Solved

Windows 2003 DC replication problems - possibly due to DNS errors

Posted on 2009-04-14
14
1,770 Views
Last Modified: 2012-05-06
hi experts

having problems with replication between my domain controllers. my environment is as follows -

server 1 - primary dns, secondary dc, dhcp server and file & print server
server 2 - primary dc, secondary dns, exchange

i recently added a new user to ad on server 2. the new user has logged in fine and is using email etc. i went to try to grant her permissions on a couple of folders on the file share on server 1 and it cannot find her in ad.

i have since found out that replication is not working between the domain controllers.

attached is the dcdiag from server 1.

server1 has the following dns errors - 4004, 4010, 4015 & 7502. I'm guessing that if i can fix these dns issues it will fix my replication? i have searched on similar threads here but not found anything exactly the same.

it has been suggested to dcpromo to remove and then promote the problem dc but i'm reluctant to do this as i'm not sure of the consequences.

any help is much appreciated. please let me know if you need any further info
Domain Controller Diagnosis
 

Performing initial setup:

   Done gathering initial info.
 

Doing initial required tests
 

   Testing server: Default-First-Site-Name\server1

      Starting test: Connectivity

         ......................... server1 passed test Connectivity
 

Doing primary tests
 

   Testing server: Default-First-Site-Name\server1

      Starting test: Replications

         [Replications Check,server1] A recent replication attempt failed:

            From server2 to server1

            Naming Context: DC=ForestDnsZones,DC=mydomain,DC=com,DC=au

            The replication generated an error (1256):

            The remote system is not available. For information about network tr

oubleshooting, see Windows Help.

            The failure occurred at 2009-04-15 09:15:44.

            The last success occurred at 2009-03-02 17:32:22.

            2097 failures have occurred since the last success.

         [server2] DsBindWithSpnEx() failed with error -2146893022,

         The target principal name is incorrect..

         [Replications Check,server1] A recent replication attempt failed:

            From server2 to server1

            Naming Context: DC=DomainDnsZones,DC=mydomain,DC=com,DC=au

            The replication generated an error (1256):

            The remote system is not available. For information about network tr

oubleshooting, see Windows Help.

            The failure occurred at 2009-04-15 09:15:44.

            The last success occurred at 2009-03-02 17:32:21.

            2097 failures have occurred since the last success.

         [Replications Check,server1] A recent replication attempt failed:

            From server2 to server1

            Naming Context: CN=Schema,CN=Configuration,DC=mydomain,DC=co

m,DC=au

            The replication generated an error (-2146893022):

            The target principal name is incorrect.

            The failure occurred at 2009-04-15 09:15:44.

            The last success occurred at 2009-03-02 17:32:21.

            2097 failures have occurred since the last success.

         [Replications Check,server1] A recent replication attempt failed:

            From server2 to server1

            Naming Context: CN=Configuration,DC=mydomain,DC=com,DC=au

            The replication generated an error (-2146893022):

            The target principal name is incorrect.

            The failure occurred at 2009-04-15 09:15:44.

            The last success occurred at 2009-03-02 17:41:53.

            3605 failures have occurred since the last success.

         [Replications Check,server1] A recent replication attempt failed:

            From server2 to server1

            Naming Context: DC=mydomain,DC=com,DC=au

            The replication generated an error (-2146893022):

            The target principal name is incorrect.

            The failure occurred at 2009-04-15 09:15:44.

            The last success occurred at 2009-03-02 17:44:40.

            12200 failures have occurred since the last success.

         REPLICATION-RECEIVED LATENCY WARNING

         server1:  Current time is 2009-04-15 09:18:03.

            DC=ForestDnsZones,DC=mydomain,DC=com,DC=au

               Last replication recieved from server2 at 2009-03-02 17:32:10.

            DC=DomainDnsZones,DC=mydomain,DC=com,DC=au

               Last replication recieved from server2 at 2009-03-02 17:32:10.

            CN=Schema,CN=Configuration,DC=mydomain,DC=com,DC=au

               Last replication recieved from server2 at 2009-03-02 17:32:09.

            CN=Configuration,DC=mydomain,DC=com,DC=au

               Last replication recieved from server2 at 2009-03-02 17:41:53.

