has changed over the last few weeks.

The DNS settings are setup as the other DNS server as the preferred and it's self as the alternate. I don't believe that's changed recently and up until about a week or so ago there server was running without an issue.

Dcdiag print out.. (Replaced our domain with the name problemserver)

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests
   
   Testing server: Default-First-Site-Name\DC02
      Starting test: Connectivity
         ......................... DC02 passed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site-Name\DC02
      Starting test: Replications
         [Replications Check,DC02] A recent replication attempt failed:
            From DC01 to DC02
            Naming Context: DC=ForestDnsZones,DC=problemserver,DC=intranet
            The replication generated an error (1256):
            The remote system is not available. For information about network troubleshooting, see Windows Help.
            The failure occurred at 2009-02-09 13:49:02.
            The last success occurred at 2008-11-22 08:53:55.
            1917 failures have occurred since the last success.
         [DC01] DsBindWithSpnEx() failed with error -2146893022,
         The target principal name is incorrect..
         [Replications Check,DC02] A recent replication attempt failed:
            From DC01 to DC02
            Naming Context: DC=DomainDnsZones,DC=problemserver,DC=intranet
            The replication generated an error (-2146893022):
            The target principal name is incorrect.
            The failure occurred at 2009-02-09 13:58:18.
            The last success occurred at 2008-11-22 08:53:55.
            3353 failures have occurred since the last success.
         [Replications Check,DC02] A recent replication attempt failed:
            From DC01 to DC02
            Naming Context: CN=Schema,CN=Configuration,DC=problemserver,DC=intranet
            The replication generated an error (-2146893022):
            The target principal name is incorrect.
            The failure occurred at 2009-02-09 13:49:02.
            The last success occurred at 2008-11-22 08:53:55.
            1917 failures have occurred since the last success.
         [Replications Check,DC02] A recent replication attempt failed:
            From DC01 to DC02
            Naming Context: CN=Configuration,DC=problemserver,DC=intranet
            The replication generated an error (-2146893022):
            The target principal name is incorrect.
            The failure occurred at 2009-02-09 14:33:23.
            The last success occurred at 2008-11-22 09:44:23.
            5419 failures have occurred since the last success.
         [Replications Check,DC02] A recent replication attempt failed:
            From DC01 to DC02
            Naming Context: DC=problemserver,DC=intranet
            The replication generated an error (-2146893022):
            The target principal name is incorrect.
            The failure occurred at 2009-02-09 14:37:16.
            The last success occurred at 2008-11-22 09:47:40.
            75190 failures have occurred since the last success.
         REPLICATION-RECEIVED LATENCY WARNING
         DC02:  Current time is 2009-02-09 14:37:51.
            DC=ForestDnsZones,DC=problemserver,DC=intranet
               Last replication recieved from DC01 at 2008-11-22 08:53:55.
            DC=DomainDnsZones,DC=problemserver,DC=intranet
               Last replication recieved from DC01 at 2008-11-22 08:53:55.
            CN=Schema,CN=Configuration,DC=problemserver,DC=intranet
               Last replication recieved from DC01 at 2008-11-22 08:53:55.
            CN=Configuration,DC=problemserver,DC=intranet
               Last replication recieved from DC01 at 2008-11-22 09:44:23.
            DC=problemserver,DC=intranet
               Last replication recieved from DC01 at 2008-11-22 09:47:40.
         ......................... DC02 passed test Replications
      Starting test: NCSecDesc
         ......................... DC02 passed test NCSecDesc
      Starting test: NetLogons
         ......................... DC02 passed test NetLogons
      Starting test: Advertising
         Warning: DsGetDcName returned information for \\dc01.problemserver.intranet, when we were trying to reach DC02.
         Server is not responding or is not considered suitable.
         ......................... DC02 failed test Advertising
      Starting test: KnowsOfRoleHolders
         Warning: DC01 is the Schema Owner, but is not responding to DS RPC Bind.
         [DC01] LDAP bind failed with error 8341,
         A directory service error has occurred..
         Warning: DC01 is the Schema Owner, but is not responding to LDAP Bind.
         Warning: DC01 is the Domain Owner, but is not responding to DS RPC Bind.
         Warning: DC01 is the Domain Owner, but is not responding to LDAP Bind.
         Warning: DC01 is the PDC Owner, but is not responding to DS RPC Bind.
         Warning: DC01 is the PDC Owner, but is not responding to LDAP Bind.
         Warning: DC01 is the Rid Owner, but is not responding to DS RPC Bind.
         Warning: DC01 is the Rid Owner, but is not responding to LDAP Bind.
         Warning: DC01 is the Infrastructure Update Owner, but is not responding to DS RPC Bind.
         Warning: DC01 is the Infrastructure Update Owner, but is not responding to LDAP Bind.
         ......................... DC02 failed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... DC02 failed test RidManager
      Starting test: MachineAccount
         ......................... DC02 passed test MachineAccount
      Starting test: Services
            NETLOGON Service is paused on [DC02]
         ......................... DC02 failed test Services
      Starting test: ObjectsReplicated
         ......................... DC02 passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... DC02 passed test frssysvol
      Starting test: frsevent
         ......................... DC02 passed test frsevent
      Starting test: kccevent
         ......................... DC02 passed test kccevent
      Starting test: systemlog
         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   13:38:33
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   13:41:31
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   13:44:08
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   13:48:38
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   13:48:41
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   13:51:38
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   13:56:31
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   14:02:24
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   14:03:44
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   14:05:30
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   14:11:31
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   14:11:44
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   14:20:59
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   14:21:46
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:24:57
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:24:58
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:24:58
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:24:58
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:25:01
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:25:01
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:25:01
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:25:02
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:25:02
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:25:02
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:25:02
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:25:02
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:25:02
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:25:02
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:25:02
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:25:02
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:25:02
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:25:02
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:25:02
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x0000168E
            Time Generated: 02/09/2009   14:25:02
            Event String: The dynamic registration of the DNS record

