Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

dcdiag results help

Posted on 2009-04-02
4
Medium Priority
?
481 Views
Last Modified: 2013-12-05
have 4 servers. 3 are dc's. 1 server 2000 build 5.0 (2195)(which we want to demote and decommission exchange 2000) the other 2 are server 2003. when i run dcdiag i get the following and am not sure where to go from here.

any assistance would be greatly appreciated.


Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests
   
   Testing server: Default-First-Site-Name\W8306-1
      Starting test: Connectivity
         ......................... W8306-1 passed test Connectivity
   
   Testing server: Default-First-Site-Name\W8306-2
      Starting test: Connectivity
         ......................... W8306-2 passed test Connectivity
   
   Testing server: Default-First-Site-Name\NWENT-MAIL
      Starting test: Connectivity
         ......................... NWENT-MAIL passed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site-Name\W8306-1
      Starting test: Replications
         ......................... W8306-1 passed test Replications
      Starting test: NCSecDesc
         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
            Replicating Directory Changes
            Replication Synchronization
            Manage Replication Topology
         access rights for the naming context:
         DC=W8306domain,DC=com
         Error BUILTIN\Administrators doesn't have
            Replicating Directory Changes
            Replication Synchronization
            Manage Replication Topology
         access rights for the naming context:
         DC=W8306domain,DC=com
         ......................... W8306-1 failed test NCSecDesc
      Starting test: NetLogons
         ......................... W8306-1 passed test NetLogons
      Starting test: Advertising
         ......................... W8306-1 passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... W8306-1 passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... W8306-1 passed test RidManager
      Starting test: MachineAccount
         ......................... W8306-1 passed test MachineAccount
      Starting test: Services
         ......................... W8306-1 passed test Services
      Starting test: ObjectsReplicated
         ......................... W8306-1 passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... W8306-1 passed test frssysvol
      Starting test: frsevent
         ......................... W8306-1 passed test frsevent
      Starting test: kccevent
         ......................... W8306-1 passed test kccevent
      Starting test: systemlog
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 04/02/2009   14:32:24
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000452
            Time Generated: 04/02/2009   14:32:24
            (Event String could not be retrieved)
         ......................... W8306-1 failed test systemlog
      Starting test: VerifyReferences
         ......................... W8306-1 passed test VerifyReferences
   
   Testing server: Default-First-Site-Name\W8306-2
      Starting test: Replications
         ......................... W8306-2 passed test Replications
      Starting test: NCSecDesc
         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
            Replicating Directory Changes
            Replication Synchronization
            Manage Replication Topology
         access rights for the naming context:
         DC=W8306domain,DC=com
         Error BUILTIN\Administrators doesn't have
            Replicating Directory Changes
            Replication Synchronization
            Manage Replication Topology
         access rights for the naming context:
         DC=W8306domain,DC=com
         ......................... W8306-2 failed test NCSecDesc
      Starting test: NetLogons
         ......................... W8306-2 passed test NetLogons
      Starting test: Advertising
         ......................... W8306-2 passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... W8306-2 passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... W8306-2 passed test RidManager
      Starting test: MachineAccount
         ......................... W8306-2 passed test MachineAccount
      Starting test: Services
         ......................... W8306-2 passed test Services
      Starting test: ObjectsReplicated
         ......................... W8306-2 passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... W8306-2 failed test frssysvol
      Starting test: frsevent
         ......................... W8306-2 passed test frsevent
      Starting test: kccevent
         ......................... W8306-2 passed test kccevent
      Starting test: systemlog
         ......................... W8306-2 passed test systemlog
      Starting test: VerifyReferences
         ......................... W8306-2 passed test VerifyReferences
   
   Testing server: Default-First-Site-Name\NWENT-MAIL
      Starting test: Replications
         ......................... NWENT-MAIL passed test Replications
      Starting test: NCSecDesc
         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
            Replicating Directory Changes
            Replication Synchronization
            Manage Replication Topology
         access rights for the naming context:
         DC=W8306domain,DC=com
         Error BUILTIN\Administrators doesn't have
            Replicating Directory Changes
            Replication Synchronization
            Manage Replication Topology
         access rights for the naming context:
         DC=W8306domain,DC=com
         ......................... NWENT-MAIL failed test NCSecDesc
      Starting test: NetLogons
         ......................... NWENT-MAIL passed test NetLogons
      Starting test: Advertising
         ......................... NWENT-MAIL passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... NWENT-MAIL passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... NWENT-MAIL passed test RidManager
      Starting test: MachineAccount
         ......................... NWENT-MAIL passed test MachineAccount
      Starting test: Services
         ......................... NWENT-MAIL passed test Services
      Starting test: ObjectsReplicated
         ......................... NWENT-MAIL passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... NWENT-MAIL passed test frssysvol
      Starting test: frsevent
         ......................... NWENT-MAIL passed test frsevent
      Starting test: kccevent
         ......................... NWENT-MAIL passed test kccevent
      Starting test: systemlog
         ......................... NWENT-MAIL passed test systemlog
      Starting test: VerifyReferences
         ......................... NWENT-MAIL passed test VerifyReferences
   
   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
   
   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
   
   Running partition tests on : W8306domain
      Starting test: CrossRefValidation
         ......................... W8306domain passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... W8306domain passed test CheckSDRefDom
   
   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
   
   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
   
   Running enterprise tests on : W8306domain.com
      Starting test: Intersite
         ......................... W8306domain.com passed test Intersite
      Starting test: FsmoCheck
         ......................... W8306domain.com passed test FsmoCheck
0
Comment
Question by:joewy1
  • 2
4 Comments
 
LVL 21

Expert Comment

by:snusgubben
ID: 24053450
First thing to check is your DNS.

Is it AD integrated and do the domain controllers point to itself as prefered DNS on their NIC with forwarding to i.e. your ISP?


SG
0
 

Author Comment

by:joewy1
ID: 24053902
dns is integrated and yes. both servers has their dns setting on thier nic card pointed toward itself and forward to the ISP s
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 24054006
Could be a security issue. Please take a look at these posts:

http://www.tomshardware.co.uk/forum/page-190856_36_0.html

and

http://www.pcreview.co.uk/forums/thread-1448660.php

Hope it helps.

SG
0
 
LVL 6

Accepted Solution

by:
bdesmond earned 1500 total points
ID: 24072202
I would consider rerunning adprep /domainprep from the 2003 CD. Not a DNS issue...

Thanks,
Brian Desmond
Active Directory MVP
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question