            DC=mydomain,DC=com,DC=au

               Last replication recieved from server2 at 2009-03-02 17:44:40.

         ......................... server1 passed test Replications

      Starting test: NCSecDesc

         ......................... server1 passed test NCSecDesc

      Starting test: NetLogons

         ......................... server1 passed test NetLogons

      Starting test: Advertising

         Warning: DsGetDcName returned information for \\server2.mydomain

.com.au, when we were trying to reach server1.

         Server is not responding or is not considered suitable.

         [server2] LDAP bind failed with error 8341,

         A directory service error has occurred..

         Server server1 is advertising as a global catalog, but

         it could not be verified that the server thought it was a GC.

         ......................... server1 failed test Advertising

      Starting test: KnowsOfRoleHolders

         Warning: server2 is the Schema Owner, but is not responding to DS RPC Bi

nd.

         Warning: server2 is the Schema Owner, but is not responding to LDAP Bind

.

         Warning: server2 is the Domain Owner, but is not responding to DS RPC Bi

nd.

         Warning: server2 is the Domain Owner, but is not responding to LDAP Bind

.

         Warning: server2 is the PDC Owner, but is not responding to DS RPC Bind.
 

         Warning: server2 is the PDC Owner, but is not responding to LDAP Bind.

         Warning: server2 is the Rid Owner, but is not responding to DS RPC Bind.
 

         Warning: server2 is the Rid Owner, but is not responding to LDAP Bind.

         Warning: server2 is the Infrastructure Update Owner, but is not respondi

ng to DS RPC Bind.

         Warning: server2 is the Infrastructure Update Owner, but is not respondi

ng to LDAP Bind.

         ......................... server1 failed test KnowsOfRoleHolders

      Starting test: RidManager

         ......................... server1 failed test RidManager

      Starting test: MachineAccount

         * The current DC is not in the domain controller's OU

         ......................... server1 failed test MachineAccount

      Starting test: Services

            Dnscache Service is stopped on [server1]

            w32time Service is stopped on [server1]

            NETLOGON Service is paused on [server1]

         ......................... server1 failed test Services

      Starting test: ObjectsReplicated

         ......................... server1 passed test ObjectsReplicated

      Starting test: frssysvol

         ......................... server1 passed test frssysvol

      Starting test: frsevent

         There are warning or error events within the last 24 hours after the

         SYSVOL has been shared.  Failing SYSVOL replication problems may cause

         Group Policy problems.

