We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

Running dcdiag.exe from support tools on Server 2003 DC

Medium Priority
941 Views
Last Modified: 2012-06-27
I have run the following program but the first line is very strange. See below

I am having problems with replication between 2 servers it use to be a 4 server domain but i have forced removed 2 DC's using NTUTIL as these servers was no longer connected.

I am getting error in even viewer on the first DC in the domain which holds all the roles
event ID 1126
Active Directory was unable to establish a connection with the global catalog.
 Additional Data
Error value:
8430 The directory service encountered an internal failure.
Internal ID:
3200c89
 User Action:
Make sure a global catalog is available in the forest, and is reachable from this domain controller.  You may use the nltest utility to diagnose this problem.


These 2 servers are both GC's

Now the tool says this which is strange

Performing initial setup:
   Server seflw01 resolved to this IP address 192.168.100.2,
   but the address couldn't be reached(pinged), so check the network.
   The error returned was: Error due to lack of resources.
   This error more often means that the targeted server is
   shutdown or disconnected from the network
   Done gathering initial info.

Doing initial required tests

   Testing server: Default-First-Site-Name\SEFLW01
      Starting test: Connectivity
         ......................... SEFLW01 passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\SEFLW01
      Starting test: Replications
         ......................... SEFLW01 passed test Replications
      Starting test: NCSecDesc
         ......................... SEFLW01 passed test NCSecDesc
      Starting test: NetLogons
         ......................... SEFLW01 passed test NetLogons
      Starting test: Advertising
         ......................... SEFLW01 passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... SEFLW01 passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... SEFLW01 passed test RidManager
      Starting test: MachineAccount
         ......................... SEFLW01 passed test MachineAccount
      Starting test: Services
         ......................... SEFLW01 passed test Services
      Starting test: ObjectsReplicated
         ......................... SEFLW01 passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... SEFLW01 passed test frssysvol
      Starting test: frsevent
         ......................... SEFLW01 passed test frsevent
      Starting test: kccevent
         ......................... SEFLW01 passed test kccevent
      Starting test: systemlog
         ......................... SEFLW01 passed test systemlog
      Starting test: VerifyReferences
         ......................... SEFLW01 passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom

my server is not on this subnet 192.168.100
it's 10.6.40
Could this be anything to do with an old domain if the IT company may have migrated the domain as we bought the company
Comment
Watch Question

Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:

What does "nslookup seflw01" return?

If you find it returns more than one address you need to remove the errant address (manually from DNS). Then you should verify that the server isn't trying to register that address (if the server is multi-homed for example).

Chris

Author

Commented:
Nslookup returns returns ok looks at itself then returns seflw01 with IP Address

Multi Homed?
PowerShell Developer
CERTIFIED EXPERT
Top Expert 2010
Commented:

Multiple network interfaces. If a DC has more than one IP enabled interface it will attempt to register addresses for all interfaces into DNS unless steps are taken to prevent that.

Can you also run "ping seflw01"?

Are the queries being performed from the system that returned the error above?

Do you use a WINS server at all?

Chris

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
Chris
WINS is running on the server yes is that of any interest to you?
Ahh right mutiple interfaces no its just 1 NIC in both servers in the domain.

ping seflw01 is fine returns correct IP

Author

Commented:
Experts
I have tried running replmon.exe and got the following error
an error occured while enumerating the domain controller list. This error is dsgetDClist:failed to bind to seflw01.flowcrete.local any ideas

I am having problems with SIDS all over the Domain not being resolved and i think this is having bearing on network files taking a long time to open upto a couple of minutes. when i look a properties and go to security tab the sids are taking ages to resolve. I have tried to setup a new data share on my other server but the original files when copied are still having problems.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.