Solved

dcdiag results help

Posted on 2009-04-02
4
439 Views
Last Modified: 2013-12-05
have 4 servers. 3 are dc's. 1 server 2000 build 5.0 (2195)(which we want to demote and decommission exchange 2000) the other 2 are server 2003. when i run dcdiag i get the following and am not sure where to go from here.

any assistance would be greatly appreciated.


Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial info.

Doing initial required tests
   
   Testing server: Default-First-Site-Name\W8306-1
      Starting test: Connectivity
         ......................... W8306-1 passed test Connectivity
   
   Testing server: Default-First-Site-Name\W8306-2
      Starting test: Connectivity
         ......................... W8306-2 passed test Connectivity
   
   Testing server: Default-First-Site-Name\NWENT-MAIL
      Starting test: Connectivity
         ......................... NWENT-MAIL passed test Connectivity

Doing primary tests
   
   Testing server: Default-First-Site-Name\W8306-1
      Starting test: Replications
         ......................... W8306-1 passed test Replications
      Starting test: NCSecDesc
         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
            Replicating Directory Changes
            Replication Synchronization
            Manage Replication Topology
         access rights for the naming context:
         DC=W8306domain,DC=com
         Error BUILTIN\Administrators doesn't have
            Replicating Directory Changes
            Replication Synchronization
            Manage Replication Topology
         access rights for the naming context:
         DC=W8306domain,DC=com
         ......................... W8306-1 failed test NCSecDesc
      Starting test: NetLogons
         ......................... W8306-1 passed test NetLogons
      Starting test: Advertising
         ......................... W8306-1 passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... W8306-1 passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... W8306-1 passed test RidManager
      Starting test: MachineAccount
         ......................... W8306-1 passed test MachineAccount
      Starting test: Services
         ......................... W8306-1 passed test Services
      Starting test: ObjectsReplicated
         ......................... W8306-1 passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... W8306-1 passed test frssysvol
      Starting test: frsevent
         ......................... W8306-1 passed test frsevent
      Starting test: kccevent
         ......................... W8306-1 passed test kccevent
      Starting test: systemlog
         An Error Event occured.  EventID: 0x00000457
            Time Generated: 04/02/2009   14:32:24
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000452
            Time Generated: 04/02/2009   14:32:24
            (Event String could not be retrieved)
         ......................... W8306-1 failed test systemlog
      Starting test: VerifyReferences
         ......................... W8306-1 passed test VerifyReferences
   
   Testing server: Default-First-Site-Name\W8306-2
      Starting test: Replications
         ......................... W8306-2 passed test Replications
      Starting test: NCSecDesc
         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
            Replicating Directory Changes
            Replication Synchronization
            Manage Replication Topology
         access rights for the naming context:
         DC=W8306domain,DC=com
         Error BUILTIN\Administrators doesn't have
            Replicating Directory Changes
            Replication Synchronization
            Manage Replication Topology
         access rights for the naming context:
         DC=W8306domain,DC=com
         ......................... W8306-2 failed test NCSecDesc
      Starting test: NetLogons
         ......................... W8306-2 passed test NetLogons
      Starting test: Advertising
         ......................... W8306-2 passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... W8306-2 passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... W8306-2 passed test RidManager
      Starting test: MachineAccount
         ......................... W8306-2 passed test MachineAccount
      Starting test: Services
         ......................... W8306-2 passed test Services
      Starting test: ObjectsReplicated
         ......................... W8306-2 passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... W8306-2 failed test frssysvol
      Starting test: frsevent
         ......................... W8306-2 passed test frsevent
      Starting test: kccevent
         ......................... W8306-2 passed test kccevent
      Starting test: systemlog
         ......................... W8306-2 passed test systemlog
      Starting test: VerifyReferences
         ......................... W8306-2 passed test VerifyReferences
   
   Testing server: Default-First-Site-Name\NWENT-MAIL
      Starting test: Replications
         ......................... NWENT-MAIL passed test Replications
      Starting test: NCSecDesc
         Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
            Replicating Directory Changes
            Replication Synchronization
            Manage Replication Topology
         access rights for the naming context:
         DC=W8306domain,DC=com
         Error BUILTIN\Administrators doesn't have
            Replicating Directory Changes
            Replication Synchronization
            Manage Replication Topology
         access rights for the naming context:
         DC=W8306domain,DC=com
         ......................... NWENT-MAIL failed test NCSecDesc
      Starting test: NetLogons
         ......................... NWENT-MAIL passed test NetLogons
      Starting test: Advertising
         ......................... NWENT-MAIL passed test Advertising
      Starting test: KnowsOfRoleHolders
         ......................... NWENT-MAIL passed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... NWENT-MAIL passed test RidManager
      Starting test: MachineAccount
         ......................... NWENT-MAIL passed test MachineAccount
      Starting test: Services
         ......................... NWENT-MAIL passed test Services
      Starting test: ObjectsReplicated
         ......................... NWENT-MAIL passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... NWENT-MAIL passed test frssysvol
      Starting test: frsevent
         ......................... NWENT-MAIL passed test frsevent
      Starting test: kccevent
         ......................... NWENT-MAIL passed test kccevent
      Starting test: systemlog
         ......................... NWENT-MAIL passed test systemlog
      Starting test: VerifyReferences
         ......................... NWENT-MAIL passed test VerifyReferences
   
   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom
   
   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom
   
   Running partition tests on : W8306domain
      Starting test: CrossRefValidation
         ......................... W8306domain passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... W8306domain passed test CheckSDRefDom
   
   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom
   
   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom
   
   Running enterprise tests on : W8306domain.com
      Starting test: Intersite
         ......................... W8306domain.com passed test Intersite
      Starting test: FsmoCheck
         ......................... W8306domain.com passed test FsmoCheck
0
Comment
Question by:joewy1
  • 2
4 Comments
 
LVL 21

Expert Comment

by:snusgubben
ID: 24053450
First thing to check is your DNS.

Is it AD integrated and do the domain controllers point to itself as prefered DNS on their NIC with forwarding to i.e. your ISP?


SG
0
 

Author Comment

by:joewy1
ID: 24053902
dns is integrated and yes. both servers has their dns setting on thier nic card pointed toward itself and forward to the ISP s
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 24054006
Could be a security issue. Please take a look at these posts:

http://www.tomshardware.co.uk/forum/page-190856_36_0.html

and

http://www.pcreview.co.uk/forums/thread-1448660.php

Hope it helps.

SG
0
 
LVL 6

Accepted Solution

by:
bdesmond earned 500 total points
ID: 24072202
I would consider rerunning adprep /domainprep from the 2003 CD. Not a DNS issue...

Thanks,
Brian Desmond
Active Directory MVP
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question