         ......................... server1 failed test frsevent

      Starting test: kccevent

         ......................... server1 passed test kccevent

      Starting test: systemlog

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/15/2009   08:27:50

            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/15/2009   09:01:21

            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/15/2009   09:01:52

            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/15/2009   09:02:14

            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/15/2009   09:12:36

            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/15/2009   09:12:52

            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/15/2009   09:18:03

            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/15/2009   09:18:05

            Event String: The kerberos client received a

         ......................... server1 failed test systemlog

      Starting test: VerifyReferences

         ......................... server1 passed test VerifyReferences
 

   Running partition tests on : ForestDnsZones

      Starting test: CrossRefValidation

         ......................... ForestDnsZones passed test CrossRefValidation
 

      Starting test: CheckSDRefDom

         ......................... ForestDnsZones passed test CheckSDRefDom
 

   Running partition tests on : DomainDnsZones

      Starting test: CrossRefValidation

         ......................... DomainDnsZones passed test CrossRefValidation
 

      Starting test: CheckSDRefDom

         ......................... DomainDnsZones passed test CheckSDRefDom
 

   Running partition tests on : Schema

      Starting test: CrossRefValidation

         ......................... Schema passed test CrossRefValidation

      Starting test: CheckSDRefDom

         ......................... Schema passed test CheckSDRefDom
 

   Running partition tests on : Configuration

      Starting test: CrossRefValidation

         ......................... Configuration passed test CrossRefValidation

      Starting test: CheckSDRefDom

         ......................... Configuration passed test CheckSDRefDom
 

   Running partition tests on : mydomain

      Starting test: CrossRefValidation

         ......................... mydomain passed test CrossRefValidati

on

      Starting test: CheckSDRefDom

         ......................... mydomain passed test CheckSDRefDom
 

   Running enterprise tests on : mydomain.com.au

      Starting test: Intersite

         ......................... mydomain.com.au passed test Intersite
 

      Starting test: FsmoCheck

         ......................... mydomain.com.au passed test FsmoCheck

Open in new window

0
Comment
Question by:rorymurphy
  • 9
  • 2
  • 2
  • +1
14 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 24143703
Have you checked for performance issues on server2 just looking at this article
http://technet.microsoft.com/en-us/library/cc735710.aspx
That box holds all 5 fsmo roles and runs exchange...how much memory on the box?
Don't dcpromo that box with exchange on it.  Not sure who is suggesting that to you but there is a good discussion about that here (several exchange MVPs on that thread)
http://forums.msexchange.org/m_1800394899/mpage_1/key_/tm.htm#1800394899
Thanks
Mike
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 24143715
Make sure the DCs point to themselves for DNS resolution. What the errors look like that you have the DCs not pointing to themselves for Primary DNS which can cause an issue in 2003. In 2000 you were suppose to have one primary DNS and all DCs point to this DNS server for primary but that has been changed in 2003. Once you have changed the TCP\IP settings make sure you do a ipconfig /flushdns, ipconfig /registerdns, and dcdiag /fix.
0
 

Author Comment

by:rorymurphy
ID: 24143901
mkline71 - server2 has 2gb memory. it was usggested that i dcpromo server1 which is the server with the problems

daruisg - both servers point to themselves for dns.

just noticed that the dns client service is not running on server 1. when i try to start it i get the following error - could not start the dns client service on the local computer -  error 1079 the account specified for this service is different from the account specified for other services running in the same process

any ideas?
0
 

Author Comment

by:rorymurphy
ID: 24144044
no takers?

should i open another question for the error 1079 the account specified for this service is different from the account specified for other services running in the same process?


0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 24144419
ok sorry thought it was server1
When you go to the DNS client service right click and go to properties.  What account is listed there?
Thanks
Mike
0
 

Author Comment

by:rorymurphy
ID: 24144677
mkline71 - the account for the dns client service was 'local system', i have since changed that to nt authouiry\local service and tried starting the service but this has not worked either, still get the same error.

i have also gone and changed the dependent service 'ipsec services' to nt authority\local serivce to see if this would help but it has not

cheers
0
 

Author Comment

by:rorymurphy
ID: 24145333
anyone?
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 

Author Comment

by:rorymurphy
ID: 24145590
ok - i have got the dns client service running again ( i changed the account to nt authority\network service)

i have now opened up active directory sites & services on server2 and tried to force replicate server1 and i get the error - 'the following error occurred during the attempt to synchronize naming context mydomain from domain controller server2 to domain controller server1. the target principal name is incorrect'

anyone have any ideas about this error?

cheers
0
 

Author Comment

by:rorymurphy
ID: 24146215
hey experts

am i not giving enough info or is this in the too hard basket?

really hoping some genius can come and help me out here

cheers
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 24148013

Does Server2 believe itself to be mostly OK? What else is Server1 doing?

I noticed that the NetLogon service was paused in the initial diag, is that still the case?

> * The current DC is not in the domain controller's OU

Really? It needs to be if not, all the policies that define what can and cannot be accessed are held in the Default Domain Controllers Policy, attached to the Domain Controllers OU.

Chris
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 24148184
Since you have the DNS service running run another netdiag and post.
0
 

Author Comment

by:rorymurphy
ID: 24152814
chris-dent : for some reason the netlogon is paused when the server boots up. it is set to automatic. i have started it now. also the dc is in the same ou as the as the pdc. both are in the domain controllers ou so don't know why this is coming up

dariusg : here is the netdiag from server1 with the dns client service fixed - will post the netdiag of server2 now if that helps

Domain Controller Diagnosis

Performing initial setup:
   Done gathering initial infO.