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   14:34:10
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   14:34:14
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   14:34:34
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x00000423
            Time Generated: 02/09/2009   14:34:34
            Event String: The DHCP service failed to see a directory server

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   14:34:59
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   14:35:14
            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004
            Time Generated: 02/09/2009   14:37:10
            Event String: The kerberos client received a

         ......................... DC02 failed test systemlog
      Starting test: VerifyReferences
         ......................... DC02 passed test VerifyReferences
   
   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
   
   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
   
   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
   
   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
   
   Running partition tests on : problemserver
      Starting test: CrossRefValidation
         ......................... problemserver passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... problemserver passed test CheckSDRefDom
   
   Running enterprise tests on : problemserver.intranet
      Starting test: Intersite
         ......................... problemserver.intranet passed test Intersite
      Starting test: FsmoCheck
         ......................... problemserver.intranet passed test FsmoCheck
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
dak11Author Commented:
mkline71

The RDP works for a while after a reboot but all the problems return.

Repadmin /showreps text

Default-First-Site-Name\DC02

DC Options: (none)

Site Options: (none)

DC object GUID: 413dc4c5-f87c-45c1-8c19-14c96ebbb1da

DC invocationID: b129b060-4c6c-4b33-af13-fbafb8197999



==== INBOUND NEIGHBORS ======================================



DC=problemserver,DC=intranet

    Default-First-Site-Name\DC01 via RPC

        DC object GUID: af402d1e-3273-437a-b33a-ba026a85bd28

        Last attempt @ 2009-02-09 14:47:44 failed, result -2146893022 (0x80090322):

            The target principal name is incorrect.

        75202 consecutive failure(s).

        Last success @ 2008-11-22 09:47:40.



CN=Configuration,DC=problemserver,DC=intranet

    Default-First-Site-Name\DC01 via RPC

        DC object GUID: af402d1e-3273-437a-b33a-ba026a85bd28

        Last attempt @ 2009-02-09 14:33:23 failed, result -2146893022 (0x80090322):

            The target principal name is incorrect.

        5419 consecutive failure(s).

        Last success @ 2008-11-22 09:44:23.



CN=Schema,CN=Configuration,DC=problemserver,DC=intranet

    Default-First-Site-Name\DC01 via RPC

        DC object GUID: af402d1e-3273-437a-b33a-ba026a85bd28

        Last attempt @ 2009-02-09 13:49:02 failed, result -2146893022 (0x80090322):

            The target principal name is incorrect.

        1917 consecutive failure(s).

        Last success @ 2008-11-22 08:53:55.



DC=DomainDnsZones,DC=problemserver,DC=intranet

    Default-First-Site-Name\DC01 via RPC

        DC object GUID: af402d1e-3273-437a-b33a-ba026a85bd28

        Last attempt @ 2009-02-09 13:58:18 failed, result -2146893022 (0x80090322):

            The target principal name is incorrect.

        3353 consecutive failure(s).

        Last success @ 2008-11-22 08:53:55.



DC=ForestDnsZones,DC=problemserver,DC=intranet

    Default-First-Site-Name\DC01 via RPC

        DC object GUID: af402d1e-3273-437a-b33a-ba026a85bd28

        Last attempt @ 2009-02-09 13:49:02 failed, result 1256 (0x4e8):

            The remote system is not available. For information about network troubleshooting, see Windows Help.

        1917 consecutive failure(s).

        Last success @ 2008-11-22 08:53:55.



Source: Default-First-Site-Name\DC01

******* 75191 CONSECUTIVE FAILURES since 2008-11-22 09:47:40

Last error: -2146893022 (0x80090322):

            The target principal name is incorrect.

0
 
ryansotoCommented:
Does a ping work from the broken box to the good box?
It seems like DNS is broken looking at the dcdiag.
As mkline posted run a replmon and see what comes back.
run a dcdiag /fix and a netdiag /fix then try and rerun a dcdiag and see if that helps fix it
0
 
ryansotoCommented:
Also this helps a majority of the time getting replication going as well
http://support.microsoft.com/kb/290762
0
 
Mike KlineCommented:
This server has had issues for months now, replication hasn't worked since November.
If the suggestions Ryan suggested don't work then you may need to dcpromo this box out of AD and promote it back again.
I'm guessing a graceful dcpromo may not work so you may have to end up running a metadatacleanup.  
0
 
dak11Author Commented:
ryan,

I can ping the DC01 server.

ran a dcdiag /fix and a netdiag/fix and I get the same print out as before for the dcdiag.

I'll look over the link you posted.
0
 
dak11Author Commented:
Thanks guys I'll try removing AD and reinstalling it and see how that goes.

Will this process effect any of the services I have installed on this machine like DHCP or DNS?
0
 
ryansotoCommented:
DHCP wont be affected neither will DNS unless they are AD integrated zones
0
 
Mike KlineCommented:
..and to follow on Ryan's comment.  If DNS is AD Integrated the zone will be populated again when you dcpromo the box back up to become a DC again.
 
Thanks
Mike
0
 
dak11Author Commented:
Worked like a charm guy.

Had to do the metadata cleanup prior to the dcpromo and afterwords I needed to reactivate my DHCP. But, the server is back up and running.

Thanks.
0
 
Mike KlineCommented:
Nice job getting your server back up and services restored for your users.
Thanks
Mike
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 5
  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now