Doing initial required tests

   Testing server: Default-First-Site-Name\server1
      Starting test: Connectivity
         ......................... server1 passed test Connectivity

Doing primary tests

   Testing server: Default-First-Site-Name\server1
      Starting test: Replications
         [Replications Check,server1] A recent replication attempt failed:
            From server2 to server1
            Naming Context: DC=ForestDnsZones,DC=mydomain,DC=com,DC=au
            The replication generated an error (1256):
            The remote system is not available. For information about network tr
oubleshooting, see Windows Help.
            The failure occurred at 2009-04-16 06:47:22.
            The last success occurred at 2009-03-02 17:32:22.
            2141 failures have occurred since the last success.
         [server2] DsBindWithSpnEx() failed with error -2146893022,
         The target principal name is incorrect..
         [Replications Check,server1] A recent replication attempt failed:
            From server2 to server1
            Naming Context: DC=DomainDnsZones,DC=mydomain,DC=com,DC=au
            The replication generated an error (1256):
            The remote system is not available. For information about network tr
oubleshooting, see Windows Help.
            The failure occurred at 2009-04-16 06:47:22.
            The last success occurred at 2009-03-02 17:32:21.
            2141 failures have occurred since the last success.
         [Replications Check,server1] A recent replication attempt failed:
            From server2 to server1
            Naming Context: CN=Schema,CN=Configuration,DC=mydomain,DC=co
m,DC=au
            The replication generated an error (-2146893022):
            The target principal name is incorrect.
            The failure occurred at 2009-04-16 06:47:22.
            The last success occurred at 2009-03-02 17:32:21.
            2141 failures have occurred since the last success.
         [Replications Check,server1] A recent replication attempt failed:
            From server2 to server1
            Naming Context: CN=Configuration,DC=mydomain,DC=com,DC=au
            The replication generated an error (-2146893022):
            The target principal name is incorrect.
            The failure occurred at 2009-04-16 06:47:48.
            The last success occurred at 2009-03-02 17:41:53.
            3676 failures have occurred since the last success.
         [Replications Check,server1] A recent replication attempt failed:
            From server2 to server1
            Naming Context: DC=mydomain,DC=com,DC=au
            The replication generated an error (-2146893022):
            The target principal name is incorrect.
            The failure occurred at 2009-04-16 06:47:23.
            The last success occurred at 2009-03-02 17:44:40.
            12436 failures have occurred since the last success.
         REPLICATION-RECEIVED LATENCY WARNING
         server1:  Current time is 2009-04-16 06:51:38.
            DC=ForestDnsZones,DC=mydomain,DC=com,DC=au
               Last replication recieved from server2 at 2009-03-02 17:32:10.
            DC=DomainDnsZones,DC=mydomain,DC=com,DC=au
               Last replication recieved from server2 at 2009-03-02 17:32:10.
            CN=Schema,CN=Configuration,DC=mydomain,DC=com,DC=au
               Last replication recieved from server2 at 2009-03-02 17:32:09.
            CN=Configuration,DC=mydomain,DC=com,DC=au
               Last replication recieved from server2 at 2009-03-02 17:41:53.
            DC=mydomain,DC=com,DC=au
               Last replication recieved from server2 at 2009-03-02 17:44:40.
         ......................... server1 passed test Replications
      Starting test: NCSecDesc
         ......................... server1 passed test NCSecDesc
      Starting test: NetLogons
         ......................... server1 passed test NetLogons
      Starting test: Advertising
         ......................... server1 passed test Advertising
      Starting test: KnowsOfRoleHolders
         Warning: server2 is the Schema Owner, but is not responding to DS RPC Bi
nd.
         [server2] LDAP bind failed with error 8341,
         A directory service error has occurred..
         Warning: server2 is the Schema Owner, but is not responding to LDAP Bind
.
         Warning: server2 is the Domain Owner, but is not responding to DS RPC Bi
nd.
         Warning: server2 is the Domain Owner, but is not responding to LDAP Bind
.
         Warning: server2 is the PDC Owner, but is not responding to DS RPC Bind.

         Warning: server2 is the PDC Owner, but is not responding to LDAP Bind.
         Warning: server2 is the Rid Owner, but is not responding to DS RPC Bind.

         Warning: server2 is the Rid Owner, but is not responding to LDAP Bind.
         Warning: server2 is the Infrastructure Update Owner, but is not respondi
ng to DS RPC Bind.
         Warning: server2 is the Infrastructure Update Owner, but is not respondi
ng to LDAP Bind.
         ......................... server1 failed test KnowsOfRoleHolders
      Starting test: RidManager
         ......................... server1 failed test RidManager
      Starting test: MachineAccount
         * The current DC is not in the domain controller's OU
         ......................... server1 failed test MachineAccount
      Starting test: Services
         ......................... server1 passed test Services
      Starting test: ObjectsReplicated
         ......................... server1 passed test ObjectsReplicated
      Starting test: frssysvol
         ......................... server1 passed test frssysvol
      Starting test: frsevent
         There are warning or error events within the last 24 hours after the
         SYSVOL has been shared.  Failing SYSVOL replication problems may cause
         Group Policy problems.
         ......................... server1 failed test frsevent
      Starting test: kccevent
         An Warning Event occured.  EventID: 0x8000051C
            Time Generated: 04/16/2009   06:37:23
            Event String: The Knowledge Consistency Checker (KCC) has
         An Error Event occured.  EventID: 0xC0250837
            Time Generated: 04/16/2009   06:38:04
            (Event String could not be retrieved)
         An Warning Event occured.  EventID: 0x80000632
            Time Generated: 04/16/2009   06:47:23
            (Event String could not be retrieved)
         ......................... server1 failed test kccevent
      Starting test: systemlog
         An Error Event occured.  EventID: 0x0000165B
            Time Generated: 04/16/2009   06:21:03
            Event String: The session setup from computer 'server10' failed
         An Error Event occured.  EventID: 0x40000004
            Time Generated: 04/16/2009   06:23:54
            Event String: The kerberos client received a
         An Error Event occured.  EventID: 0x000016AD
            Time Generated: 04/16/2009   06:30:22
            Event String: The session setup from the computer server10
         An Error Event occured.  EventID: 0xC25A001D
            Time Generated: 04/16/2009   06:33:01
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0000021
            Time Generated: 04/16/2009   06:33:31
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0000021
            Time Generated: 04/16/2009   06:33:31
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0000021
            Time Generated: 04/16/2009   06:33:31
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0000021
            Time Generated: 04/16/2009   06:33:31
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0000021
            Time Generated: 04/16/2009   06:33:31
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0000021
            Time Generated: 04/16/2009   06:33:31
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0000021
            Time Generated: 04/16/2009   06:33:31
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0000021
            Time Generated: 04/16/2009   06:33:31
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0000021
            Time Generated: 04/16/2009   06:33:31
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0000021
            Time Generated: 04/16/2009   06:33:31
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0000021
            Time Generated: 04/16/2009   06:33:31
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0000021
            Time Generated: 04/16/2009   06:33:31
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0000021
            Time Generated: 04/16/2009   06:33:31
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0000021
            Time Generated: 04/16/2009   06:33:31
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000423
            Time Generated: 04/16/2009   06:33:44
            Event String: The DHCP service failed to see a directory server
         An Error Event occured.  EventID: 0xC0001B58
            Time Generated: 04/16/2009   06:33:48
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0001B58
            Time Generated: 04/16/2009   06:33:48
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0001B59
            Time Generated: 04/16/2009   06:33:48
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0001B70
            Time Generated: 04/16/2009   06:33:48
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC0001B59
            Time Generated: 04/16/2009   06:33:48
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0x00000423
            Time Generated: 04/16/2009   06:34:08
            Event String: The DHCP service failed to see a directory server
         An Error Event occured.  EventID: 0x40000004
            Time Generated: 04/16/2009   06:46:17
            Event String: The kerberos client received a
         An Error Event occured.  EventID: 0x40000004
            Time Generated: 04/16/2009   06:46:27
            Event String: The kerberos client received a
         An Error Event occured.  EventID: 0x40000004
            Time Generated: 04/16/2009   06:46:28
            Event String: The kerberos client received a
         An Error Event occured.  EventID: 0x40000004
            Time Generated: 04/16/2009   06:46:32
            Event String: The kerberos client received a
         An Error Event occured.  EventID: 0x40000004
            Time Generated: 04/16/2009   06:46:35
            Event String: The kerberos client received a
         An Error Event occured.  EventID: 0x40000004
            Time Generated: 04/16/2009   06:46:38
            Event String: The kerberos client received a
         An Error Event occured.  EventID: 0x40000004
            Time Generated: 04/16/2009   06:46:39
            Event String: The kerberos client received a
         An Error Event occured.  EventID: 0x40000004
            Time Generated: 04/16/2009   06:47:12
            Event String: The kerberos client received a
         An Error Event occured.  EventID: 0x40000004
            Time Generated: 04/16/2009   06:47:32
            Event String: The kerberos client received a
         An Error Event occured.  EventID: 0x40000004
            Time Generated: 04/16/2009   06:48:37
            Event String: The kerberos client received a
         An Error Event occured.  EventID: 0x40000004
            Time Generated: 04/16/2009   06:48:39
            Event String: The kerberos client received a
         ......................... server1 failed test systemlog
      Starting test: VerifyReferences
         ......................... server1 passed test VerifyReferences

   Running partition tests on : ForestDnsZones
      Starting test: CrossRefValidation
         ......................... ForestDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... ForestDnsZones passed test CheckSDRefDom

   Running partition tests on : DomainDnsZones
      Starting test: CrossRefValidation
         ......................... DomainDnsZones passed test CrossRefValidation

      Starting test: CheckSDRefDom
         ......................... DomainDnsZones passed test CheckSDRefDom

   Running partition tests on : Schema
      Starting test: CrossRefValidation
         ......................... Schema passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Schema passed test CheckSDRefDom

   Running partition tests on : Configuration
      Starting test: CrossRefValidation
         ......................... Configuration passed test CrossRefValidation
      Starting test: CheckSDRefDom
         ......................... Configuration passed test CheckSDRefDom

   Running partition tests on : mydomain
      Starting test: CrossRefValidation
         ......................... mydomain passed test CrossRefValidati
on
      Starting test: CheckSDRefDom
         ......................... mydomain passed test CheckSDRefDom

   Running enterprise tests on : mydomain.com.au
      Starting test: Intersite
         ......................... mydomain.com.au passed test Intersite

      Starting test: FsmoCheck
         ......................... mydomain.com.au passed test FsmoCheck

0
 

Author Comment

by:rorymurphy
ID: 24152895
server2 dcdiag
Domain Controller Diagnosis
 

Performing initial setup:

   Done gathering initial infO.
 

Doing initial required tests
 

   Testing server: Default-First-Site-Name\server1

      Starting test: Connectivity

         ......................... server1 passed test Connectivity
 

Doing primary tests
 

   Testing server: Default-First-Site-Name\server1

      Starting test: Replications

         [Replications Check,server1] A recent replication attempt failed:

            From server2 to server1

            Naming Context: DC=ForestDnsZones,DC=mydomain,DC=com,DC=au

            The replication generated an error (1256):

            The remote system is not available. For information about network tr

oubleshooting, see Windows Help.

            The failure occurred at 2009-04-16 06:47:22.

            The last success occurred at 2009-03-02 17:32:22.

            2141 failures have occurred since the last success.

         [server2] DsBindWithSpnEx() failed with error -2146893022,

         The target principal name is incorrect..

         [Replications Check,server1] A recent replication attempt failed:

            From server2 to server1

            Naming Context: DC=DomainDnsZones,DC=mydomain,DC=com,DC=au

            The replication generated an error (1256):

            The remote system is not available. For information about network tr

oubleshooting, see Windows Help.

            The failure occurred at 2009-04-16 06:47:22.

            The last success occurred at 2009-03-02 17:32:21.

            2141 failures have occurred since the last success.

         [Replications Check,server1] A recent replication attempt failed:

            From server2 to server1

            Naming Context: CN=Schema,CN=Configuration,DC=mydomain,DC=co

m,DC=au

            The replication generated an error (-2146893022):

            The target principal name is incorrect.

            The failure occurred at 2009-04-16 06:47:22.

            The last success occurred at 2009-03-02 17:32:21.

            2141 failures have occurred since the last success.

         [Replications Check,server1] A recent replication attempt failed:

            From server2 to server1

            Naming Context: CN=Configuration,DC=mydomain,DC=com,DC=au

            The replication generated an error (-2146893022):

            The target principal name is incorrect.

            The failure occurred at 2009-04-16 06:47:48.

            The last success occurred at 2009-03-02 17:41:53.

            3676 failures have occurred since the last success.

         [Replications Check,server1] A recent replication attempt failed:

            From server2 to server1

            Naming Context: DC=mydomain,DC=com,DC=au

            The replication generated an error (-2146893022):

            The target principal name is incorrect.

            The failure occurred at 2009-04-16 06:47:23.

            The last success occurred at 2009-03-02 17:44:40.

            12436 failures have occurred since the last success.

         REPLICATION-RECEIVED LATENCY WARNING

         server1:  Current time is 2009-04-16 06:51:38.

            DC=ForestDnsZones,DC=mydomain,DC=com,DC=au

               Last replication recieved from server2 at 2009-03-02 17:32:10.

            DC=DomainDnsZones,DC=mydomain,DC=com,DC=au

               Last replication recieved from server2 at 2009-03-02 17:32:10.

            CN=Schema,CN=Configuration,DC=mydomain,DC=com,DC=au

               Last replication recieved from server2 at 2009-03-02 17:32:09.

            CN=Configuration,DC=mydomain,DC=com,DC=au

               Last replication recieved from server2 at 2009-03-02 17:41:53.

            DC=mydomain,DC=com,DC=au

               Last replication recieved from server2 at 2009-03-02 17:44:40.

         ......................... server1 passed test Replications

      Starting test: NCSecDesc

         ......................... server1 passed test NCSecDesc

      Starting test: NetLogons

         ......................... server1 passed test NetLogons

      Starting test: Advertising

         ......................... server1 passed test Advertising

      Starting test: KnowsOfRoleHolders

         Warning: server2 is the Schema Owner, but is not responding to DS RPC Bi

nd.

         [server2] LDAP bind failed with error 8341,

         A directory service error has occurred..

         Warning: server2 is the Schema Owner, but is not responding to LDAP Bind

.

         Warning: server2 is the Domain Owner, but is not responding to DS RPC Bi

nd.

         Warning: server2 is the Domain Owner, but is not responding to LDAP Bind

.

         Warning: server2 is the PDC Owner, but is not responding to DS RPC Bind.
 

         Warning: server2 is the PDC Owner, but is not responding to LDAP Bind.

         Warning: server2 is the Rid Owner, but is not responding to DS RPC Bind.
 

         Warning: server2 is the Rid Owner, but is not responding to LDAP Bind.

         Warning: server2 is the Infrastructure Update Owner, but is not respondi

ng to DS RPC Bind.

         Warning: server2 is the Infrastructure Update Owner, but is not respondi

ng to LDAP Bind.

         ......................... server1 failed test KnowsOfRoleHolders

      Starting test: RidManager

         ......................... server1 failed test RidManager

      Starting test: MachineAccount

         * The current DC is not in the domain controller's OU

         ......................... server1 failed test MachineAccount

      Starting test: Services

         ......................... server1 passed test Services

      Starting test: ObjectsReplicated

         ......................... server1 passed test ObjectsReplicated

      Starting test: frssysvol

         ......................... server1 passed test frssysvol

      Starting test: frsevent

         There are warning or error events within the last 24 hours after the

         SYSVOL has been shared.  Failing SYSVOL replication problems may cause

         Group Policy problems.

         ......................... server1 failed test frsevent

      Starting test: kccevent

         An Warning Event occured.  EventID: 0x8000051C

            Time Generated: 04/16/2009   06:37:23

            Event String: The Knowledge Consistency Checker (KCC) has

         An Error Event occured.  EventID: 0xC0250837

            Time Generated: 04/16/2009   06:38:04

            (Event String could not be retrieved)

         An Warning Event occured.  EventID: 0x80000632

            Time Generated: 04/16/2009   06:47:23

            (Event String could not be retrieved)

         ......................... server1 failed test kccevent

      Starting test: systemlog

         An Error Event occured.  EventID: 0x0000165B

            Time Generated: 04/16/2009   06:21:03

            Event String: The session setup from computer 'server10' failed

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/16/2009   06:23:54

            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x000016AD

            Time Generated: 04/16/2009   06:30:22

            Event String: The session setup from the computer server10

         An Error Event occured.  EventID: 0xC25A001D

            Time Generated: 04/16/2009   06:33:01

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0xC0000021

            Time Generated: 04/16/2009   06:33:31

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0xC0000021

            Time Generated: 04/16/2009   06:33:31

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0xC0000021

            Time Generated: 04/16/2009   06:33:31

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0xC0000021

            Time Generated: 04/16/2009   06:33:31

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0xC0000021

            Time Generated: 04/16/2009   06:33:31

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0xC0000021

            Time Generated: 04/16/2009   06:33:31

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0xC0000021

            Time Generated: 04/16/2009   06:33:31

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0xC0000021

            Time Generated: 04/16/2009   06:33:31

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0xC0000021

            Time Generated: 04/16/2009   06:33:31

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0xC0000021

            Time Generated: 04/16/2009   06:33:31

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0xC0000021

            Time Generated: 04/16/2009   06:33:31

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0xC0000021

            Time Generated: 04/16/2009   06:33:31

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0xC0000021

            Time Generated: 04/16/2009   06:33:31

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0xC0000021

            Time Generated: 04/16/2009   06:33:31

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0x00000423

            Time Generated: 04/16/2009   06:33:44

            Event String: The DHCP service failed to see a directory server

         An Error Event occured.  EventID: 0xC0001B58

            Time Generated: 04/16/2009   06:33:48

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0xC0001B58

            Time Generated: 04/16/2009   06:33:48

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0xC0001B59

            Time Generated: 04/16/2009   06:33:48

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0xC0001B70

            Time Generated: 04/16/2009   06:33:48

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0xC0001B59

            Time Generated: 04/16/2009   06:33:48

            (Event String could not be retrieved)

         An Error Event occured.  EventID: 0x00000423

            Time Generated: 04/16/2009   06:34:08

            Event String: The DHCP service failed to see a directory server

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/16/2009   06:46:17

            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/16/2009   06:46:27

            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/16/2009   06:46:28

            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/16/2009   06:46:32

            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/16/2009   06:46:35

            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/16/2009   06:46:38

            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/16/2009   06:46:39

            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/16/2009   06:47:12

            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/16/2009   06:47:32

            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/16/2009   06:48:37

            Event String: The kerberos client received a

         An Error Event occured.  EventID: 0x40000004

            Time Generated: 04/16/2009   06:48:39

            Event String: The kerberos client received a

         ......................... server1 failed test systemlog

      Starting test: VerifyReferences

         ......................... server1 passed test VerifyReferences
 

   Running partition tests on : ForestDnsZones

      Starting test: CrossRefValidation

         ......................... ForestDnsZones passed test CrossRefValidation
 

      Starting test: CheckSDRefDom

         ......................... ForestDnsZones passed test CheckSDRefDom
 

   Running partition tests on : DomainDnsZones

      Starting test: CrossRefValidation

         ......................... DomainDnsZones passed test CrossRefValidation
 

      Starting test: CheckSDRefDom

         ......................... DomainDnsZones passed test CheckSDRefDom
 

   Running partition tests on : Schema

      Starting test: CrossRefValidation

         ......................... Schema passed test CrossRefValidation

      Starting test: CheckSDRefDom

         ......................... Schema passed test CheckSDRefDom
 

   Running partition tests on : Configuration

      Starting test: CrossRefValidation

         ......................... Configuration passed test CrossRefValidation

      Starting test: CheckSDRefDom

         ......................... Configuration passed test CheckSDRefDom
 

   Running partition tests on : mydomain

      Starting test: CrossRefValidation

         ......................... mydomain passed test CrossRefValidati

on

      Starting test: CheckSDRefDom

         ......................... mydomain passed test CheckSDRefDom
 

   Running enterprise tests on : mydomain.com.au

      Starting test: Intersite

         ......................... mydomain.com.au passed test Intersite
 

      Starting test: FsmoCheck

         ......................... mydomain.com.au passed test FsmoCheck

Open in new window

0
 

Accepted Solution

by:
rorymurphy earned 0 total points
ID: 24153838
have resolved the issue with this

http://support.microsoft.com/kb/260575/EN-US/

cheers
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now